The invention relates to a method in a first participating unit, preferably a first security element, having an electronic coin data set which is registered in a coin register of a payment system. The method has the steps of: generating a transaction data set relating to the transmission of the electronic coin data set to a second participating unit, preferably a second security element, or relating to a modification of the electronic coin data set, said modification to be registered on the coin register; encrypting the generated transaction data set using a cryptographic key, wherein the cryptographic key is composed of at least two cryptographic sub-keys, preferably at least three cryptographic sub-keys, of different respective remote entities; and initiating a communication connection to a transaction register of the payment system in order to transmit the encrypted transaction data set to the transaction register. The invention additionally relates to a participating unit, to a method in a transaction register, to a transaction register, and to a payment system.
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p.ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
2.
ISSUING ENTITY AND METHOD FOR ISSUING ELECTRONIC COIN DATA SETS, AND PAYMENT SYSTEM
The invention relates to an issuing entity for issuing electronic coin data sets in a payment system, comprising a coin generating unit, which is designed to generate an electronic coin data set, and a coin output unit, which is designed to obtain the electronic coin data set generated by the coin generating unit and output the electronic coin data set to a participating unit or to a bank entity of the payment system in electronic form, wherein the issuing entity is designed such that the electronic coin data set is transmitted between the coin generating unit and the coin output unit via an air gap process. The invention additionally relates to an issuing method and a payment system.
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
G06Q 20/42 - Confirmation, p.ex. contrôle ou autorisation de paiement par le débiteur légal
3.
PAYMENT SYSTEM, COIN REGISTER, PARTICIPATING UNIT, TRANSACTION REGISTER, MONITORING REGISTER, AND METHOD FOR MAKING A PAYMENT USING ELECTRONIC COIN DATA SETS
The invention relates to a payment system for making a payment using electronic coin data sets, having a coin register which is designed to register the electronic coin data sets; participating units which are designed to carry out payment transactions by transmitting the electronic coin data sets and to transmit status and registration requests relating to the electronic coin data sets to the coin register; and a monitoring register which is designed to analyze monitoring data sets relating to the payment transactions, wherein a monitoring data set is made of at least one register data set and at least one transaction data set in the monitoring register, the at least one register data set is provided by the coin register, and the at least one transaction data set is provided by a transaction data set source and/or the coin register. The invention additionally relates to a coin register, to a monitoring register, to a transaction register, to a participating unit, and to a method for making a payment using electronic coin data sets.
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p.ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/42 - Confirmation, p.ex. contrôle ou autorisation de paiement par le débiteur légal
4.
METHOD, TERMINAL, AND COIN REGISTER FOR TRANSMITTING ELECTRONIC COIN DATA SETS
The invention relates to a method in a first security element for transmitting an electronic coin data set to a second security element, said electronic coin data set being registered in a coin register of a payment system. The method has the steps of: setting a status of the electronic coin data set from the security element to an inactive status; transmitting the electronic coin data set from the first security element to the second security element; checking whether a receipt confirmation from the second security element has been received in the first security element; and deleting the transmitted electronic coin data set if the checking step results in that the receipt confirmation has been obtained by the first security element. The invention additionally relates to a payment system, a coin register, a security element, and a terminal for transmitting electronic coin data sets. (Fig. 5)
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
5.
METHOD, TERMINAL, MONITORING ENTITY, AND PAYMENT SYSTEM FOR MANAGING ELECTRONIC COIN DATASETS
The invention relates to a method in a terminal for managing electronic coin datasets and to a corresponding terminal. The electronic coin datasets are output by a central issuer entity, wherein each electronic coin dataset has a test value, and the test value is incremented when the electronic coin dataset is directly transmitted between two terminals or the test value is invariant in the event of an action carried out by terminals on the electronic coin dataset. In the method, it is determined whether the electronic coin dataset is displayed by the terminal in the payment system or whether the electronic coin dataset is returned to the central issuer entity. The invention additionally relates to a method in a payment system for managing electronic coin datasets, to a corresponding payment system, and to a monitoring entity.
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06F 21/64 - Protection de l’intégrité des données, p.ex. par sommes de contrôle, certificats ou signatures
6.
METHOD FOR DIRECTLY TRANSMITTING ELECTRONIC COIN DATASETS BETWEEN TERMINALS, PAYMENT SYSTEM, PROTECTION SYSTEM, AND MONITORING UNIT
The invention relates to a method for directly transmitting electronic coin datasets between terminals in order to make a payment in a payment system, wherein a first terminal has at least one electronic coin dataset, and the at least one electronic coin dataset has a monetary value and a concealment value as coin data set elements. The method has the steps of: masking a first coin dataset element of the electronic coin dataset, preferably in the first terminal, by applying a one-way function, which is homomorphic for example, to the first coin dataset element of the electronic coin dataset, preferably to the concealment value thereof, in order to obtain a masked electronic coin dataset element; adding a second coin dataset element of the electronic coin dataset to the semi-masked electronic coin dataset, preferably in the first terminal, in order to obtain a semi-masked electronic coin dataset; and transmitting the semi-masked electronic coin dataset to a monitoring entity in order to register the electronic coin dataset. The invention additionally relates to a payment system with a monitoring layer with a database, in which masked electronic coin datasets are stored, and a direct transaction layer, which uses at least two terminals and in which the method can be carried out.
G06F 21/64 - Protection de l’intégrité des données, p.ex. par sommes de contrôle, certificats ou signatures
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
7.
METHOD FOR DIRECTLY TRANSMITTING ELECTRONIC COIN DATASETS BETWEEN TERMINALS, PAYMENT SYSTEM, PROTECTION SYSTEM, AND MONITORING ENTITY
G06F 21/64 - Protection de l’intégrité des données, p.ex. par sommes de contrôle, certificats ou signatures
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
8.
METHOD FOR DIRECTLY TRANSMITTING ELECTRONIC COIN DATASETS BETWEEN TERMINALS, PAYMENT SYSTEM, PROTECTION SYSTEM, AND MONITORING UNIT
The invention relates to a method for directly transmitting electronic coin datasets between terminals, wherein a first terminal has at least one electronic coin dataset, and the at least one electronic coin dataset has a monetary value and a concealment value. The method has the steps of: determining a masking mode from at least two masking modes, a first masking mode consisting of: masking the electronic coin dataset, preferably in the first terminal, by applying a one-way function to the first coin dataset in order to obtain a completely masked electronic coin dataset; and registering a masked electronic coin dataset in a monitoring entity. The invention additionally relates to a payment system with a monitoring layer using a database, which is controlled in a decentralized manner and in which masked electronic coin datasets are stored, and a direct transaction layer, which uses at least two terminals and in which the method can be carried out.
G06F 21/64 - Protection de l’intégrité des données, p.ex. par sommes de contrôle, certificats ou signatures
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
The invention relates to a card, in particular a chip card, comprising a computing unit for managing electronic coin data sets, which are output by a central entity, and comprising a card body with visible data and at least one visible feature. At the same time, the central entity is the issuer or administrator of a banknote series, and the at least one visible feature identifies the card as part of the banknote series to an observer. The invention additionally relates to a method for producing such a card.
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p.ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
The invention relates to a device for directly transmitting electronic coin data records to another device. The device comprises means for accessing a data memory, wherein the data memory stores at least one electronic coin data record; an interface for at least outputting the at least one electronic coin data record to the other device; and a computing unit configured to mask the electronic coin data record in the device by applying a homomorphous one-way function to the electronic coin data record in order to obtain a masked electronic coin data record for the purpose of recording the masked electronic coin data record in a monitoring entity; and to output the electronic coin data record by means of the interface, wherein the at least one electronic coin data record is designed as described above, that is to say has a monetary sum and a disguising sum. The invention also relates to a payment system having a monitoring layer having a database that stores masked electronic coin data records; and having a direct transaction layer, having at least two devices, in which the method is performable.
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p.ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
11.
METHOD FOR DIRECTLY TRANSMITTING ELECTRONIC COIN DATA SETS BETWEEN TERMINALS AND A PAYMENT SYSTEM
The invention relates to a method for directly transmitting an electronic coin data set between a first and a second terminal, said method comprising the following steps performed by the second terminal: receiving the electronic coin data set from the first terminal, the at least one electronic coin data set having a monetary value and a concealment value; generating a modified electronic coin data set using the received electronic coin data set; masking the modified electronic coin data set by applying a homomorphous one-way function to the modified electronic coin data set in order to obtain a masked, modified electronic coin data set; and sending a registration request for the masked, modified electronic coin data set to a monitoring authority. The invention additionally relates to a currency system and a payment system having a decentrally controlled database in the masked electronic coin data sets; and a direct transaction layer with at least two terminals, in which the method can be performed.
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p.ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
The invention relates to a method for generating a blind signature for an electronic coin dataset, eMD, having the steps of: obtaining an unsigned blinded eMD from a participant by a signature issuer; expanding the unsigned blinded eMD with issuer information by means of the signature issuer in order to obtain an expanded unsigned eMD; signing the expanded unsigned eMD using an issuer-generated random number and a secret key of the signature issuer in order to obtain an expanded signed blinded eMD; and transmitting the expanded signed blinded eMD and the issuer information to the participant. The invention also relates to a method for checking the generated and/or obtained blind signature. The invention also relates to a payment system for transmitting an electronic coin dataset between at least two participants.
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p.ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
The invention relates to a method for obtaining a blind signature for an electronic mint data record, eMD, in a subscriber, having the method steps of: generating a public key from a subscriber-generated serial number by means of the subscriber; generating an eMD by using the generated public key by means of the subscriber; blinding the generated eMD to obtain a blinded unsigned eMD by means of the subscriber; sending the blinded unsigned eMD from the subscriber to a signature publisher; obtaining a signed blinded eMD from the signature publisher by means of the subscriber; and removing the blinding to obtain a signed unblinded eMD by means of the subscriber. The invention also relates to a method for deriving a non-cash instalment from an eMD by means of a subscriber. The invention also relates to methods for checking the generated and/or obtained blind signature. Furthermore, the invention relates to a payment system for transmitting an electronic mint data record between at least two subscribers.
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p.ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/06 - Circuits privés de paiement, p.ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
The invention relates to an optically variable transparent security element (12) for safeguarding valuables, said security element comprising a planar, optically variable surface pattern that when looked through displays a coloured appearance having a multi-coloured colour change that is dependent on the viewing angle. According to the invention, the optically variable surface pattern contains a plurality of facets (32) which create a substantially optical effect under radiation, the orientation of each facet being characterised by an angle of inclination α with respect to the plane of the surface pattern, which angle of inclination is between 0° and 45°, and by an azimuth angle Θ in the plane (30) of the surface pattern. The facets (32) are provided with an interference layer (36) which has a colour change in transmitted light depending on the viewing angle, and the optically variable surface pattern contains at least two partial regions (16, 18) each having a plurality of facets (32) that are oriented in the same direction, wherein the facets (32) of the at least two partial regions (16, 18) differ from one another in the angle of inclination with respect to the plane and/or in the azimuth angle in the plane.
The invention relates to a method for checking the authenticity of a security feature (8) arranged on a document (6), wherein a check point produces a checking signal and the checking signal is transmitted to a signal-outputting device by means of a transmission network. The signal-outputting device outputs the checking signal to the security feature (8), wherein the security feature (8) produces a response signal from the checking signal and outputs said response signal. The response signal is received by a signal-receiving device and transmitted to the check point by means of the transmission network. The check point makes a decision about the authenticity of the security feature (8) on the basis of the checking signal and the response signal.
The invention relates to a method for securely storing data D on a terminal by means of a portable data carrier, wherein an attribute vector A and a master key MK are stored on the portable data carrier. The method comprises the following steps: deriving a key K from a predicate P and the master key MK by means of a key derivation function KDF, wherein the predicate P is a Boolean function of the attribute vector A; encrypting the data D by means of the key K; and storing the encrypted data D together with the predicate P on the terminal. The invention further relates to a method for accessing encrypted data D by means of a portable data carrier. The method comprises the following steps: extracting the predicate P from the encrypted data and the predicate P; applying the predicate P to the attribute vector A; and, if the attribute vector A fulfills the predicate P, deriving the key K from the predicate P and the master key MK by means of the key derivation function KDF and decrypting the encrypted data D.
The invention relates to a method for operating a computer unit (20). The computer unit (20) can be used to run an application (70) which can access CryptoAPI (72) functions, and the CryptoAPI (72) functions can be provided by at least one crypto implementation (76, 78) on the computer unit (20). The method has the following steps: running the application (70) on the computer unit (20); checking which crypto implementations (76, 78) are available on the computer unit (20); and selecting one of the available crypto implementations (76, 78) as the crypto implementation which provides the functions of the CryptoAPI (72).
G06F 21/53 - Contrôle des usagers, programmes ou dispositifs de préservation de l’intégrité des plates-formes, p.ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p.ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données par exécution dans un environnement restreint, p.ex. "boîte à sable" ou machine virtuelle sécurisée
G06F 21/71 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information
18.
METHOD FOR MANAGING A NUMBER OF SUBSCRIPTIONS OF A MOBILE NETWORK OPERATOR ON A SECURITY ELEMENT
The invention relates to a method for managing a number of subscriptions of a mobile network operator on a security element (SE), wherein a respective activatable profile (P1,...,Pn) is recorded on the security element (SE) for each subscription, and only one individual profile (P1,...,Pn) can be activated at a time. In addition to the activatable profiles (P1,...,Pn), a first dataset (F) with data content and a dataset name (DN) is stored on the security element (SE). Furthermore, a respective second dataset (F1,...,Fn) with data content and a dataset name (DN) is stored in at least one part of the profiles (P1,...,Pn), wherein the dataset name (DN) of the first dataset (F) is identical to the dataset name (DN) of a respective second dataset (F1,...,Fn). The method according to the invention is characterized in that the data content of the first dataset (F) and/or of the second dataset (F1,...,Fn) stored in the activated profile (P1,...,Pn) is accessed elusively via the dataset name (DN) of the first dataset (F) or the dataset name (DN) of a second dataset (F1,...,Fn) stored in the activated profile (P1,...,Pn).
By combining the CA protocol with the RI protocol, a pseudonymous Diffie-Hellman protocol is provided. According to the invention, the pseudonym is determined from the RI protocol, and in a substantially parallel manner the secured communication channel is formed from the CA protocol. According to the invention, a group key for the CA part of the protocol according to the invention is likewise used. By virtue of the design of the protocol according to the invention, even if an attacker has succeeded in ascertaining the group key of a portable data carrier according to the invention, it would be impossible for the attacker to generate the pseudonym of another user, in contrast to the known protocols.
The invention relates to a value document, such as a bank note, a check, a credit card or another payment card, an identification card, or the like, which has a front side (9) and a back side (10), displays an image (3) recognizable by the unaided eye in the top view, at least from the front side, has specific dimensions (B, H) in the top view, and has a multi-layered substrate body (2) which, in the top view, has the specific dimensions (B, H) and is structured from at least one first and one second transparent film (11, 12), each also having the specific dimensions (B, H) in the top view and being connected to each other by an intermediate layer (13) such that inner sides of the films (11, 12) are oriented toward each other and outer sides of the films (11, 12) are oriented away from the intermediate layer (13), wherein the outer side of the first film (11) is oriented toward the front side (9) and the outer side of the second film (12) is oriented toward the back side (10). The image (3) which is recognizable from the front side (9) is produced by a first embossed structure (14), which is metallized at least in sections and which is arranged on the inner side of the first film (9) and designed at least in sections as a sub-wavelength structure (17) which has a lateral, i.e. crosswise to the top view direction, varying profiling and/or periodicity. The outer side of the first film (11) and a front side of the intermediate layer (13) oriented toward the first film (11), forming the front side (9), are free of imprinting contributing to the image (3).
The invention relates to a device and a method for verifying documents of value that are marked with feature substances, and to the corresponding feature substances. The feature substances are detected and reliably identified at a spatial resolution in the low millimeter range or lower even at high conveying velocities on the basis of Raman or SERS spectroscopy techniques.
A method for providing a software application on a computer unit is provided. In this case, the method comprises the following steps: performing AOT compilation of the software application available in the form of source code in order to generate assembly code from the source code of the software application; obfuscating the assembly code of the software application; uploading the obfuscated assembly code of the software application to a software distribution platform; and downloading the obfuscated assembly code to the computer unit. In addition, a corresponding computer unit is provided.
The invention relates to a method for introducing an identify into a secure element (SE). Here, an operating system (OS) is loaded into the secure element, which comprises a master key (MK), which is identical for a plurality of secure elements (SE). A secure element key file is generated by using the master key (MK). According to the invention, the secure element key file is formed as a temporary secure element key file (DK), which is replaced by a final secure element key file which is independent of the master key (MK) during a first-time authentication of the secure element (SE) with respect to the background system (HS2) by using the temporary secure element file (DK) and is itself made invalid for further authentications.
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
24.
SECURITY ELEMENT, METHOD FOR PRODUCING THE SAME AND DATA CARRIER PROVIDED WITH THE SECURITY ELEMENT
The invention relates to a security element for protecting documents of value, comprising a carrier and a layered structure arranged on the carrier, comprising a reflective layer, which is arranged on the carrier by means of an embossed coating with an embossed relief structure, a coloured thin-layer element and a transparent adhesive layer, which is suitable for the adhesive bonding of the security element to an object of value, wherein the reflective layer can be obtained by printing techniques and is based on metal pigments in platelet form, which are of such a nature that they spatially align themselves along the relief structure of the embossed coating and in this way form a reflective layer.
The invention relates to a method and an apparatus for sorting transport containers having items of value, in particular for sorting safe bags. Arranged along the movement path of the transport containers is a metal detector for checking each of the transport containers moved along the movement path for the presence of foreign metal bodies. Arranged downstream of the metal detector is a diverter at which the movement path splits into at least two branches. A control device controls the diverter depending on whether the particular transport container contains foreign metal bodies, specifically such that, if the particular transport container does not contain any foreign metal bodies, it is directed into a first of the branches, and if it contains one or more foreign metal bodies, it is directed into a second of the branches.
The invention relates to a method for operating a security module (SE), wherein a command (CMD) is received in the security module (SE) and processed by the security module (SE). In addition to processing the command (CMD), an operation (KG) is carried out in the security module (SE) in advance. The operation (KG) carried out in advance comprises at least one key generation sub-process, which is initiated internally in the security module (SE). The operation (KG) carried out in advance is canceled by the security module (SE) if the operation is not concluded after a time criterion expires.
G09C 1/00 - Appareils ou méthodes au moyen desquels une suite donnée de signes, p.ex. un texte intelligible, est transformée en une suite de signes inintelligibles en transposant les signes ou groupes de signes ou en les remplaçant par d'autres suivant un systèm
27.
BANKNOTE PROCESSING MACHINE HAVING POWER CONTROL ELECTRONICS
The invention provides a banknote processing machine having a power control electronics that comprises: - a low voltage monitor constructed to detect a lowering of a voltage of the power delivered by the power source below a minimum voltage; and - a power failure control circuit constructed to, in the case that a lowering of said voltage below said minimum voltage occurs, discontinue supply of power to a first group of said elements and to continue supply of power to a second group of said elements.
The invention relates to a shredding apparatus for value documents, comprising two roller-shaped cutting devices which rotate in opposite directions with respect to each other, which lie opposite each other in relation to a transport path of the value documents to be shredded, in order to cut up the value documents transported along the transport path by means of the cutting edges into a plurality of value document shreds. A scraper is associated with each of the cutting devices, which scraper has a plurality of scraper elements arranged parallel to each other, which scraper elements grip between the cutting edges of the respective cutting device in order to remove the value document shreds from the cutting edges. The shape of the scraper elements is chosen in such a way that the scraper elements on the front side of the respective cutting device, said front side facing the transport path of the value documents, grip between the cutting edges of the respective cutting device.
B02C 18/00 - Désagrégation par couteaux ou autres organes coupants ou déchirants qui transforment le matériau en fragments; Hachoirs ou appareils similaires utilisant des vis ou analogue
The invention relates to a processor device in which an implementation of a cryptographic algorithm masked as a white box with a function f, is carried out. The implementation comprises an implemented calculation step S, via which input values x are applied to output values s = S[x], and the calculation step T', masked as a white box by means of an invertible function f, is masked. A combination (f = (c1, c2,... )*A) of an affine mapping A having an input width BA and a number of one or more invertible mappings c1, c2,... each having an input width Bc1, Bc2,... is defined as a mapping, wherein BA = Bc1 + Bc2 +.... The mapping f generates overall output values w. The affine mapping A is constructed by means of a construction method which is adapted to the invertible mapping c1, c2..., the affine mapping A is selected or formed such that when the input value xi is maintained, all possible output value parts al or/and all possible output value parts a2,... of the affine mapping A are generated by applying A to s = S[xi] to all possible concealment values y, and for at least one individual output value a1, a2... or for each individual output value a1, a2...
G09C 1/00 - Appareils ou méthodes au moyen desquels une suite donnée de signes, p.ex. un texte intelligible, est transformée en une suite de signes inintelligibles en transposant les signes ou groupes de signes ou en les remplaçant par d'autres suivant un systèm
The invention relates to a processor device having an executable white box masked implementation of a cryptographic algorithm implemented thereupon. The white box masking comprises an affine transformation A which is designed such that each bit in the output values w of the affine transformation depends on at least one bit from the concealment values y, whereby it is achieved that the output values w of the affine transformation A are statistically balanced.
H04L 9/00 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité
H04L 9/06 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p.ex. système DES
A method and a server for providing transaction keys for a transaction system are improved. Transaction units of the transaction system use predelivered transaction keys, which are provided by a key provisioning server and wherein the transaction key usage is checked by a transaction checking server. A transaction key is derived from a master key of a transaction unit, wherein a varying derivation parameter is used in the step of deriving. The step of deriving comprises a first sub step (12) of deriving a key from the master key and a second sub step (14) of deriving the transaction key from the derived key. The first sub step (12) or the second sub step (14) of deriving is performed dependent on a security level of the transaction unit.
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
The invention relates to a method for the testing, on the one hand, and for the hardening, on the other hand, of software applications for performing digital transactions, which comprise a "white box" implementation of a cryptographic algorithm. The method for testing a "white box" implementation of a cryptographic algorithm, which generates a cipher text from a plain text by means of a secret key and is present on a processor having at least one register in the form of machine commands, comprises the following steps: (a) supplying one plain text of a plurality of plain texts to the "white box" implementation; (b) incremental output and saving of the content of the at least one register of the processor during incremental processing of the machine commands of the "white box" implementation, wherein, during incremental processing of the machine commands of the "white box" implementation, intermediate results can be generated; (c) repeating steps (a) and (b) n times by means of an additional plain text of the plurality of plain texts; and (d) static evaluating of the content of the register and the plain texts, the intermediate results and/or the cipher texts generated from the plain texts, in that correlations between the content of the register and the plain texts, the intermediate results and/or the cipher texts are sought in order to determine the secret key.
G09C 1/00 - Appareils ou méthodes au moyen desquels une suite donnée de signes, p.ex. un texte intelligible, est transformée en une suite de signes inintelligibles en transposant les signes ou groupes de signes ou en les remplaçant par d'autres suivant un systèm
H04L 9/06 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p.ex. système DES
The invention relates to a processor device on which an implementation of a cryptographic algorithm masked as a white box with a functionf, is carried out. The implementation comprises an implemented calculation step S, via which input values x are applied to output values s = S[x], and the calculation step T', masked as a white box by means of an invertible function f, is masked. A combination (f = (c1, c2,... )*A) of an affine mapping A having an input width BA and a number of one or more invertible applications c1, c2,... each having an input width Bc1, Bc2,... is defined as a mapping f, wherein BA = Bc1 + Bc2 +.... The application f generates overall output values w. From the output values a of the affine mapping A, a plurality of amounts Mxi, i = 1,2,... = Mx11, Mx12,... Mx21, Mx22,..., are formed. From output values W of the invertible mapping c1, c2, the amounts Lxi, i = 1,2,... = Lx11, Lx12,... Lx21, Lx22,... are formed. Also, other amounts M1 = {Mx11, Mx21, Mx31...}, M2 = {Mx12, Mx22, Mx32...}... and L1 = {Lx11, Lx21, Lx31...}, L2 = {Lx12, Lx22, Lx32...}... are formed. The one or more invertible mappings c1, c2... are selected or formed in such a way that the amounts M1, M2... are applied to the amounts L1, L2.
H04L 9/00 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité
H04L 9/06 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p.ex. système DES
34.
METHOD FOR VERIFYING THE VALIDITY OF A TICKET; MOBILE DEVICE
The present invention relates to a method for verifying the validity of a ticket (11), in which method information is transmitted by a checking entity (16) to a mobile device (10). A code (13) is calculated on the basis of this information, of a derived key and also of a characteristic specific to the mobile device (10), the code being subsequently verified by the checking entity (16).
The invention relates to a data carrier (10), in particular a value or security document, comprising a composite substrate (30) which comprises a core layer (32) and at least one cover layer (34) and which is provided with a transparent security element. According to the invention, the transparent security element has a shear cut window (16), in the region whereof the core layer (32) of the composite substrate (30) has a through-opening (20) comprising a coherent insert (22) in the shape of a motif lying in the interior and made from the core layer material, wherein the through-opening (20) has a circumferential edge contour (21) along which the insert (22) is connected to the outer regions of the core layer (32) at at least one narrow web region (23) such that the through-opening (20) comprises the coherent insert (22) in the shape of a motif and at least one, preferably non-circular, recess (24).
The invention relates to a method for contactlessly carrying out a transaction between a mobile terminal (100) and a terminal (300), in which the commands defining the transaction, in particular in the form of APDU commands, are embedded into data packets of a EAP-SIM or a EAP-AKA protocol and are tunneled between a transaction application (12) on a security element (10) of the mobile terminal (100), in particular a SIM/UICC mobile radio card, and the terminal (300) via a wireless network (S2.1-S2.9).
The invention relates to a security element (12) for securing objects of value, comprising a carrier (20), a metallization (22) provided above the carrier (20) with first recesses (24) in the form of patterns, characters or a coding, and a color-tilting thin-layer element (30) arranged above the metallization (22), which comprises second recesses (38) in the form of patterns, characters or a coding, in which the metallization (22) is at least partially visible.
The invention relates to a security element (12) for securing valuable objects, comprising a substrate (20) and a thin-film element (30) arranged on the substrate (20). The thin-film element has a reflection layer (32) arranged over the substrate, a dielectric spacing layer (34) arranged over the reflection layer (32), and an absorber layer (36) arranged over the dielectric spacing layer (34). According to the invention, the thin-film element (30) has two partial regions (22, 24) having different color-shifting effect and a partial region (26) without color-shifting effect, each of which partial regions forms patterns, characters, or a coding. The partial region (26) without color-shifting effect is formed by holes (44) in the reflection layer (32) in the form of patterns, characters, or a coding. In a first (22) of the two color-shifting partial regions, the dielectric spacing layer (34) consists of first and second dielectric partial layers (40, 42) arranged one over the other and produces a partial region (22) having a first color-shifting effect. In a second (24) of the two color-shifting partial regions, the dielectric spacing layer (34) consists only of the second dielectric partial layer (42) and produces a partial region (24) having a second, different color-shifting effect.
B42D 25/00 - Cartes ou structures de type feuille portant des informations caractérisées par leurs éléments d’identification ou de sécurité; Leur fabrication
39.
APPARATUS AND METHOD FOR CHECKING VALUE DOCUMENTS, PARTICULARLY BANKNOTES, AND VALUE DOCUMENT HANDLING SYSTEM
The invention relates to an apparatus, a corresponding method and a value document handling system (1) for checking value documents (3), particularly banknotes, having at least two radiation sources (24, 25) for emitting electromagnetic radiation that is used to irradiate a value document (3), at least one sensor (21 – 23) for detecting the electromagnetic radiation coming from the value document (3), particularly reflected and/or transmitted by the value document (3), and producing corresponding sensor signals, and also an evaluation device (51) that is designed to derive corrected sensor signals from the sensor signals by taking account of at least one spectral property of the electromagnetic radiation from the at least two radiation sources (24, 25). The sensor signals corrected in this manner reproduce the actual reflection and transmission behaviour of the value document much more accurately than the uncorrected sensor signals. In particular, this involves elimination or at least reduction of interfering remission or transmission artefacts that can be attributed to what are known as stray emissions from the radiation sources (24, 25), particularly LEDs.
The present invention discloses a portable data storage medium 2 having a contactless interface that is used for transmitting power and data between the data storage medium 2 and an external terminal, a first chip that is used for processing the data and that is supplied with power and data by the Contactless interface, wherein the data storage medium 2 comprises a body that is at least partially transparent at least on one surface, wherein the data storage medium 2 has a light source 6 that extends in two dimensions at least over a portion of the surface of the data storage medium 2 and emits light evenly or unevenly over the two-dimensional extent.
G06K 19/077 - Supports d'enregistrement avec des marques conductrices, des circuits imprimés ou des éléments de circuit à semi-conducteurs, p.ex. cartes d'identité ou cartes de crédit avec des puces à circuit intégré - Détails de structure, p.ex. montage de circuits dans le support
41.
CARD BODY FOR A DATA CARRIER AND INLAY FOR A PARTIAL CARD BODY
The invention relates to a card body (1) for a data carrier and to an inlay for a partial card body of a data carrier. The card body (1) comprises at least a first and a second film (10, 20). The first film (10) comprises a first light-conducting areal region (11) composed of a light-conducting material and a first opaque areal region (13) composed of an opaque material adjoining the first light-conducting areal region (11). The second film (20) comprises a second light-conducting areal region (21) composed of a light-conducting material, which is adjacent to a second opaque areal region (23). The first film (10) and the second film (20) are arranged lying one over the other in a planar manner. The first and the second film (10, 20) are oriented in such a way that the first light-conducting areal region (11) and the second light-conducting areal region (21) form an overlap region (100). The card body (1) also comprises a first cover film (30). The first cover film (30) is opaque and arranged over the first film (10). The transition (14, 24) from the first and second light-conducting areal regions (11, 21) to the first and second opaque areal regions (13, 23) has light-scattering particles.
G06K 19/077 - Supports d'enregistrement avec des marques conductrices, des circuits imprimés ou des éléments de circuit à semi-conducteurs, p.ex. cartes d'identité ou cartes de crédit avec des puces à circuit intégré - Détails de structure, p.ex. montage de circuits dans le support
The present invention relates to a method for limiting a voltage in the reverse bias direction of a light emitting diode 6 which is present on a secure element, said light emitting diode 6 being electrically connected in parallel to a coil 2 and to operating voltage connections of an integrated circuit 4, the coil 2 serving for supplying energy to the integrated circuit 4 and to the light emitting diode 6 and for the contactless data transmission between the integrated circuit 4 and an external terminal. For this purpose, an electromagnetic field which is produced by the terminal, induces an electrical voltage in the coil 2. The integrated circuit 4 serves to process data which are transmitted between the terminal and the integrated circuit 4. The invention is characterized in that a shunt controller controls the operating voltage required for operating the integrated circuit 4 in a closed loop fashion to a value within a permissible range and thereby limits it so that a maximum permissible voltage in the reverse bias direction of the light emitting diode 6 is not exceeded.
H05B 33/08 - Circuits pour faire fonctionner des sources lumineuses électroluminescentes
G06K 19/077 - Supports d'enregistrement avec des marques conductrices, des circuits imprimés ou des éléments de circuit à semi-conducteurs, p.ex. cartes d'identité ou cartes de crédit avec des puces à circuit intégré - Détails de structure, p.ex. montage de circuits dans le support
43.
METHOD OF PROVISIONING OF A NETWORK ACCESS FOR A MOBILE GSM COMMUNICATION DEVICE
The present invention relates to a method of provisioning of a network access for a mobile GSM communication device (10), comprising the steps of R) receiving an incoming traffic event for a mobile GSM communication device (10) from an MNO (Mobile Network Operator) (30), the incoming traffic event comprising a TAC (Type Allocation Code) of the GSM device (10), C) checking whether the TAC belongs to a known GSM device (10-K) whose capabilities are stored in a TCR (Terminal Capability Repository) (22), P1) in case the TAC belongs to a known GSM device (10-K), using the stored information to send a provisioning document over the network to the known GSM device (10-K), P2) in case the TAC belongs to a new GSM device (10-N), whose capabilities are not stored in the TCR (22), starting a learning phase for the new GSM device by L1) sending one or more different provisioning documents over the network to the new GSM device (10-N), L2) retrieving feedback on success or failure of the provisioning, L3) in case of success, adding information about the capabilities of the new GSM device (10-N) to the TCR (22), and L4) in case of failure, sending a different provisioning document to the new GSM device (10-N).
The invention relates to a method for personalizing a security element (14) for a mobile terminal (10) for communicating via a mobile communications network (20) and to a corresponding system. The method has the following steps: providing initialization data (17) to the security element (14) from an initialization entity (30), said initialization data (17) comprising a personalization token (17a); providing the personalization token (17a) to a personalization entity (40) from the security element (14); checking the validity of the personalization token (17a) using the personalization entity (40); and providing personalization data (18) to the security element (14) from the personalization entity (40) after successfully checking the validity of the personalization token (17a), wherein authorization data (18a) for authenticating the security element (14) is already part of the initialization data in an encrypted form, and the personalization data comprises a key for decrypting the authorization data (18a).
The invention relates to a method for anonymously making a transaction. In said method, one-time passwords encrypted using a one-way function are sent from an authentication server (12) to a service device (16). The non-encrypted one-time passwords are sent by the authentication server (12) to a secure element (10) of a mobile device. In order for a transaction to be made, the secure element (10) sends the one-time passwords to the service device (16).
The invention relates to servicing means (10) for servicing a device by means of an external transmitting device (16). The invention also relates to a servicing method for servicing the device (18) by means of the external transmitting device (16).
The invention relates to a method and to a system for providing a subscription profile (SP2) on a mobile terminal (30) for communication by means of a mobile radio network. The method comprises the following steps: logging a first mobile terminal (20) having a first subscription profile (SP1) into a mobile radio network (50); downloading a second subscription profile (SP2) onto the first mobile terminal (20) by means of the mobile radio network (50); and forwarding the second subscription profile (SP2) from the first mobile terminal (20) to a second mobile terminal (30) by means of a communication channel (40).
The invention relates to a method for creating an output bit stream (24) for a first signal (s1) of a first carrier frequency via a security module (10). According to the method, the security module (10) receives an input signal (s), comprising the first signal (s1) and a second signal (s2) of a second carrier frequency. The first and second signals (s1, s2) are received together. The security module (10) demodulates the input signal (s) via a first non-linear component (12), wherein the first non-linear component outputs a first baseband signal (20a). Furthermore, a first bit stream (20b) is generated from the baseband signal (20a) and supplied to an output logic (13). A mixed signal (21) is formed, which comprises the first signal (s1) on the first carrier frequency, the second signal (s2) on the second carrier frequency, and a mixed product (22) on an intermediate frequency. The mixed product (22) is demodulated by a second non-linear component (142) to output a second baseband signal (22a) for generating a second bit stream (23) relating to the first signal (s1). The output logic (13) produces the output bit stream (24) for the first signal (s1), wherein the output logic (13) chooses either the first bit stream (20b) or the second bit stream (23) as the output bit stream for the first signal.
H04B 1/10 - Dispositifs associés au récepteur pour limiter ou supprimer le bruit et les interférences
G06K 7/00 - Méthodes ou dispositions pour la lecture de supports d'enregistrement
G06K 19/07 - Supports d'enregistrement avec des marques conductrices, des circuits imprimés ou des éléments de circuit à semi-conducteurs, p.ex. cartes d'identité ou cartes de crédit avec des puces à circuit intégré
H04B 1/24 - Circuits pour récepteurs ne comportant pas la génération d'une onde locale le récepteur comportant au moins un dispositif semi-conducteur ayant trois électrodes ou plus
49.
METHOD AND SECURITY MODULE FOR ADAPTATION OF A REFERENCE VALUE FOR GENERATION OF A BIT STREAM
The invention relates to a method and a circuit for adaptation of a first reference value for generation of a first bit stream (20) from an input signal (s) by a first amplitude adapting unit (12). The input signal (s) comprises a first and a second signal (s1, s2). The first signal (s1) and the second signal (s2) form a baseband summed signal (21a). A first non-linear component (18) demodulates the input signal (s) and outputs a demodulated input signal (s). The amplitude adapting unit (12) outputs the first bit stream (20) from the demodulated input signal (s) on the basis of a first reference value. A reference value adapting unit (19) comprises a detection unit (191) that detects the first and second signals (s1, s2). When the first and second signals (s1, s2) are lost, a matching unit (192) matches the first reference value to a basic reference value.
G06K 7/00 - Méthodes ou dispositions pour la lecture de supports d'enregistrement
G06K 19/07 - Supports d'enregistrement avec des marques conductrices, des circuits imprimés ou des éléments de circuit à semi-conducteurs, p.ex. cartes d'identité ou cartes de crédit avec des puces à circuit intégré
H03M 1/06 - Compensation ou prévention continue de l'influence indésirable de paramètres physiques
H03M 1/34 - Valeur analogique comparée à des valeurs de référence
H03M 1/18 - Commande automatique pour modifier la plage des signaux que le convertisseur peut traiter, p.ex. réglage de la plage de gain
H04B 1/10 - Dispositifs associés au récepteur pour limiter ou supprimer le bruit et les interférences
H04B 1/22 - Circuits pour récepteurs ne comportant pas la génération d'une onde locale
The invention relates to a security document (2), which comprises a carrier layer (14), on which a laser-sensitive layer (12) is arranged. At least personalization data (4, 8) of an owner of the security document (2) are written into the laser-sensitive layer (12) by means of a laser. In order to protect against unauthorized changing of the data (4, 8) written into the laser-sensitive layer (12) and in order to protect against mechanical wear, e.g., scratching, the laser-sensitive layer (12) has geometric structures (6), such as letters, symbols, and characters, in the surface of the laser-sensitive layer accessible from outside. For better protection, a transparent layer (10) can additionally be arranged on the laser-sensitive layer (12), wherein the geometric structures (6) are then arranged in a surface of the transparent layer (10) accessible from outside.
The invention relates to a method for testing the functional capability of a mobile terminal having a security element in a mobile radio network, an accordingly designed security element, and an accordingly designed system. The method comprises the following steps: switching the security element of the mobile terminal from a normal operating mode to a test mode, wherein the security element of the mobile terminal is designed to authenticate itself to a test mobile radio network in the test mode; and checking the functional capability of the mobile terminal having the security element in the test mobile radio network.
The invention relates to a visually variable security element (12) for securing objects of value, comprising a characteristic region (14) displaying at least two different, visually variable effects. According to the invention, the characteristic region (14) is provided with a micro-structure (34) in a first sub-region (16), said micro-structure having a first visually variable effect, a second sub-region (18) of the characteristic region (14) is not provided with a micro-structure, the characteristic region (14) is provided with a thin-layer element (40) which covers the micro-structure (34) and has an interference layer construction, said thin-layer element generating a colour-change effect as the second visually variable effect in the second sub-region (18), and the interference layer construction of the thin-layer element (40) has a printed dielectric layer (44) in the first and second sub-regions (16, 18), via which the colour-change effect in the first sub-region (16) having the micro-structure (34) is suppressed for the naked eye, such that only the first visually variable effect of the micro-structure (34) occurs in the first sub-region (16), and the colour-change effect of the thin-layer element (40) occurs as the second visually variable effect in the second sub-region (18).
The invention relates to a stacking device for value documents (10) comprising a stacker (5) and a brake device (20) which is arranged directly in front of the stacker along the transport path (T) of the value documents. The brake device has a transport shaft (2) and a brake shaft (4) between which each value document is transported. At least one drive roller (11) is fixedly mounted on the transport shaft, and at least one roller (12) is rotatably mounted on the transport shaft. In addition, at least one cam roller (14) and at least one eccentric roller (13) is fixedly mounted on the brake shaft. Due to a rotation of the brake shaft, the eccentric roller can optionally be brought into engagement with the diametrically opposed drive roller such that a value document is clamped between these, or can be disengaged from the diametrically opposed drive roller such that the value document is no longer clamped between the two, but instead can be braked by the engagement between the cam roller and the rotatably mounted roller.
B65H 29/12 - Délivrance ou progression des articles à la sortie des machines; Progression des articles vers ou dans les piles au moyen du resserrement entre deux rubans ou courroies mobiles, ou entre deux jeux de rubans ou courroies
B65H 29/14 - Délivrance ou progression des articles à la sortie des machines; Progression des articles vers ou dans les piles au moyen du resserrement entre deux rubans ou courroies mobiles, ou entre deux jeux de rubans ou courroies et introduisant les articles dans une pile
B65H 29/68 - Réduction de la vitesse des articles en mouvement
A method for producing a profiled layer stack (1) for an identification data carrier by lamination is proposed. On one side, the layer stack (1) has a protruding layer (4) that forms a tab (5). During lamination, the laminating plates (15, 16) are provided with inserts (6, 7) as a replacement for the layer material that is not present in the region of the tab (5), said inserts (6, 7) providing a volume under and/or over the tab (5) that corresponds to the volume of the layer material that is not present. The inserts (6, 7) are constructed from a glass fabric (9) coated with a non-stick material. The laminating plates (15, 16) are provided with rough zones (19, 20) which are matched to the inserts (15, 16) in terms of size and position.
B32B 37/26 - Procédés ou dispositifs pour la stratification, p.ex. par polymérisation ou par liaison à l'aide d'ultrasons caractérisés par les propriétés des couches avec au moins une couche influençant la liaison au cours de la stratification, p.ex. couches anti-adhésives ou couches égalisatrices de la pression
B42D 25/45 - Fabrication associant plusieurs couches
In a method for producing a data carrier (1) having a partial piece (3), in particular a chip card, a thickness (22) of the data carrier body (2) is reduced in a predetermined region (14) on the front side (15) of the data carrier body (2) and the data carrier body (2) is severed in the predetermined region (14) in order to produce the partial piece (3). The partial piece (3) is fitted into a through-opening (18) of the data carrier body (2), which is formed from the severing of the data carrier body (2), and is displaced in the through-opening (18) in the direction of the front side (15) of the data carrier body (2) such that the partial piece (3) is flush with the front side (15) of the data carrier body (2).
G06K 19/07 - Supports d'enregistrement avec des marques conductrices, des circuits imprimés ou des éléments de circuit à semi-conducteurs, p.ex. cartes d'identité ou cartes de crédit avec des puces à circuit intégré
G06K 19/077 - Supports d'enregistrement avec des marques conductrices, des circuits imprimés ou des éléments de circuit à semi-conducteurs, p.ex. cartes d'identité ou cartes de crédit avec des puces à circuit intégré - Détails de structure, p.ex. montage de circuits dans le support
The invention relates to an optically variable security element (12) for protecting valuable objects, said element comprising a substrate (28) with opposing first and second main surfaces and an optically variable structure (20) which is arranged on the first main surface and which has an embossed structure (22) and a coating (24). According to the invention: the coating (24) comprises at least one line pattern (30) and a background layer (26) that contrasts with the line pattern (30); the embossed structure (22) comprises a two-dimensional pattern of raised and/or recessed embossed elements (34); the coating (24) and the embossed structure (22) are combined such that at least one line segment (36) of a line (32) in the line pattern (30) lies substantially on each embossed element (34); and at least one of the parameters 'position of the line segment on the embossed element', 'orientation of the line segment on the embossed element' and 'form of the line segment' varies locally over the extent of the optically variable structure (20), such that when the security element (12) is tilted, the line pattern (30) creates the effect of motion, in particular a pumping or rotational effect.
The invention provides a communication system comprising a mobile terminal and a communication partner (some other electronic communication device). A PKI key pair comprising a private key and a public key is set up for the terminal. The public key is stored at the communication partner. The communication partner is designed to provide a session key, to encrypt data using the session key, to encrypt the session key using the public key and to communicate the encrypted data to the terminal. The communication system is distinguished by the fact that it furthermore comprises a server system which is remote from the mobile terminal and in which the private key is stored in a secure environment. In this case, the communication partner is furthermore designed to communicate the encrypted session key to the server system. In addition, the server system is designed to decrypt the session key for the terminal using the private key and to communicate it in decrypted form for encryption of the data to the terminal.
The invention relates to a value document substrate for producing value documents, in particular bank notes, comprising at least a carrier layer and a first cover layer, wherein the first cover layer is a film layer and the carrier layer is a paper layer or a film layer and the carrier layer is connected to the first cover layer by means of at least one adhesive layer and the adhesive of the at least one adhesive layer contains a chemically unstable inorganic characteristic substance and stabilizes said characteristic substance against harmful environmental influences, in particular with respect to moisture and/or oxygen and/or solvent and/or acids and/or bases and/or oxidant and/or reductant, by means of the three-dimensional cross-linking of the adhesive.
B42D 25/47 - Fabrication associant plusieurs couches en utilisant des substances chimiques ou adhésives en utilisant des substances adhésives
B42D 25/21 - Cartes ou structures de type feuille portant des informations caractérisées par leurs éléments d’identification ou de sécurité; Leur fabrication caractérisées par une utilisation ou une finalité particulières pour finalités multiples
The invention relates to a security element for producing value documents, which comprises at least one image (11), said image (11) being formed by a lattice structure (4) that has a plurality of channel-like microcavities (5, 6), the microcavities (5, 6) having a structural width (w) of 0.5 µm to 3 µm and an aspect ratio of 0.4 or greater, wherein a metal-containing coating is applied onto the lattice structure (4), and wherein the channel-like microcavities (5, 6) in the lattice structure (4) are separated from each other in each case by strips (7) which are flat and each have a width of more than 200 nm and at most 1200 nm.
The invention relates to the fitness testing of value documents. An unfit degree of each value document is determined by means of an unfit function for each of at least two fitness criteria. The unfit function unambiguously assigns each fitness value an unfit degree and comprises two threshold values, beyond which the unfit degree with respect to the relevant fitness criterion is 0 or 1. Between the threshold values there is an uncertainty region, in which the unfit degree lies between 0 and 1 with respect to the relevant fitness criterion and the unfit function runs in a monotonically decreasing or monotonically increasing manner. The unfit degrees of different fitness criteria are subsequently combined to an unfit likelihood of each of the value documents and a fitness classification of each of the value documents is performed on the basis of the unfit likelihood.
The invention provides a subscriber identity module configured to check an incoming OTA message from a sender at the subscriber identity module for compliance with a minimum security level MSL, in that an MSL parameter of the OTA message is checked for conformity with an MSL stored in the subscriber identity module, and the OTA message is processed according to a result of the checking process. The MSL is formed using origin information which provides information about the origin of the OTA message. The MSL is formed using origin information which provides information about the origin of the OTA message.
The invention relates to a security element for producing value documents, such as bank notes, checks, or the like, which security element comprises a dielectric substrate (1), a first line grating structure (2), which is embedded in the substrate (1) and which consists of a plurality of first grating webs (3), which extend in a longitudinal direction and are arranged in a first plane (L1) and are composed of highly refractive material, and a second line grating structure (6), which is embedded in the substrate (1) and which consists of second grating webs (7), which extend in the longitudinal direction and are composed of highly refractive material and are located over the first line grating structure (2) in a parallel second plane (L2) in relation to the first plane (L1), wherein the first grating webs (3) each have a first thickness (t1) and a first width (b) and lie adjacent to each other at a distance (a) so that first grating gaps (4) extending in the longitudinal direction and having a width corresponding to the distance (a) are formed between the first grating webs (3) and the second line grating structure (6) is inverted in relation to the first line grating structure (2), wherein in a top view of the first plane (L1), the second grating webs (7) each have a second thickness (t1) and lie over the first grating gaps (4) and second grating gaps (8), which exist between the second grating webs (7), lie over the first grating webs (3), and the width of the first grating webs (3) and of the second grating gaps (8) and the width of the second grating webs (7) and of the first grating gaps (4) are each below 300 nm, and wherein the security element produces a color effect in transmission observation and the first and the second thickness (t1, t2) are at least 100 nm, preferably at least 150 nm.
The invention relates to a method for calculating a point (x, y) that has an x-coordinate x and a y-coordinate y, in affine coordinates, on an elliptic curve E: y2 = g(x) mod p, where p = 3 (mod 4) and g(x) is a polynomial in x of degree 3 with coefficients, the coefficients representing curve parameters of the elliptic curve, the point (x, y) being dependent on a parameter t and the curve parameters, and (x, y) having either the value (X2, y2) or the value (x3, y 3), where X2, X3 and a further function u are each rational functions of t and the curve parameters, and the following relationship applies: u 2 (t) = -g(x 2 (t)) · g(x 3 (t)) (mod p), where: a) polynomials X2, X3, U, G and Z are determined depending on the variable t and the curve parameters, such that the following applies: x 2(t) = X 2(t)/Z(t), x 3(t) = X 3(t)/Z(t), u(t) = U(t)/Z 3(t) and g(x 2(t)) = G(t)/Z 3(t); b) by carrying out a single modular exponentiation, a value A is calculated which satisfies the following equation: A 2· G(t)· Z(t) = ± 1 (mod p); ba) in the case of A 2· G(t)· Z(t) = 1 (mod p), the point (x, y) = (x2, y2) is calculated as follows: x = X 2(t) · A 2 · G(t) (mod p), y = ±A 3 · G 2(t) (mod p); and bb) in the case of A 2 · G(t) ·Z(t) = -1 (mod p), the point (x, y) = (x3, y3) is calculated as follows: x = - X 3(t) · A 2 · G(t) (mod p), y = ±A 3· G(t) · U(t) (mod p).
G06F 7/72 - Méthodes ou dispositions pour effectuer des calculs en utilisant une représentation numérique non codée, c. à d. une représentation de nombres sans base; Dispositifs de calcul utilisant une combinaison de représentations de nombres codées et non codées utilisant l'arithmétique des résidus
64.
PARTICIPANT IDENTITY MODULE HAVING A NUMBER OF SERVICES
The invention relates to a participant identity module (1) which is inserted or which can be inserted into a mobile end device, and which has a subscription and a number of services, which services can have an activated and a deactivated status. The services are implemented in a single applet (2) in the participant identity module. The number of services are individually manageably designed, wherein the applet has a respective service management key for each service that is individually manageably designed, said service management key being designed in such a way that it can have an activated and a deactivated status, corresponding to an activated or deactivated status of each service. The status of each service management key can be switched between the activated and the deactivated status using a management command directed at the service management key, such that the service corresponding to the service management key is activated or deactivated.
The present invention relates to a method for reading an identification document, to a read-out terminal (10, 20) and a read-out system (100) which simplifies the multiple reading of identification documents. According to the method, an authentication key and a piece of information are stored invisibly in the chip of the identification document.
The present invention relates to a method for using a network and a secure element. A secure element (30) of a device (20) receives a request for usages data from the device (20) (S4). The secure element (30) sends (S6.4) the usage data to the device (20) in response to the request. The usage data enable the device (20) to use the network (10). The secure element (30) applies a timer 840) to measure a delay time (S5, S5.1). The device shall only use the network, after the delay time has expired (S6.4-S9). The secure element (30) prevents the usage of the network (10) by the device until the delay time has expired (S6.1-S6.3).
The invention relates to a security element for use in security documents, comprising a first sheet element (20) which has at least one transparent and/or translucent region (30) and at least one second sheet element (21), said first and second sheet element being paired with each other. According to the invention, first information (60) is arranged in the transparent and/or translucent region (30) of the first sheet element (20), and second information (70) is arranged on a section (40) of the second sheet element (21). Furthermore, the section (50) of the first sheet element (20) and the section (40) of the second sheet element (21) are paired with each other, and first and second information (60, 70) are combined to form complete information.
B42D 25/20 - Cartes ou structures de type feuille portant des informations caractérisées par leurs éléments d’identification ou de sécurité; Leur fabrication caractérisées par une utilisation ou une finalité particulières
Method and apparatus (30, 100) for the transmission of data to security modules (11) comprising antenna connections (12A, 12B) provided for contactless communicating data carriers (10). The apparatus (30, 100) comprises a signal input (38A, 38B) for an antenna signal of a contactless read device (39), a transformation unit (33) which transforms the incoming antenna signal into an outgoing antenna signal for the security element, and a signal output (32A, 32B) for the outgoing antenna signal which can be transmitted via contact to the antenna connections (12A, 12B) of the security module.
G06K 19/077 - Supports d'enregistrement avec des marques conductrices, des circuits imprimés ou des éléments de circuit à semi-conducteurs, p.ex. cartes d'identité ou cartes de crédit avec des puces à circuit intégré - Détails de structure, p.ex. montage de circuits dans le support
69.
METHOD AND APPARATUS FOR PROCESSING A TRANSPORTATION CONTAINER WITH VALUABLE ARTICLES
The present invention relates to a method and to an apparatus for processing a transportation container (10) with valuable articles (20). For this purpose, the transportation container (10) is supplied (S1) to the apparatus (100), preferably by way of a transportation container transport device (110) of the apparatus (100). The apparatus (100) is designed to process the transportation container (10) automatically by way of the following steps: in the apparatus (100), the transportation container (10) is severed open (S6) by way of a severing device (120), and the valuable articles (20) are emptied (S7) out of the severed-open transportation container (10) and are collected (S8) by means of a collecting container (300) in the apparatus (100). The collecting container (300) with the valuable articles (20) is transported away, for further processing of the valuable articles (20), by way of a collecting container transportation device (310).
The invention relates to methods and devices for of conducting a payment transaction between a mobile terminal (12) and a payment terminal (20) in communication with a payment backend system (50), wherein the method comprises the following steps: (a) sending a unique mobile terminal identifier from the mobile terminal (12) to the payment backend system (50); (b) re- turning a cryptogram from the payment backend system (50) to the mobile terminal (12), wherein the cryptogram comprises a unique transaction identifier in encrypted form; (c) transforming the cryptogram into a proximity payment token such that the proximity payment token contains the unique transaction identifier in encrypted form and transmitting the proximity payment token to the payment terminal (20) via a proximity communication channel; (d) forwarding a transaction record including the unique transaction identifier in encrypted form and the amount of the payment transaction from the payment terminal (20) to the payment backend system (50); and (e) decrypting the unique transaction data identifier in encrypted form and processing the payment transaction by the payment backend system (50).
Disclosed are a method for managing a plurality of subscription profiles (18a, 18b) on a security element (14) of a terminal, preferably of a telematics module (13) of a motor vehicle (12), and such a security element (14). The subscription profiles comprise at least one standard subscription profile (18a) for registering the security element (14) in a mobile communications network (30) and for using services of said mobile communications network (30). Further, the subscription profiles comprise an e-call subscription profile (18b) by means of which an automatic emergency call, i.e., an e-call in accordance with technical specification ETSI TS 24.008, can be made. The method comprises the steps of switching the security element (14) from the standard subscription profile (18a) to the e-call subscription profile (18b) in the case of an event registered by the terminal, preferably of a motor vehicle (12) accident registered by the telematics module (13), and of transmitting an e-call.
H04W 8/18 - Traitement de données utilisateur ou abonné, p.ex. services faisant l'objet d'un abonnement, préférences utilisateur ou profils utilisateur; Transfert de données utilisateur ou abonné
A method to protect computational, in particular cryptographic, devices having multi-core processors from DPA and DFA attacks is disclosed herein. The method implies: Defining a library of execution units functionally grouped into business function related units, security function related units and scheduler function related units; Designating at random one among the plurality of processing cores on the computational device to as a master core for execution of the scheduler function related execution units; and Causing, under control of the scheduler, execution of the library of execution units, so as to result in a randomized execution flow capable of resisting security threats initiated on the computational device.
The invention relates to a data carrier production method and to a processing device (10) for punching data carriers out of a data carrier sheet (2). In the method of the invention, an ink application device (5, 6) applies ink to a circumferential edge (12) of the data carrier (4) in a female die unit (3) of a punching device (1, 3).
G06K 19/00 - Supports d'enregistrement pour utilisation avec des machines et avec au moins une partie prévue pour supporter des marques numériques
B26D 5/00 - Dispositions pour manœuvrer et commander les machines ou les dispositifs de coupe, découpage, poinçonnage, perforation ou séparation autrement que par coupe
A security element (10) of a mobile device (100) comprises a service-provider network subscription (50) associated with a service provider (300). The security element (10) is arranged such that the service-provider subscription (50) is employable parallel to a user network subscription (40) installed on the security element (10). A service (200) associated with the service provider (300) thus becomes utilizable on the basis of the service-provider subscription (50), independently of a user subscription (40) that might be present on the same security element (10).
The present invention discloses a method for producing a film (2) which serves as a carrier of at least one electronic component (4, 12) and at least one contactless (8) and/or contact-bonded (6) interface, wherein the film (2) is used as a transparent film and wherein electric conductive tracks are pressed on the film (2) by means of a transparent electrically conductive material in order to connect the electronic component (4, 12) to the interface (6, 8) in an electrically conductive manner. Further, the film (2) can be used for producing a portable data carrier.
G06K 19/077 - Supports d'enregistrement avec des marques conductrices, des circuits imprimés ou des éléments de circuit à semi-conducteurs, p.ex. cartes d'identité ou cartes de crédit avec des puces à circuit intégré - Détails de structure, p.ex. montage de circuits dans le support
The invention relates to a method for producing a partially de-metallized layer element, having the following steps: - providing a layer element (1700, 1800) having - a support substrate (1702, 1802) with a surface which has at least one first and second region (1704, 1804; 1706, 1806), said first region (1704, 1804) having a first structure (1710, 1810) which differs from a second structure (1712, 1812) of the second region (1706, 1806), and - at least one metal layer (1708, 1808) which is arranged on the surface of the support substrate; and - removing the metal layer (1708, 1808) by exciting surface plasmon polaritons in the first region (1704, 1804) with the first structure (1710, 1810) using electromagnetic radiation. The invention further relates to a layer element and a device for carrying out the method.
A peeling device (10) for peeling sheet-like objects (100) from a roll (200) comprises at least one peeler (20). In that context, the peeler (20) is mounted so as to be able to rotate about a mounting point (26) and comprises a pointed peeling portion (22) and a support portion (24) which is separate from the peeling portion (22). The peeling portion (22) and the support portion (24) are in that context arranged relative to one another, and the peeler (20) is mounted, such that, when in operation the peeler (20) is pressed with pre-tension against the roll (200), the peeler (20) has two mutually separated contact points (22A, 24A) with the roll (200), which contact points are defined by the peeling portion (22) and the support portion (24) of the peeler (20).
The invention relates to a supply module (10) for supplying value documents (9), in particular bank notes, to a value document preparation device (1), comprising a receiving device (11) into which one or more value documents (9) to be processed can be inserted, comprising a first aligning element (13) on which a first edge of the value documents (9) lying in the receiving device (11) is aligned when the receiving device (11) is located in a first position, comprising a second aligning element (15) on which a second edge of the value documents (9) lying in the receiving device (11) is aligned when the receiving device (11) is located in a second position, and comprising a positioning device (19) by means of which the receiving device (11) can be brought from the first position into the second position.
The invention relates to a method for executing a code sequence (CS) on a security module (SM). The code sequence (CS) comprises codes (C1) to be replaced and codes (C2) to be interpreted. In a step a), each code (C1) to be replaced is temporarily replaced with a partial code sequence (CS'), which comprises at least one code having a code value that can be interpreted. The replacement occurs in dependence on the code value of the code (C1) to be replaced. In a step b), the codes (C2) of the code sequence (CS) that are to be interpreted and the partial code sequence (CS') are interpreted by means of interpretation information (ITab) for code values. The method is characterized in that, in the replacement step, the partial code sequence (CS') is produced for the code value of the code (C1) to be replaced additionally in dependence on selection information (AI).
The invention relates to a method for operating a security module (300) of a mobile terminal (200) and to a security module (300). The security module (300) is designed to communicate via a mobile communication network of a plurality of mobile communication networks (110, 120), said security module (300) having different system configurations (331, 332, 333) for different mobile communication networks (110, 120) of the plurality of mobile communication networks (110, 120). The security module (300) receives subscription data for registering into a mobile communication network (110, 120) of the plurality of mobile communication networks (110, 120), analyzes the subscription data (321, 322), and identifies the mobile communication network (110, 120) of the plurality of mobile communication networks (110, 120). The security module (300) then selects a system configuration (331, 332, 333) according to the mobile communication network (110, 120) identified in the previous step. The security module (300) is operated in the identified mobile communication network (110, 120) using the selected system configuration (331, 332, 333).
H04W 12/04 - Gestion des clés, p.ex. par architecture d’amorçage générique [GBA]
H04W 4/00 - Services spécialement adaptés aux réseaux de télécommunications sans fil; Leurs installations
H04W 8/18 - Traitement de données utilisateur ou abonné, p.ex. services faisant l'objet d'un abonnement, préférences utilisateur ou profils utilisateur; Transfert de données utilisateur ou abonné
The invention relates to a method for producing a security element for a security paper, value document or similar, comprising a substrate (10) which is provided at least partially with an embossed coating (11) comprising at least two layers (1, 2). Said method comprises the following steps: A first UV-hardening layer (1) is applied to the substrate (10); the first UV-hardening substrate (1) is completely hardened; at least one second UV-hardening layer (2) is applied to the completely hardened first layer (1); the UV-hardening layer (2) applied second is embossed and the coating (11) is hardened.
B42D 25/369 - Matériaux magnétisés ou magnétisables
B44F 1/10 - Tableaux changeants, amusants ou à secret
G03H 1/00 - Procédés ou appareils holographiques utilisant la lumière, les infrarouges ou les ultraviolets pour obtenir des hologrammes ou pour en obtenir une image; Leurs détails spécifiques
G03H 1/02 - Procédés ou appareils holographiques utilisant la lumière, les infrarouges ou les ultraviolets pour obtenir des hologrammes ou pour en obtenir une image; Leurs détails spécifiques - Détails
B42D 25/425 - Marquage par déformation, p.ex. gaufrage
The invention relates to a security element for securing security papers, value documents, and other data carriers, comprising a lenticular image, which shows at least two different appearances (14A, 14B) from different directions of observation, wherein the lenticular image contains a lenticular screen (70) consisting of a plurality of microlenses (40, 60, 62, 64) and a laser-sensitive motif layer (28) arranged at a distance from the lenticular screen (70), which laser-sensitive motif layer (28) has, in two or more motif-layer partial areas (172, 174, 176, 178) different markings (30A, 30B) introduced by the action of laser radiation, which produce the at least two different appearances (14A, 14B) when the motif layer (28) is observed by means of the lenticular screen (70). According to the invention, the lenticular screen (70) is divided into two or more lenticular-screen partial areas (72, 74, 76, 78), in which the microlenses (40, 60, 62, 64) have differently refractive lens surface shapes, wherein the different lenticular-screen partial areas (72, 74, 76, 78) are congruent with the different motif-layer partial areas (172, 174, 176, 178) and the markings (30A, 30B) of the motif-layer partial areas (172, 174, 176, 178) are produced by laser application to the lenticular-screen partial areas (72, 74, 76, 78).
B42D 25/00 - Cartes ou structures de type feuille portant des informations caractérisées par leurs éléments d’identification ou de sécurité; Leur fabrication
The invention creates a method in a processor for performing a cryptographic calculation. The performance of the calculation involves the application of a basic masking, by means of which intermediate values are used in the calculation as masked intermediate values. The performance of the calculation additionally involves the application of a folding and a secondary masking. The folding involves the calculation of the masked intermediate value using the unmasked intermediate value and at least one secondary intermediate value. The secondary masking involves the calculation, for each intermediate value masked by means of the basic masking, under random control, being performed either with the masked intermediate value or with the one's complement of the masked intermediate value.
G09C 1/00 - Appareils ou méthodes au moyen desquels une suite donnée de signes, p.ex. un texte intelligible, est transformée en une suite de signes inintelligibles en transposant les signes ou groupes de signes ou en les remplaçant par d'autres suivant un systèm
H04L 9/00 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité
H04L 9/06 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p.ex. système DES
The present invention discloses a chip module (2), which is inserted into a card body (14) of a portable data carrier (22) and is permanently connected to it, wherein the module (2) comprises a substrate (4), wherein at least one electrically conductive contact (10) is arranged on one side of the substrate (4), wherein at least one chip (12) is arranged on another side of the substrate (4), which side is arranged opposite to the side on which the at least one contact (10) is arranged, wherein the chip (12) has at least one connection (10) which is electrically conductively connected to at least one contact (10), characterized in that the substrate (4) has at least one first area (6) which is permeable to laser light, and has at least one second area (8) which is impermeable to laser light, so that the chip module (2) is connected to the card body (14) e.g. by means of a laser welded connection.
G06K 19/077 - Supports d'enregistrement avec des marques conductrices, des circuits imprimés ou des éléments de circuit à semi-conducteurs, p.ex. cartes d'identité ou cartes de crédit avec des puces à circuit intégré - Détails de structure, p.ex. montage de circuits dans le support
H01L 23/00 - DISPOSITIFS À SEMI-CONDUCTEURS NON COUVERTS PAR LA CLASSE - Détails de dispositifs à semi-conducteurs ou d'autres dispositifs à l'état solide
The invention relates to a device (100; 100'; 100") for opening a receptacle for transporting valuable objects, comprising a suction device (10, 20, 70) for aspirating the receptacle and a separating device (30, 50) for separating the receptacle in an aspirated area of the receptacle. Said receptacle can be, in particular, in the shape of a plastic bag. The invention also relates to a method for opening the receptacle, comprising the steps of aspirating (S1) the receptacle by means of an aspiration device and separating (S2) the receptacle in an aspirated area of the receptacle by means of the separating device.
The invention relates to a method for determining a sorting result for a security document using sensor data for the security document and specified classification parameters, wherein a specified classification method is carried out using sensor data and the classification parameters, wherein specified sub-steps are carried out, which are the making of at least one decision, and, as a result of the sub-steps carried out, a class is determined as a sorting result, wherein at least upon making the decisions at least one classification parameter allocated to the respective decision and/or at least one part of the sensor data and/or at least one sub-step result, which was obtained upon carrying out a preceding sub-step, is used, and wherein a display apparatus is controlled for the determined sorting result such that the display apparatus displays at least an excerpt from a graph having nodes and edges, each connecting two of the nodes, wherein the nodes comprise a start node, at least one sub-step node, which represents a sub-step required to obtain the sorting result, and at least one result node representing a possible sorting result, and wherein those edges are identified which make a continuous path from the start node to the result node representing the sorting result, and/or wherein those nodes are identified which are connected by edges which form a continuous path from the start node to the result node representing the sorting result.
The invention relates to a method for checking a validity of a security element (10), the method comprising the following steps: A blocking list (S2) is generated by a blocking service (200), said blocking list comprising blocking identifiers, each indicating invalid security elements. The blocking list is made available to a verification entity (100), (S3). The security element (10) to be checked determines (S5) a check identifier and transmits (S6) the same to the verifying entity, which searches (S7) the blocking list to see if a blocking identifier corresponding to the check identifier is present therein (S8). If so, the security element is considered as invalid (S9), otherwise as valid (S10). The test identifier is configured in such a manner that the identity of the security element cannot be deduced from the check identifier. During the search of the blocking list, the identity of the security element cannot be recognized, at least in the case, where the blocking list does not comprise a blocking identifier that corresponds to the check identifier.
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04L 9/30 - Clé publique, c. à d. l'algorithme de chiffrement étant impossible à inverser par ordinateur et les clés de chiffrement des utilisateurs n'exigeant pas le secret
The invention relates to a method for authorizing a transaction. In said method, a first code (28) and a second code (29) are read by a first mobile device (10). The second code (29) contains information for decoding the first code (28). A first signature which confirms the transaction with the system (24) is generated from the read codes and is transmitted to the system, whereupon the transaction is authorized.
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
89.
METHOD FOR EXAMINING A VALUE DOCUMENT, AND MEANS FOR CARRYING OUT THE METHOD
The invention relates to a method for examining a value documents using a digital image of the value document, said image comprising pixels. The image is examined for the presence of at least one irregularity relating to a specified property of the value document. When such an irregularity is found dependent on the size and/or position and/or shape of the irregularity in the image, an examination region is determined which displays the irregularity, and only some of the digital image pixels corresponding to the examination region are used to check the irregularity.
The invention relates to a security feature for securing value documents, comprising particles that are composed of at least two different, spatially separated solid homogeneous phases, each of which can be detected and identified in a spatially resolved manner by means of a spatially resolving analytical process which is suitable for resolving all the way to the single particle level.
A method for managing (virtual) subscriptions on a security element (20) for a mobile end device (10) comprises the following steps: for each subscription (70; 71; 72) of a plurality of subscriptions a quality of service is determined (S6). On the basis of the qualities of service determined for the individual subscriptions a subscription is selected (S7). The selected subscription is subsequently employed for a data communication of the end device (10) with a corresponding communication partner. This managing of the subscriptions is controlled at least partly by an external subscription management device (70) which is distinct from the security element (20) and the end device (10).
H04W 8/18 - Traitement de données utilisateur ou abonné, p.ex. services faisant l'objet d'un abonnement, préférences utilisateur ou profils utilisateur; Transfert de données utilisateur ou abonné
H04W 48/18 - Sélection d'un réseau ou d'un service de télécommunications
92.
METHOD FOR REMOTELY MANAGING A DATA ELEMENT STORED ON A SECURITY ELEMENT
The invention relates to a method for remotely managing a data element (D) stored on a security element (SE), wherein a change request for the data element (D) originating at least partially from a server (S) is transferred to the security element (SE), whereupon the data element (D) stored in the security element is changed in the security element (SE), wherein the change comprises a first changing memory access (AC1) and a second changing memory access (AC2) to the security element (SE). The first memory access (AC1) and the second memory access (AC2) occur in partial steps of the change that are decoupled from each other, wherein a first partial step comprises the transfer of a first partial change request (CR1) from the change request to the security element (SE) by the server (S) and the first memory access (AC1) and wherein a second partial step comprises the transfer of a second partial change request (CR2) from the change request to the security element (SE) and the second memory access (AC2).
H04W 4/00 - Services spécialement adaptés aux réseaux de télécommunications sans fil; Leurs installations
H04W 8/18 - Traitement de données utilisateur ou abonné, p.ex. services faisant l'objet d'un abonnement, préférences utilisateur ou profils utilisateur; Transfert de données utilisateur ou abonné
H04W 8/20 - Transfert de données utilisateur ou abonné
The invention relates to a microprocessor system for a mobile terminal (2), said microprocessor system comprising: a normal operating system (100) that is designed to generate and maintain a non-secure runtime environment (REE); and a security operating system that is designed to generate and maintain a secured runtime environment (TEE). In addition, the microprocessor system is provided with a voice input device (10), in particular a microphone, and a voice output device (12), in particular a loud speaker, wherein the security operating system (200) is designed to establish a secure channel (14) between a secure element and the voice input device (10) and/or the voice output device (12).
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
94.
METHOD FOR PRODUCING A SECURITY ELEMENT WITH A NEGATIVE INSCRIPTION AND SECURITY ELEMENT OBTAINABLE THEREBY
The invention relates to a method for producing a security element (1) with a negative inscription for a security paper or an article of value, in particular a document of value, comprising the following steps: • a) providing a transparent carrier substrate (2); • b) providing the carrier substrate (2) with an embossed embossing coating (6); • c) printing a layer of free-flowing ink (8) containing metal pigments onto the embossing coating (6) in the form of a predetermined pattern with ink layer regions (4) and clearances (5) between the ink layer regions (4) that form the negative inscription, so that on the underside of each individual ink layer region (4), at which the layer of ink (8) and the embossing coating (6) face one another, metal pigments are aligned spatially along the embossing structure (7) of the embossing coating (6) and form a first, lower ink-layer metallization (9); • d) bringing the layer of ink (8) into contact with an embossing tool, preferably under increased pressure and at increased temperature, so that the upper side of each individual ink layer region is provided with an embossing structure, along which metal pigments are spatially aligned and form a second, upper ink-layer metallization (10).
The invention relates to a method for producing a security element, the method comprising the steps: Providing a carrier material (200, 300, 400, 500) having at least one region (106, 202, 302, 402, 502, 606) to be coated; arranging a reflection layer (204, 304, 410) in the region to be coated; arranging a structured spacer layer (206, 306, 412) on the reflection layer, wherein the structured spacer layer is suited to protect the reflection layer from a removal; arranging an absorber layer (212, 312, 416, 512) at least on the structured spacer layer; and removing the reflection layer in those regions, where the removal of the reflection layer is not obstructed by the protection of the structured spacer layer. The invention further relates to a security element produced by using said method, and to a value document having a security element such as this.
The invention relates to a method and to a corresponding system (1) for processing value documents (3 - 5), in particular banknotes, having the following steps: entering value documents (3) into an input compartment (2) and separating the entered value documents (3), detecting one or more properties of the individual value documents (3); ascertaining an identifier (SN11 - SNx, SN21 - SNy, SN31 - SNz), in particular a serial number, of the value documents (3, 4) using the detected properties of the value documents (3, 4); storing the ascertained identifier (SN11 - SNx, SN21 - SNy, SN31 - SNz) of the value documents (3, 4); dispensing the value documents (3 - 5) into at least one output compartment (30 - 32); and checking whether one or more second value documents (5) having an identifier which was not ascertained and/or stored are located in the output compartment (30 - 32) using the ascertained identifier (SN11 - SNx, SN21 - SNy, SN31 - SNz) of one or more of the first value documents (4) dispensed into the output compartment (30 - 32). The invention allows a reliable processing of value documents, in particular a reliable billing of deposits, in a simple and time-saving manner.
The present invention concerns a method for authorising a transaction, involving the following steps: inputting transaction data into a first mobile device (10), transmitting the transaction data from the first device (10) to a background system (12) using a first air interface (20), encoded transmission of at least one password to a second mobile device via the first mobile device, and authorising the transaction by inputting the password (40) displayed on the second device (14) into the first device (10).
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p.ex. clés électroniques ou cartes à puce intelligentes
G06Q 20/38 - Architectures, schémas ou protocoles de paiement - leurs détails
G06Q 20/40 - Autorisation, p.ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasin; Examen et approbation des payeurs, p.ex. contrôle des lignes de crédit ou des listes négatives
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
A method is proposed for the production of a security document, in particular in the form of a passport booklet, with a page block (1) and a protective binding (10). According to the method, a page block (1), which has a plurality of flexible inner pages (2) which are connected mechanically along a bending line (3), and a protective binding (10) which is of more stable configuration than the inner pages (2) are provided. The inner side (11) of the protective binding (10) is coated in a part region (14) with a layer of a first adhesive (17) using the wet process and is coated in a second, non-overlapping part region (13, 15) with a second adhesive (16, 18). The water solubility of the second adhesive (16, 18) is different from that of the first adhesive (17). Finally, the protective binding (10) is placed with the coated inner side (11) onto the page block (1) and is pressed.
The invention relates to the magnetization of a magnetizable security element (31) when testing the latter. In this case, two magnetic field areas (15, 16) having a different magnetic field direction are provided along a transport area (20), wherein the magnetic field strength of the downstream magnetic field area (16) is lower than the magnetic field strength of the first magnetic field area (15) in the direction of transport. According to the invention, two magnets (11, 12) are used to cooperatively generate the two magnetic field areas (15, 16). For this purpose, these magnets are arranged in such a manner that the north poles and south poles of the first magnet (11) and of the second magnet (12) are opposite one another with respect to the transport area (20).
Input stacks of value documents are placed into an input compartment of the value document handling apparatus, transported through the apparatus, checked and sorted into different pigeon-holes in the value document handling apparatus, with reject value documents being stored separately from valid value documents. Next, the reject value documents are automatically transported back to the input compartment of the value document handling apparatus using a reject transport device in order to recheck the reject value documents by means of the same value document handling apparatus (rerun). The reject transport device has a plurality of reject transport units, into which the reject value documents from the various input stacks are deposited separately from one another, and a reader for reading in the machine-readable identifier of the respective reject transport unit that is used to assign the reject value documents of the respective reject transport unit to the input stack to which said reject value documents belong.
brevets
