The invention relates to an electronic transaction method for a system comprising a user-associated payment device 3 or 4 and a payment terminal 1. The payment device 3 or 4 and the payment terminal 1 perform a cryptographic key exchange 500 before performing a transaction step 501. The payment device includes personal information PI about the user. The payment terminal includes a transaction policy including a condition relative to the personal information Pi. The method includes a verification step 510, 520, 530, prior to the transaction step 501, for securely verifying the condition of the transaction policy relative to the personal information using the cryptographic key.

A secure element device that is configured to be cryptographically bound to a host device includes a secure element host key slot configured to store host key information that allows only the host device to control the secure element, a secure memory storing binding information, and limited functionality allowing the binding information to be read from the secure memory by the host device during a binding process. The binding information is cryptographically correlated with the host key information. The host key information is generated by the host device using the binding information read from the secure element and a secret key. The secure element device further includes general functionality only accessible to the host device using the host key information that is generated by the host device. The secure memory includes prevention measures impeding unauthorized entities from obtaining information from the secure memory.

The disclosed embodiments are related to securely updating a semiconductor device and in particular to a key management system. In one embodiment, a method is disclosed comprising storing a plurality of activation codes, each of the activation codes associated with a respective unique identifier (UID) of semiconductor device; receiving, over a network, a request to generate a new storage root key (SRK), the request including a response code and a requested UID; identifying a selected activation code from the plurality of activation codes based on the requested UID; generating the SHRSRK value using the response code and the selected activation code; associating the SHRSRK value with the requested UID and storing the SHRSRK value; and returning an acknowledgement in response to the request.

A communication network encrypts a first portion of a transaction associated with point-to-point communications using a point-to-point encryption key. A second portion of the transaction associated with end-to-end communications is encrypted using an end-to-end encryption key.

A method is provided for remotely and securely accessing a modem is provided that uses an encrypted authentication token with a modem password. The method includes receiving an encrypted authentication token from the modem, the authentication token having a modem password stored in secure memory and being encrypted according to a public key, transmitting the encrypted authentication token to an authentication server. receiving a decrypted authentication token from the authentication server, the decrypted authentication token comprising the modem password, generating an authentication key and a privacy key from the modem password, configuring modem interfaces at least in part using the authentication token, the modem interfaces including a network management protocol interface and communicating with the modem using the network management protocol interface according to at least one of the generated authentication key and the privacy key.

An example method includes receiving an encrypted biometric enrollment data and user identifier data. The encrypted biometric enrollment data includes at least one biometric enrollment sample from a user encrypted using an encryption key. The encryption key is generated based on a user secret and the user identifier is associated with the user. The user identifier is matched with a stored user secret. A decryption key is generated based on the stored user secret. The encrypted biometric enrollment data is decrypted using the decryption key. The at least one biometric enrollment sample is retrieved from the decrypted biometric enrollment data. The at least one biometric enrollment sample is processed using a biometric processing algorithm to generate a biometric reference template. A biometric reference template identifier uniquely identifying the biometric reference template is generated. An encryption key is generated based on the stored user secret and encrypts an enrollment confirmation message.

A trust network is formed in a communal media system connected to a streaming application and executed within the streaming application. Source location is received for multimedia content selected in the streaming application and transmitted to user devices participating in a communal session. During the communal session, offerings are presented to the user devices in the communal session and user data associated with user interactions with the offerings are obtained and analyzed. Information presented to the user devices in the communal session is optimized based on the user data. Delivery of the multimedia content and social media content generated on the user devices is synchronized. The multimedia content and the social media content are delivered to the user devices at the same time, without any noticeable lag time during receipt of the multimedia content and the social media content by the user devices.

The present disclosure generally relates to code verification. For example, aspects of the present disclosure include systems and techniques for determining whether two codes are a match. One example method generally includes generating, at a first device, first encrypted data at least in part by encrypting verification data using a public key; generating, at the first device, second encrypted data at least in part by encrypting a random factor using the public key; generating, at the first device, a key for the verification data; generating, at the first device, third encrypted data at least in part by encrypting the key using the public key; computing, at the first device, fourth encrypted data at least in part by applying homomorphic encryption function to the first encrypted data, the second encrypted data, and the third encrypted data; and sending, to a second device, the fourth encrypted data.

Technology for setting a first password based on a password precursor or setting a second password (in a multi-factor authentication system). The password precursor (for example, a number or alphanumeric string) can be converted to the first password by a set of operation(s). Similarly, the first password can be converted into a second password by a set of operations. The set of operations may include mathematical operations and/or alphanumeric string operations.