公开(公告)号：US10885297B2

公开(公告)日：2021-01-05

申请号：US16323426

申请日：2017-08-11

Applicant: GEMALTO SA

Inventor： Brett A. Howell ,  Brian L. Linzie

IPC: G06K9/00

Abstract: The non-contact capture device allows for an image of an object to be captured when the object is not making contact with any portion of the non-contact capture device. The non-contact capture device comprises an electronic compartment comprising a camera and a light source, wherein the camera and light source are directed to an image capture region, a housing guide comprising a leg extending away from the electronic compartment to support a collar, and an image capture region spaced away from the electronic compartment and the housing guide. The collar extends laterally around only a portion of the image capture region forming an entry gap into the image capture region.

公开(公告)号：US20200301467A1

公开(公告)日：2020-09-24

申请号：US16083504

申请日：2017-02-28

Applicant: GEMALTO SA

Inventor： Pascal LEROY ,  Hervé POIRIER ,  Stéphane TOUVET

IPC: G06F1/12 ,  G06F1/14

Abstract: This invention relates to a method to compensate by a server a clock deviation of a card i by maintaining a time base Tbase (i) synchronized with card i, the method comprising the steps of: receiving at a time TS a dynamic card verification dCVV code value generated by card i; providing a set of at least two dCVV code corresponding to two successive dCVV time periods; if the dCVV code received from card i corresponds to one of the dCVV codes of the provided set but is different from the reference dCVV code, determine the minimum possible timing drift Min_td between the time base maintained by the server for the card and the time base Tbase(i) of the card; updating time base Tbase(i) by addition of a time drift correction equal to the minimum possible time drift Min_td.

公开(公告)号：US10717312B2

公开(公告)日：2020-07-21

申请号：US16342145

申请日：2017-10-24

Applicant: GEMALTO SA

Inventor： Teemu Pohjola ,  Kristian Lappalainen

IPC: B42D25/45 ,  B42D25/351 ,  B42D25/373 ,  B42D25/382 ,  B42D25/387 ,  B42D25/435 ,  B42D25/328 ,  B42D25/46 ,  B42D25/455 ,  B42D25/24 ,  B42D25/324 ,  B42D25/23 ,  B42D25/309

Abstract: The present invention relates generally to a data carrier comprising an opaque layer and a method for making the data carrier. During personalization phase, the ablation of the opaque layer by laser through the data carrier allows to define a see-through portion of the data carrier carrying opaque security, said see-through portion having an improved security corresponding to opaque embossing pattern overlapping at least partially the opaque security partially destroyed. Said defined see-through portion carrying opaque security partially destroyed with opaque embossing pattern on its surface is even more difficult to reproduce by forger, even more difficult to remove, replace or exchange and easy to check.

公开(公告)号：US20200187287A1

公开(公告)日：2020-06-11

申请号：US16305306

申请日：2016-05-31

Applicant: GEMALTO SA

Inventor： Andrei Marian Hagiu

IPC: H04W76/18 ,  H04W8/20 ,  H04W8/24 ,  H04W76/12

Abstract: The invention relates to a method for detecting a failure in a PDP context or an EPS PDN connection. A chip incorporated within or coupled to a device receives from the device a call control PDP context activation type event or a call control EPS PDN connection activation type event. The chip receives from the device an updated value relating to an HFN start PS. The chip compares the last updated value relating to the HFN start PS to a predetermined value relating to the HFN start PS. If the last updated value relating to the HFN start PS is greater than or is less than/equal to the predetermined value relating to the HFN start PS, then the chip detects that the PDP context or the EPS PDN connection has been successfully or unsuccessfully activated respectively.

公开(公告)号：US10587599B2

公开(公告)日：2020-03-10

申请号：US15519669

申请日：2015-10-09

Applicant: GEMALTO SA

Inventor： Xavier Berard ,  Antoine Galland

IPC: H04L29/06 ,  H04W4/50 ,  H04W12/00 ,  H04W4/70

Abstract: The invention is a method for managing a response from an application embedded in a secure token acting as an UICC, in response to a command requesting opening a proactive session. The command is sent by an applicative server to the secure token via an OTA server providing a security layer. The method comprises the steps of sending another command from the applicative server to the secure token using the security layer provided by the OTA server, and in response to this second command, the secure token send the response of the first command to the applicative server using the security layer provided by the OTA server.

公开(公告)号：US20200076614A1

公开(公告)日：2020-03-05

申请号：US16467957

申请日：2017-12-06

Applicant: GEMALTO SA

Inventor： Mariya GEORGIEVA ,  Aline GOUGET

IPC: H04L9/32 ,  H04L9/00 ,  H04L9/30 ,  H04L9/08

Abstract: The present invention relates to a method of generating a secure RSA key by a server comprising the steps of: •generating (S1) a private RSA key d and a RSA modulus integer N; •splitting (S2) the secret key integer d in j key shares dJ of length n, with j in [1, J], J being an integer, and such that d=d1+d2+ . . . +dJ mod phi(N), with each key share dj being equal to (dj(0) . . . dj(i) . . . dj(n/b−1)) with each key share component dj(i) in {0 . . . 2{circumflex over ( )}b−1} and i in [0, n/b−1], b being an integer inferior to n and phi the Euler's totient function; •encrypting (S3) with a fully homomorphic encryption (FHE) algorithm each key share component dj(i) of the private RSA key d by using a Fully Homomorphic Encryption secret key ps of a set Ss comprising the index couple (i,j), to generate an encrypted key share component edj(i) of said secure RSA key, said set Ss being a set of integer couples, among a predetermined integer number u of disjoint sets {S1, S2 Ss, Ss+1, . . . Su} generated such that: U{Ss}={(i,j) such that i in [0, n/b−1], j in [1, J]} and each said set among {S1, . . . Su} being associated with a Fully Homomorphic Encryption (FHE) secret key.

公开(公告)号：US10581836B2

公开(公告)日：2020-03-03

申请号：US15108600

申请日：2014-12-19

Applicant: GEMALTO SA

Inventor： Abdellah El Marouani ,  Christophe Franchi

IPC: H04L29/08 ,  H04L29/06 ,  G06F21/57 ,  H04W12/06

Abstract: To a method for accessing a service, at least one first user device executes a first application that communicates with a second user device application. The first user device sends to a remote server data relating to the first application execution, as a first user device report. The data relating to the first application execution includes information relating to either an incoming event or an outgoing event and at least one attribute relating to the first application execution. The remote server determines, based upon at least the first user device report, a trust level relating to the first user device. A third user device sends to the remote server a request for getting a trust level relating to the first user device. The remote server sends to the third user device, as a request response, the trust level relating to the first user device.

公开(公告)号：US20200036534A1

公开(公告)日：2020-01-30

申请号：US16469301

申请日：2017-12-12

Applicant: GEMALTO SA

Inventor： Alsasian ATMOPAWIRO ,  Thi Tra Giang DANG

IPC: H04L9/32 ,  H04L9/30 ,  H04L9/12

Abstract: The present invention relates to a method of secure generation by a client device and a server device of an RSA signature of a message to be signed with a private exponent component d of an RSA key (p, q, N, d, e), wherein said client device stores a client device private exponent component dA, a client value, and a client dynamic offset, and said server device stores a server device private exponent component dB, where dB=d−dA modulo phi(N), a server value, a server dynamic offset and a failure counter, comprising: a. receiving from the client device a client part of said RSA signature (HS1) of said message to be signed, after incrementing its client value (pvA) by a first predetermined step E, from the client device private exponent component and from an updated client dynamic offset function of said client dynamic offset and of said client value, b. setting said failure counter to a first default value, c. incrementing said server value (pvB) by a second predetermined step (E′), d. generating a server part of said RSA signature (HS2) of said message to be signed, from the server device private exponent component and from an updated server dynamic offset function of said server dynamic offset and of said server value, e. generating said RSA signature by combining said client part of said RSA signature (HS1) and said server part of said RSA signature (HS2), f. checking if the generation of the RSA signature was a failure and when it was a failure, incrementing said failure counter and g\ iteratively repeating above steps c\ to f\, until said RSA signature is successfully generated or said failure counter reaches a first predetermined threshold S.

公开(公告)号：US10509433B2

公开(公告)日：2019-12-17

申请号：US15762894

申请日：2016-09-23

Applicant: Gemalto SA

Inventor： Philippe Loubet Moundi ,  Jean-Roch Coulon ,  Jorge Ernesto Perez Chamorro

IPC: G06F1/06 ,  G06F7/58 ,  H03K3/84 ,  G06F1/08 ,  G06F21/72

Abstract: The invention relates to a random clock generator comprising an input receiving a master clock signal MCIk, and a clock signal reduction circuit (101) receiving the master clock signal MCIk and a whole number N and supplying an output signal corresponding to a train of N pulses every M clock pulse, M being a whole number higher than 1 and N being a whole number higher than 1 and lower than or equal to M. A number generator (102) and (103) supplies a new number (N) to the clock signal reduction circuit every P pulse of a master clock signal, N and/or P being produced randomly.

公开(公告)号：US20190313258A1

公开(公告)日：2019-10-10

申请号：US16338595

申请日：2017-10-02

Applicant: GEMALTO SA

Inventor： Frédéric DAO ,  Frédéric CLEMENT-GONZALES ,  David HALLE ,  Jérôme DUPREZ ,  David HUGUENIN ,  Sébastien SCHMITT ,  Christine NERSESSIAN ,  Philippe ALLOUCHE ,  Thomas DANDELOT

IPC: H04W12/08 ,  H04W8/20 ,  H04L29/08 ,  H04L29/06

Abstract: The invention relates to a method for sending data to at least one device. According to the invention, a data sending control server sends to at least one data storage server at least one predetermined rule or a first request for sending data to at least one data processing server. The data storage server sends, based upon the at least one predetermined rule or the first request for sending data, data to the data processing server. The data sending control server sends to the data processing server a second request for sending to the device the data received or to be received by the data processing server. The data processing server sends, based upon the second request for sending the data, the received data to the at least one device.