EP2499597A1 - Procédé d'interaction sûre avec un élément de sécurité - Google Patents

Procédé d'interaction sûre avec un élément de sécurité

Info

Publication number
EP2499597A1
EP2499597A1 EP10774138A EP10774138A EP2499597A1 EP 2499597 A1 EP2499597 A1 EP 2499597A1 EP 10774138 A EP10774138 A EP 10774138A EP 10774138 A EP10774138 A EP 10774138A EP 2499597 A1 EP2499597 A1 EP 2499597A1
Authority
EP
European Patent Office
Prior art keywords
terminal
pin
authentication data
security module
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP10774138A
Other languages
German (de)
English (en)
Inventor
Stephan Spitz
Lutz Hammerschmid
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Trustonic Ltd
Original Assignee
Giesecke and Devrient GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke and Devrient GmbH filed Critical Giesecke and Devrient GmbH
Publication of EP2499597A1 publication Critical patent/EP2499597A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/41User authentication where a single sign-on provides access to a plurality of computers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the present invention relates to a method for secure interaction with a security module integrated in a terminal, in particular the secure input of authentication data into the security module via an input device of the terminal.
  • Various applications for example for paying for goods or services, can be provided to a user on a security module, for example in the form of a (U) SIM mobile calling card, a secure memory card or the like.
  • a security module for example in the form of a (U) SIM mobile calling card, a secure memory card or the like.
  • Such an application itself as well as the data processed by the application are protected on the security module against unauthorized access.
  • the user Before the application is released, for example, to effect a payment transaction, it is necessary for the user to authenticate himself to the security module, for example by means of a PIN. This can prevent that third parties, for example by means of malicious code, abusing the application for their own purposes on the terminal without the knowledge and consent of the user.
  • the input of such authentication data is usually via an input device of the terminal, such as a keyboard, the security module in the terminal - preferably removable - is integrated.
  • the security module in the terminal - preferably removable - is integrated.
  • An inventive method for secure interaction with a security module, which is integrated into a terminal, via an input device of the terminal comprises the following steps.
  • the input device of the terminal is reserved by a security application, which is executable in a trusted area of the terminal.
  • first authentication data are entered via the reserved input device.
  • the security application then derives second authentication data from the first authentication data by means of secret data stored in the trusted area.
  • the second authentication data are then encrypted by the security application and encrypted to the security module and / or transmitted to a server.
  • the received, encrypted second authentication data are finally decrypted.
  • An inventive terminal, which is set up for integrating a security module comprises an input device and a trusted area with a security application executable therein.
  • the security application is further configured to derive second authentication data from the first authentication data by means of secret data stored in the trustworthy area, to encrypt the second authentication data and encrypted to a to transfer to the terminal integrated security module and / or a server.
  • the fact that the second authentication data are encrypted before they are transmitted from the trusted area of the terminal by the security application to the security module and / or the server - and thus generally have to pass through the untrusted area of the terminal - can also No spying, this time the second authentication data, by malicious code installed in the untrusted area.
  • the second authentication data required for authentication to the security module and / or the server is provided by the security module and / or the security module Server receives encrypted and then decrypted in the security module and / or the server.
  • the advantage of the method according to the invention is that the devices used, in particular the terminal and the security module and / or server, as well as the communication between the terminal and the security module and / or server can be maintained substantially unchanged. Only the security application which is executed in the trusted area of the terminal is adapted according to the invention. This means that an authorized user of a corresponding card is not informed of the PIN with which the card is personalized. Alternatively, the authorized user could be asked before the first use itself to enter a PIN, which is written for example by means of a PIN change command on the card.
  • the trusted area of the terminal is provided by a known hardware architecture, for example according to the ARM technology, so-called APvM trust zone, as well as a security runtime environment executed therein, which is supplemented by the security application.
  • Alternative and known hardware architectures are, for example, virtualization technologies or trusted computing with TPM.
  • An encrypted communication between the security application in the trusted area of the terminal and the security module and / or server can be implemented by known techniques. In this way, the inventive method can be easily integrated into existing systems.
  • the security application preferably reserves the issuing device of the terminal in that the security application controls a driver application which is executable in the trustworthy area of the terminal and which is provided to handle the data communication with the input device such that all data entered via the input device is exclusive get into the trusted area of the disk.
  • the secret data stored in the trusted area are preferably formed terminal-specific.
  • the secret data can during a personalization phase of the terminal - matched to the security module to be integrated into the terminal and its users - be introduced into the terminal. In this way it can be prevented that a third party, if it comes into the possession of the security module and attains knowledge of the first authentication data, can authenticate to the security module by means of a further terminal. That is, only a system of terminal, security module and matching secret data in the trusted area of the terminal allow - with knowledge of the first authentication data - a successful authentication against the security module.
  • the second authentication data can be derived from the first authentication data in that the security application encrypts the first authentication data by means of the secret data as a secret key to the second authentication data, for example by means of a cryptographic hash function or the like.
  • a transport key for encrypting the second authentication data for encrypted transmission thereof to the security module and / or the server can be negotiated between the security application and the security module and / or the server in a known manner, for example according to the Diffie-Hellman patent.
  • one or more corresponding transport keys are already stored in the security module and / or the server and the trusted area of the terminal.
  • the second authentication data are used according to a preferred embodiment of the inventive method for releasing an executable on the security module and / or the server application, such as a payment application or the like.
  • the terminal used is preferably a mobile terminal, in particular a mobile station, a PDA, a smartphone, a netbook or the like.
  • Particularly suitable as a security module are (U) SIM mobile communication cards, secure memory cards or similar portable data carriers, which can preferably be removably integrated into a corresponding terminal.
  • Particularly suitable as servers are secured computers, which are used, for example, by banks for financial transactions, for example for paying bills, such as so-called online banking, for example.
  • FIG. 1A schematically shows a preferred embodiment of a terminal according to the invention
  • FIG. 1B shows portions of the terminal device from FIG. 1A which are relevant to the invention in a likewise schematic representation
  • Fig. 1A shows a terminal 100 in the form of a mobile station.
  • Other, in particular mobile terminals are likewise possible, for example PDAs, smartphones, netbooks or the like.
  • the terminal 100 comprises an output device 110 in the form of a display and an input device 180 in the form of a keyboard. Only As interpreted, the terminal 100 includes a chipset 120 by means of which the terminal 100 is controlled and which will be described in greater detail with reference to FIG. 1B.
  • the terminal 100 is set up to record a security module 200, in the example shown, a (U) S mobile phone card, in a removable manner. Security modules of another type and design are also possible, for example, a secure memory card.
  • the security module 200 may provide a user of the terminal 100 with various applications, such as a payment application 210 (see Fig. 1B). In order to prevent unauthorized third parties from abusing such an application for their own purposes, for example by means of being installed on the terminal 100
  • the hardware 120 on which the control unit of the terminal 100 is based provides a trusted area 130 as well as an untrusted area 160. In this way, security-relevant applications and data can already be separated at the hardware level from less security-relevant data and applications.
  • a hardware architecture from ARM, for example, provides this under the name "Trust Zone.”
  • a secure runtime environment 140 controls the processes in the trusted area 130.
  • a driver application 142 which records all entries on the input device 180 of the terminal This ensures that, if necessary, data entered via the issuing device 180 can not enter the untrusted area 160 of the terminal 100. However, the driver application 142 can also be set such that Applications executing in the untrusted area 160 of the terminal 100 have access to the input user interface. direction 180.
  • a security application 150 that complements the secure runtime environment and that has direct access and control over the driver application 142 will be described in greater detail below with reference to FIG. 2, as well as a secret date 144 stored in the trusted area 130 in the form of a secret key (see Fig. 2).
  • a common operating system (OS) 170 controls the untrusted area 160 of the terminal 100.
  • Various non-security applications 172 may be executable therein.
  • the security module 200 is connected to the terminal 100. That while the security module 200 ensures sufficient security for data executable thereon applications 210 and data processed by these applications 210, an interaction with the security module 200, which is usually performed via the input device 180 of the terminal 100, must be secured by further measures. This is necessary because transmitted data must always pass the untrusted area 160 of the terminal 100 and therefore may be exposed to attacks caused by malicious code that has been installed in the untrusted area 160 - mostly unnoticed by the user.
  • a method is described below, which makes it possible to securely transfer authentication data to the security module 200 via the input device 180 of the terminal 100, in order, for example, to execute a payment application 210 that can be executed on the security module 200. release.
  • the user of the terminal 100 initiates the calling of the payment application 210 on the security module 200, for example by means of an application 172 executed in the untrusted area 160 of the terminal 100.
  • Such a call causes the security application 150, which is executed in the trusted area 130 of the terminal 100, to reserve the issuer 180 in step S2.
  • the security application 150 controls the driver application 142 in such a way that, while the issuing device 180 is reserved, all data entered via the input device only reach the trusted area 130 of the terminal 100.
  • a reservation of the issuing device has the consequence that - apart from the data entered via the input device 180 - no further data, in particular no data from the untrusted area 160, can reach the trusted area 130. In this way, it can be prevented, for example, that in the non-trusted area 160 any malicious code present simulates an input device.
  • the security application 150 when the issuing device 180 is reserved, sends an input request in step S3, which can be displayed to the user on the display 110, for example (see FIG. 1A).
  • step S4 the first authentication data PIN 1 is entered by the user of the terminal 100 via the reserved issuing device 180, which is completely controlled by the security application 150 by means of the driver application 142.
  • the entered first authentication data PIN 1 thus reach the trusted area 130 of the terminal 100 in a secured manner.
  • second authentication data PIN 2 are derived from the first authentication data PIN 1 by means of secret data 144 stored in the trusted area 130 in the form of a secret key. This can be done, for example, by the second authentication data PIN 2 being formed by means of a cryptographic hash function from the first authentication data PIN 1 and the secret key keys.
  • the secret key keys is terminal specific, adapted to the corresponding application 210 on the security module 200, which with the means of the key keys derived authentication data PIN 2 is to be released.
  • the PIN 2 is, for example, a PIN in the so-called EMC PIN format
  • the number 2 at the beginning determines the format.
  • the number 4 specifies the PIN length.
  • the PEST itself which is represented by xxxx, is converted to 8 bytes with ff. This means that after the PEM 1 has been encrypted, the resulting PEST 2 must be converted into an EMC PESI.
  • the security application 150 alone is authorized to access the secret date 144, that is to say the secret key keys.
  • the second authentication data PEST 2 derived in this way enables successful authentication at the security module 200, but not the first authentication data PEM 1. If an attacker succeeds in spying on the first authentication data PEST 1 in some way, he can do so for the reasons described, since it is not possible for him to derive the second authentication data PJN 2. This is only by means of the secret key keys possible, but which is - inaccessible to the attacker - stored in the trusted area 130 of the terminal 100.
  • the second authentication data PIN 2 is transmitted by the security application 150 encrypted again in step S6.
  • This is done by a transport key keyr.
  • This can be negotiated in a known manner between the security application 150 and the security module 200.
  • the transport key keyT has already been stored in the trusted area 130 of the terminal 100 and in the security module 200, for example within the framework of corresponding personalization phases.
  • the use of an asymmetric encryption system for encrypting the second authentication data PIN 2 is possible, with encryption and decryption in a known manner by means of various keys - a public or a secret key - done.
  • the encrypted second authentication data PENJ 3 obtained in this way are now transmitted in a secure-since encrypted-manner to the security module 200 in step S7.
  • the encrypted second authentication data ⁇ 3 received in the security module 200 are decrypted there in step S8-again by means of the transport key keyT.
  • the data PEST 2 'thus obtained are compared in the security module 200 with the expected authentication data PIN 2 in step S9. If the comparison is positive, then the user is authenticated as positive and the payment application 210 is released in step Sil. However, if the comparison shows that the decrypted data PIN does not match the expected second authentication data PIN 2, the attempt to release the payment application 210 is aborted by the security module 200 in step S10.
  • Abortion may mean that, for example, in the case of a credit card, the card responds to a VERIFY command with an error code and an erroneous operation counter is decremented.
  • the inventive method is not only able to authenticate a payment function, but it is also possible to authenticate a user in a corresponding application of the method to change PIN1 and ⁇ 2.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Telephone Function (AREA)

Abstract

L'invention concerne un procédé d'interaction sécurisée avec un module de sécurité (200) qui est intégré dans un terminal (100). Selon ce procédé, le dispositif d'entrée (180) est réservé, par l'intermédiaire d'un dispositif d'entrée (180) du terminal (100), par une application de sécurité (150) qui est exécutable dans une région fiable (130) du terminal (100). Ensuite, des premières données d'authentification (PIN 1) sont introduites par l'intermédiaire du dispositif d'entrée (180) réservé. L'application de sécurité (150) déduit des deuxièmes données d'authentification (PIN 2) à partir des premières données d'authentification (PIN 1) au moyen de données secrètes (144) stockées dans la région fiable (130). Ces données (PIN 2) sont ensuite codées par l'application de sécurité (150) et transmises au module de sécurité (200) et/ou à un serveur. Les deux données d'authentification codées (PIN 3) reçues sont enfin décodées dans le module de sécurité (200) et/ou dans le serveur.
EP10774138A 2009-11-09 2010-10-26 Procédé d'interaction sûre avec un élément de sécurité Withdrawn EP2499597A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102009052389A DE102009052389A1 (de) 2009-11-09 2009-11-09 Verfahren zur sicheren Interaktion mit einem Sicherheitselement
PCT/EP2010/006536 WO2011054462A1 (fr) 2009-11-09 2010-10-26 Procédé d'interaction sûre avec un élément de sécurité

Publications (1)

Publication Number Publication Date
EP2499597A1 true EP2499597A1 (fr) 2012-09-19

Family

ID=43480710

Family Applications (1)

Application Number Title Priority Date Filing Date
EP10774138A Withdrawn EP2499597A1 (fr) 2009-11-09 2010-10-26 Procédé d'interaction sûre avec un élément de sécurité

Country Status (8)

Country Link
US (1) US20120233456A1 (fr)
EP (1) EP2499597A1 (fr)
CN (1) CN102667800A (fr)
AU (1) AU2010314480B2 (fr)
BR (1) BR112012010553A2 (fr)
CA (1) CA2779654A1 (fr)
DE (1) DE102009052389A1 (fr)
WO (1) WO2011054462A1 (fr)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2500560A (en) * 2011-11-03 2013-10-02 Proxama Ltd Authorising transactions in a mobile device
FR2997525B1 (fr) * 2012-10-26 2015-12-04 Inside Secure Procede de fourniture d’un service securise
DE102012022875A1 (de) * 2012-11-22 2014-05-22 Giesecke & Devrient Gmbh Verfahren und System zur Applikationsinstallation
CN104765999B (zh) * 2014-01-07 2020-06-30 腾讯科技(深圳)有限公司 一种对用户资源信息进行处理的方法、终端及服务器
EP2908262B1 (fr) * 2014-02-18 2016-02-17 Nxp B.V. Jeton de sécurité, procédé d'exécution de transaction et produit de programme informatique
DE102014007789A1 (de) * 2014-05-23 2015-11-26 Giesecke & Devrient Gmbh Browserbasierte Applikation
EP3016342B1 (fr) 2014-10-30 2019-03-06 Nxp B.V. Dispositif mobile, procédé permettant de faciliter une transaction, programme informatique, article de fabrication
CN107210918B (zh) * 2015-02-17 2021-07-27 维萨国际服务协会 用于使用基于交易特定信息的令牌和密码的交易处理的装置和方法
CN105430150B (zh) * 2015-12-24 2019-12-17 北京奇虎科技有限公司 一种实现安全通话的方法和装置
DE102016207339A1 (de) * 2016-04-29 2017-11-02 Volkswagen Aktiengesellschaft Verfahren zur sicheren Interaktion eines Nutzers mit einem mobilen Endgerät und einer weiteren Instanz

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
IL103062A (en) * 1992-09-04 1996-08-04 Algorithmic Res Ltd Data processor security system
US6092202A (en) * 1998-05-22 2000-07-18 N*Able Technologies, Inc. Method and system for secure transactions in a computer system
US7380136B2 (en) * 2003-06-25 2008-05-27 Intel Corp. Methods and apparatus for secure collection and display of user interface information in a pre-boot environment
DE102004004552A1 (de) * 2004-01-29 2005-08-18 Giesecke & Devrient Gmbh System mit wenigstens einem Computer und wenigstens einem tragbaren Datenträger
US20110071949A1 (en) * 2004-09-20 2011-03-24 Andrew Petrov Secure pin entry device for mobile phones
US20080014990A1 (en) * 2005-07-25 2008-01-17 Pixtel Media Technology (P) Ltd. Method of locating a mobile communication system for providing anti theft and data protection during successive boot-up procedure
EP1752937A1 (fr) * 2005-07-29 2007-02-14 Research In Motion Limited Système et méthode d'entrée chiffrée d'un numéro d'identification personnel d'une carte à circuit intégré
US7694147B2 (en) * 2006-01-03 2010-04-06 International Business Machines Corporation Hashing method and system
EP1862948A1 (fr) * 2006-06-01 2007-12-05 Axalto SA Carte CI avec client OTP
US8051297B2 (en) * 2006-11-28 2011-11-01 Diversinet Corp. Method for binding a security element to a mobile device
US20080301816A1 (en) * 2007-06-01 2008-12-04 Ting David M T Method and system for handling keystroke commands
US8140855B2 (en) * 2008-04-11 2012-03-20 Microsoft Corp. Security-enhanced log in
US20100312709A1 (en) * 2009-06-05 2010-12-09 Dynamic Card Solutions International Payment application pin data self-encryption

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2011054462A1 *

Also Published As

Publication number Publication date
CA2779654A1 (fr) 2011-05-12
WO2011054462A1 (fr) 2011-05-12
DE102009052389A1 (de) 2011-05-12
BR112012010553A2 (pt) 2016-03-22
AU2010314480A1 (en) 2012-06-14
US20120233456A1 (en) 2012-09-13
AU2010314480B2 (en) 2014-01-23
CN102667800A (zh) 2012-09-12

Similar Documents

Publication Publication Date Title
EP2499597A1 (fr) Procédé d'interaction sûre avec un élément de sécurité
EP3574625B1 (fr) Procédé de réalisation d'une authentification
EP2533172B2 (fr) Accès sécurisé aux données d'un appareil
EP2749003B1 (fr) Procédé pour authentifier un terminal de communication comprenant un module d'identité au niveau d'un dispositif serveur d'un réseau de télécommunication, utilisation d'un module d'identité,module d'identité et programme informatique
EP2765752B1 (fr) Procédé destiné à pourvoir un terminal mobile d'un certificat d'authentification
EP2862340A1 (fr) Station mobile à liaison entre un terminal et un élément de sécurité
DE102011116489A1 (de) Mobiles Endgerät, Transaktionsterminal und Verfahren zur Durchführung einer Transaktion an einem Transaktionsterminal mittels eines mobilen Endgeräts
DE112010004580T5 (de) Sichere Pin-Verwaltung einer für Benutzer vertrauenswürdigen Einheit
EP3095080A1 (fr) Procédé pour autoriser une transaction
EP3206151B1 (fr) Procédé et système d'authentification d'un appareil de télécommunication mobile sur un système informatique de service et appareil de télécommunication mobile
EP2434424B1 (fr) Procédé d'augmentation de la sécurité de services en ligne relevant de la sécurité
EP1915718B1 (fr) Procede pour proteger l'authentification d'un support de donnees portable vis-a-vis d'un lecteur par une voie de communication non securisee
DE102013102092B4 (de) Verfahren und Vorrichtung zum Authentifizieren von Personen
EP3248136B1 (fr) Procédé de fonctionnement d'une unité d'ordinateur avec un environnement de temps d'exécution sécurisé et unité d'ordinateur
WO2017186445A1 (fr) Procédé d'interaction sécurisée d'un utilisateur avec un terminal mobile et une autre entité
EP3361436B1 (fr) Procédé d'autorisation d'une transaction
DE102017128807A1 (de) Verfahren und Anordnung zum Auslösen einer elektronischen Zahlung
EP2819077A1 (fr) Procédé d'activation d'au moins un service dans le porte-monnaie électronique
WO2005073826A1 (fr) Systeme comprenant au moins un ordinateur et au moins un support de donnees portatif
EP3486852A2 (fr) Procédé et dispositif de déclenchement d'un paiement électronique
DE102013101828A1 (de) Verfahren und Vorrichtungen zum Durchführen einer Transaktion
EP1563360A1 (fr) Procede pour proteger un support de donnees portable
DE102012024856A1 (de) Verfahren zum Betreiben eines Sicherheitsmoduls sowie ein solches Sicherheitsmodul

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20120611

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAX Request for extension of the european patent (deleted)
RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: TRUSTONIC LIMITED

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN

18W Application withdrawn

Effective date: 20161214