METHOD AND A DEVICE FOR MAKING A COMPUTER APPLICATION SECURE

US 20150007339A1
Filed: 12/18/2012
Published: 01/01/2015
Est. Priority Date: 12/20/2011
Status: Active Grant

First Claim

Patent Images

1. A security method for making secure a computer application being executed on a terminal, the method comprising:

obtaining information to the effect that said application is about to invite a user of the terminal to input data;

accessing a binary file representative of a secret image known to the user of the terminal, the binary file being stored in a secure element of the terminal;

constituting a complex image in said secure element, the complex image being obtained from said secret image and from dynamic data that is inaccessible to said terminal; and

displaying said complex image on a screen of the terminal.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a security method for making secure a computer application being executed on a terminal is disclosed. In one embodiment the security method comprises obtaining information to the effect that the application is about to invite a user of the terminal to input data, accessing a binary file representative of a secret image known to the user of the terminal, the binary file being stored in a secure element of the terminal, constituting a complex image in the secure element, the complex image being obtained from the secret image and from dynamic data that is inaccessible to said terminal, and displaying the complex image on a screen of the terminal.

Citations

16 Claims

1. A security method for making secure a computer application being executed on a terminal, the method comprising:
- obtaining information to the effect that said application is about to invite a user of the terminal to input data;
  
  accessing a binary file representative of a secret image known to the user of the terminal, the binary file being stored in a secure element of the terminal;
  
  constituting a complex image in said secure element, the complex image being obtained from said secret image and from dynamic data that is inaccessible to said terminal; and
  
  displaying said complex image on a screen of the terminal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A security method according to claim 1, wherein said display is carried out before said input is confirmed.
  - 3. A security method according to claim 1, wherein said invitation comprises displaying an application screen display including a zone for inputting said data, and wherein said display process comprises displaying an image obtained by combining, within said secure element, said application screen display with said complex image.
  - 4. A security method according to claim 1, further including a step of prompting the user to change said secret image.
  - 5. A security method according to claim 1, wherein said application is executed at least in part in said secure element.
  - 6. A security method according to claim 1, wherein said dynamic data is a parameter of said application.
  - 7. A security method according to claim 6, wherein said application is a contactless payment application and said dynamic data is the amount of a transaction.
  - 8. A computer program including instructions for executing the security method according to claim 1, when said program is executed by a processor.
  - 9. A computer program according to claim 8, further including instructions for executing at least a portion of said computer application when said program is executed by said processor.
  - 10. A non-transitory computer readable data medium having a computer program according to claim 8 stored therein.
  - 11. A non-transitory computer readable data medium according to claim 10, further including a first program according to claim 9, and a second program, independent of said first program, the second program including instructions for executing at least a portion of said computer application when said program is executed by a processor.

12. A security device for making secure a computer application being executed on a terminal, the method comprising:
- a component configured to obtain information to the effect that said application is about to invite a user of the terminal to input data;
  
  a component configured to access a binary file representative of a secret image known to the user of the terminal, the binary file being stored in a secure element of the terminal;
  
  a component configured to constitute a complex image in said secure element, the complex image being obtained from said secret image and from dynamic data that is inaccessible to said terminal; and
  
  a component configured to display said complex image on a screen of the terminal.
- View Dependent Claims (13, 14, 15, 16)
- - 13. A security element including a device according to claim 12.
  - 14. A security element according to claim 13, further including a secure domain specific to said computer application, said binary file being stored in the secure domain.
  - 15. A terminal including a device according to claim 12.
  - 16. A terminal according to claim 15, further including a component configured to prevent copying of the screen display of said terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Orange S.A.
Original Assignee
Orange S.A.
Inventors
Assadi, Houssem, Habermacher, Loc, Louet, Erwan

Granted Patent

US 9,530,014 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

G06F 21/44   Program or device authentic...

G06F 21/604   Tools and structures for ma...

G06F 2221/031   Protect user input by softw...

METHOD AND A DEVICE FOR MAKING A COMPUTER APPLICATION SECURE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND A DEVICE FOR MAKING A COMPUTER APPLICATION SECURE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links