• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    The invention relates to a secure terminal (1) comprising: - a display system (5) comprising a screen (2) and a graphic component (6) for executing commands for displaying visual data on said screen ( 2); - a central processing unit (8) for executing executable program instructions and sending display commands to the display system (5); and - a communication device (9-1) connecting the central processing unit (8) to the display system (5), as well as a method for securing secure data. The invention is characterized in that the terminal further comprises: - a security processor (10) for an interpretation and / or processing of commands for secure display of secure visual data on said screen (2); - a communication device (9-2) connecting said security processor (10) to said display system (5); and - a visual recognition means (11), by a user of the terminal (1), of a secure display mode of the secured visual data, this visual recognition means (11) being displayed on the screen (2) when the secured visual data, whose display is controlled by the security processor (10), is displayed. The invention applies in particular to the security of smart phones or tablets.
    公开号:FR3026207A1
    申请号:FR1402124
    申请日:2014-09-22
    公开日:2016-03-25
    发明作者:Dominique Bolignano
    申请人:Prove & Run;
    IPC主号:
    专利说明:

    [0001] FIELD OF THE INVENTION The present invention relates to a secure terminal comprising: a screen for displaying visual data; a display subsystem for controlling the display of visual data on said screen; a central processing unit for executing executable program instructions and sending display commands to the display subsystem; and a communication device connecting the central processing unit to the display subsystem. It also relates to a method of securing the display of such a terminal.
    [0002] PRIOR ART In the field of computer security, we distinguish the so-called trustworthy codes from those who are not trustworthy.
    [0003] A code is said to be trustworthy when the user / developer is confident that the executed code adheres to a security policy or specification that generally constrains / limits allowed behaviors. For example, the so-called trustworthy code is verified by formal methods to ensure that its operation complies with the specifications.
    [0004] A code is not trustworthy in other cases. He may behave in a manner inconsistent with what he is supposed to do or what is expected. This can happen either because the code is poorly written or written by actors who can not be trusted, either because it is corrupt, or even poorly configured. But this can also be the case if one lacks information about the code itself, or the way in which it was developed. In a security context, in the presence of untrustworthy code, it is generally assumed a pessimistic attitude assuming that the code in question can use all the means at its disposal to do the worst. In the same way, a communication channel is said to be safe if it is physically secure, or if it is virtually secure. The communication channel is physically secure if it is secured by a physical check. It is a concept similar to that of a code of confidence considering that the channel is a computer function. And a communication channel is virtually secure if it uses a cryptographic protocol that brings certain security elements. For example, a VPN (Virtual Private Network) is a virtually secure channel.
    [0005] Modern terminals are generally open. They can load applications and data of various origins and not trust. This can lead to attacks, including software attacks, likely to corrupt the operating system of the terminal by exploiting such vulnerabilities in this system, including implementation errors, design, configuration, or manipulation.
    [0006] However, it is useful to be able to trust the terminals at least at particular times, for example, during financial transaction phases, signing, or when entering confidential data. In particular, it is important that the user of a terminal is certain that what he "signs is identical to what he sees" on the screen of his terminal. For example, when entering a secret, such as a PIN (Personal Identification Number Personal Identification Number), the user must be certain that he / she is entering his / her code in a trustworthy setting and that the confidentiality of this code is well guaranteed. In another example, when the user approves a financial transaction displayed on the screen of his terminal, he must be certain that the amount that is displayed is the actual amount for which he agrees. Practically, when a user wants to consult his bank account on the Internet using his smartphone ("smartphone" in English), he runs a banking application and dialog with this application using a screen and a generally virtual keyboard. At first, the banking application identifies the user by asking the user to enter his customer number. The user then enters his customer number using the keypad. In a second step, the banking application authenticates the client user by asking the latter to enter his secret access code using the keyboard. If the identification and authentication are validated by the banking application, then it displays the state of the client user account on the screen.35 Such man / machine interactions are subject to many malicious attacks . For example, some of these attacks consist of retrieving the identifier and the secret access code of the client user so that the hacker can consult at leisure the accounts of the client user to include making illegal transfers. An attack technique is to take control of the output devices of the interface and, in particular, to take control of the display of the screen, for example, by taking control of the central processing unit of the interface. terminal, and emulate or simulate the banking application. The client user, who then believes that he is dealing with the real banking application, provides his credentials and access codes to the malicious application. These identifiers and codes are recovered for fraudulent use.
    [0007] In view of the above, a problem to be solved by the invention is to provide a terminal that guarantees certain security properties during certain interaction phases without having to trust the processor, its operating system and to its applications. SUMMARY OF THE INVENTION The solution of the invention to this problem has as its first object a secure terminal comprising: a screen for displaying visual data; a display subsystem for controlling the display of visual data on said screen; a central processing unit for executing executable program instructions and sending display commands to the display subsystem; a communication device connecting the central processing unit to the display subsystem; characterized in that it further comprises: - a security processor for interpretation and / or processing of security commands for secure display of secure visual data on said screen; and means for recognizing, by a user of the terminal, a secure display mode of the secured visual data when said secure visual data, the display of which is controlled by the security processor, is displayed. Advantageously, the security processor filters commands to be processed by the display system, and / or interprets and / or processes the security commands and controls the display of secure visual data in the mode of operation. secure display of secure visual data; the security commands sent to the security processor are signed commands, which guarantee the integrity and / or authentication of the secured data displayed; security commands sent to the security processor are encrypted or scrambled commands that guarantee the confidentiality of the secured data displayed; the security processor manages several security domains, as well as the corresponding visual recognition means; the display subsystem has at least one main frame buffer and the security processor has a security frame buffer; and the terminal is a smart phone or tablet.
    [0008] The second object of the invention is a method of securing the display of visual data by means of a terminal as defined above, characterized in that it comprises the following steps according to which: a central processing unit processes executable program instructions and sends display commands to the display subsystem by the communication device connecting the central processing unit to the display subsystem; the display commands sent to the display subsystem by the central processing unit are filtered and / or processed by the security processor; the security processor controls a secure display of the secured data; and the security processor controls the means for recognizing the secure display mode of the secured visual data.
    [0009] Advantageously, the security commands are signed, guaranteeing the integrity and / or authentication of the secured data displayed; security commands are scrambled or encrypted, ensuring the confidentiality of the data displayed; the security processor manages several security domains, as well as the corresponding visual recognition means; the recognition means is a means of visual recognition displayed on the screen; and the display subsystem comprises at least one main frame buffer and in that the security processor comprises a security frame buffer and in that the security processor is the only one to write in the frame buffer The invention makes it possible to trust only the display system when it displays, in a secure mode, and to the secure application located for example on a server or on a secure component, for example a card smart, or even a secure zone of the processor, for example a zone of the type of the area called TrustZonerrn Company ARMTm, which prepares information to display or enter securely. The other components of the terminal can play a functional role.
    [0010] D_ is for example relay the messages, but without that we need to trust them. BRIEF DESCRIPTION OF THE FIGURES The invention will be better understood on reading the nonlimiting description which follows, written with reference to the appended drawings, in which: FIG. 1 schematically represents a terminal according to the invention, provided with a screen and displaying the secure display mode of secure data; FIG. 2 schematically represents the hardware means implemented in the secure terminal of the invention for securing the display; and FIG. 3 is a diagram which illustrates the various steps of the security method according to the invention. DETAILED DESCRIPTION OF THE INVENTION The present invention relates to a terminal. Such a terminal is shown in Figure 1. In this figure, it is referenced 1. It is advantageously a portable terminal, including a smart mobile phone or tablet. The terminal 1 is equipped with a screen 2. On this screen 2, there is shown, in FIG. 1 above, a secure display area comprising a secure entry area for the data, as well as a virtual keyboard 3 This virtual keyboard 3 is for example a keypad with keys randomly positioned. A button 4 allows for example the output of the secure data display mode. As shown in FIG. 2, the secure terminal 1 according to the invention comprises a display subsystem 5. The display subsystem 5 comprises one or more components. It controls the screen 2. For this purpose, it retrieves the constituent information of the images contained for example in a memory zone of a frame buffer ("frame buffer" in English), converts this information and controls the display. on-screen images 2. For display, the display subsystem 5 executes display commands that are transmitted to it. In the present description, in the case where the terminal 1 comprises a frame buffer, it is considered that the terminal 1 comprises at least one so-called main frame buffer and, optionally, at least one so-called security frame buffer. The main frame buffer is considered to be part of the display subsystem 5. According to the invention, the display subsystem 5 is supplemented by a security processor 10 to form, with the screen 2, 6. With this secure processor 10, the secure display system 6 is able to manage several display modes, at least one of these modes being a secure display mode. When the secure display system 6 receives a security command, for example a command comprising a security parameter, this command is analyzed and processed by the security processor 10 and potentially used to control the display subsystem 5, or to update the data with security processor 10. Otherwise, this command is transmitted directly to the display subsystem 5 which interprets this command, composes visual data, in particular image data, and displays these visual data on the screen 2 according to the command sent to it. The display commands received by the display subsystem 5 are therefore likely to come from the security processor 10 or the central processing unit 8. The terminal furthermore comprises at least one memory 7. This memory 7 is for example a Flash memory. Applications and data are stored in the memory 7. These can be applications requiring a high level of security, such as banking applications, which allow a user to access his online accounts and operate financial transactions. These may be malicious applications or those with corrupted code, which endanger the security of the terminal 1 and the secrets entered or displayed on the screen 2.
    [0011] The central processing unit 8, or CPU (for "Central Processing Unit", in English language), is the central component of the terminal, which executes the instructions of the executable software programs which are contained in a memory of the terminal 1 or which it are transmitted by peripherals, for example by the keyboard 3. It executes these instructions and sends display commands to the secure display system 11, in particular, the display subsystem 5 when it can be accessed directly.
    [0012] The terminal 1 also comprises a communication device 9 which connects the central processing unit 8 to the secure display system 11. This communication device 9 is conventionally a bus system, which drives the display commands to the sub-station. display system 5 directly or indirectly. The terminal 1 further comprises, according to the invention, the security processor 10. This security processor 10 is a hardware component. It can be physically independent of the other components of the terminal 1, that is to say form an independent physical entity and can be distinguished from other components. It may also not be physically independent of other terminal components. For example, it may be physically independent of the central processing unit 8 or at least partly linked or incorporated in this unit. In the case where it is at least partly linked to the unit 8, it is a security coprocessor of this unit. In certain embodiments of the invention, it is integrated in the display subsystem 5, that is to say to one of its components, in a way that no longer makes it possible to distinguish the two and / or that eliminates the need for an additional communication device between the processor 10 and the display subsystem 5. Alternatively, the security processor 10 may be placed on the communication channel between the display subsystem 5 and the central processing unit 8 provided it provides the means to at least partially control the display subsystem 5, for example, giving it direct and exclusive access to certain commands of the sub-system of display 5.
    [0013] This security processor 10 performs different functions. It filters at least some display commands transmitted by the central processing unit 8 to the display subsystem 5. The filtered commands include display commands, which result from the execution of trusted applications and requiring a high degree of security, and which are transmitted by the control unit 8 to the display subsystem 5. The security processor 10 interprets the display commands and, in particular, the aforementioned commands, which we call security commands, executes them in a secure setting, and manages in particular the secure display mode. It performs security checks and controls alone, without the intervention of the central processing unit 8, the display subsystem 5 when it triggers a so-called secure display mode. For this purpose, it maintains a state comprising a representation of the secure visual data to be displayed and information as to whether these secured visual data should be displayed or not. The security processor 10 is advantageously associated with one or more encryption key, in particular a private key and / or a public key, which enable it to authenticate or verify the integrity of the security commands it receives. The security commands are, in one example, identical to the conventional display commands which are transmitted by the central processing unit 8 to the display system 5, but also comprise security parameters such as a digital signature, for example in the terminal part of the order. These include, but are not limited to, data description commands, including Reset (Reset) command, display and end-of-display commands. The security processor 10 has the means of verifying the authenticity and / or the signature of the commands it receives. The terminal 1 comprises a communication device 12, which connects the security processor 10 to the display subsystem 5. This communication device 12 is conventionally a bus system, which drives the secure display commands to the sub-system. display system 5. The communication device 12 and the communication device 9 can form the same bus system. The communication device 12 may however be a device dedicated solely to the transmission of secure display commands to the display subsystem 5. It may not exist in the case where the two components or subsystems 5 and 10 are integrated in the same component. Some of the functionality of the security processor 10 may also be integrated with the display subsystem 5 while leaving another portion in a separate component or subsystem. For example, the display subsystem 5 may be provided with a particular input 25 accessible only by the security processor 10, for example, by a direct physical connection, and which makes it possible to block certain commands sent to the subsystem This allows the security processor 10 to filter the commands sent to the display subsystem 5 without having to relay itself the unmodified commands, for example the non-secure display commands, which which could be penalizing from a performance point of view.
    [0014] The terminal 1 finally comprises a means of recognition, for example visual, by a user of said terminal, the secure display mode of secure visual data. This visual recognition means is in particular a mark visible on the screen 2 indicative of the secure display mode. However, it may be another means of recognition, for example, a colored light displayed on the telephone by means of a light-emitting diode (LED - Light Emissive Diode). even a characteristic vibration of the phone. In FIG. 1, this recognition means is referenced 11. It is the words "SECURE DISPLAY / secret 4567" with 4567 representing a secret which is known only to the user and the security processor 10, but not the components that are not trustworthy, for example, the CPU and its applications. This allows the user to unambiguously recognize the window as a security display, since unconfirmed applications or components are unable to provide such a window. Indeed, only the security processor 10 has the capacity. This therefore constitutes a visual recognition means 11 which is displayed on the screen 2 when the secured visual data, under the control of the security processor 10, are displayed. In the example of FIG. 1, the secure visual data 12 are formed by an entry frame of a personal code preceded by the words "ENTER PIN CODE". However, it will more typically be a random key pad (or "scrambled" keyboard in English - for scrambled) whose random layout will be known only by secure components.
    [0015] In many cases, the display subsystem 5 uses one or more memory areas. These include frames buffers ("frame buffers" in English). The frame buffers are memory areas in which are stored, pixel by pixel, the constituent information of the images to be displayed on the screen 2. They are likely to be in the memory 7, or to another physical location in the terminal 1, for example a physical location that is distinct from this memory 7. However, these frame buffer memory areas are considered here as part of the memory 7, but also of the display subsystem 5 as well as the communication means 9. between the two. There is thus cross-checking of the different notions. Some display commands thus consist for the central processing unit 8 to describe the screen to be displayed in the memory zone of the frame buffer provided for this purpose. This is the main frame buffer memory area, part of the display subsystem. One way to implement the invention is therefore to reserve a separate frame buffer memory area for security. This is then the security frame buffer considered to be part of the security processor 10. This particularly facilitates the task of this processor 10. In general, it may be that a display command from the CPU 8, unsecure, can potentially compromise the integrity or security of the secure display, risking changing the secure display. In this case, it is up to the security processor 10 to detect and react to this situation, for example, by exiting the secure display mode, or by blocking the faulty command. In the implementation example given above, in which a security frame buffer zone is used, this means, in particular, verifying that no one other than the security processor 10 writes to this zone, and that no one other than the security processor 10 and the display subsystem 5 reads in the area. In this case of implementation, it is still considered that the main frame buffer is part of the display subsystem, and that the security frame buffer is part of the security processor. Thus, updates to the main frame buffer will be considered as harmless display commands for security, while security frame buffer updates will only need to be done by the security processor. This buffer will be a kind of part of the internal state of this security processor. An attempt to update the security frame buffer by the central processing unit or any other component that the security processor 10 will typically be considered by an illegitimate security command to which the security processor 10 will have to react. The filtering job of the security processor 10 will typically be done by monitoring the bus which will serve here in particular means of communication between the main processor, the memory, the security processor, more generally the display subsystem. The bus will also serve as an internal communication means of the display subsystem, i.e. between the main frame buffer and the other components of the display subsystem 5. To secure the display of a terminal according to the invention, one proceeds according to the steps presented hereinafter with regard to various examples.
    [0016] In a first example, a user wishes to run an application in a secure environment, including a banking application. For this, it uses an application stored in the memory 7 of its portable telephone terminal, here a smart phone, in order to operate a financial transaction. This application, which is stored and / or runs on a component that is not trusted, is only present to perform non-critical operations for the security of the banking application. For example, it is necessary to order the launch of the corresponding banking application, which is executed on a secure bank server or on a local smart card, sending the transaction information to be validated, etc. For this purpose, the user clicks on an appropriate icon of the local application, apparent on the screen 2. The execution command of the application is taken into account by the central processing unit 8. For the execution of this application, the processing unit 8 controls for example a connection to a remote server connected to the terminal by a telecommunications network, for example of the GSM type. In the running of the application, the application and / or the remote server controls the display of a window for the entry by the user of a secret code for authenticating the user. or validate the transaction.
    [0017] The processing unit 8 transmits this display command to the display subsystem 5, for the display of a corresponding window on the screen 2. The security processor 10 filters this display command, and the interprets as a security command to be used for secure display. The processing unit 8 can in a more adapted version directly send this security command to the security processor 10 for it to process.
    [0018] To achieve this security display the security processor 10 takes control of the display system 5, which will lead for example the secure processor in the implementation example based on a secure frame buffer to build in this buffer. secure frame the random virtual keyboard whose characteristics have been sent by the server confidentially encrypted in one of the commands for the security processor, and that the main processor will simply transmit without understanding, and then ask the display subsystem to display the secure frame buffer once constituted. The central processing unit 8 no longer intervenes in the display. If the CPU attempts during the secure display to send an unsecured command that may corrupt or threaten the secure display, for example by attempting to overwrite or modifying the secure data displayed on the screen, if the kernel is running on the processor is corrupted, the security processor must intervene either for example to block the command, or to stop the secure display so as to ensure at all times the integrity and good identification of the security display, it is ie the display of the recognition means.
    [0019] The security processor 10 verifies that the security commands, as well as the contents of the security information that it displays, are correct and / or authentic. As soon as a secure display is ready, and an authentic display request is made via an appropriate security command requested by the server in the example considered, the security processor 10 triggers a display Secure secure data. In other words, it triggers the secure display mode for secure data. It sends a command or several commands for this purpose to the display system 5, for example the change of the register pointing to the frame buffer. The central processing unit 8 also does not intervene in this step of the process other than as a relay or for ancillary tasks which do not affect the security of the transaction and does not intervene either for the display in the following steps, as long as the secure mode is triggered.
    [0020] The characteristic screen of the secure display mode is displayed for example superimposed on the conventional screen, or in a window superimposed on it. The security processor 10 controls the display of visual recognition means 11. The control is received by the display system, in practice the display subsystem 5, which itself controls the display of the recognition means on screen 2. The recognition means 11 is displayed on the screen 2 and the user of the terminal unambiguously understands, by viewing this recognition means, that the secure display mode is triggered. The remote server requests for example the entry of a PIN Code by the user. This request is received by the security processor 10 which executes it by requesting the display subsystem 5, the display of the input window of the PIN Code, which it will for example present by constructing and managing a random keyboard. The central processing unit 8 still does not intervene for the display. The display subsystem 5 displays the window for entering the PIN code on screen 2. The user then enters his PIN code in the secure data entry window for secured data, for example using the keypad. random keys. Since the keyboard is random keys, the keyboard keys can be input by the central processing unit 8 without having to trust it because it will not know the correspondence between the keys. and their values. Only the security processor 10 and / or the application on the server will know them and will be able to translate the input sequence of the PIN code. Entering the code itself can be done in a trusted environment. The authentication of the user will be done without it being necessary to trust the central processing unit or the applications that it hosts.
    [0021] Once the authenticated user, an electronic transaction of financial nature can be engaged, in the secure display mode. Here too, the CPU 8 is not part of the trust space. The display is controlled only by the security processor 10 which cooperates with the display subsystem 5. All the security commands transmitted to the security processor 10 are for example verified, signed or encrypted.
    [0022] The authenticity and integrity of all the data displayed in the secure display mode is checked by the security processor 10. If the terminal 1 comprises an untrustworthy code, for example a malicious code, which operates a fault in the operating system of the terminal. Then, this flaw intervenes on the display commands transmitted by the central processing unit 8 to the display subsystem 5. This malicious code will no longer be able to intervene on the display in the secure mode of displaying the data. secure, because, effectively, the central processing unit 8 does not intervene or only for tasks that does not require any confidence and, if it tries for example to build false security commands, the security processor 10 will detect their invalidity. The system according to the invention is thus secured.
    [0023] For the output of the secure display mode, the user, for example, actuates the button 4. The display is then reset under the control of the security processor 10.
    权利要求:
    Claims (14)
    [0001]
    REVENDICATIONS1. Secure terminal (1) comprising: - a screen (2) for displaying visual data; a display subsystem (5) for controlling the display of visual data on said screen (2); - a central processing unit (8) for executing executable program instructions and sending display commands to the display subsystem (5); A communication device (9) connecting the central processing unit (8) to the display subsystem (5), characterized in that it further comprises: a security processor (10) for an interpretation and / or security command processing for secure display of secure visual data on said screen (2); and - means for recognizing (11), by a user of the terminal (1), a secure display mode of the secured visual data when said secure visual data, the display of which is controlled by the security processor ( 10), are displayed. 25
    [0002]
    Terminal (1) according to claim 1, characterized in that the security processor (10) filters commands to be processed by the display subsystem (5), and / or interprets and / or processes the security controls and controls the display of secure visual data in the secure display mode of secure visual data.
    [0003]
    Terminal (1) according to one of the preceding claims, characterized in that the security commands sent to the security processor (10) are signed commands, which guarantee the integrity and / or authentication of the secured data displayed. .
    [0004]
    4. Terminal (1) according to one of the preceding claims, characterized in that the security commands sent to the security processor (10) are encrypted or scrambled commands that guarantee the confidentiality of the secure data displayed.
    [0005]
    5. Terminal (1) according to one of the preceding claims in that the security processor (10) manages several security domains, as well as the corresponding visual recognition means.
    [0006]
    6. Terminal (1) according to one of the preceding claims, characterized in that the recognition means (11) is a visual recognition means displayed on the screen (2).
    [0007]
    7. Terminal (1) according to one of the preceding claims, characterized in that the display subsystem (5) comprises at least one main frame buffer and in that the security processor (10) comprises a security frame buffer.
    [0008]
    8. Terminal (1) according to one of the preceding claims, characterized in that it is a smartphone or tablet.
    [0009]
    9. A method of securing the display of visual data by means of a terminal (1) according to one of the preceding claims, characterized in that it comprises the following steps according to which: the central processing unit (8); ) processes the executable program instructions and sends display commands to the display subsystem (5) by the communication device (9) connecting the central processing unit (8) to the display subsystem (5); the display commands sent to the display subsystem (5) by the central processing unit (8) are filtered and / or processed by the security processor (10); the security processor (10) controls a secure display of the secured data; and the security processor (10) controls the recognition means (11) of the secure display mode of the secured visual data.
    [0010]
    10. Method according to claim 9, characterized in that the security commands are signed, guaranteeing the integrity and / or the authentication of the secured data displayed.
    [0011]
    11. Method according to one of claims 9 or 10, characterized in that the security commands are scrambled or encrypted, ensuring the confidentiality of the data displayed.
    [0012]
    12. Method according to one of claims 9 to 11, characterized in that the security processor (10) manages several security domains, as well as the corresponding visual recognition means.
    [0013]
    13. Method according to one of claims 9 to 12, characterized in that the recognition means (11) isa visual recognition means displayed on the screen (2).
    [0014]
    Method according to one of claims 9 to 13, characterized in that the display subsystem (5) comprises at least one main frame buffer and in that the security processor (10) comprises a buffer of security frame and in that the security processor is the only one to write in the security frame buffer.
    类似技术:
    公开号 | 公开日 | 专利标题
    FR3026207A1|2016-03-25|SECURE DISPLAY TERMINAL
    US20200404019A1|2020-12-24|Mutual authentication security system with detection and mitigation of active man-in-the-middle browser attacks, phishing, and malware and other security improvements
    EP3332372B1|2022-03-02|Apparatus and method for trusted execution environment based secure payment transactions
    US9887995B2|2018-02-06|Locking applications and devices using secure out-of-band channels
    US10788984B2|2020-09-29|Method, device, and system for displaying user interface
    US9898739B2|2018-02-20|System and method for ensuring safety of online transactions
    CA2819767C|2019-09-17|Methods and systems for improving the accuracy performance of authentication systems
    EP2567502A2|2013-03-13|Method for authenticating a user requesting a transaction with a service provider
    FR2885424A1|2006-11-10|DATA PROCESSING DEVICE, TELECOMMUNICATION TERMINAL AND DATA PROCESSING METHOD USING DATA PROCESSING DEVICE.
    EP2614458B1|2015-05-20|Method of authentification for access to a website
    EP2316088A2|2011-05-04|System and method for securing a user interface
    CN105814576A|2016-07-27|Automatic strong identity generation for cluster nodes
    US20130104220A1|2013-04-25|System and method for implementing a secure USB application device
    EP3577616A2|2019-12-11|Terminal for conducting electronic transactions
    Weigold et al.2008|Remote client authentication
    EP3022867A1|2016-05-25|Strong authentication method
    KR20210005841A|2021-01-15|Electronic device integrity check
    US8261328B2|2012-09-04|Trusted electronic communication through shared vulnerability
    EP2813962B1|2018-10-17|Method for controlling access to a specific service type and authentication device for controlling access to such a service type.
    EP3570518B1|2020-11-18|Authentication system and method using a limited-life disposable token
    US20200410093A1|2020-12-31|Authentication device
    FR2946822A1|2010-12-17|DEVICE AND METHOD FOR SECURE ACCESS TO A REMOTE SERVICE.
    EP3241137B1|2020-01-01|Method carried out in an identity document and corresponding identity document
    EP3195641B1|2019-11-20|Pairing method
    Mehroke2019|Attacks on the Android Platform
    同族专利:
    公开号 | 公开日
    WO2016046458A1|2016-03-31|
    EP3198517A1|2017-08-02|
    US11074372B2|2021-07-27|
    US20170293776A1|2017-10-12|
    FR3026207B1|2018-08-17|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    EP1788507A2|2005-11-16|2007-05-23|Ingenico SA|Electronic transaction terminal capable of operating in secure and non-secure mode, and method adapted to the device|
    WO2008106400A2|2007-02-27|2008-09-04|L3 Communications Corporation|Integrated secure and non-secure display for a handheld communications device|
    US20090254986A1|2008-04-08|2009-10-08|Peter William Harris|Method and apparatus for processing and displaying secure and non-secure data|
    DK190784D0|1984-04-12|1984-04-12|Pengeinst Koebe Kreditkort|METHOD AND APPARATUS FOR DATA TRANSMISSION|
    AU617006B2|1988-09-29|1991-11-14|Canon Kabushiki Kaisha|Data processing system and apparatus|
    US6022274A|1995-11-22|2000-02-08|Nintendo Co., Ltd.|Video game system using memory module|
    US5970146A|1996-05-14|1999-10-19|Dresser Industries, Inc.|Data encrypted touchscreen|
    US6092202A|1998-05-22|2000-07-18|NAble Technologies, Inc.|Method and system for secure transactions in a computer system|
    EP1056014A1|1999-05-28|2000-11-29|Hewlett-Packard Company|System for providing a trustworthy user interface|
    GB9922665D0|1999-09-25|1999-11-24|Hewlett Packard Co|A method of enforcing trusted functionality in a full function platform|
    US6630928B1|1999-10-01|2003-10-07|Hewlett-Packard Development Company, L.P.|Method and apparatus for touch screen data entry|
    US6549194B1|1999-10-01|2003-04-15|Hewlett-Packard Development Company, L.P.|Method for secure pin entry on touch screen display|
    FR2815204B1|2000-10-10|2003-01-10|Gemplus Card Int|PROTECTION AGAINST FRAUD IN A NETWORK BY CHOOSING AN ICON|
    US7047223B2|2001-06-29|2006-05-16|Hewlett-Packard Development Company, L.P.|Clear text transmission security method|
    EP1288891A1|2001-08-27|2003-03-05|Hewlett-Packard Company|Process and apparatus for displaying data in a specific area of the display in a computer or in an interactive terminal under control of the LAN card and independently on the operating system|
    US7209557B2|2001-10-18|2007-04-24|Lenovo Singapore Pte, Ltd|Apparatus and method for computer screen security|
    US6931151B2|2001-11-21|2005-08-16|Intel Corporation|Method and apparatus for modifying graphics content prior to display for color blind use|
    GB0212308D0|2002-05-28|2002-07-10|Symbian Ltd|Trusted user interface for a secure mobile wireless device|
    US7474312B1|2002-11-25|2009-01-06|Nvidia Corporation|Memory redirect primitive for a secure graphics processing unit|
    FR2849327A1|2002-12-20|2004-06-25|St Microelectronics Sa|Audio and video data decoding process for set-top box, involves loading portions of flow of audio and video data in buffer memories, and supplying audio and video data to audio decoder and video decoder respectively for decoding data|
    US8122361B2|2003-10-23|2012-02-21|Microsoft Corporation|Providing a graphical user interface in a system with a high-assurance execution environment|
    US7330191B2|2005-01-19|2008-02-12|Seiko Epson Corporation|System for secure text display|
    US20060184785A1|2005-02-16|2006-08-17|David Carroll Challener|Apparatus, system, and method for securing I/O communications between a blade and a peripheral interface device of a blade-based computer system|
    US8046837B2|2005-08-26|2011-10-25|Sony Corporation|Information processing device, information recording medium, information processing method, and computer program|
    FR2893436B1|2005-11-15|2008-02-15|Oberthur Card Syst Sa|SECURING BETWEEN ELECTRONIC COMPONENTS OF A PORTABLE SECURE ELECTRONIC ENTITY|
    JP2007235471A|2006-02-28|2007-09-13|Brother Ind Ltd|System and method for distributing contents, terminal device and program therefor|
    JP5130421B2|2006-06-18|2013-01-30|雅英 田中|Digital camera with communication function|
    US8245307B1|2006-12-18|2012-08-14|Nvidia Corporation|Providing secure access to a secret|
    US7750923B2|2007-04-05|2010-07-06|Microsoft Corporation|Implementing limited function mode in a display device|
    KR100909891B1|2007-10-02|2009-07-31|소프트캠프|Encode processing method of the Keyboard input data for security in kernel|
    US8373708B2|2008-07-30|2013-02-12|Nvidia Corporation|Video processing system, method, and computer program product for encrypting communications between a plurality of graphics processors|
    WO2010105260A1|2009-03-13|2010-09-16|Assa Abloy Ab|Transfer device for sensitive material such as a cryptographic key|
    US8176324B1|2009-07-02|2012-05-08|Exelis Inc.|Method and system for a secure virtual keyboard|
    US8814681B2|2010-02-10|2014-08-26|Leap Forward Gaming, Inc.|Candle device for generating display interfaces on the main display of a gaming machine|
    US8605044B2|2010-02-12|2013-12-10|Maxim Integrated Products, Inc.|Trusted display based on display device emulation|
    US9177162B2|2010-06-15|2015-11-03|Thomson Licensing|Method and device for secured entry of personal data|
    AU2011202837B2|2010-12-21|2013-08-22|Lg Electronics Inc.|Mobile terminal and method of controlling a mode switching therein|
    US9178981B2|2010-12-22|2015-11-03|Lg Electronics Inc.|Mobile terminal and method of sharing information therein|
    FR2971599B1|2011-02-11|2013-03-15|Jean Luc Leleu|SECURE TRANSACTION METHOD FROM UNSECURED TERMINAL|
    US8555047B2|2011-03-16|2013-10-08|Rammohan Malasani|Wi-Fi router with integrated touch-screen and enhanced security features|
    US8904473B2|2011-04-11|2014-12-02|NSS Lab Works LLC|Secure display system for prevention of information copying from any display screen system|
    US20140053262A1|2011-09-30|2014-02-20|Nitin V. Sarangdhar|Secure Display for Secure Transactions|
    US10102401B2|2011-10-20|2018-10-16|Gilbarco Inc.|Fuel dispenser user interface system architecture|
    US9037869B2|2011-11-02|2015-05-19|Intel Corporation|Delivering data from a secure execution environment to a display controller|
    WO2013153437A1|2012-04-13|2013-10-17|Ologn Technologies Ag|Apparatuses, methods and systems for computer-based secure transactions|
    US9165128B1|2012-05-10|2015-10-20|Isaac S. Daniel|System and method of securing content from public display on a mobile communication device|
    US9723000B1|2013-05-09|2017-08-01|Isaac S. Daniel|System and method of securing content|
    CN102932146B|2012-10-08|2015-06-17|天地融科技股份有限公司|Electronic signature tool and system|
    GB2508015A|2012-11-19|2014-05-21|Mastercard International Inc|Method and apparatus for secure card transactions|
    US10108796B2|2012-12-12|2018-10-23|BBPOS Limited|System and method for PIN entry on mobile devices|
    KR102013940B1|2012-12-24|2019-10-21|삼성전자주식회사|Method for managing security for applications and an electronic device thereof|
    EP2775421B1|2013-03-05|2019-07-03|Wincor Nixdorf International GmbH|Trusted terminal platform|
    US9245129B2|2013-03-15|2016-01-26|Nvidia Corporation|System and method for protecting data by returning a protect signal with the data|
    US20140279561A1|2013-03-15|2014-09-18|Gilbarco, Inc.|Alphanumeric keypad for fuel dispenser system architecture|
    FR3006074B1|2013-05-21|2016-10-14|Cie Ind Et Financiere D'ingenierie Ingenico|METHOD FOR GENERATING AT LEAST ONE PART OF A VIRTUAL KEYBOARD, ELECTRONIC TERMINAL AND CORRESPONDING COMPUTER PROGRAM PRODUCT|
    US20140366127A1|2013-06-06|2014-12-11|International Business Machines Corporation|Touchscreen security user input interface|
    US9507961B2|2013-07-01|2016-11-29|Qualcomm Incorporated|System and method for providing secure access control to a graphics processing unit|
    KR102021058B1|2013-10-30|2019-09-11|삼성전자주식회사|Method for controlling security system and an electronic device thereof|
    WO2015065411A1|2013-10-31|2015-05-07|Intel Corporation|Enhanced security display technology|
    JP2015171105A|2014-03-10|2015-09-28|パナソニックIpマネジメント株式会社|Settlement terminal|
    FR3020167B1|2014-04-18|2020-11-20|Compagnie Ind Et Financiere Dingenierie Ingenico|DEVICE FOR PROCESSING DATA FROM CONTACTLESS MEMORY CARD, METHOD AND CORRESPONDING COMPUTER PROGRAM|GB201212878D0|2012-07-20|2012-09-05|Pike Justin|Authentication method and system|
    GB201520741D0|2015-05-27|2016-01-06|Mypinpad Ltd And Licentia Group Ltd|Authentication methods and systems|
    KR20180099811A|2015-12-28|2018-09-05|모비웨이브 인코포레이티드|System and method for authenticating a user on a device|
    CN107682538A|2017-09-27|2018-02-09|北京小米移动软件有限公司|The display methods and device of application interface|
    US10936189B2|2017-10-24|2021-03-02|BBPOS Limited|System and method for a keypad on a touch screen device|
    US10142289B1|2018-03-27|2018-11-27|Owl Cyber Defense Solutions, Llc|Secure interface for a mobile communications device|
    US10990737B2|2019-04-23|2021-04-27|Owl Cyber Defense Solutions, Llc|Secure one-way network gateway|
    EP3742373A1|2019-05-23|2020-11-25|Worldline|Secured payment on devices enabled to browse the web|
    法律状态:
    2015-09-30| PLFP| Fee payment|Year of fee payment: 2 |
    2016-03-25| PLSC| Publication of the preliminary search report|Effective date: 20160325 |
    2016-09-28| PLFP| Fee payment|Year of fee payment: 3 |
    2017-09-29| PLFP| Fee payment|Year of fee payment: 4 |
    2018-09-28| PLFP| Fee payment|Year of fee payment: 5 |
    2019-09-30| PLFP| Fee payment|Year of fee payment: 6 |
    2020-09-30| PLFP| Fee payment|Year of fee payment: 7 |
    2021-09-30| PLFP| Fee payment|Year of fee payment: 8 |
    优先权:
    申请号 | 申请日 | 专利标题
    FR1402124|2014-09-22|
    FR1402124A|FR3026207B1|2014-09-22|2014-09-22|SECURE DISPLAY TERMINAL|FR1402124A| FR3026207B1|2014-09-22|2014-09-22|SECURE DISPLAY TERMINAL|
    PCT/FR2015/000187| WO2016046458A1|2014-09-22|2015-09-22|Smartphone or tablet having a secure display|
    US15/511,768| US11074372B2|2014-09-22|2015-09-22|Smartphone or tablet having a secure display|
    EP15785156.9A| EP3198517A1|2014-09-22|2015-09-22|Smartphone or tablet having a secure display|
    [返回顶部]