The invention relates to an electronic transaction method for a system comprising a user-associated payment device 3 or 4 and a payment terminal 1. The payment device 3 or 4 and the payment terminal 1 perform a cryptographic key exchange 500 before performing a transaction step 501. The payment device includes personal information PI about the user. The payment terminal includes a transaction policy including a condition relative to the personal information Pi. The method includes a verification step 510, 520, 530, prior to the transaction step 501, for securely verifying the condition of the transaction policy relative to the personal information using the cryptographic key.

An apparatus for sorting and ordering data based on filtering parameters comprises a memory operable to store a digital folder and a processor operably coupled to the memory. The processor is configured to receive a transmission comprising verification of an interaction session established between a first user and an entity and to receive file information corresponding to one or more files stored in the digital folder from an external exchange. The processor is further configured to generate a file vector comprising the one or more files of the digital folder that is sorted based on applying a selection factor to the received file information for each of the one or more files. The processor is further configured to send a transmission to a user device comprising the file vector and an indication to utilize a first file of the file vector during the interaction session.

Disclosed is a computer-implemented method for establishing a secure connection between two electronic computing devices which are located in a network environment, the two electronic computing devices being a first computing device offering the connection and a second computing device designated to accept the connection, the method comprising executing, by at least one processor of at least one computer, a connection-establishing application for exchanging an information packet between the first computing device and the second computing device comprising a secret usable for establishing the connection, and evaluating a response from the second computing device for establishing the secure connection.

An authentication and encryption protocol is provided that can be implemented within a single clock cycle of an integrated circuit chip while still providing unbreakable encryption. The protocol of the present invention is so small that it can co-exist on any integrated circuit chip with other functions, including a general purpose central processing unit, general processing unit, or application specific integrated circuits with other communication related functionality.

User identities, password, etc. represent the barrier between a user's confidential data and any other third party seeking to access this data. As multiple software applications, web applications, web services, etc. embody this confidential data it is a tradeoff between easy recollection of said identities, passwords, etc. and data security. However, malware by intercepting user credentials provides third parties access to even complex passwords, user credentials, security keys etc. even where these are changed/updated regularly. Within the prior art substantial work has gone into addressing malware. However, in many instances the user is at or very near the computer with a software application executing a transaction requiring credentials/authorisation with a portable electronic device or another device. Accordingly, it would be beneficial to provide users with an out-of-band communications channel for exchanging credentials and/or keys etc.

A method includes receiving, by an embedded universal integrated circuit card (eUICC), first information from a local profile assistant (LPA), where the first information includes a first certificate issuer (CI) public key identifier, and the first CI public key identifier is a CI public key identifier that the eUICC does not have. The method further includes sending, by the eUICC, second information to an OPS, where the second information includes the first CI public key identifier. The method further includes receiving, by the eUICC, a patch package from the OPS, where the patch package includes at least a first CI public key corresponding to the first CI public key identifier. The method further includes updating, by the eUICC, a CI public key of the eUICC by using the first CI public key.

An authentication method for a tag device includes exchanging authentication codes between the tag device and an authentication server to perform mutual authentication. A reader device acts as a communications bridge between the tag device and the authentication server. The reader device may observe mutual authentication between the tag device and the authentication server as an indicator that the tag device is authentic. A failure of mutual authentication indicates that the tag device is not authentic.

An interface server (e.g., Web Application Open Platform Interface (WOPI) server) is communicatively connected to an information management (IM) server and to an online application server which acts as a client of the interface server. When a user wishes to open, create, or edit a document in an online application hosted by the online application server, the interface server is called, instead of the IM server which manages the document at the backend of an enterprise computing network. The interface server is configured for obtaining a working copy of the document from the IM server and providing the working copy to the client. The client provides the working copy to the online application for display on the user device. When the work is done, the working copy is sync'd back through the interface server to the IM server as a new draft and deleted by the interface server.

The invention relates to a method for managing exchanges of data between: —a probe (1) comprising a memory containing a probe digital certificate including a probe public key, —a terminal (2) comprising a memory containing a terminal digital certificate including a terminal public key, —a remote platform (3) configured to: .sup.∘deliver the probe digital certificate to the probe and .sup.∘deliver the terminal digital certificate to the terminal, characterised in that the method comprises the implementation of an authentication procedure consisting of the following steps:—a first step in which the probe verifies the identity of the terminal from the terminal digital certificate; —a second step in which the terminal verifies the identity of the probe from the probe digital certificate, and—a third step in which the probe, the terminal and the platform each generate an identical session key from the probe and terminal public keys.

A server establishes a secure session with a client device where a private key used in the handshake is stored in a different server. An encrypted connection is established between the first server and the second server. A message is received from the client device that initiates a procedure to establish the secure session between the client device and the first server. As part of this procedure, the first server transmits over the encrypted connection a request to the second server to use the private key. The first server receives, over the encrypted connection, a response to the request that includes a result of the use of the private key. The first server uses the result during the procedure to establish the secure session.