The invention relates to a banknote (100) having a processor (124) and a memory (120). An identification number (116) of the banknote (100) is stored in the memory (120) of the security element (102) and identifies an anonymous banknote account managed by a central bank (220) issuing the banknote (100) and individually assigned to the corresponding banknote (100). A banknote-specific cryptographic key (118) is stored in a protected memory area (122) of the memory (120). A payment method executed with the banknote (100) comprises:
receiving a payment request for a payment with the banknote (100),
generating a payment-specific cryptogram for authorising the payment with the banknote (100), wherein the cryptogram is generated from the identification number (116) of the banknote (100) and a payment-specific code as input values using the banknote-specific cryptographic key (118),
sending a payment authorisation comprising the payment-specific cryptogram.
In one embodiment, the method includes computing composite cryptographic data by executing a plurality of first cryptographic algorithms, wherein the composite cryptographic data are computed as a function of input data, wherein the plurality of first cryptographic algorithms are selected and/or the plurality of first cryptographic algorithms are combined according to a first control algorithm; computing results data using a receiver cryptosystem as a function of the composite cryptographic data by applying one or more of the second cryptographic algorithms, wherein the one or more second cryptographic algorithms are selected and/or combined according to a second control algorithm; and automatically executing a software and/or hardware function using the receiver cryptosystem according to the results data.
H04L 9/16 - Arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A banknote includes a security element with a processor and a memory. A private cryptographic key of an asymmetric key pair of the banknote is stored in a protected memory area of the memory. The asymmetric key pair is assigned to a banknote-specific blockchain address in a blockchain. A payment method executed with the banknote includes receiving a payment request for a payment with the banknote in the form of a transaction of an amount to be paid from the blockchain address of the banknote to a blockchain address of a payee, signing a transaction approval with the private cryptographic key of the banknote, and sending the signed transaction approval.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G07D 7/004 - Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using digital security elements, e.g. information coded on a magnetic thread or strip
5.
SECURITY FEATURE AND METHOD FOR THE DETECTION THEREOF, AND SECURITY OR VALUE DOCUMENT
The present invention firstly relates to a security feature for a security or value document. The security feature comprises a zinc sulfide lurninophore in the form of particles. The zinc sulfide lurninophore has the general chemical formula ZnS: Cux, My, Xz; here, M represents one or more elements from a group comprising the chemical elements Co, In and Ni; X represents one or more elements from a group comprising the halides F, Cl, Br and I; and the following applies: 0 < x < 0.002 and 0 ≤ y < 0.00015 and 0 ≤ z < 0.00050. The particles each have cubic phase portions and hexagonal phase portions. When excited by an electrical field, the zinc sulfide luminophore emits a first radiation in the range of the light spectrum between 580 nm and 780 nm. When excited by heating the luminophore to a temperature between 100° C. and 150° C., the zinc sulfide luminophore emits a second radiation in the light spectrum. Furthermore, the invention relates to a security and value document, which may for example be a bank note or a passport, an identity card, a driving license or a postage stamp. The invention also relates to a method for detecting and/or verifying the security feature according to the invention.
The authentication mechanism provides a personalized, server-specific authentication of a user with respect to a service server using an authentication token. The method includes a registration of a user with a service server, which includes a creation of a personalized user account for the user with the service server. Furthermore, a server-specific, asymmetric cryptographic key pair is generated for the user by an authentication token, the key pair including an authentication key and an authenticating key. The authenticating key is made available to the service server and assigned to the personalized user account thereby.
The invention relates to a method and to an identification apparatus (1) for identifying a person by means of facial recognition. The method comprises the following: providing a depersonalized data set, wherein the depersonalized data set is calculated from a personalized data set by means of data transformation according to a transformation instruction; calculating a re-personalized data set from the depersonalized data set, wherein the re-personalized data set, on the basis of the depersonalized data set, is modified by means of additional data transformation, according to an at least partial reversal of the transformation instruction, in such a way that the person to be identified is identifiable on the basis of the re-personalized data set using the at least one facial recognition algorithm and/or at least one other facial recognition algorithm, which is different from the at least one facial recognition algorithm; providing a comparative data set which comprises current facial image data for the person to be identified; and identifying the person using the re-personalized data set, the comparative data set and the at least one facial recognition algorithm and/or the at least one other facial recognition algorithm. The invention furthermore relates to a computer program product.
In order to increase the security of value or security documents 100, a multi-luminescent security element 400 is provided which contains at least one first luminescence means 510 and at least one second luminescence means 520. The first luminescence means 510 can be excited under first excitation conditions Sp-1 for the purpose of luminescence, and the second luminescence means 520 can be excited under second excitation conditions Sp-2 for the purpose of luminescence, said second excitation conditions Sp-2 differing from the first excitation conditions Sp-1. The multi-luminescent security element 400 is additionally equipped with at least one absorber means 600 which prevents an excitation of the at least one first luminescence means 510 under the second excitation conditions Sp-2 for the purpose of luminescence.
The invention relates to a method for securely providing a personalized electronic identity on a terminal (2) which can be used by a user (1) for identification purposes when claiming an online service. In the method, an identification application is ran on a terminal (2), which is assigned to a user (1), in a system comprising data processing devices (9; 10; 11; 12) and said terminal (2), and additionally a personalization application and an identity provider application are ran. The method has the following steps in particular; transmitting a request to transmit an identity attribute assigned to the user (1) front the personalization application to the identity provider application; transmitting the identity attribute from the identity provider application to the personalization application after an agreement to transmit the identity attribute by means of the identity provider application is received from the user (1); generating an asymmetric key pair with a public and a private key on the terminal (2) by means of the identification application; transmitting the public-key from tire identification application on the terminal (2) to the personalization application; and generating an electronic certificate for the public-key by means of tire personalization application and storing the electronic certificate in a data storage device in order to form a first public-key infrastructure of the personalization application, additionally having the steps of: generating a hash value for the identity attribute and recording the hash value onto the electronic certificate. The identity attribute is encoded and transmitted together with the electronic certificate from the personalization application to the identification application (14) on the terminal (2), where both are stored in a local storage device of the terminal (2).
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
The method includes creating a signed output instruction for outputting a vehicle certificate, having a data record characterising the vehicle, using the blockchain, in the case of a valid signature, receiving the vehicle certificate, outputting the vehicle certificate, wherein the output vehicle certificate includes a machine-readable code, wherein the machine-readable code includes a private cryptographic key of an asymmetric key pair, wherein a public cryptographic key of the asymmetric key pair is identified in the blockchain as a check value for checking a signature of a read request for reading vehicle data of the vehicle certificate from the blockchain.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
The method includes creating and sending a change request for a change to the system configuration of the hardware system by means of a first hardware component of the plurality of hardware components, receiving the change request by means of the further hardware components of the plurality of hardware components, checking the change request by means of the further hardware components for compatibility of the change request with the configuration of the particular receiving hardware component by using configuration data of the receiving hardware component, in the case that the requested change to the system configuration is compatible with the configuration of the receiving hardware component, generating and sending an approval of the change to the system configuration by means of the receiving hardware component, and in the case that an approval quorum of the hardware components that is necessary for consent is achieved, entering the requested change to the system configuration of the hardware system into the block chain, implementing the requested change to the system configuration in the hardware system.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 11/18 - Error detection or correction of the data by redundancy in hardware using passive fault-masking of the redundant circuits, e.g. by quadding or by majority decision circuits
sending the resulting file fragments (F1-F4) by the web application over the network (178) to the storage services identified by the distribution plan (SD1-SD6).
G06F 21/78 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
H04L 67/02 - Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
H04L 67/1097 - Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
i to a predefined number of preceding blocks, wherein creating the bidirectional linking comprises performing a backward linking of the additional block to the predefined number of preceding blocks and performing a forward linking of the predefined number of preceding blocks to the additional block.
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
H04L 9/00 - Arrangements for secret or secure communications; Network security protocols
14.
Method for linking a first data block to a second data block, method for checking the integrity of a blockchain structure, device and computer program product
A method for obtaining a blockchain structure includes providing a first data block and a second data block, wherein a first data processing rule is assigned to first data of the first data block, and a second data processing rule is assigned to second data of the second data block. The first data processing rule is linked to the second data processing rule to obtain a third data processing rule, wherein the first data processing rule is executed before the second data processing rule when the third data processing rule is executed. The second data processing rule is linked to the first data processing rule to obtain a fourth data processing rule. When the fourth data processing rule is executed, the first data processing rule is executed after the second data processing rule. The third data processing rule is stored in the second data block and the fourth data processing rule is stored in the first data block to obtain the blockchain structure.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06F 16/901 - Indexing; Data structures therefor; Storage structures
A method for storing data in a tamper-proof manner in a data block structure. The method includes, for a group of data blocks, determining functions, which are assigned to the data blocks of the group and dependent on the data stored in the corresponding data block; creating a combination of all functions assigned to the data blocks of the group; and determining a combination-dependent coefficient for each function of the combination, so that the combination meets a predefined condition; and for each data block of the group, determining a control group of data blocks of the group assigned to the corresponding data block; and storing the coefficient that was determined for the function of the corresponding data block in all data blocks of the control group.
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 9/00 - Arrangements for secret or secure communications; Network security protocols
In one embodiment the method includes providing a bidirectionally linked blockchain structure; generating an additional block for expanding the blockchain structure, which includes the data to be stored and is intended to be linked bidirectionally to the last block of the blockchain structure, the last block of the blockchain structure including stored data; and calculating a first block-dependent linking function for bidirectionally linking the last block to the additional block. The calculation of the linking function including calculating a combined block-dependent check value of the last block and of the additional block, using the data stored in the last block and the data to be stored in the additional block; and associating the combined check value with a block-independent, linking process-specific function. The method further includes adding the first block-dependent linking function to the last block and to the additional block.
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06F 17/11 - Complex mathematical operations for solving equations
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
H03M 13/09 - Error detection only, e.g. using cyclic redundancy check [CRC] codes or single parity bit
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 9/00 - Arrangements for secret or secure communications; Network security protocols
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
The invention relates to a method for authenticating (400) a current user of a mobile, portable communication system (100) with respect to a server (150) by means of a behavior-based authentication.
The server (150) comprising a first interface and a second interface. The first interface is configured to communicate with at least one activatable device (152), and the second interface is configured to communicate with a mobile, portable communication system (100).
activating the device (152) by the server (150) by means of a control signal.
A system includes a first computer system (FCS) configured to receive an authentication request of a user with respect to the first authentication system (FAS), and communicate an unsuccessful authentication attempt. In response, a bridge computer system (BCS), is configured to request a user ID and receive at least the user ID; identify an address of a second computer system (SCS) based on the user ID; and initiate the second authentication system (SAS) using the address. The SCS, if the user has been successfully authenticated with respect to the SAS, is configured to communicate successful authentication to the BCS; and in response, the BCS is configured to send the FAS a confirmation message, and the FCS is configured to treat the user as authenticated.
The method includes generating an additional block for expanding a blockchain structure, which includes the data to be stored and is intended to be linked bidirectionally to the last block of the blockchain structure; calculating a first check value of the last block for bidirectionally linking the additional block to the last block of the blockchain structure; calculating a check value of the additional block for bidirectionally linking the additional block to the last block of the blockchain structure; adding the first check value of the last block to the last block and; adding the check value of the additional block to the additional block.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
21.
Distributed data storage by means of authorisation token
A file management server may include a processor, a network interface for operatively coupling the file management server to a user computer system and to memory services via a network. The file management server includes a file management application configured to receive an authorisation enquiry of the user computer system to store file fragments of a file via the network in a plurality of the memory services; and in response to the receipt of the authorisation enquiry, request an authorisation token from each of the memory services and forward, to the user computer system, authorisation tokens formed as URLs and obtained in response to the request. Each URL enables direct write or direct read access to a storage space of one of the memory services identified by the URL. Metadata that allows reconstruction of the file from the stored file fragments is protected against access by the memory services.
H04L 67/1097 - Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 21/33 - User authentication using certificates
G06F 11/10 - Adding special bits or symbols to the coded information, e.g. parity check, casting out nines or elevens
G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
22.
Security object having a dynamic and static window security feature and method for production
Bundesrepublik Deutschland, vertreten durch das Bundesministerium des Innern, vertreten durch das Bundeskriminalamt (Germany)
Inventor
Zernicek, Simone
Bosien, Andreas
Knebel, Michael
Leopold, Andre
Seidel, Uwe
Schneider, Ulrich
Abstract
A security object has a document body. A lens array is formed on a top side and first information is stored in the document body. The optical detectability of the first information through the lens array is dependent on a detection direction. The document body has a top view section, in which the document body has a material layer that is translucent or opaque, and adjacent thereto a window section, in which the document body is formed of a material transparent in volume between a top side and a bottom side. The lens array extends over part of the window section and over part of the top view section and spans a section boundary between the sections. The first information also is formed partially in the top view section and partially in the window section and, in the window section, laser-marked, static second information is stored in the document body.
A method for providing and checking the validity of a virtual document on a first computer system is disclosed. The virtual document is provided by means of a mobile second computer system for a first computer system. The method includes receiving a password-protected storage address of a first database at which the virtual document can be read, reading the virtual document, displaying the virtual document on a display of the first computer system, receiving a unique second identifier of the mobile second computer system, calculating a third identifier using the received second identifier and a hash value of the virtual document, identifying the database entry of the second database in which a first identifier of a first pairing consisting of the mobile second computer system and the first virtual document is stored, comparing the calculated third identifier with the first identifier stored in the identifier database entry.
G07F 7/10 - Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card together with a coded signal
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06Q 20/32 - Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check of credit lines or negative lists
G06Q 20/36 - Payment architectures, schemes or protocols characterised by the use of specific devices using electronic wallets or electronic money safes
G06Q 20/34 - Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
G06F 21/36 - User authentication by graphic or iconic representation
G06K 7/14 - Methods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
H04L 9/06 - Arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 29/06 - Communication control; Communication processing characterised by a protocol
24.
Method for integrating a hologram into a security document body and security document body
A method for integrating a hologram into the body of a security document that has a laminated body. The method includes: providing a holographic film having a backing substrate layer and a photo layer; providing additional substrate layers; carrying out a laminating process in order to form the laminated body, the holographic film together with the additional substrate layers being collated to form a substrate layer stack and being combined, together with the additional substrate layers, in a high-pressure, high-temperature laminating method to form the laminated body. There is also described a corresponding security document body.
B32B 33/00 - Layered products characterised by particular properties or particular surface features, e.g. particular surface coatings; Layered products designed for particular purposes not covered by another single class
B32B 37/02 - Methods or apparatus for laminating, e.g. by curing or by ultrasonic bonding characterised by a sequence of laminating steps, e.g. by adding new layers at consecutive laminating stations
B32B 37/18 - Methods or apparatus for laminating, e.g. by curing or by ultrasonic bonding characterised by the properties of the layers with all layers existing as coherent layers before laminating involving the assembly of discrete sheets or panels only
B42D 25/455 - Associating two or more layers using heat
B42D 25/46 - Associating two or more layers using pressure
B32B 37/00 - Methods or apparatus for laminating, e.g. by curing or by ultrasonic bonding
B32B 38/10 - Removing layers, or parts of layers, mechanically or chemically
B32B 37/20 - Methods or apparatus for laminating, e.g. by curing or by ultrasonic bonding characterised by the properties of the layers with all layers existing as coherent layers before laminating involving the assembly of continuous webs only
G03H 1/18 - Particular processing of hologram record carriers, e.g. for obtaining blazed holograms
An ID token includes a sensor, a communication interface, and a first microcontroller. The ID token includes a protected second microcontroller having at least one microcontroller communication interface, which is arranged in a holder of the ID token, wherein the microcontroller communication interface provides a data input and a data output. The first microcontroller is configured as a proxy for switching between the sensing of the measurement data by the sensor and forwarding of the sensed measurement data from the sensor to the first application of the protected second microcontroller by the microcontroller communication interface thereof on the one hand and forwarding of notifications for establishing a connection between the second application and the reading device and/or forwarding of APDUs by the connection between the second application and the reading device on the other hand.
G06F 21/74 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
G06F 21/83 - Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
H04L 29/06 - Communication control; Communication processing characterised by a protocol
26.
Value or security document from a fibre composite material and method for producing the value or security document
The mechanically stable value or security document 2000 according to the invention comprising an electric circuit 1270 is characterised by the following features: the document is formed of at least three document layers which are arranged in a stack 1700 and which are connected together face-to-face by a joining method, wherein a first document layer is formed by a circuit carrier layer 1200 which supports the electric circuit 1270, at least one second document layer is formed in each case by a compensation layer 1100 which has at least one opening 1120 and/or recess, and at least one third document layer is formed in each case by an outer cover layer 1300. The first 1200, the at least one second 1100, and the at least one third document layer 1300 are formed from a fibre composite material.
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
G07F 7/08 - Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card
B32B 3/08 - Layered products essentially comprising a layer with external or internal discontinuities or unevennesses, or a layer of non-planar form; Layered products essentially having particular features of form characterised by features of form at particular places, e.g. in edge regions characterised by added members at particular parts
B32B 5/26 - Layered products characterised by the non-homogeneity or physical structure of a layer characterised by the presence of two or more layers which comprise fibres, filaments, granules, or powder, or are foamed or specifically porous one layer being a fibrous or filamentary layer another layer also being fibrous or filamentary
B32B 5/22 - Layered products characterised by the non-homogeneity or physical structure of a layer characterised by the presence of two or more layers which comprise fibres, filaments, granules, or powder, or are foamed or specifically porous
B32B 3/26 - Layered products essentially comprising a layer with external or internal discontinuities or unevennesses, or a layer of non-planar form; Layered products essentially having particular features of form characterised by a layer with cavities or internal voids
B42D 25/22 - Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof characterised by a particular use or purpose for use in combination with accessories specially adapted for information-bearing cards
B42D 25/00 - Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof
G06K 19/02 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the selection of materials, e.g. to avoid wear during transport through the machine
G06F 21/32 - User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
A method for generating an electronic signature of a user for an electronic document including establishing a secure Internet session between a telecommunication terminal of a user and a signature server computer system; receiving a code from the signature server computer system via a separate and/or separately secured side channel by the telecommunication terminal; transmitting a combination of code and authentication information of the user via the secure Internet session to the signature server computer system; checking the validity of the combination of code and authentication information by the signature server computer system; and generating the electronic signature of the user by a high-security module of the signature server computer system, wherein the private key of the user for generating the electronic signature is stored in the high-security module.
H04L 9/00 - Arrangements for secret or secure communications; Network security protocols
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
G06F 21/43 - User authentication using separate channels for security data wireless channels
Methods, systems, and devices are described for warless communications. An apparatus may identifying a living person by recording a heat image of a person's facial area and detecting a local heat inhomogeneity in a predetermined detection range of the heat image in order to identify the living person. Identifying the living person may include detecting a heat pattern in a predetermined detection range and comparing the detected heat pattern to a heat reference sample. The predetermined detection range may be detected based on a heat image geometry, using pattern matching, by comparing the heat image to a white light image of a living person, or by masking the heat image.
Methods, systems, and devices are described for electronic access control. An electronic access control method for identifying a person within an access region is described. An identification document may be associated with the person. The method may include sensing an identification characteristic of the person in the access region based at least in part on the identification document using an identification sensing device; transmitting the identification characteristic using the identification sensing device to a biometric sensing device; and sensing a biometric characteristic of the person using the biometric sensing device within the access region in response to receipt of the identification characteristic to identify the person.
The invention relates to a security and/or value document having a security feature, to an ink for making the security feature, to a method for making such a security and/or value document, and to a method for verifying such a security and/or value document.
G07F 7/08 - Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card
G07D 7/0043 - Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using digital security elements, e.g. information coded on a magnetic thread or strip using barcodes
31.
Value or security document comprising an electronic circuit, and method for producing a value or security document
In order to provide a document of value or security document 1000 having an electronic circuit 1270 with increased mechanical stability, in particular to bending load, it is proposed to form the document of value or security document 1000 from at least two document layers 1100, 1200, 1300, 1400 arranged in a stack and connected to one another by means of a joining process, wherein the stack is formed by a supporting structure layer 1100 and a circuit carrier layer 1230 carrying the electronic circuit 1270. The supporting structure layer 1100 is formed from a fiber composite material.
The invention relates to a computer-implemented method for controlling access of a terminal (118) to an attribute (112) stored in an ID token (100), wherein the ID token (100) is associated with a user, wherein the method comprises receipt of an identification of the terminal (118) by the ID token (100) and checking by the ID token (100) if a session identification validly associated with the identification of the terminal (118) is stored in the ID token (100), wherein, if a session identification validly associated with the identification of the terminal (118) is stored in the ID token (100), the ID token (100) transmits the session identification to the terminal (118) and grants the terminal (118) access to the attribute (112), wherein a subsequent communication with access to the attribute (112) is carried out in an encrypted manner using a session-specific session key, wherein the session-specific session key is stored in the ID token (100) in a manner associated with the session identification or the identification of the terminal (118).
The invention relates to an LED module with a circuit which comprises an LED (106) and a resonant circuit (106, 108, 110) for coupling in energy for operation of the LED, wherein the circuit is formed without connections and is fully encapsulated in the LED module.
H01L 25/16 - Assemblies consisting of a plurality of individual semiconductor or other solid state devices the devices being of types provided for in two or more different main groups of groups , or in a single subclass of , , e.g. forming hybrid circuits
H05B 33/08 - Circuit arrangements for operating electroluminescent light sources
34.
Method for providing an access code on a portable device and portable device
The disclosure relates to a method for providing an access code on a portable device, which comprises a user interface and is set up for a wireless data communication, in which reference data for an authentication are stored in a central data processing system, wherein the reference data comprise personal data containing biometric reference data for a user of the portable device and a device identifier for the portable device, in response to a detected event, an authentication process is executed, in which the user is authenticated, wherein to authenticate the user, in the central data processing system and/or in the portable device, the reference data and authentication data are evaluated, which comprise personal authentication data for the user, including biometric authentication data, and an authentication device identifier for the portable device, and in response to a successful authentication, an access code is provided in the portable.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
H04W 4/029 - Location-based management or tracking services
G06F 21/34 - User authentication involving the use of external additional devices, e.g. dongles or smart cards
The invention relates to a method for storing data, wherein the method, in order to store a file (101), comprises: —automatic generation (602) of a distribution schedule (416); —performance (604) of an error correction method, which is specified in the distribution schedule, for generating file fragments from the file by a user computer system; —sending (606) of an authorisation enquiry (420) for storing the file fragments in the memory services (SD2, SD4-SD6) identified in the distribution schedule from the user computer system to a file management server via a network; —in response to reception of the authorisation enquiry by the file management server, requesting (608, 424) of an authorisation token by the file management server from each of the memory services identified in the distribution schedule and forwarding (610) of the authorisation token (428) obtained in response to the request to the user computer system by the file management server; and —storage (612) of the generated file fragments in the storage media (SM2, SM4-SM6) of the identified memory services by means of authorisation verification by the authorisation token by means of the user computer system bypassing the file management server; wherein metadata (312) that permit the reconstruction of the file from the stored file fragments are stored in the user computer system and/or the file management server and are protected against access by the memory services.
The method includes authenticating a chip card terminal to a chip card by a chip card operating system, verifying the authorization of the chip card terminal to load executable program instructions by the chip card operating system, storing data in a predefined memory region of the NVM, which data indicate a successful execution of the authentication and the verification, by the chip card operating system, starting execution of a boot loader by the chip card operating system and interrupting the execution of the chip card operating system following the start of the boot loader, reading the data from the predefined memory region by the boot loader, loading the program instructions from the chip card terminal into the NVM by the boot loader on the precondition that the data indicate the successful authentication and verification in the predefined memory region.
The invention relates to a method for making a structure with at least a first polymer layer and a second polymer layer, each made from a polycarbonate polymer based on bisphenol A, and in between the first polymer layer and the second polymer layer an intermediate layer being arranged, comprising the following steps: a) the intermediate layer is applied at least on a partial region of the first polymer layer, b) optionally the intermediate layer is dried, c) the first polymer layer is coated on the side, on which the intermediate layer is arranged, with a liquid preparation comprising a solvent or a mixture of solvents and a polycarbonate derivative based on a geminally disubstituted dihydroxydiphenyl cycloalkane, the preparation covering the intermediate layer, d) optionally a drying step is made after step c), e) after step c) or step d), the second polymer layer is placed on the first polymer layer, covering the intermediate layer, f) the first polymer layer and the second polymer layer are laminated with each other under pressure, at a temperature from 120° C. to 230° C. and for a defined time.
B32B 7/05 - Interconnection of layers the layers not being connected over the whole surface, e.g. discontinuous connection or patterned connection
B32B 27/08 - Layered products essentially comprising synthetic resin as the main or only constituent of a layer next to another layer of a specific substance of synthetic resin of a different kind
A document includes a sensor, at least one antenna, a first processor, a second processor, storage, and a switch. The first processor is configured to communicate with an external reading device via the antenna. The switch is configured to switch the antenna between a first stable state in which a communication is prevented between the first processor and the reading device, and a second stable state, in which a communication is possible between the first processor and the reading device. The sensor is configured to detect a first identification feature of a user of the document. The second processor is configured to compare the first identification feature with a second identification feature saved in the storage, wherein the second processor is configured to switch the switch to a second state if there is conformity between the first identification feature and the second identification feature.
G06K 19/06 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
G06K 7/08 - Methods or arrangements for sensing record carriers by means detecting the change of an electrostatic or magnetic field, e.g. by detecting change of capacitance between electrodes
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
Method for generating a digital signature for a digital content using a computer and trustworthy signature hardware connected thereto for data exchange, includes generating a message digest from the digital content by an application executed on the computer; generating descriptive data relating to the electronic digital signature; transmitting the message digest and the descriptive data to the trustworthy signature hardware; outputting the descriptive data at an output device of the trustworthy signature hardware; carrying out a user interaction as precondition for the continuation of the method; generating signature data from the message digest and the descriptive data by the trustworthy signature hardware; and transmitting the signature data from the trustworthy signature hardware to the computer and in particular the application.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A system includes a first computer system (FCS) configured to receive an authentication request of a user with respect to the first authentication system (FAS), and communicate an unsuccessful authentication attempt. In response, a bridge computer system (BCS), is configured to request a user ID and receive at least the user ID; identify an address of a second computer system (SCS) based on of the user ID; and initiate the second authentication system (SAS) using the address. The SCS, if the user has been successfully authenticated with respect to the SAS, is configured to communicate successful authentication to the BCS; and in response, the BCS is configured to send the FAS a confirmation message, and the FCS is configured to treat the user as authenticated.
A security element for a security and/or valuable document includes a matrix based on an organic polymeric material and at least one electrically conductive pigment dispersed in the matrix and at least one organic luminescent substance dispersed in the matrix. In the presence of the conductive pigment the luminescent substance is capable of non-contact excitation of light emission where the particle size is less than 200 nm. The luminescent substance is not encapsulated and is directly surrounded by the matrix and is embedded therein.
C09D 11/033 - Printing inks characterised by features other than the chemical nature of the binder characterised by the solvent
C09D 11/037 - Printing inks characterised by features other than the chemical nature of the binder characterised by the pigment
H01L 51/00 - Solid state devices using organic materials as the active part, or using a combination of organic materials with other materials as the active part; Processes or apparatus specially adapted for the manufacture or treatment of such devices, or of parts thereof
An identity card, comprising a card body and a physical unclonable function arranged within the card body, wherein the physical unclonable function comprises a first light influencing layer and a second light influencing layer.
G06K 19/02 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the selection of materials, e.g. to avoid wear during transport through the machine
G06K 19/06 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
The disclosure relates to a method for reading at least one attribute stored in an ID token, wherein the ID token is assigned to a user, said method comprising: determining, by a terminal, of whether a contact-based interface of the ID token is present and can be used for data exchange with the terminal. If the ID token does not have the contact-based interface or this cannot be used, implementing a zero-knowledge authentication protocol via a contactless interface of the terminal and ID token;
read access of the ID provider computer to the at least one attribute stored in the ID token.
H04L 29/00 - Arrangements, apparatus, circuits or systems, not covered by a single one of groups
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 21/43 - User authentication using separate channels for security data wireless channels
The invention relates to a datasheet (1) for integrating into a preferably book-like security and/or value document. The datasheet (1) is made of at least two stacked layers (2, 3) made of an organic polymer material. A textile (5) is arranged at least in a sub-region between the layers (2, 3) and outside of the layers (2, 3) so as to form a tab (4), and the textile (5) is at least partly coated on one or both sides and/or saturated with an organic binder (6) at least in the region between the layers (2, 3) and is bonded to the two layers (2, 3) by means of the binder (6).
G06K 19/02 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the selection of materials, e.g. to avoid wear during transport through the machine
B42D 25/387 - Special inks absorbing or reflecting ultraviolet light
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
B32B 5/18 - Layered products characterised by the non-homogeneity or physical structure of a layer characterised by features of a layer containing foamed or specifically porous material
B32B 37/14 - Methods or apparatus for laminating, e.g. by curing or by ultrasonic bonding characterised by the properties of the layers
B42D 25/465 - Associating two or more layers using chemicals or adhesives
C09D 11/03 - Printing inks characterised by features other than the chemical nature of the binder
B32B 5/02 - Layered products characterised by the non-homogeneity or physical structure of a layer characterised by structural features of a layer comprising fibres or filaments
B32B 27/12 - Layered products essentially comprising synthetic resin next to a fibrous or filamentary layer
C09D 11/102 - Printing inks based on artificial resins containing macromolecular compounds obtained by reactions other than those only involving unsaturated carbon-to-carbon bonds
45.
Process to access a data storage device of a cloud computer system
A process for accessing a data storage device of a cloud computer system CCS through a gateway computer system GCS which is connected with the CCS over a network, the process includes setting up a protected connection between a first piece of terminal equipment of the user and the GCS; transferring a file over the protected connection from the terminal equipment to the GCS; setting up a session over the network between the GCS and the CCS; authenticating the user with respect to the CCS by the GCS accessing, through the session, the authentication data of the user stored in the GCS, for authentication of the user; encrypting the file by the GCS using the cryptographic key; transferring the encrypted file through the session from the GCS to the CCS; and storing the encrypted file in the data storage device of the CCS.
A process for accessing a data storage device of a CCS through a GCS includes setting up a protected connection over the Internet between a first piece of terminal equipment of the user and the GCS by inputting the URL of the CCS into a program of the piece of terminal equipment, and using the modified DNS for name resolution of the URL, so that the protected connection is set up with the GCS instead of with the CCS; transferring a file over the protected connection from the terminal equipment to the GCS; setting up a session over the network between the GCS and the CCS; encrypting the file by the gateway computer system using the cryptographic key; transferring the encrypted file through the session from the GCS to the CCS; and storing the encrypted file in the data storage device of the CCS.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
H04L 29/12 - Arrangements, apparatus, circuits or systems, not covered by a single one of groups characterised by the data terminal
47.
Zinc sulphide phosphor having photo- and electroluminescent properties, process for producing same, and security document, security feature and method for detecting same
The present invention relates to a zinc sulphide phosphor and to a process for producing same. The invention further relates to a security document or document of value, to a security feature and to a method for detecting same. The phosphor according to the invention can act as electroluminescent phosphor and thus be excited by an electrical field, and this can result in emission of electroluminescent light in the blue and/or green color region of the visible spectrum. The phosphor can moreover be excited by UV radiation in the wavelength range than 345 nm to 370 nm, and can thus emit photoluminescent light in the blue color region of the visible spectrum. The phosphor can moreover be excited by UV radiation in the wavelength range from 310 nm in 335 nm, and can thus emit photoluminescent light in the green color region of the visible spectrum.
The invention relates to a method for reading at least one attribute stored in an ID token, wherein the ID token is assigned to a user, comprising the following steps: authenticating the user with respect to the ID token, authenticating a first computer system with respect to the ID token, after successful authentication of the user and the first computer system with respect to the ID token, read-access by the first computer system to the at least one attribute stored in the ID token for transfer of the at least one attribute to a second computer system.
G06Q 20/34 - Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check of credit lines or negative lists
G07F 7/10 - Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card together with a coded signal
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 12/24 - Arrangements for maintenance or administration
The invention relates to a device for verifying documents (100) having a light-transparent document support (101) for the receiving a document and a light non-transparent covering (103) for covering the light-transparent document support (101), the light non-transparent covering (103) comprises a lighting device (105) for screening the document.
G06K 9/74 - Arrangements for recognition using optical reference masks
B07C 5/00 - Sorting according to a characteristic or feature of the articles or material being sorted, e.g. by control effected by devices which detect or measure such characteristic or feature; Sorting by manually actuated devices, e.g. switches
B07C 1/00 - Measures preceding sorting of mail or documents according to destination
G07D 7/121 - Apparatus characterised by sensor details
G07D 7/12 - Visible light, infrared or ultraviolet radiation
The invention relates to a data sheet (1) for integration in a preferably book-like security and/or valuable document, wherein the data sheet (1) is formed of at least two stacked layers (2, 3) of an organic polymeric material, wherein at least in a partial section between the layers (2, 3) and outside of the layers (2, 3), a paper material layer (5) forming a flap (4) is disposed, and wherein the paper material layer (5) is coated and/or wet through on one or both sides at least in the region between the layers (2, 3) at least partially with an organic binding agent (6), and is bonded with the two layers (2, 3) by means of the binding agent (6).
Method and device for testing a security element (4) of a security document, the security element (4) being able to contain at least one substance (5) which has optically variable properties, including the following method steps:
R), and verifying the presence of a substance (5) which has optically variable properties as a function of the intensity (I) of the first component (RLp).
G07D 7/00 - Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
G07D 7/12 - Visible light, infrared or ultraviolet radiation
52.
Data page for a security document and/or value document
A method for producing a book-like security and/or value document includes: A) at least two layers of a data sheet formed from organic polymeric materials are brought together, one inner layer having smaller dimensions than at least one adjacent layer, the data sheet forming a gap or a step along an edge, the gap/step being filled with an auxiliary piece having a thickness which substantially corresponds to the thickness of the inner layer and formed from a material which is not laminable with the at least two layers, B) all layers of the stack of step A) are laminated with each other, not with the auxiliary piece, C) auxiliary piece is removed, D) a data sheet region of a cover tab is introduced into the gap/step and connected with the data sheet, E) a cover region of the cover tab is bound into the cover of the security and/or value document.
The invention relates to the use of a preparation comprising A) 0.1 to 20 wt % of a binding agent with a polycarbonate derivative based on a geminally disubstituted dihydroxydiphenyl cycloalkane, B) 30 to 99.9 wt % of an organic solvent or of a mixture of solvents, C) 0 to 10 wt %, referred to dry mass, of a dye or of a mixture of dyes, D) 0 to 10 wt % of a functional material or of a mixture of functional materials, E) 0 to 30 wt % of additive and/or auxiliary substances, or of a mixture of such substances, the relative amounts of the components A) to E) always totaling 100 wt %, as an ink jet printing dye.
B29C 45/00 - Injection moulding, i.e. forcing the required volume of moulding material through a nozzle into a closed mould; Apparatus therefor
B32B 27/08 - Layered products essentially comprising synthetic resin as the main or only constituent of a layer next to another layer of a specific substance of synthetic resin of a different kind
B32B 27/20 - Layered products essentially comprising synthetic resin characterised by the use of special additives using fillers, pigments, thixotroping agents
C09D 11/102 - Printing inks based on artificial resins containing macromolecular compounds obtained by reactions other than those only involving unsaturated carbon-to-carbon bonds
B29K 69/00 - Use of polycarbonates as moulding material
The invention relates to a mobile proximity coupling device (100) for inductive coupling with an integrated circuit of a proximity object, the integrated circuit comprising a coupling interface for inductive coupling, the mobile proximity coupling device (100) comprising a contactless interface (107) for inductive coupling with the coupling interface of the integrated circuit; a processor (109) for determining a quality indicator indicating a quality of the inductive coupling; and a display (111) for displaying a desired change of position of the mobile proximity coupling device relatively to the proximity object if the quality indicator indicates an insufficient quality of the inductive coupling.
The invention relates to a mobile proximity coupling device (100) for inductive coupling with an integrated circuit of a proximity object, the integrated circuit comprising a coupling interface for inductive coupling, the proximity coupling device (100) comprising a contactless interface (107) being configured to inductively transmit a first number of commands towards the integrated circuit, and, after transmitting a respective command, to wait for a reception of a dedicated answer to the respective command from the integrated circuit within a predetermined time interval; and a processor (109) being configured to determine a quality indicator upon the basis of a second number of received dedicated answers to the first number of commands, the quality indicator indicating a quality of an inductive coupling between the contactless interface and the coupling interface of the integrated circuit.
The invention provides a method and a device which enable laser markings to be performed and reduce the need of intervention by a service technician and still enable accurate grey scale markings to be performed reliably. Embodiments of the invention relate to a method and a device such that the device for laser marking is equipped with a measuring head which measures a laser output or laser pulse energy absolutely and using a measurement result thus obtained in order to change and suitably adapt an assignment function which assigns laser control values to grey scale values.
This invention relates to a security product or product of value (100) with a passive, electroluminescent security element (10) which includes a field-induced electroluminescent component (20) (EL component). The EL component (20) contains an electroluminescent laminate (30) disposed between two electrodes (22, 24), which at least comprises an electroluminescent dye embedded in a transparent dielectric material. The laminate (30) consists of just a single layer that directly adjoins the electrodes (22, 24). This invention further relates to an associated production method.
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
H05B 33/12 - Light sources with substantially two-dimensional radiating surfaces
In order to increase the security of value or security documents 100, a multi-luminescent security element 400 is provided which contains at least one first luminescence means 510 and at least one second luminescence means 520. The first luminescence means 510 can be excited under first excitation conditions Sp-1 for the purpose of luminescence, and the second luminescence means 520 can be excited under second excitation conditions Sp-2 for the purpose of luminescence, said second excitation conditions Sp-2 differing from the first excitation conditions Sp-1. The multi-luminescent security element 400 is additionally equipped with at least one absorber means 600 which prevents an excitation of the at least one first luminescence means 510 under the second excitation conditions Sp-2 for the purpose of luminescence.
The disclosure relates to a device for capturing person-specific data of a person, wherein the person-specific data comprises a facial image of the person, wherein the device has a camera for recording the facial image of the person, a lighting apparatus, and a semi-transparent mirror, wherein the semi-transparent mirror is arranged between the person and the camera, wherein the semi-transparent mirror is oriented such that, on the side of the semi-transparent mirror facing towards the person, the optical path of light incident on the semi-transparent mirror is parallel to the optical path of the portion of this light reflected back by the semi-transparent mirror, wherein the lighting apparatus is used to illuminate the person from the front, wherein the device also has a control unit for capturing an image, by generating light by means of the lighting apparatus in order to illuminate the face of the person and, during the illumination, capturing a first image of the face of the person by means of the camera, capturing a second image of the face of the person by means of the camera without generation of the light, forming a first differential image of the first image and the second image, wherein in the first differential image the face of the person is freed from the background, wherein the person-specific data comprises the first differential image as the facial image.
A mobile terminal is provided by an issuing authority for capturing biometric data of a user for transmission to a security document. The mobile terminal includes a data storage unit containing a credential, an authentication module, a sensor for capturing the biometric data of the user and a control unit that is configured to capture the biometric data of the user only upon successful reciprocal authentication of the user and the mobile terminal. An authenticity test module tests the authenticity of the captured biometric data captured. If authentic, the captured biometric data is stored in the data storage unit in protected form. Readout of the biometric data from the mobile terminal, by an operator of the issuing authority, is permitted only if the operator has been authenticated to the mobile terminal using additional authentication data.
G06F 21/32 - User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
G06F 3/0484 - Interaction techniques based on graphical user interfaces [GUI] for the control of specific functions or operations, e.g. selecting or manipulating an object, an image or a displayed text element, setting a parameter value or selecting a range
G06K 9/00 - Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
In various embodiments, a chip card module is provided that can have: a chip card module support; a wiring structure that is arranged on the chip card module support; an integrated circuit that is arranged on the chip card module support and is electrically coupled to the wiring structure; a chip card module antenna that is arranged on the chip card module support and is electrically coupled to the wiring structure, and a lighting device that is arranged on the chip card module support and is electrically coupled to the wiring structure.
The disclosure relates to a method for authenticating a user to a machine: generating a challenge by the machine, generating a first pattern, in which the challenge is coded, by the machine, displaying the first pattern on a display device of the machine, optically recording the first pattern by a user device, decoding the first pattern to receive the challenge by the user device, generating a response to the challenge by the user device, generating a second pattern, in which the response is coded, by the user device, displaying the second pattern on a display device of the user device, optically recording the second pattern by the machine, decoding the second pattern to receive the response by the machine, checking the correctness of the response by the machine, and, on the condition that the response is correct, fulfilling a function by the machine.
A method is proposed for providing position data for a chip card having portions for receiving or detecting position data of a localization unit by the localization unit, wherein the localization unit is spatially separate from the chip card; transmitting the position data from the localization unit to the chip card via a contactless interface with use of a cryptographic protocol; executing a distance-bounding protocol between the chip card and the localization unit, wherein the distance-bounding protocol then concludes successfully precisely when the spatial distance between the chip card and localization unit does not exceed a predefined maximum distance; and executing a chip card function with successful conclusion of the distance-bounding protocol, wherein the chip card function uses the transmitted position data as position data specifying the current position of the chip card.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04W 64/00 - Locating users or terminals for network management purposes, e.g. mobility management
G06Q 20/32 - Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
G06Q 20/34 - Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
An easily producible security feature according to the invention contains at least one luminescence device on and/or in a product carrier. Additionally, the security feature contains, in and/or on the product carrier, at least one absorptive spectral filter for luminescence radiation exiting from the at least one luminescence device, such that a color impression results both under illumination with visible radiation and under luminescence illumination conditions.
G07D 7/00 - Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
G07D 7/2033 - Matching unique patterns, i.e. patterns that are unique to each individual paper
B42D 25/00 - Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof
G07D 7/005 - Testing security markings invisible to the naked eye, e.g. verifying thickened lines or unobtrusive markings or alterations
B42D 25/387 - Special inks absorbing or reflecting ultraviolet light
The invention relates to a security and/or value document having a security feature, to an ink for making the security feature, to a method for making such a security and/or value document, and to a method for verifying such a security and/or value document.
B42D 25/36 - Identification or security features, e.g. for preventing forgery comprising special materials
B42D 25/382 - Special inks absorbing or reflecting infrared light
G07D 7/06 - Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using wave or particle radiation
A method and a device check a security element of a security document. The security element contains at least one particulate substance with electroluminescent properties and at least one field suppression element. The method includes applying an electric excitation field to the security element, generating an optical image of at least one region of the security element after or during the production of the electric excitation field, and detecting local intensity maxima in the optical image. The security element is verified if a number of local intensity maxima present at different image positions is greater than or equal to a specified number, the number being at least two.
G06K 9/00 - Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
G06K 9/46 - Extraction of features or characteristics of the image
G07D 7/00 - Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
An identity card, comprising a card body and a physical unclonable function are arranged within the card body, wherein the physical unclonable function comprises a first light influencing layer and a second light influencing layer.
G06K 19/02 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the selection of materials, e.g. to avoid wear during transport through the machine
G06K 19/06 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
B42D 25/00 - Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof
The method relates to a method for generating a soft token, having the following: providing a secure element, wherein, in a protected storage area of the secure element, a secret key of a first asymmetric cryptographic key pair is stored, setting up a first cryptographically secured connection between an electronic device and a service computer system, transmitting a request for the generation of the soft token from the electronic device to the service computer system via the first connection, generating a one-time password on the basis of the reception of the request by the service computer system, registering the one-time password as an identifier of the first connection by the service computer system, transmitting the one-time password from the service computer system to the electronic device via the first connection, issuing the one-time password via a user interface of the electronic device, setting up a second cryptographically stored connection between a user computer system and the service computer system, entering the one-time password into the user computer system, transmitting the entered one-time password from the user computer system to the service computer system via the second connection, verifying, by means of the service computer system, whether the registered one-time password is in agreement with the one-time password received via the second connection, and only if this is the case, reading at least one attribute stored in an ID token, generating the soft token by signing the at least one attribute and the public key of the first cryptographic key pair, transmitting the soft token via the first connection to the electronic device and/or transmitting the soft token via the second connection to the user computer system.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 21/35 - User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
G06F 21/42 - User authentication using separate channels for security data
70.
Security feature with a color progression structure for a value product and/or security product, and value product and/or security document having the security feature
A novel security feature for a valuable and/or security product is formed by a pattern that is formed on at least one carrier surface and has a color progression structure that is formed with a digital printing method from pattern elements arranged in a grid. The color progression structure is produced with at least two luminescence media that exhibit spectrally different luminescences. The valuable and/or security product according to the invention has one or more product carriers and at least one security feature that is arranged on or in the product carrier or carriers.
The invention relates to a security element (2), in particular in the form of a multi-layer flexible film body, with a top side facing an observer and a back side facing away from the observer, as well as a method for the production thereof. The security element (2) has one or more light-emitting elements arranged in a first area (30) of the security element which radiate light when activated and in particular are formed in each case of a self-luminous, electrically operated, display element. The security element (2) has, in the first area (30), one or more transmissive diffraction structures. The one or more transmissive diffraction structures are arranged such that at least a part of the light radiated by the activated one or more light-emitting elements transmits through at least one partial area of the transmissive diffraction structures.
The invention relates to a method for reading at least one attribute stored in an ID token, wherein the ID token is assigned to a user, comprising the following steps: authenticating the user with respect to the ID token, authenticating a first computer system with respect to the ID token, after successful authentication of the user and the first computer system with respect to the ID token, read-access by the first computer system to the at least one attribute stored in the ID token for transfer of the at least one attribute to a second computer system.
G06Q 20/34 - Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check of credit lines or negative lists
G07F 7/10 - Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card together with a coded signal
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
The invention relates to a document scanning device having a document bed for placement of an identification document, a detection apparatus for detecting an actual position of the identification document on the document bed and a display apparatus for displaying a reference to the target position of the identification document on the document bed.
G06K 9/32 - Aligning or centering of the image pick-up or image-field
G07D 7/00 - Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
G07D 7/17 - Apparatus characterised by positioning means or by means responsive to positioning
74.
Method for producing security document blanks that can be personalized in color, security documents personalized in color, and method for personalization
A method for producing a document blank or a security document includes providing a substrate layer having a metal layer or applying a metal layer to a substrate layer, forming a color-effective pattern in or on the metal layer, in which the pattern has a pixel structure and each pixel includes at least two subpixels which cause a monochromatic color effect, and joining together the substrate layer and at least one further transparent substrate layer to form a document body. A security document blank, a personalized security document and a method for the laser personalization of security document blanks in color are also provided.
B41J 2/44 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of radiation to a printing material or impression-transfer material using single radiation source, e.g. lighting beams or shutter arrangements
G03H 1/22 - Processes or apparatus for obtaining an optical image from holograms
G03H 1/30 - Processes or apparatus specially adapted to produce multiple holograms or to obtain images from them, e.g. multicolour technique discrete holograms only
B42D 25/455 - Associating two or more layers using heat
B42D 25/46 - Associating two or more layers using pressure
75.
System and method for individualizing security documents
A method for individualizing a security document includes providing a document blank with a lamination body; printing on at least one outer surface of the lamination body with a digital printing device to introduce individualization information into the lamination body. The document blank with the lamination body has an outer layer in an individualization region with an outer material layer adjacent to the at least one outer surface formed with perforation openings penetrating the outer material layer to an information layer. The individualization information is printed onto the outer surface with at least some of the individualization information printed onto the information layer through the perforation openings. A system for individualizing documents is configured to print individualization information onto the information layer through the perforation openings.
B42D 25/00 - Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof
B32B 27/08 - Layered products essentially comprising synthetic resin as the main or only constituent of a layer next to another layer of a specific substance of synthetic resin of a different kind
B32B 3/26 - Layered products essentially comprising a layer with external or internal discontinuities or unevennesses, or a layer of non-planar form; Layered products essentially having particular features of form characterised by a layer with cavities or internal voids
A method for initializing a memory area associated with a smart meter, establishing a first communication channel between a first computer system and a security module, the security module being associated with a memory area, and the first computer system being associated with a set of computer systems interconnected via a network; authenticating the first computer system with respect to the security module; once the first computer system has been successfully authenticated, the security module receiving data from the first computer system by secure transmission and storage of the data in the memory area in order to initialize the memory area, communication between a second computer system of a utility company and/or operator of the measuring system and the security module being only possible while bypassing the first computer system, owing to the stored data, the second computer system being a computer system of the set of computer systems.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 21/70 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
H04W 4/20 - Services signalling; Auxiliary data signalling, i.e. transmitting data via a non-traffic channel
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04W 4/00 - Services specially adapted for wireless communication networks; Facilities therefor
77.
Contactless data transmission device, security and/or valuable document including the same and method for manufacturing the contactless data transmission device
This present invention serves to simplify manufacture of a contactless data transmission device (50). This device (50) has an electrically insulating carrier (1), a circuit element arranged on the carrier (1) made from a continuous antenna conductor track (2) in the form of at least one spiral winding (4, 5, 6) and respectively one terminal contact (15, 16) at the ends thereof as well as an electronic component (3) with at least two contact points (11, 12) electrically connected with the circuit element. The electronic component (3) is placed in a mounting region (10) above the at least one spiral winding (4, 5, 6). The at least two contact points (11, 12) of the component (3) are electrically connected with a respective terminal contact (15, 16) of the antenna conductor track (2). At least one spiral winding (4, 5, 6) is branched outside the mounting region (10) between two respective branching points (7′, 7″; 8′, 8″; 9′, 9″) into at least two spiral winding branches (4′, 4″; 5′, 5″; 6′, 6″). The data transmission device (50) is a component part of a valuable and/or security document (100).
A method for reading at least one attribute stored in an ID token assigned to a user involving: authenticating the user to the ID token, authenticating a first computer system to the ID token, and, assuming successful authentication of the user and the first computer system to the ID token, read access by the first computer system to the at least one attribute stored in the ID token for transmission of the at least one attribute to a second computer system, and generating of a time indication for the at least one attribute by the first computer system.
G06F 7/04 - Identity comparison, i.e. for like or unlike values
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
G06F 17/30 - Information retrieval; Database structures therefor
H04L 29/06 - Communication control; Communication processing characterised by a protocol
G06F 21/33 - User authentication using certificates
G06F 21/34 - User authentication involving the use of external additional devices, e.g. dongles or smart cards
G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
A method for reading at least one attribute stored in an ID token using first, second and third computer systems, wherein the third computer system comprises a browser and a client, and wherein a service certificate is assigned to the second computer system, wherein the service certificate comprises an identifier which is used to identify the second computer system, wherein the ID token is assigned to a user, a first cryptographically protected connection (TLS1) is set up between the browser of the third computer system and the second computer system, wherein the third computer system receives a first certificate, the first certificate is stored by the third computer system, the third computer system receives a signed attribute specification via the first connection, a second cryptographically protected connection (TLS2) is set up between the browser of the third computer system and the first computer system, wherein the third computer system receives a second certificate, the signed attribute specification is forwarded from the third computer system to the first computer system via the second connection, the first computer system accesses an authorization certificate, wherein the authorization certificate comprises the identifier, a third cryptographically protected connection (TLS3) is set up between the first computer system and the client of the third computer system, wherein the third computer system receives the authorization certificate containing the identifier via the third connection, the client of the third computer system checks whether the first certificate comprises the identifier as proof of the fact that the first certificate matches the service certificate, the user is authenticated with respect to the ID token, the first computer system is authenticated with respect to the ID token, a fourth cryptographically protected connection with end-to-end encryption is set up between the ID token and the first computer system, after the user and the first computer system have been successfully authenticated with respect to the ID token, the first computer system has read access to the at least one attribute stored in the ID token via the fourth connection in order to read the one or more attributes specified in the attribute specification from the ID token,—the first computer system transmits the at least one attribute to the second computer system after said attribute has been signed.
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04L 29/06 - Communication control; Communication processing characterised by a protocol
G06F 21/33 - User authentication using certificates
G06F 21/34 - User authentication involving the use of external additional devices, e.g. dongles or smart cards
G06F 21/41 - User authentication where a single sign-on provides access to a plurality of computers
80.
Method for communication of energy consumption-specific measurement data elements between a smart meter device and a computer system of a utility company and/or operator of a measuring system
A method for communicating energy consumption-specific measurement data elements recorded by a smart meter between a smart meter device and a first computer system of a utility company and/or operator of a measuring system, the device having a security module, said security module serving as the sole communication interface between of the device with the first computer system, the device having configuration data required for its operation, and the device being associated with an indication of those measurement data elements and/or configuration data for which the first computer system has a read access authorization, the method comprising: establishing a first communication channel between the first computer system and the security module, mutually authenticating the computer system and the security module, authentication being carried out with the aid of a first certificate of the security module and a second certificate of the first computer system; once mutual authentication has been completed, transmitting via the security module at least a part of the measurement data elements and/or configuration data specified in the indication to the first computer system by a secured transmission.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
H04W 4/00 - Services specially adapted for wireless communication networks; Facilities therefor
81.
Document, method for authenticating a user, in particular for releasing a chip card function, and computer system
A document having a non-volatile memory area for storing a secret identifier that has a first n-digit character sequence from a predefined character set; a random generator for selecting at least one character from the predefined character set for replacement of at least one character of the first character sequence, such that a second n-digit character sequence is defined as a result of this replacement; a volatile memory area for storing the at least one selected character; a display device for displaying the at least one selected character; an interface for inputting a third character sequence; and a processor element for authenticating the user to the document, wherein the processor element is configured to access the non-volatile memory area and the volatile memory area in order to read the second character sequence and check for a match between the second and third character sequences in order to authenticate the user.
A method for calling up a client program: transmitting a message to a server computer system using an Internet browser, wherein the message contains at least one parameter for communication of the client program with the Internet browser; dynamically generating a URL by the server computer system, wherein the URL calls up the client program according to a URL scheme, wherein the URL contains the at least one parameter; transmitting a website having the URL from the server computer system to the user computer system and displaying the website having the URL in a browser window of the Internet browser for selection by a user; starting the client program on a user computer system and imputing the at least one parameter into the client program on the basis of the selection of URL by the user; and communicating a result.
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
G06F 21/34 - User authentication involving the use of external additional devices, e.g. dongles or smart cards
G06F 21/42 - User authentication using separate channels for security data
H04L 29/06 - Communication control; Communication processing characterised by a protocol
An apparatus for document identification, having a capture device for capturing a document feature of a document, a processor that is designed to perform document identification locally using the document feature if a processing criterion for the local performance of document identification by means of the apparatus for document identification is satisfied, and a transmitter that is designed to send a data record that is dependent on the document feature via a communication network to a communication network address if the processing criterion for the local performance of document identification by means of the apparatus for document identification is not satisfied.
G06K 9/18 - Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints using printed characters having additional code marks or containing code marks, e.g. the character being composed of individual strokes of different shape, each representing a different code value
G07D 7/12 - Visible light, infrared or ultraviolet radiation
A method is provided for generating a soft token by which attributes of a user may be authenticated. A request to generate the soft token is transmitted from an electronic device of the user to a service provider computer via a first secure connection. After receiving the request, the service computer generates a one-time password, records the password as a session identifier, and transmits the password to the electronic device. The password is output by the electronic device via a user interface. The user enters the password into a user computer system, from where it is transmitted, via a second secure connection, to the service computer system. If the recorded password agrees with the received password, one or more attributes are read from an ID token of the user and a corresponding soft token is generated and transmitted to the electronic device or user computer system.
The invention relates to a method for reading data (120) from a document (104) using a reader (102), wherein the reader forms the primary side of a transformer (110), wherein the document has an electronic memory (118) for storing the data, processor means (114) for reading the data from the memory and at least one electrical load (128, 130, 132) which can be actuated by the processor means, wherein the document forms the secondary side of the transformer, and wherein the processor means and the at least one load are coupled to the secondary side for the purpose of supplying power, having the following steps: a primary-side voltage (U) is applied to the primary side for the purpose of injecting power into the secondary side, the at least one load is actuated by the processor means, as a result of which a time-variant secondary-side load is formed which prompts the primary-side voltage to undergo modulation, the modulation of the primary-side voltage is evaluated by the reader in order to execute read access for the purpose of reading the data on the basis of a result of the evaluation.
H04N 1/00 - PICTORIAL COMMUNICATION, e.g. TELEVISION - Details thereof
G08B 13/14 - Mechanical actuation by lifting or attempted removal of hand-portable articles
H01F 29/04 - Variable transformers or inductances not covered by group with provision for rearrangement or interconnection of windings having provision for tap-changing without interrupting the load current
G06K 7/00 - Methods or arrangements for sensing record carriers
G06K 7/10 - Methods or arrangements for sensing record carriers by corpuscular radiation
G06K 19/02 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the selection of materials, e.g. to avoid wear during transport through the machine
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
G06K 19/073 - Special arrangements for circuits, e.g. for protecting identification code in memory
G06K 19/10 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code using markings of different kinds in the same record carrier, e.g. one marking being sensed by optical and the other by magnetic means at least one kind of marking being used for authentication, e.g. of credit or identity cards
86.
Laser apparatus and method for processing objects with a laser which is controllable in terms of the pulse energy
A laser processing apparatus, a filter device and a method are used for controlling a pulse laser, which is controllable in terms of its pulse energy and of a temporal triggering of laser pulses, during material processing of an object, in particular during the marking of a plastics-based document. The method includes comparing a pulse energy signal which assumes voltage values, in temporal correlation with a clock signal, which represent a pulse energy for the laser pulses for processing, with a threshold value condition and generating a logic result signal. The clock signal is passed to a gate and controlling the gate using the logic result signal and generating a retrieval signal thereby. An energy control signal is provided which has a voltage according to a specification of a control voltage. The retrieval signal and the energy control signal are used to control the pulse laser.
H01S 3/10 - Controlling the intensity, frequency, phase, polarisation or direction of the emitted radiation, e.g. switching, gating, modulating or demodulating
The invention relates to a method for generating a certificate for signing electronic documents by means of an ID token (106), having the following steps: —sending (201) a transaction request for a user to carry out a transaction, —as a result of the sending of the transaction request, a check is carried out as to whether the certificate (519) is available and if this is not the case, carrying out the following steps: generating (206) an asymmetrical key pair consisting of a private key and a public key using an ID token, said ID token (106) being assigned to the user; storing (207) the generated asymmetrical key pair on the ID token, wherein at least the private key is stored in a protected memory region of the ID token; transmitting (208; 509) the generated public key (518) to a first computer system, and generating (209) the certificate (519) by means of the first computer system for the public key.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
88.
RFID reading device, RFID system, method for controlling the transmitting power of an RFID reading device, and computer program product
The invention relates to an RFID reading devices having: transmitting means for generating a field for inductively coupling to an RFID transponder; measuring means for measuring a field strength of the field; and control means for controlling the transmitting power on the basis of the measured field strength.
G08B 13/14 - Mechanical actuation by lifting or attempted removal of hand-portable articles
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
G06K 7/00 - Methods or arrangements for sensing record carriers
G06K 7/10 - Methods or arrangements for sensing record carriers by corpuscular radiation
The invention relates to a method for reading at least one attribute stored in an ID token (106, 106′) using first (136), second (150) and third (100) computer systems, wherein the third computer system comprises a browser (112) and a client (113), and wherein a service certificate (144) is assigned to the second computer system, wherein the service certificate comprises an identifier which is used to identify the second computer system, wherein the ID token is assigned to a user (102), having the following steps: —a first cryptographically protected connection (TLS1) is set up between the browser of the third computer system and the second computer system, wherein the third computer system receives a first certificate (176), —the first certificate is stored by the third computer system, —the third computer system receives a signed attribute specification (182) via the first connection, —a second cryptographically protected connection (TLS2) is set up between the browser of the third computer system and the first computer system, wherein the third computer system receives a second certificate (190), —the signed attribute specification is forwarded from the third computer system to the first computer system via the second connection, —the first computer system accesses an authorization certificate (186), wherein the authorization certificate comprises the identifier, —a third cryptographically protected connection (TLS3) is set up between the first computer system and the client of the third computer system, wherein the third computer system receives the authorization certificate containing the identifier via the third connection, —the client of the third computer system checks whether the first certificate comprises the identifier as proof of the fact that the first certificate matches the service certificate, —the user is authenticated with respect to the ID token, —the first computer system (136) is authenticated with respect to the ID token, —a fourth cryptographically protected connection with end-to-end encryption is set up between the ID token and the first computer system, —after the user and the first computer system have been successfully authenticated with respect to the ID token, the first computer system has read access to the at least one attribute stored in the ID token via the fourth connection in order to read the one or more attributes specified in the attribute specification from the ID token, —the first computer system transmits the at least one attribute to the second computer system (150) after said attribute has been signed.
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
G06K 7/00 - Methods or arrangements for sensing record carriers
91.
Article of manufacture having biometric data evaluation capability
An article of manufacture having a document body constructed from document layers arranged on top of each other, with a first document layer having an evaluation unit, a second document layer having a first acquisition unit for collecting first biometric data, a third document layer having a second acquisition unit for collecting second biometric data, wherein the evaluation unit is connected to the first and second acquisition units in order to receive the first and second biometric data, the evaluation unit constructed for evaluating the first and second biometric data in order to activate a function of the article of manufacture depending on a result of the evaluation.
G06F 21/00 - Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
B42D 25/00 - Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 21/32 - User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
G07C 9/00 - Individual registration on entry or exit
92.
Electronic document having a component of an integrated display and a component of an electronic circuit formed on a common substrate and a method of manufacture thereof
An electronic document, and a method of manufacture thereof, which includes a component of an integrated display and component of an electronic circuit formed on a common substrate. The electronic circuit is coupled to the integrated display to enable display of information. At least a portion of a component of the integrated display and a component of the electronic circuit are formed at the same time during a process.
A method for reading at least one attribute stored in an ID token assigned to a user involving the steps of: authenticating the user to the ID token, authenticating a first computer system to the ID token, and, assuming successful authentication of the user and the first computer system to the ID token, read access by the first computer system to the at least one attribute stored in the ID token for transmission of the at least one attribute to a second computer system, and generating of a time indication for the at least one attribute by the first computer system.
G06F 7/04 - Identity comparison, i.e. for like or unlike values
G06F 15/16 - Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
G06F 17/30 - Information retrieval; Database structures therefor
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
G06F 21/34 - User authentication involving the use of external additional devices, e.g. dongles or smart cards
after successful authentication of the user and the first computer system with respect to the ID token, read access of the first computer system to the at least one attribute stored in the ID token, generation of a first soft token through providing a signature to the at least one attribute read from the ID token via the first computer system, sending the first soft token to a device.
The invention relates to an RFID reader having a transmitting antenna (102) and a receiving antenna (104), wherein the transmitting antenna is located a first distance (114) from the receiving antenna, wherein the transmitting antenna has transmitting antenna coils (106) situated in a first plane (108), and wherein the receiving antenna has receiving antenna coils (110) situated in a second plane (112), and having means (130, 132) for positioning an RFID document at a position located a second distance (148) from the transmitting antenna, wherein the transmitting antenna is situated between the receiving antenna and the position.
H01Q 7/00 - Loop antennas with a substantially uniform current distribution around the loop and having a directional radiation pattern in a plane perpendicular to the plane of the loop
G06K 7/10 - Methods or arrangements for sensing record carriers by corpuscular radiation
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
G06K 7/00 - Methods or arrangements for sensing record carriers
The invention relates to a sandwich structure (1) comprising a flexible Organic Light Emitting Diode (OLED) (2), wherein the opposite outer surfaces (3, 4) of said OLED (2) consist of a glass material, and at least one layer (5, 6) provided on at least one of said outer surfaces (3, 4) of said OLED (2) and comprising an organic polymer material, wherein said layer (5, 6) comprising an organic polymer material and said outer surface (3, 4) consisting of glass are bonded to each other in a stacking manner by a bonding layer (7, 8).
H01J 1/63 - Luminescent screens; Selection of materials for luminescent coatings on vessels characterised by the luminescent material
H01J 9/20 - Manufacture of screens on or from which an image or pattern is formed, picked-up, converted or stored; Applying coatings to the vessel
H01J 9/00 - Apparatus or processes specially adapted for the manufacture of electric discharge tubes, discharge lamps, or parts thereof; Recovery of material from discharge tubes or lamps
B32B 17/10 - Layered products essentially comprising sheet glass, or fibres of glass, slag or the like comprising glass as the main or only constituent of a layer, next to another layer of a specific substance of synthetic resin
B32B 27/06 - Layered products essentially comprising synthetic resin as the main or only constituent of a layer next to another layer of a specific substance
H01L 51/52 - Solid state devices using organic materials as the active part, or using a combination of organic materials with other materials as the active part; Processes or apparatus specially adapted for the manufacture or treatment of such devices, or of parts thereof specially adapted for light emission, e.g. organic light emitting diodes (OLED) or polymer light emitting devices (PLED) - Details of devices
A verification apparatus for security documents having at least one diffractive and/or reflective security feature, includes a support device having a support surface or plane for receiving the security documents, an optical capturing device, an illuminating device for illuminating the security document, and an evaluation device which evaluates information detected by the capturing device to perform a verification of the at least one security feature. A screen is disposed between the support surface or plane and the capturing device. Light diffracted or reflected by the at least one security feature can be imaged on the screen for detection by the capturing device. The screen can be controlled with regard to at least one optical property, particularly the opacity thereof. A verification method, wherein the opacity of the screen is varied, is also provided.
H04L 9/00 - Arrangements for secret or secure communications; Network security protocols
H04L 9/32 - Arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system
100.
Card reader device for contactless readable cards and method for operating said card reader device
A card reader device is configured to carry out communication with a contactless readable card according to standard ISO/IEC 14443 type B. In order to provide that a modulation index, which self-adjusts in close range in a presence of a contactless readable card, corresponds to a desired specified modulation index, the magnetic field is received and evaluated via a reception antenna of the card reader device. The modulation index is controlled or regulated accordingly in case of deviations between a measured modulation index and a specified value for the modulation index in order to approximate the measured modulation index to the specified value.
patents
