An alignment substrate that contains a test chip connected to contact pads, as well as alignment features, is positioned relative to a chip programming head. When the alignment substrate and the chip programming head are actuated toward one another so that the contact pins are near or in contact with the contact pads, the alignment features allow a user to visually verify that the contact pins are on the same alignment plane as the alignment substrate, and therefore on the same alignment plane as a card with a programmable chip to be programmed.
G06K 1/00 - Methods or arrangements for marking the record carrier in digital fashion
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
2.
ALIGNMENT SUBSTRATE FOR SMART CARD CHIP PROGRAMMER CONTACT PINS
An alignment substrate that contains a test chip connected to contact pads, as well as alignment features, is positioned relative to a chip programming head. When the alignment substrate and the chip programming head are actuated toward one another so that the contact pins are near or in contact with the contact pads, the alignment features allow a user to visually verify that the contact pins are on the same alignment plane as the alignment substrate, and therefore on the same alignment plane as a card with a programmable chip to be programmed.
G01B 11/27 - Measuring arrangements characterised by the use of optical techniques for measuring angles or tapersMeasuring arrangements characterised by the use of optical techniques for testing the alignment of axes for testing the alignment of axes
3.
DROP-ON-DEMAND PRINT HEAD MAINTENANCE IN A CARD PERSONALIZATION SYSTEM
A card (or passport) personalization system is described that includes a print mechanism with one or more DOD print heads. A maintenance routine, also referred to as a spitting routine, is described where one or more nozzles of the DOD print head is electrically actuated a plurality of times in rapid succession, each actuation emitting a small drop of ink. The small drops of ink join together in flight after being ejected to create one or more larger waste ink drops. The larger ink drop(s) has less tendency to aerosolize which reduces aerosol contamination of the nozzle plate and the nozzle.
A card (or passport) personalization system is described that includes a print mechanism with one or more DOD print heads. A maintenance routine, also referred to as a spitting routine, is described where one or more nozzles of the DOD print head is electrically actuated a plurality of times in rapid succession, each actuation emitting a small drop of ink. The small drops of ink join together in flight after being ejected to create one or more larger waste ink drops. The larger ink drop(s) has less tendency to aerosolize which reduces aerosol contamination of the nozzle plate and the nozzle.
Systems and methods for managing access to secure enterprise resources using identity verification services and verified authenticators are provided. In example aspects, users are required to perform identity verification before the user can register verified authenticators. In an example, an issued user card is used to verify the identity of the user. In further example aspects, enterprise resources may be associated with assurance levels defining the level of authentication required to access the enterprise resources. In an example, an enterprise resource may have an assurance level that requires multi-factor authentication with a verified authenticator to access the enterprise resource.
Techniques are described for maintaining a DOD print head in a print mechanism of a card or passport personalization system, where the DOD print head prints using ink that is difficult to handle and dispose of in an unaltered form of the ink. A maintenance ejection of waste ink is performed. The waste ink is then altered, for example by curing in the case of a radiation curable ink, while the waste ink is within the card or passport personalization system. This makes the waste ink easier to handle and dispose of.
A distributable secure transaction object is provided. In examples, the secure transaction object is generated on a server using identifying information of a user, such as biometric information or information associated with an identification document of the user (e.g., a passport). After generation, the secure transaction object is transmitted to a user device where it is stored. The secure transaction object can be used from the user device to authenticate the user in future transactions. Additionally, the secure transaction object is deleted from the server after it is transmitted to the user device.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
A distributable secure transaction object is provided. In examples, the secure transaction object is generated on a server using identifying information of a user, such as biometric information or information associated with an identification document of the user (e.g., a passport). After generation, the secure transaction object is transmitted to a user device where it is stored. The secure transaction object can be used from the user device to authenticate the user in future transactions. Additionally, the secure transaction object is deleted from the server after it is transmitted to the user device.
G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentialsReview and approval of payers, e.g. check of credit lines or negative lists
Systems and methods for managing access to secure enterprise resources using identity verification services and verified authenticators are provided. In example aspects, users are required to perform identity verification before the user can register verified authenticators. In an example, an issued user card is used to verify the identity of the user. In further example aspects, enterprise resources may be associated with assurance levels defining the level of authentication required to access the enterprise resources. In an example, an enterprise resource may have an assurance level that requires multi-factor authentication with a verified authenticator to access the enterprise resource.
Techniques are described for maintaining a DOD print head in a print mechanism of a card or passport personalization system, where the DOD print head prints using ink that is difficult to handle and dispose of in an unaltered form of the ink. A maintenance ejection of waste ink is performed. The waste ink is then altered, for example by curing in the case of a radiation curable ink, while the waste ink is within the card or passport personalization system. This makes the waste ink easier to handle and dispose of.
B41J 3/38 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for embossing, e.g. for making matrices for stereotypes
C09D 11/38 - Inkjet printing inks characterised by non-macromolecular additives other than solvents, pigments or dyes
A security feature on a personalized plastic identification document such as a personalized plastic card and a plastic page of passport. The security feature includes a lens structure with a plurality of lenses, where the lens structure is formed using a laser at a location on the personalized plastic identification document to facilitate viewing of a security feature underlying the lens structure.
Card processing mechanisms and methods whereby after a card has been processed on one surface thereof at a card processing station such as, but not limited to, a card printing mechanism, the card can be recirculated back upstream of the card processing station along a return card travel path that is separate from the primary card travel path through the card processing station where the card can then be reintroduced back into the primary card travel path and transported through the card processing station a second time. As the card is being returned along the return card travel path, the card can be flipped over so that when the card is transported back through the card processing station, the opposite surface of the card can be processed.
G06K 19/10 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code using markings of different kinds in the same record carrier, e.g. one marking being sensed by optical and the other by magnetic means at least one kind of marking being used for authentication, e.g. of credit or identity cards
B41J 3/60 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for printing on both faces of the printing material
B41J 13/12 - Sheet holders, retainers, or stationary guides specially adapted for cards, envelopes, or the like
G06K 13/07 - Transporting of cards between stations
G06K 13/077 - Transporting of cards between stations with intermittent movementBraking or stopping movement
13.
PAYMENT CARD DATA PREPARATION AND PERSONALIZATION PLATFORM
A payment card data preparation and personalization platform provides a card production environment that provides a production context in which card products and card configurations are able to be defined, for example using various guided user interfaces. Furthermore, the platform implements a data preparation engine and a personalization engine. User interfaces guide definition of payment card products, and aspects of data preparation and personalization are independently executable. A product wizard assists with guided definition of a payment card product to be used within the platform.
G06Q 20/34 - Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
14.
REMOTE PROGRAMMING OF UNIQUE AND SECURE SUPPLY TAGS
A method for providing remote programming of a supply tag of a print supply used with an authorized entity's card personalization system is provided. The method includes an issuance server authenticating remote programming of the supply tag, receiving first supply tag data of the print supply including a first digital signature, updating the first supply tag data to obtain second supply tag data, and issuing a second digital signature based on the second supply tag data. The second digital signature secures the second supply tag data.
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
15.
SYSTEMS AND METHODS FOR PRODUCTION ANALYTICS MONITORING AND MANAGEMENT OF A PRINTING DEVICE
A method of production analytics of a printing architecture that includes one or more printing devices is provided. The method includes an operator management device retrieving printing device output data, supplies data, HSM output data, and printer functionality component data. Also, the method includes the operator management device storing the printing device output data, the supplies data, the HSM output data and the printer functionality component data. The method also includes the operator management device combining the printing device output data, the supplies data, the HSM output data and the printer functionality component data to generate one or more graphs and models regarding an overall health of the printing architecture. The method further includes a fleet management GUI displaying the one or more graphs and models on a display.
A technique is described to enable software access to a card printer to control card printing. A consumable supply that is installed in the card printer is authenticated, for example locally by the card printer or remotely by a remote card printer controller. Once the consumable supply is authenticated, validation data that results from electronically reading data that is stored on the consumable supply is validated. If the validation data is validated, software access to the card printer to control card printing is enabled. The validation data may be validated locally within the card printer or remotely by the remote card printer controller. Authentication of the consumable supply can also automatically cause a temporary change of a default printer parameter to a second, temporary printer parameter, and when the card printer detects a consumable supply event the default printer parameter can be automatically restored.
A technique is described to enable software access to a card printer to control card printing. A consumable supply that is installed in the card printer is authenticated, for example locally by the card printer or remotely by a remote card printer controller. Once the consumable supply is authenticated, validation data that results from electronically reading data that is stored on the consumable supply is validated. If the validation data is validated, software access to the card printer to control card printing is enabled. The validation data may be validated locally within the card printer or remotely by the remote card printer controller. Authentication of the consumable supply can also automatically cause a temporary change of a default printer parameter to a second, temporary printer parameter, and when the card printer detects a consumable supply event the default printer parameter can be automatically restored.
B41J 3/407 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for marking on special material
18.
PAYMENT CARD DATA PREPARATION AND PERSONALIZATION PLATFORM
A payment card data preparation and personalization platform provides a card production environment that provides a production context in which card products and card configurations are able to be defined, for example using various guided user interfaces. Furthermore, the platform implements a data preparation engine and a personalization engine. User interfaces guide definition of payment card products, and aspects of data preparation and personalization are independently executable. A product wizard assists with guided definition of a payment card product to be used within the platform.
G06Q 20/34 - Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
Methods and systems for facilitating authentication of a user with a plurality of applications are described. One method includes authenticating a user with a first secure application based on information received from a smart credential stored on a mobile device via a local wireless connection. The method includes obtaining a remote challenge from a remote authentication service and a mobile challenge, signing the mobile challenge with a private key, and transmitting a signed version of the mobile challenge, the remote challenge, and a public key to the mobile device. The method further includes receiving a signed version of the remote challenge and a certificate indicating validation of the mobile challenge, and transmitting the signed version of the remote challenge to the remote authentication service. Based on receiving an authentication result from the remote authentication service, access is granted to a remote secure application via the browser.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
A process for performing a dedicated backup in a containerized environment is provided. In example aspects, a backup pod performs a backup process for an associated application. The backup pod is customized to contain backup tools that are specific to the backup process for the associated application. The backup pod works in connection with a backup manager that may interface with different backup pods customized for use in conjunction with different containerized applications. In some cases, the backup manager coordinates with each backup pod to provide backup processes for the different containerized applications.
G06F 11/14 - Error detection or correction of the data by redundancy in operation, e.g. by using different operation sequences leading to the same result
G06F 9/455 - EmulationInterpretationSoftware simulation, e.g. virtualisation or emulation of application or operating system execution engines
An account and payment processing platform is provided. The platform exposes standardized APIs to financial institutions and application providers, and manages third-part)7 system integrations. Individual financial institutions or application providers are mapped to corresponding core banking or switch network systems, and the mapping may be reconfigured without requiring redevelopment by those application providers or financial institutions to accommodate a new integration that might otherwise be required.
G06Q 20/32 - Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
G06Q 20/34 - Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentialsReview and approval of payers, e.g. check of credit lines or negative lists
A process for performing a dedicated backup in a containerized environment is provided. In example aspects, a backup pod performs a backup process for an associated application. The backup pod is customized to contain backup tools that are specific to the backup process for the associated application. The backup pod works in connection with a backup manager that may interface with different backup pods customized for use in conjunction with different containerized applications. In some cases, the backup manager coordinates with each backup pod to provide backup processes for the different containerized applications.
G06F 11/14 - Error detection or correction of the data by redundancy in operation, e.g. by using different operation sequences leading to the same result
An account and payment processing platform is provided. The platform exposes standardized APIs to financial institutions and application providers, and manages third-party system integrations. Individual financial institutions or application providers are mapped to corresponding core banking or switch network systems, and the mapping may be reconfigured without requiring redevelopment by those application providers or financial institutions to accommodate a new integration that might otherwise be required.
G06Q 20/34 - Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
A workflow integration platform is disclosed for use within a financial services context, or for issuance of cards (e.g., payment cards or identification cards). Data may be gathered and coordinated for each of a plurality of services, including user contact information, identity, identity document, and customer verification. Each of a plurality of such services may be executed in a coordinated manner. In some instances, a financial institution may use such coordinated workflows for new account creation, card issuance in a self-service context from a mobile application.
G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentialsReview and approval of payers, e.g. check of credit lines or negative lists
G06Q 20/42 - Confirmation, e.g. check or permission by the legal debtor of payment
A workflow integration platform is disclosed for use within a financial services context, or for issuance of cards (e.g., payment cards or identification cards). Data may be gathered and coordinated for each of a plurality of services, including user contact information, identity, identity document, and customer verification. Each of a plurality of such services may be executed in a coordinated manner. In some instances, a financial institution may use such coordinated workflows for new account creation, card issuance in a self-service context from a mobile application.
Printing multi-color images on non-vinyl plastic identification documents in identification document printing systems. A non-linear pixel density adjustment curve is used to adjust the pixel density data of a multi-color image to be printed which adjusts the power applied to the thermal print head. The use of a non-linear pixel density adjustment curve to adjust the pixel density data improves the quality of the resulting multi-color printed image, reduces mass transfer of the dye donor layer, and reduces breaking of the carrier film of the print ribbon.
A ribbon core that is used with a consumable ribbon in a card processing system. The ribbon core can be a take-up core that takes-up used ribbon that has been used in a processing operation in the card processing system, or a supply core around which unused ribbon is wound and that is to be used in a processing operation in the card processing system. The ribbon core is configured to accommodate uneven material on the consumable ribbon.
B41J 2/325 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of heat to a heat sensitive printing or impression-transfer material using thermal heads by selective transfer of ink from ink carrier, e.g. from ink ribbon or sheet
B41J 31/00 - Ink ribbonsRenovating or testing ink ribbons
A ribbon core that is used with a consumable ribbon in a card processing system. The ribbon core can be a take-up core that takes-up used ribbon that has been used in a processing operation in the card processing system, or a supply core around which unused ribbon is wound and that is to be used in a processing operation in the card processing system. The ribbon core is configured to accommodate uneven material on the consumable ribbon.
A centralized compliance platform usable to manage security policies associated with security objects, such as keys, secrets, and certificates. Such a centralized compliance platform performs discovery across the enterprise to obtain information about the varying security objects used by that organization, for example via application programming interface (API) connections to enterprise key and secret vaults, as well as certificate storage locations. The platform may generate a user interface at which compliance with enterprise policies may be monitored, which individual compliance issues for specific security objects able to the sorted, searched, and filtered. The platform may also generate one or more actions that may be taken in response to detected compliance issues, for example to generate alerts in response to noncompliant security objects or storage locations.
H04L 41/22 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks comprising specially adapted graphical user interfaces [GUI]
30.
CENTRALIZED COMPLIANCE MANAGEMENT PLATFORM FOR SECURITY OBJECTS
A centralized compliance platform usable to manage security policies associated with security objects, such as keys, secrets, and certificates. Such a centralized compliance platform performs discovery across the enterprise to obtain information about the varying security objects used by that organization, for example via application programming interface (API) connections to enterprise key and secret vaults, as well as certificate storage locations. The platform may generate a user interface at which compliance with enterprise policies may be monitored, which individual compliance issues for specific security objects able to the sorted, searched, and filtered. The platform may also generate one or more actions that may be taken in response to detected compliance issues, for example to generate alerts in response to noncompliant security objects or storage locations.
A method of delivering a one-time password to an entity is provided. The entity requesting the one-time password provides a public key of a public-private key pair to the authentication service. The entity can then submit a challenge request to the authentication service. The authentication service will generate a one-time password, and encrypt the one-time password with the public key. The encrypted one-time password is delivered to the entity via an unauthenticated channel.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
Card processing mechanisms and methods whereby after a card has been processed on one surface thereof at a card processing station such as, but not limited to, a card printing mechanism, the card can be recirculated back upstream of the card processing station along a return card travel path that is separate from the primary card travel path through the card processing station where the card can then be reintroduced back into the primary card travel path and transported through the card processing station a second time. As the card is being returned along the return card travel path, the card can be flipped over so that when the card is transported back through the card processing station, the opposite surface of the card can be processed.
G06K 19/10 - Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code using markings of different kinds in the same record carrier, e.g. one marking being sensed by optical and the other by magnetic means at least one kind of marking being used for authentication, e.g. of credit or identity cards
B41J 3/60 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for printing on both faces of the printing material
B41J 13/12 - Sheet holders, retainers, or stationary guides specially adapted for cards, envelopes, or the like
G06K 13/07 - Transporting of cards between stations
G06K 13/077 - Transporting of cards between stations with intermittent movementBraking or stopping movement
A retransfer printing method and system where the peel-off of the print receptive material from the retransfer film is improved. The peeling-off or removal of the print receptive material from the retransfer film is improved by adhering the peel-off adhesive material to the print receptive material along a non-straight, non-linear leading edge and/or a non-straight, non-linear trailing edge along which the print receptive material is to be removed from the retransfer film. The use of the non-straight, non-linear leading edge and/or trailing edge helps to manage mechanical and thermal stresses and eliminates tears that may occur in the ribbon when the print receptive material is peeled from the retransfer film by the ribbon.
B41M 5/035 - Duplicating or marking methodsSheet materials for use therein by transferring ink from the master sheet by sublimation or volatilisation of design
B41M 5/382 - Contact transfer or sublimation processes
B41M 1/30 - Printing on other surfaces than ordinary paper on organic plastics, horn, or like materials
B42D 25/20 - Information-bearing cards or sheet-like structures characterised by identification or security featuresManufacture thereof characterised by a particular use or purpose
A method of delivering a one-time password to an entity is provided. The entity requesting the one-time password provides a public key of a public-private key pair to the authentication service. The entity can then submit a challenge request to the authentication service. The authentication service will generate a one-time password, and encrypt the one-time password with the public key. The encrypted one-time password is delivered to the entity via an unauthenticated channel.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
A personalized identification document processing system includes a print station that is configured as a retransfer printer with a retransfer film having a transferrable print receptive material and a transferrable radiation curable material. An image/data is printed on the transferrable print receptive material, and thereafter the print receptive material containing the printed image/data together with at least some of the transferrable radiation curable material is transferred to a surface of the plastic identification document. The radiation curable material is then cured and once cured enhances the durability of the printed image/data.
B41J 2/325 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of heat to a heat sensitive printing or impression-transfer material using thermal heads by selective transfer of ink from ink carrier, e.g. from ink ribbon or sheet
B41J 13/00 - Devices or arrangements specially adapted for supporting or handling copy material in short lengths, e.g. sheets
B41J 31/00 - Ink ribbonsRenovating or testing ink ribbons
B41J 11/00 - Devices or arrangements for supporting or handling copy material in sheet or web form
36.
PERSONALIZED IDENTIFICATION DOCUMENT PROCESSING SYSTEMS AND METHODS
A personalized identification document processing system includes a print station that includes a thermal print head and a print ribbon that is engageable by the thermal print head to thermally transfer material from the print ribbon to personalize the plastic identification document. The print ribbon includes a repeating sequence of panels of thermally transferrable material, with each sequence of panels including at least one panel of thermally transferrable color material followed by at least one panel of thermally transferrable radiation curable protective topcoat material. The color material and the topcoat material are applied to the plastic identification document in a printing process, with the topcoat material applied over at least a portion of the color material. The topcoat material is then cured and once cured enhances the durability of the color material.
B41J 2/325 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of heat to a heat sensitive printing or impression-transfer material using thermal heads by selective transfer of ink from ink carrier, e.g. from ink ribbon or sheet
B41J 3/407 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for marking on special material
37.
Personalized identification document processing systems and methods
A personalized identification document processing system includes a print station that is configured as a retransfer printer with a retransfer film having a transferrable print receptive material and a transferrable radiation curable material. An image/data is printed on the transferrable print receptive material, and thereafter the print receptive material containing the printed image/data together with at least some of the transferrable radiation curable material is transferred to a surface of the plastic identification document. The radiation curable material is then cured and once cured enhances the durability of the printed image/data.
A personalized identification document processing system includes a print station that includes a thermal print head and a print ribbon that is engageable by the thermal print head to thermally transfer material from the print ribbon to personalize the plastic identification document. The print ribbon includes a repeating sequence of panels of thermally transferrable material, with each sequence of panels including at least one panel of thermally transferrable color material followed by at least one panel of thermally transferrable radiation curable protective topcoat material. The color material and the topcoat material are applied to the plastic identification document in a printing process, with the topcoat material applied over at least a portion of the color material. The topcoat material is then cured and once cured enhances the durability of the color material.
B41J 2/325 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of heat to a heat sensitive printing or impression-transfer material using thermal heads by selective transfer of ink from ink carrier, e.g. from ink ribbon or sheet
B41J 13/00 - Devices or arrangements specially adapted for supporting or handling copy material in short lengths, e.g. sheets
B41J 31/00 - Ink ribbonsRenovating or testing ink ribbons
B41J 11/00 - Devices or arrangements for supporting or handling copy material in sheet or web form
A retransfer printing method and system where the peel-off of the print receptive material from the retransfer film is improved. The peeling-off or removal of the print receptive material from the retransfer film is improved by adhering the peel-off adhesive material to the print receptive material along a non-straight, non-linear leading edge and/or a non-straight, non-linear trailing edge along which the print receptive material is to be removed from the retransfer film. The use of the non-straight, non-linear leading edge and/or trailing edge helps to manage mechanical and thermal stresses and eliminates tears that may occur in the ribbon when the print receptive material is peeled from the retransfer film by the ribbon.
B41J 33/04 - Ribbon arrangements mounted on moving carriages
B41J 3/407 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for marking on special material
A process for integrating physical payment card and digital payment card issuance is provided. In example aspects, data flows for physical payment card creation are enhanced by adding digital payment card enrollment procedures that may be performed in association with issuance of the physical payment card, thereby allowing a mobile application to utilize a digital version of the physical payment card via coordination with a digitization service provided by a card bureau and/or external service.
G06Q 20/34 - Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentialsReview and approval of payers, e.g. check of credit lines or negative lists
G06Q 20/32 - Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
A process for integrating physical payment card and digital payment card issuance is provided. In example aspects, data flows for physical payment card creation are enhanced by adding digital payment card enrollment procedures that may be performed in association with issuance of the physical payment card, thereby allowing a mobile application to utilize a digital version of the physical payment card via coordination with a digitization service provided by a card bureau and/or external service.
G06Q 20/34 - Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
G06K 7/10 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation
A ribbon supply roll for use in a plastic card or passport personalization machine. The ribbon supply roll includes a zone-coated splice tape with a pressure sensitive adhesive on a backing film where the adhesive does not flow or ooze beyond the edges of the backing film. Therefore, a transferrable material on a winding layer in contact with the splice tape is not pulled away. For example, portions of the backing film of the splice tape are not coated with the adhesive which permits the adhesive to flow or ooze when pressure is applied to the splice tape. However, the adhesive does not flow enough to flow beyond the edges of the backing film.
A ribbon supply roll for use in a plastic card or passport personalization machine. The ribbon supply roll includes a zone-coated splice tape with a pressure sensitive adhesive on a backing film where the adhesive does not flow or ooze beyond the edges of the backing film. Therefore, a transferrable material on a winding layer in contact with the splice tape is not pulled away. For example, portions of the backing film of the splice tape are not coated with the adhesive which permits the adhesive to flow or ooze when pressure is applied to the splice tape. However, the adhesive does not flow enough to flow beyond the edges of the backing film.
B41J 3/28 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for printing downwardly on flat surfaces, e.g. of books, drawings, boxes
Methods and systems for measuring true positive and false positive matching rates for a given biometric engine within an operational environment are provided. In some examples, a test, or candidate, biometric engine may be executed, or utilized, in parallel with a production biometric engine, on biometric data that is available during live operation of the production biometric engine. Performance of a biometric engine can be assessed, as to both true positive and false positive matching. Additionally, where multiple biometric engines are assessed concurrently, a candidate biometric engine may be compared to performance of the production biometric engine to determine whether a change or upgrade is advisable.
Methods and systems for measuring true positive and false positive matching rates for a given biometric engine within an operational environment are provided. In some examples, a test, or candidate, biometric engine may be executed, or utilized, in parallel with a production biometric engine, on biometric data that is available during live operation of the production biometric engine. Performance of a biometric engine can be assessed, as to both true positive and false positive matching. Additionally, where multiple biometric engines are assessed concurrently, a candidate biometric engine may be compared to performance of the production biometric engine to determine whether a change or upgrade is advisable.
A configuration information management system is provided for secure update of dynamic configuration data in a containerized execution environment. A configuration container may be maintained within the environment separately from an application container hosting a secure enterprise application. The secure enterprise application may require secure configuration information for interaction via a secured connection with one or more remote endpoints from within the application container. The configuration container hosts a service that is configured to maintain the secure configuration information on behalf of the secure enterprise application, allowing the secure enterprise application to not persist secure configuration information within the application container.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
47.
SECURE UPDATE OF DYNAMIC CONFIGURATION IN CONTAINERIZED EXECUTION ENVIRONMENT
A configuration information management system is provided for secure update of dynamic configuration data in a containerized execution environment. A configuration container may be maintained within the environment separately from an application container hosting a secure enterprise application. The secure enterprise application may require secure configuration information for interaction via a secured connection with one or more remote endpoints from within the application container. The configuration container hosts a service that is configured to maintain the secure configuration information on behalf of the secure enterprise application, allowing the secure enterprise application to not persist secure configuration information within the application container.
G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 21/33 - User authentication using certificates
48.
PERSONALIZED PLASTIC IDENTIFICATION DOCUMENT WITH LENS STRUCTURE
A security feature on a personalized plastic identification document such as a personalized plastic card and a plastic page of passport. The security feature includes a lens structure with a plurality of lenses, where the lens structure is formed using a laser at a location on the personalized plastic identification document to facilitate viewing of a security feature underlying the lens structure.
A security feature on a personalized plastic identification document such as a personalized plastic card and a plastic page of passport. The security feature includes a lens structure with a plurality of lenses, where the lens structure is formed using a laser at a location on the personalized plastic identification document to facilitate viewing of a security feature underlying the lens structure.
Methods and systems for managing a digital wallet are described, including registration of payment cards and use of such payment cards. The digital wallet may be integrated into a mobile application provided by a card issuer, with the digital wallet providing integration between the mobile application and a payment service provider that provides token-based payment systems for implementing virtual cards.
G06Q 20/02 - Payment architectures, schemes or protocols involving a neutral third party, e.g. certification authority, notary or trusted third party [TTP]
G06Q 20/32 - Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
G06Q 20/34 - Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
H04L 67/00 - Network arrangements or protocols for supporting network services or applications
G06Q 20/36 - Payment architectures, schemes or protocols characterised by the use of specific devices using electronic wallets or electronic money safes
51.
DIGITAL CARD INTEGRATION WITH CARD PROCESSING SYSTEM OF CARD ISSUER
Methods and systems for managing a digital wallet are described, including registration of payment cards and use of such payment cards. The digital wallet may be integrated into a mobile application provided by a card issuer, with the digital wallet providing integration between the mobile application and a payment service provider that provides token-based payment systems for implementing virtual cards.
G06Q 20/36 - Payment architectures, schemes or protocols characterised by the use of specific devices using electronic wallets or electronic money safes
G06Q 20/34 - Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
Systems and methods for managing cryptographic tokens within a hardware security module are disclosed. A parent cryptographic token contains a plurality of parent cryptographic objects, and a child cryptographic token contains a plurality of child cryptographic objects. The child cryptographic token is associated with the parent cryptographic token. A session established with the child token provides access to at least some of the plurality of child cryptographic objects and at least some the plurality of parent cryptographic objects.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Systems and methods for managing cryptographic tokens within a hardware security module are disclosed. A parent cryptographic token contains a plurality of parent cryptographic objects, and a child cryptographic token contains a plurality of child cryptographic objects. The child cryptographic token is associated with the parent cryptographic token. A session established with the child token provides access to at least some of the plurality of child cryptographic objects and at least some the plurality of parent cryptographic objects.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
Methods and systems for facilitating authentication of a user with a plurality of applications are described. One method includes authenticating a user with a first secure application based on information received from a smart credential stored on a mobile device via a local wireless connection. The method includes obtaining a remote challenge from a remote authentication service and a mobile challenge, signing the mobile challenge with a private key, and transmitting a signed version of the mobile challenge, the remote challenge, and a public key to the mobile device. The method further includes receiving a signed version of the remote challenge and a certificate indicating validation of the mobile challenge, and transmitting the signed version of the remote challenge to the remote authentication service. Based on receiving an authentication result from the remote authentication service, access is granted to a remote secure application via the browser.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
55.
Cross-certification for secure binding of cryptographic systems
Methods and systems for cross-certification to bind together two cryptographic systems are disclosed. One method includes receiving, from a first certificate authority at a second certificate authority, a cross certificate request, the cross certificate request including an attribute unique to the first certificate authority. The method includes generating a cross certificate and embedding the hash value as a certificate extension within the cross certificate.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
A drop-on-demand plastic card printer includes a tray disposed underneath the plastic card during drop-on-demand printing to catch any overspray that may occur during printing on the plastic card. The tray may be disposable so that the tray is intended to be removed and disposed of. An ink absorbent pad can be disposed in the tray to absorb the oversprayed ink. The ink absorbent pad can be disposed of along with the tray or disposed of separately from the tray.
Printing multi-color images on non-vinyl plastic identification documents in identification document printing systems. A non-linear pixel density adjustment curve is used to adjust the pixel density data of a multi-color image to be printed which adjusts the power applied to the thermal print head. The use of a non-linear pixel density adjustment curve to adjust the pixel density data improves the quality of the resulting multi-color printed image, reduces mass transfer of the dye donor layer, and reduces breaking of the carrier film of the print ribbon.
Printing multi-color images on non-vinyl plastic identification documents in identification document printing systems. A non-linear pixel density adjustment curve is used to adjust the pixel density data of a multi-color image to be printed which adjusts the power applied to the thermal print head. The use of a non-linear pixel density adjustment curve to adjust the pixel density data improves the quality of the resulting multi-color printed image, reduces mass transfer of the dye donor layer, and reduces breaking of the carrier film of the print ribbon.
B41J 2/32 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of heat to a heat sensitive printing or impression-transfer material using thermal heads
B41J 2/525 - Arrangement for multi-colour printing, not covered by group , e.g. applicable to two or more kinds of printing or marking process
B41J 29/38 - Drives, motors, controls, or automatic cut-off devices for the entire printing mechanism
B41J 3/38 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for embossing, e.g. for making matrices for stereotypes
B41J 13/00 - Devices or arrangements specially adapted for supporting or handling copy material in short lengths, e.g. sheets
A DOD print station has at least one DOD print head that applies radiation curable material, to a surface of an identification document. A curing station is adjacent to the DOD print station. The curing station includes at least one radiation emitting device, for example a UV light emitting device, that cures the radiation curable material applied to the surface. The curing station is configured to prevent stray radiation emitted from the radiation emitting device from impinging on the DOD print head(s) and prevent exposure to the operator of the DOD print station.
B41J 2/165 - Prevention of nozzle clogging, e.g. cleaning, capping or moistening for nozzles
B41J 3/407 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for marking on special material
A DOD print station has at least one DOD print head that applies radiation curable material, to a surface of an identification document. A curing station is adjacent to the DOD print station. The curing station includes at least one radiation emitting device, for example a UV light emitting device, that cures the radiation curable material applied to the surface. The curing station is configured to prevent stray radiation emitted from the radiation emitting device from impinging on the DOD print head(s) and prevent exposure to the operator of the DOD print station.
Techniques are described for reducing or eliminating a bow in a plastic card that results from applying radiation, such as UV radiation, to a surface of the plastic card to cure radiation curable material that has been applied to the surface. In one embodiment, after printing of all radiation curable material on the plastic card is completed, radiation is applied to both surfaces of the plastic card. After applying the radiation, the plastic card complies with ISO 7810:2019, Clause 8.10.
B41M 7/00 - After-treatment of printed works, e.g. heating, irradiating
B41J 3/407 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for marking on special material
B41J 3/60 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for printing on both faces of the printing material
B41J 11/00 - Devices or arrangements for supporting or handling copy material in sheet or web form
B41J 13/12 - Sheet holders, retainers, or stationary guides specially adapted for cards, envelopes, or the like
B41M 5/00 - Duplicating or marking methodsSheet materials for use therein
Techniques are described for reducing or eliminating a bow in a plastic card that results from applying radiation, such as UV radiation, to a surface of the plastic card to cure radiation curable material that has been applied to the surface. In one embodiment, after printing of all radiation curable material on the plastic card is completed, radiation is applied to both surfaces of the plastic card. After applying the radiation, the plastic card complies with ISO 7810:2019, Clause 8.10.
Content, such as an encryption key, may be transmitted between computing systems that both use more than one encryption algorithm. Secrets may be used to encode the content. The different encryption algorithms may be used to separately encrypt the encoded content and the secrets prior to communicating the encrypted, encoded content and encrypted secrets between computing systems.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
64.
DROP-ON-DEMAND IDENTIFICATION DOCUMENT PRINTING WITH IMPROVED PRINT ADHESION
A plastic card personalization system with a drop-on-demand plastic card print station that prints radiation curable material, a plasma treatment station, and a radiation curing station. By using a combination of controlling plasma treatment conditions on the surface of the plastic card prior to DOD printing together with controlling the dwell time of the printed material applied to the plastic card prior to full curing of the printed material, a surprising and unexpected improvement of the adhesion of the printed material to the plastic card is achieved.
B41J 3/38 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for embossing, e.g. for making matrices for stereotypes
B41J 2/04 - Ink jet characterised by the jet generation process generating single droplets or particles on demand
B41J 2/435 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of radiation to a printing material or impression-transfer material
B41J 11/00 - Devices or arrangements for supporting or handling copy material in sheet or web form
65.
Drop-on-demand identification document printing with improved print adhesion
A plastic card personalization system with a drop-on-demand plastic card print station that prints radiation curable material, a plasma treatment station, and a radiation curing station. By using a combination of controlling plasma treatment conditions on the surface of the plastic card prior to DOD printing together with controlling the dwell time of the printed material applied to the plastic card prior to full curing of the printed material, a surprising and unexpected improvement of the adhesion of the printed material to the plastic card is achieved.
One or more computing devices employs a method that includes requesting a transient credential (e.g., a one-time PKI certificate) as a first identity credential for an application component instance based on a unique identifier associated with the application component instance. The method includes requesting a dynamically-created second identity credential for the application component instance of the application using a request signed (e.g., using the public key of the first identity PKI certificate) based on the transient credential. The method includes receiving the dynamically-created second identity credential and using the dynamically-created second identity credential in a cryptographic function by the application component instance; and managing the replacement of this credential in environments without persistent archival storage accessible by the device/application.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
A method of operating a personalized document processing system that is configured to process a plurality of personalized documents under a subscription plan is provided. The method includes a controller of the personalized document processing system receiving a subscription plan key code. The method also includes the controller verifying the subscription plan key code. Also, the method includes determining and setting a subscription threshold for a processing module of the personalized document processing system based on the subscription plan key code. The processing module is configured to perform a processing operation on one or more of the plurality of personalized documents. Further, the method includes tracking operation of the processing module to determine whether the subscription threshold has been reached. Moreover, the method includes adjusting operation of the processing module when the subscription threshold has been reached.
A method of operating a personalized document processing system that is configured to process a plurality of personalized documents under a subscription plan is provided. The method includes a controller of the personalized document processing system receiving a subscription plan key code. The method also includes the controller verifying the subscription plan key code. Also, the method includes determining and setting a subscription threshold for a processing module of the personalized document processing system based on the subscription plan key code. The processing module is configured to perform a processing operation on one or more of the plurality of personalized documents. Further, the method includes tracking operation of the processing module to determine whether the subscription threshold has been reached. Moreover, the method includes adjusting operation of the processing module when the subscription threshold has been reached.
A printing mechanism of a plastic card retransfer printer includes a platen roller with a homing mechanism attached thereto that automatically returns the platen roller to the same home position at the end of each printing pass. The homing mechanism ensures that the portion of the retransfer film being printed on travels over the same surfaces of the platen roller in each print pass. Therefore, any variations in the surface of the platen roller will manifest themselves at the same locations on the resulting printing on the retransfer film.
B41J 2/325 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of heat to a heat sensitive printing or impression-transfer material using thermal heads by selective transfer of ink from ink carrier, e.g. from ink ribbon or sheet
B41J 35/14 - Vibrator mechanismsDriving gear therefor adjustable, e.g. for case shift for multicolour workVibrator mechanismsDriving gear therefor adjustable, e.g. for case shift for ensuring maximum life of ink ribbonVibrator mechanismsDriving gear therefor adjustable, e.g. for case shift for rendering ink ribbon inoperative
A printing mechanism of a plastic card retransfer printer includes a platen roller with a homing mechanism attached thereto that automatically returns the platen roller to the same home position at the end of each printing pass. The homing mechanism ensures that the portion of the retransfer film being printed on travels over the same surfaces of the platen roller in each print pass. Therefore, any variations in the surface of the platen roller will manifest themselves at the same locations on the resulting printing on the retransfer film.
B41J 2/325 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of heat to a heat sensitive printing or impression-transfer material using thermal heads by selective transfer of ink from ink carrier, e.g. from ink ribbon or sheet
71.
PLASTIC CARD PRINTING SYSTEMS WITH TEMPERATURE AND PIXEL DENSITY COMPENSATION
Thermal printing on plastic cards where the energization of each individually energizable heating element of a thermal printhead is adjusted based on a temperature of the thermal printhead and a density of the pixel to be printed. For each pixel, the printhead temperature and the pixel density of a pixel to be printed are used to adjust the strobe pulse length that energizes the heating element to print that pixel. By compensating for both printhead temperature and pixel density, a tighter tolerance of the resulting printed densities is achieved.
B41J 2/32 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of heat to a heat sensitive printing or impression-transfer material using thermal heads
B41J 2/365 - Print density control by compensation for variation in temperature
B41J 3/38 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for embossing, e.g. for making matrices for stereotypes
B42D 25/20 - Information-bearing cards or sheet-like structures characterised by identification or security featuresManufacture thereof characterised by a particular use or purpose
72.
Plastic card printing systems with temperature and pixel density compensation
Thermal printing on plastic cards where the energization of each individually energizable heating element of a thermal printhead is adjusted based on a temperature of the thermal printhead and a density of the pixel to be printed. For each pixel, the printhead temperature and the pixel density of a pixel to be printed are used to adjust the strobe pulse length that energizes the heating element to print that pixel. By compensating for both printhead temperature and pixel density, a tighter tolerance of the resulting printed densities is achieved.
B41J 13/12 - Sheet holders, retainers, or stationary guides specially adapted for cards, envelopes, or the like
B41J 2/325 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of heat to a heat sensitive printing or impression-transfer material using thermal heads by selective transfer of ink from ink carrier, e.g. from ink ribbon or sheet
B41J 2/365 - Print density control by compensation for variation in temperature
73.
Print ribbon residual image scrambling techniques using metadata
Techniques for scrambling residual images left behind on print ribbons due to printing on plastic cards or passports. A string of characters to be printed onto a plastic card is divided into character subsets. Metadata is assigned to each character subset, with the metadata defining the print sequence and location on the plastic card of each character subset. The character subsets are then printed on the plastic card in the sequence and the locations determined by the metadata. The sequence of characters in a residual image left on the print ribbon after printing of the character string differs from the sequence of the characters in the character string printed on the plastic card or passport.
B41J 3/28 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for printing downwardly on flat surfaces, e.g. of books, drawings, boxes
B41J 2/32 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of heat to a heat sensitive printing or impression-transfer material using thermal heads
74.
PRINT RIBBON RESDIUAL IMAGE SCRAMBLING TECHNIQUES USING METADATA
Techniques for scrambling residual images left behind on print ribbons due to printing on plastic cards or passports. A string of characters to be printed onto a plastic card is divided into character subsets. Metadata is assigned to each character subset, with the metadata defining the print sequence and location on the plastic card of each character subset. The character subsets are then printed on the plastic card in the sequence and the locations determined by the metadata.. The sequence of characters in a residual image left on the print ribbon after printing of the character string differs from the sequence of the characters in the character string printed on the plastic card or passport.
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
G06K 15/02 - Arrangements for producing a permanent visual presentation of the output data using printers
B41J 2/325 - Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by selective application of heat to a heat sensitive printing or impression-transfer material using thermal heads by selective transfer of ink from ink carrier, e.g. from ink ribbon or sheet
B41J 5/38 - Character or syllable selection controlled by recorded information characterised by form of recorded information by punched records, e.g. cards, sheets by strips or tapes
75.
PLASTIC CARD WITH ENHANCED DURABILITY COLORED MACHINED CHARACTERS
A material that is curable by radiation is applied over or included in colored material on non-printed machined characters formed on a plastic card. After applying the colored material and the radiation curable material to the machined characters, radiation is used to cure the radiation curable material. The colored material has improved durability due to the radiation cured material.
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
B41J 3/38 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for embossing, e.g. for making matrices for stereotypes
B41J 2/04 - Ink jet characterised by the jet generation process generating single droplets or particles on demand
76.
Plastic card with enhanced durability colored machined characters
A material that is curable by radiation is applied over or included in colored material on non-printed machined characters formed on a plastic card. After applying the colored material and the radiation curable material to the machined characters, radiation is used to cure the radiation curable material. The colored material has improved durability due to the radiation cured material.
B41J 3/38 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for embossing, e.g. for making matrices for stereotypes
77.
Binding of multiple heterogeneous root certificate authorities
Root certificates generated by root certificate authorities may be bound at the time of generation. In an example, a first root certificate can include an identity of a first root certificate authority, a first key identifier associated with a first key of the first root certificate authority and an identity of a first digital signature algorithm used by the first root certificate authority. The first root certificate can also include at least one extension including a second key identifier of a second key associated with the second root certificate authority and an identity of a second digital signature algorithm used by the second root certificate authority, the second digital signature algorithm being different from the first digital signature algorithm.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
Methods and systems for cross-certification to bind together two cryptographic systems are disclosed. One method includes receiving, from a first certificate authority at a second certificate authority, a cross certificate request, the cross certificate request including an attribute unique to the first certificate authority. The method also includes calculating a signature at the second certificate authority based at least in part on the attribute, and calculating a hash value based on a combination of the signature calculated at the second certificate authority and a key associated with the second certificate authority. The method includes generating a cross certificate and embedding the hash value as a certificate extension within the cross certificate.
H04L 29/06 - Communication control; Communication processing characterised by a protocol
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
79.
DROP-ON-DEMAND MULTI-PASS PRINTING ON PLASTIC CARDS
A multi-pass drop-on-demand (DOD) card printing mechanism that performs multi-pass DOD printing on a surface of a plastic card whereby the plastic card is transported past one or more DOD print heads multiple times for DOD printing on the card surface with each pass past the DOD print head(s). In a first printing pass, at least one material is applied to a surface of the plastic card using at least one DOD print head. In a second printing pass that occurs after the first printing pass, at least one additional material is applied to the surface of the plastic card in the card processing system using at least one DOD print head.
B42D 25/41 - Marking using electromagnetic radiation
B42D 25/20 - Information-bearing cards or sheet-like structures characterised by identification or security featuresManufacture thereof characterised by a particular use or purpose
B41J 3/38 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for embossing, e.g. for making matrices for stereotypes
B41M 5/00 - Duplicating or marking methodsSheet materials for use therein
80.
DROP-ON-DEMAND MULTI-PASS PRINTING ON PLASTIC CARDS
A multi-pass drop-on-demand (DOD) card printing mechanism that performs multi-pass DOD printing on a surface of a plastic card whereby the plastic card is transported past one or more DOD print heads multiple times for DOD printing on the card surface with each pass past the DOD print head(s). In a first printing pass, at least one material is applied to a surface of the plastic card using at least one DOD print head. In a second printing pass that occurs after the first printing pass, at least one additional material is applied to the surface of the plastic card in the card processing system using at least one DOD print head.
Methods and systems of actively cooling a card while the card is within a card processing machine are described. One or more cooling stations are provided within the card processing machine to actively cool the card prior to performing a processing operation, during a processing operation, and/or after a processing operation on the card in order to reduce a temperature of the surface of the card.
B41F 23/04 - Devices for treating the surfaces of sheets, webs or other articles in connection with printing by heat drying, by cooling, by applying powders
A cryptographic object management system is provided that includes physically separated first and second object management sites. The first and second object management sites each respectively include HSMs, a HSM server connected to each of the HSMs, and a persistent layer connected to the HSM server. The HSM servers respectively manage operation of each of the HSMs. The HSM server of the first object management site includes an object manager module that manages and controls the cryptographic object management system. The persistent layers respectively store cryptographic objects for use by the HSMs. Each of the HSMs respectively performs crypto-processing on one or more of the cryptographic objects.
A desktop plastic card printer that is configured to allow installation of a smart card cartridge within an interior space of the printer housing through an opening, for example an opening in a side wall, in the printer housing. Both the mechanical installation and electrical installation of the smart card cartridge occurs via the opening. This allows the desktop plastic card printer to be quickly and easily retrofitted to have the ability to electronically read data from and/or electronically program data on an integrated circuit chip of a plastic card. The retrofitting can take place without using any mechanical tools and without having to remove the entire, or a substantial portion of, the printer housing.
B41J 3/38 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for embossing, e.g. for making matrices for stereotypes
A desktop plastic card printer that is configured to allow installation of a smart card cartridge within an interior space of the printer housing through an opening, for example an opening in a side wall, in the printer housing. Both the mechanical installation and electrical installation of the smart card cartridge occurs via the opening. This allows the desktop plastic card printer to be quickly and easily retrofitted to have the ability to electronically read data from and/or electronically program data on an integrated circuit chip of a plastic card. The retrofitting can take place without using any mechanical tools and without having to remove the entire, or a substantial portion of, the printer housing.
B41J 3/36 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for portability
B41J 3/407 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for marking on special material
B41J 3/50 - Mechanisms producing characters by printing and also producing a record by other means
B42D 25/22 - Information-bearing cards or sheet-like structures characterised by identification or security featuresManufacture thereof characterised by a particular use or purpose for use in combination with accessories specially adapted for information-bearing cards
Security features used on identification documents such as plastic cards and passport pages are described. The security features include a textured portion that is formed on a portion of the surface of the identification document using a laser. The security features can also include a printed portion and/or a laser marked portion. The printed portion (if present) can be formed above or beneath the textured portion. The laser marked portion (if present) is formed within the thickness of the identification document below the textured portion. The textured portion and the printed portion and/or the laser marked portion can be in congruence with one another to form the security feature.
B42D 25/20 - Information-bearing cards or sheet-like structures characterised by identification or security featuresManufacture thereof characterised by a particular use or purpose
A proxy hardware security module (HSM) is disclosed, useable with an existing HSM for expansion of key storage for the HSM. The proxy HSM receives a signing request that is targeted to the HSM, and retrieves a wrapped version of a signing key from a storage location separate from the HSM. The proxy HSM provides the wrapped signing key to the HSM, and provides the signing request to the HSM. Upon receipt of a response to the signing request indicating successful execution of a signing operation by the HSM, the proxy HSM transmits a key destroying request to the HSM, and a confirmation message to the device from which the signing request was received. Upon completion of the signing request, the HSM does not retain the signing key.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
87.
PLASTIC CARD PROCESSING EQUIPMENT WITH BIOMETRIC CARD SENSOR TESTING
Plastic card processing equipment that provide the ability to test the functionality of a biometric sensor on a plastic card to verify that the biometric sensor is working properly prior to being issued to a card holder. The test can be performed while the plastic card is within the plastic card processing equipment, before or after any processing occurs on the plastic card.
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
G06K 19/073 - Special arrangements for circuits, e.g. for protecting identification code in memory
G06K 19/077 - Constructional details, e.g. mounting of circuits in the carrier
Methods and systems for remote, asynchronous key entry and extraction are provided. A credential device can store a first key thereon, and can store an encrypted key component. A hardware security module manages a key template including a plurality of key components. The hardware security module manages a complementary key to the first key. The key component on the credential device can be encrypted with the first key for storage on the credential device and decrypted by the complementary key at the hardware security module. Alternately, the key component can be encrypted with the complementary key and provided to the credential device for decryption at a secure system via the first key. Accordingly, a key custodian may supply or extract a key component at a hardware security module remotely and at a time convenient to that key custodian.
09 - Scientific and electric apparatus and instruments
37 - Construction and mining; installation and repair services
42 - Scientific, technological and industrial services, research and design
Goods & Services
Laser marking machines, laminators, topcoat applicators,
topping foil applicators, feeders, stackers, sorters, label
applicators, roller cleaning tapes, all for card issuence;
laser marking machines, laminators, feeders, all for
passport issuence; embossers for printing, embossing,
encoding, topping, chip programming, and laminating
financial cards, identity cards, smart cards, loyalty cards,
transportation cards, secure credentials and passports. Card issuance systems for financial cards, identity cards,
smart cards, loyalty cards, transportation cards, and secure
credentials comprised primarily of one or more of the
following, namely, printers, indent printers, encoders,
optical character readers, optical scanners, cameras, card
readers, chip readers and writers, magnetic strip verifiers,
chip verifiers, microprocessor controllers, controllers for
multiple function embossing, encoding and printing systems,
and computer hardware and computer firmware for operating
such systems; passport issuance systems comprising primarily
one or more of the following, namely, printers, encoders,
optical character readers, optical scanners, cameras, card
readers, chip readers and writers, chip verifiers,
microprocessor controllers, controllers for multiple
function embossing, encoding and printing systems, and
computer hardware and computer firmware for operating such
systems; desktop printers, and printers comprised primarily
of desktop printers; downloadable or recorded computer
software for secure issuance of financial cards, identity
cards, smart cards, loyalty cards, transportation cards,
secure credentials and passports; downloadable or recorded
computer software for managing the production process for
financial cards, identity cards, smart cards, loyalty cards,
transportation cards, secure credentials and passports;
downloadable or recorded computer software for managing data
and identity capture processes, and integrated workflow
functions and for the issuance and post-issuance of
financial cards, identity cards, smart cards, loyalty cards,
transportation cards, secure credentials, and passports;
downloadable or recorded computer software for designing,
customizing and personalizing financial cards,
identification cards, smart cards, loyalty cards,
transportation cards, secure credentials and passports, and
delivery forms and carriers; downloadable or recorded
computer software for electronic digitization of graphics
and images, namely, facial images, artwork, logos, secure
printing, microtext; computer peripherals for implementing
security features in financial cards, identity cards, smart
cards, loyalty cards, transportation cards, secure
credentials and passports; high-resolution optically
variable devices (OVDs) for use on identity documents;
downloadable or recorded computer software for real-time
monitoring of networks, fraud detection management, fraud
detection analytics and reporting, and providing real time
data feeds of fraud intelligence; downloadable or recorded
computer software for authentication, authorization,
encryption and decryption, identity and access management,
identity federation, and issuance, verification, validation,
revocation and management of digital certificates;
downloadable or recorded computer software for searching and
managing digital certificates from multiple digital
certificate authorities and providing information to track
their location, expiration, purpose or status; downloadable
or recorded computer software to secure interaction between
and among users, computer networks, the internet, and
connected devices; downloadable or recorded computer
software for providing network, internet, and computer
security; downloadable or recorded computer software for
monitoring and control of computer and online activity;
downloadable or recorded computer software for providing
online transaction security; downloadable or recorded
computer software for device management and to facilitate
updates and remote diagnostics; downloadable or recorded
computer software for data analytics, namely, data
aggregation, filtering and edge-analytics; downloadable or
recorded computer software to enable users to perform
electronic business transactions via a global computer
network; downloadable or recorded computer software for
managing the preparation, issuance, tracking, installation,
de-installation, and maintenance of software applications on
smart cards; computer hardware and peripherals; computer
peripheral devices, namely, accelerators and encryptographic
accelerators for data security; downloadable or recorded
computer software, namely, computer programs and firmware
for encryption, decryption, signing, and verification of
digital signatures for use with hardware security modules,
accelerators and encryptographic accelerators for data
security; downloadable or recorded computer encryption
software for internet security; hardware security modules;
tamper-resistant computer hardware for the secure
management, processing, and storing of data and
cryptographic keys; computer hardware and downloadable or
recorded computer software for the protection of
cryptographic infrastructure; downloadable or recorded
computer programs for security, namely, for data encryption,
key management, entity identification, authentication, and
warranting; downloadable mobile applications for
authorization, authentication, encryption, decryption,
identity and access management; print heads for document
printers. Technical support services, namely, technical consultation,
advice, and troubleshooting in planning, migration,
installation and implementation of equipment for the
production and issuance of financial cards, identity cards,
smart cards, loyalty cards, transportation cards, secure
credentials, and passports; installation, customization,
maintenance, and repair of computer hardware; installation,
customization, maintenance and repair of equipment for the
production and issuance of financial cards, identity cards,
smart cards, loyalty cards, transportation cards, secure
credentials, and passports; technical support services in
the nature of troubleshooting computer hardware repair
issues. Authentication, issuance, verification, revocation, and
management of digital certificates; providing online
non-downloadable software for identity and access management
and identity federation; providing online non-downloadable
software for issuance, verification, validation, revocation
and management of digital certificates; providing online
non-downloadable software for searching and management of
digital certificates from multiple digital certificate
authorities and providing information to track their
location, expiration, purpose or status; providing online
non-downloadable software for encryption, authentication,
authorization, security, fraud detection, and secure socket
layer (SSL) certificate management; digital certificate
validation, encryption and permissions management services;
providing online non-downloadable software to secure
interaction between and among users, computer networks, the
internet, and connected devices; providing online
non-downloadable software for managing internal, external,
or federated identity information for access to information
resources and applications; providing online
non-downloadable software for device management and to
facilitate updates and remote diagnostics; providing online
non-downloadable software for data analytics, namely, data
aggregation, filtering and edge-analytics; providing online
non-downloadable software for information security,
encryption, decryption, authentication, and verification of
data, digital signatures, identity management, fraud
detection, and verification and management of digital keys
and credentials; providing an online, non-downloadable
cloud-based enterprise authentication platform featuring
flexible authentication capabilities and a broad range of
authenticators, assurance levels and access controls;
providing online non-downloadable software for access
control and identity authentication to control access to
software, applications, networks, websites, computers,
mobile devices, kiosks, physical access control systems and
other digital and physical resources and for enforcing,
restricting and controlling access to cloud, mobile, or
network computer resources; providing online
non-downloadable software for risk assessment of computers,
mobile devices, and users of software, computers, computer
networks, websites, mobile devices, kiosks, physical access
control systems, and other digital and physical resources;
computer security services, namely, enforcing, restricting
and controlling access privileges of users of computing
resources for cloud, mobile, or network resources based on
assigned credentials; computer software installation,
integration and deployment services in the field of
information security; providing user authentication services
in electronic transactions and communications; software
customization, installation and support; technical support
services, namely, troubleshooting in the nature of
diagnosing computer hardware and software problems; computer
security consultation; technical support services, namely,
technical consultation, advice and troubleshooting in
planning, migration and implementation of software and
equipment for the production and issuance of financial
cards, identity cards, smart cards, loyalty cards,
transportation cards, secure credentials and passports;
providing information via a website in the fields of
information security and cybersecurity; providing
information via a website in the fields of production and
issuance of financial cards, identity cards, smart cards,
loyalty cards, transportation cards, secure credentials and
passports (term considered too vague by the International
Bureau - Rule 13 (2) (b) of the Regulations); consulting
services in the field of internet and information security;
providing information regarding electronic or online fraud,
electronic or online fraud behavior patterns, electronic or
online fraud detection rules, electronic or online fraud
detection data, methods of combating electronic or online
fraud, and electronic or online fraud news, information and
data via communications networks (term considered too vague
by the International Bureau - Rule 13 (2) (b) of the
Regulations); providing information by means of online web
links to other web sites for obtaining information regarding
electronic or online fraud, electronic or online fraud
behavior patterns, methods of combating electronic or online
fraud, and electronic or online fraud news, information and
data (term considered too vague by the International Bureau
- Rule 13 (2) (b) of the Regulations).
90.
Drop-on-demand printer with bottle ink supply and keyed bottle cap
An ink bottle is mounted in a DOD printer with the ink bottle acting as an ink supply reservoir that supplies ink to a DOD print head. A unique cap is provided that is configured to be affixed to an end of the ink bottle via threads or the like. The cap can be provided with one or more mechanical keying features used to limit mounting of the cap and the bottle assembly to a correct receiver in the DOD printer. The cap can also be provided with a valve controlled ink passage that allows ink to flow out of the bottle through the cap and a valve controlled vent passage that allows air to enter the bottle through the cap.
A method for providing remote programming of a supply tag of a print supply used with an authorized entity's card personalization system is provided. The method includes an issuance server authenticating remote programming of the supply tag, receiving first supply tag data of the print supply including a first digital signature, updating the first supply tag data to obtain second supply tag data, and issuing a second digital signature based on the second supply tag data. The second digital signature secures the second supply tag data.
G06K 19/073 - Special arrangements for circuits, e.g. for protecting identification code in memory
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
B41J 3/407 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for marking on special material
92.
Remote programming of unique and secure supply tags
A method for providing remote programming of a supply tag of a print supply used with an authorized entity's card personalization system is provided. The method includes an issuance server authenticating remote programming of the supply tag, receiving first supply tag data of the print supply including a first digital signature, updating the first supply tag data to obtain second supply tag data, and issuing a second digital signature based on the second supply tag data. The second digital signature secures the second supply tag data.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06K 19/07 - Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards with integrated circuit chips
93.
DROP-ON-DEMAND INK DELIVERY SYSTEMS AND METHODS WITH TANKLESS RECIRCULATION FOR CARD PROCESSING SYSTEMS
DOD ink delivery systems and methods are described herein that are used in DOD card printing systems of card processing systems for supplying ink for DOD printing on plastic cards. The ink delivery systems are configured to recirculate the ink without using a recirculation tank separate from an ink supply. The ink can be recirculated back into the ink supply or, when the ink supply is not present, the ink can be recirculated from a return header tank to a supply header tank.
B41J 3/38 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for embossing, e.g. for making matrices for stereotypes
DOD ink delivery systems and methods are described herein that are used in DOD card printing systems of card processing systems for supplying ink for DOD printing on plastic cards. The ink delivery systems are configured to recirculate the ink without using a recirculation tank separate from an ink supply. The ink can be recirculated back into the ink supply or, when the ink supply is not present, the ink can be recirculated from a return header tank to a supply header tank.
B41J 3/407 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for marking on special material
B41M 5/00 - Duplicating or marking methodsSheet materials for use therein
Inkjet printing on a plastic card using a radiation curable ink is described herein. After the ink is applied to the card surface (i.e. the printed surface), radiation, such as UV radiation, is directed onto a non-printed surface of the card (for example, a perimeter side edge surface and/or a surface of the plastic card opposite the printed surface the radiation curable ink is applied to) in order to at least partially cure any of the applied ink that may have flowed onto or that may otherwise be disposed on the non-printed surface. This prevents contamination of a drive mechanism used to transport the plastic card via the perimeter side edge surfaces or via the opposite surface prior to full curing of the ink applied to the printed surface.
B41J 11/00 - Devices or arrangements for supporting or handling copy material in sheet or web form
B41J 3/407 - Typewriters or selective printing or marking mechanisms characterised by the purpose for which they are constructed for marking on special material
A system and method for establishing a secure identity for a printing device at the time of manufacturing is provided. The method includes obtaining a first private key for use with a first operation of the printing device and obtaining a second private key for use with a second operation of the printing device. The method also includes loading the first private key into a secure memory portion of the printing device during manufacturing of the printing device, and loading the second private key into the secure memory portion of the printing device during manufacturing of the printing device.
H04L 9/14 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
09 - Scientific and electric apparatus and instruments
16 - Paper, cardboard and goods made from these materials
17 - Rubber and plastic; packing and insulating materials
37 - Construction and mining; installation and repair services
41 - Education, entertainment, sporting and cultural services
42 - Scientific, technological and industrial services, research and design
Goods & Services
Machines for automatically inserting or affixing plastic
cards or other objects including non-card form factors onto
or into transmittal forms; machines for inserting paper or
cards onto a carrier or into an envelope for transmittal;
envelope stuffing and inserting machines; envelope feeders;
embossing machines; machines for laser marking or engraving
on plastic cards, plastic sheets, and chip cards; printing
machines for commercial or industrial use and component
parts therefor; laser engraving machines; laser marking
machines; machines for milling plastic cards and embedding
integrated circuits in cards and using dies for punching
plastic; machines for embossing, encoding, topping and
laminating financial cards, identity cards, smart cards,
secure credentials, loyalty cards, transportation cards and
passports. Card issuance systems for financial cards, identity cards,
smart cards, loyalty cards, transportation cards, and secure
credentials comprised primarily of one or more of the
following, namely, printers, indent printers, encoders,
laminators, topcoat applicators, topping foil applicators,
optical character readers, optical scanners, cameras, card
readers, chip readers and writers, magnetic strip verifiers,
chip verifiers, microprocessor controllers, controllers for
multiple function embossing, encoding and printing systems,
feeders, stackers, sorters, label applicators, roller
cleaning tapes, and computer hardware and computer firmware
for operating such systems; passport issuance systems
comprised primarily of one or more of the following, namely,
printers, encoders, laminators, feeders, optical character
readers, optical scanners, cameras, card readers, chip
readers and writers, chip verifiers, microprocessor
controllers, controllers for multiple function embossing,
encoding and printing systems, and computer hardware and
computer firmware for operating such systems; desktop
printers, and printers comprised primarily of desktop
printers and embossers for printing, embossing, encoding,
topping, chip programming, and laminating financial cards,
identity cards, smart cards, loyalty cards, transportation
cards, secure credentials and passports; downloadable or
recorded computer software for secure issuance of financial
cards, identity cards, smart cards, loyalty cards,
transportation cards, secure credentials and passports;
downloadable or recorded computer software for managing the
production process for financial cards, identity cards,
smart cards, loyalty cards, transportation cards, secure
credentials and passports; downloadable or recorded computer
software for managing data and identity capture processes,
and integrated workflow functions and for the issuance and
post-issuance of financial cards, identity cards, smart
cards, loyalty cards, transportation cards, secure
credentials, and passports; downloadable or recorded
computer software for designing, customizing and
personalizing financial cards, identification cards, smart
cards, loyalty cards, transportation cards, secure
credentials and passports, and delivery forms and carriers;
downloadable or recorded computer software for electronic
digitization of graphics and images, namely, facial images,
artwork, logos, secure printing, microtext; computer
peripherals for implementing security features in financial
cards, identity cards, smart cards, loyalty cards,
transportation cards, secure credentials and passports;
high-resolution optically variable devices (OVDs) for use on
identity documents; downloadable or recorded computer
software for real-time monitoring of network, fraud
detection management, fraud detection analytics and
reporting, and providing real time data feeds of fraud
intelligence; downloadable or recorded computer software for
authentication, authorization, encryption and decryption,
identity and access management, identity federation, data
security, e-mail security, and issuance, verification,
validation, revocation and management of digital
certificates; downloadable or recorded computer software for
searching and managing digital certificates from multiple
digital certificate authorities and providing information to
track their location, expiration, purpose or status;
downloadable or recorded computer software to secure
interaction between and among users, computer networks, the
internet, and connected devices; downloadable or recorded
computer software for providing network, internet, and
computer security; downloadable or recorded computer
software for monitoring and control of computer and online
activity; downloadable or recorded computer software for
providing online transaction security; downloadable or
recorded computer software for device management and to
facilitate updates and remote diagnostics; downloadable or
recorded computer software for data analytics, namely, data
aggregation, filtering and edge-analytics; downloadable or
recorded computer software to enable users to perform
electronic business transactions via a global computer
network; downloadable or recorded computer software for
managing the preparation, issuance, tracking, installation,
de-installation, and maintenance of software applications on
smart cards; computer hardware and peripherals; computer
peripheral devices, namely, accelerators and encryptographic
accelerators for data security; downloadable or recorded
computer software, namely, encoded computer programs and
firmware for encryption, decryption, signing, and
verification of digital signatures for use with hardware
security modules, accelerators and encryptographic
accelerators for data security; downloadable or recorded
computer encryption software for internet security; hardware
security modules; tamper-resistant computer hardware for the
secure management, processing, and storing of data and
cryptographic keys; downloadable or recorded computer
software and computer hardware for the protection of
cryptographic infrastructure; encoded computer programs for
security, namely, for data encryption, key management,
entity identification, authentication, and warranting;
downloadable mobile applications for authorization,
authentication, encryption, decryption, identity and access
management; print heads for document printers. Adhesive labels; thermal and dye sublimation transfer
ribbons; indent printer ribbons; re-transfer printer
ribbons; printer roller cleaning tapes; polyester transfer
ribbon, adhesive cleaning tapes and adhesive cleaning
rollers for cleaning dust and debris from cards. Laminates, namely, clear and holographic polymeric topcoats
and overlays for plastic cards. Technical support services, namely, technical consultation,
advice, and troubleshooting in installation project
management, configuration, migration, installation and
implementation of equipment for the production and issuance
of financial cards, identity cards, smart cards, loyalty
cards, transportation cards, secure credentials, and
passports; installation, customization, maintenance, and
repair of computer hardware; installation, customization,
maintenance and repair of equipment for the production and
issuance of financial cards, identity cards, smart cards,
loyalty cards, transportation cards, secure credentials, and
passports; technical support services in the nature of
troubleshooting computer hardware repair issues. Training services in the field of information security and
cybersecurity; training services in the field of production
and issuance of financial cards, identity cards, smart
cards, loyalty cards, transportation cards, secure
credentials and passports; providing online non-downloadable
videos in the fields of information security, cybersecurity,
and production and issuance of financial cards, identity
cards, smart cards, loyalty cards, transportation cards,
secure credentials and passports; providing information
regarding electronic or online fraud news via communications
networks; providing information by means of online web link
to other web sites for obtaining information regarding
online fraud news. Authentication, issuance, verification, revocation, and
management of digital certificates; providing online
non-downloadable software for identity and access
management, identity federation, and data security;
providing online non-downloadable software for searching and
management of digital certificates from multiple digital
certificate authorities and providing information to track
their location, expiration, purpose or status, digital
receipts, certificate validation, encryption and permissions
management services; providing online non-downloadable
software to secure interaction between and among users,
computer networks, the internet, and connected devices;
providing online non-downloadable software for managing
internal, external, or federated identity information for
access to information resources and applications; providing
online non-downloadable software for device management and
to facilitate updates and remote diagnostics; providing
online non-downloadable featuring software for data
analytics, namely, data aggregation, filtering and
edge-analytics; providing online non-downloadable software
for information security, encryption, decryption,
authentication, and verification of data, digital
signatures, identity management, fraud detection, secure
e-mail, and verification and management of digital keys and
credentials; providing an online, non-downloadable
cloud-based enterprise authentication platform featuring
flexible authentication capabilities and a broad range of
authenticators, assurance levels and access controls;
providing online non-downloadable software for access
control and identity authentication to control access to
software, applications, networks, websites, computers,
mobile devices, kiosks, physical access control systems and
other digital and physical resources and for enforcing,
restricting and controlling access to cloud, mobile, or
network computer resources; providing online
non-downloadable software for risk assessment of computers,
mobile devices, and users of software, computers, computer
networks, websites, mobile devices, kiosks, physical access
control systems, and other digital and physical resources;
platform as a service (PAAS) featuring computer software
platforms for identity and access management, namely, public
key infrastructure and issuance, verification, validation,
revocation and management of digital certificates; platform
as a service (PAAS) featuring computer software platforms to
facilitate identity federation and data security; platform
as a service (PAAS) featuring computer software platforms
for encryption, authentication, authorization, security,
digital certificate issuance, verification, and management,
fraud detection, and secure socket layer (SSL) certificate
management; computer security services, namely, enforcing,
restricting and controlling access privileges of users of
computing resources for cloud, mobile, or network resources
based on assigned credentials; computer software
installation, integration and deployment services in the
field of information security; providing user authentication
services in electronic transactions and communications;
software customization, installation and support; technical
support services, namely, troubleshooting in the nature of
diagnosing computer hardware and software problems; computer
security consultation; technical support services, namely,
technical consultation, advice and troubleshooting in
planning, migration and implementation of software and
equipment for the production and issuance of financial
cards, identity cards, smart cards, loyalty cards,
transportation cards, secure credentials and passports;
providing information via a website in the fields of
information security and cybersecurity; providing
information via a website in the fields of design and
personalization of financial cards, identity cards, smart
cards, loyalty cards, transportation cards, secure
credentials and passports; consulting services in the field
of internet and information security; providing information
regarding electronic monitoring of fraud, namely, in
relation to electronic or online fraud, electronic or online
fraud behavior patterns, electronic or online fraud
detection rules, electronic or online fraud detection data,
methods of combating electronic or online fraud, and
information and data via communications networks; providing
information by means of online web links to other web sites
for obtaining information regarding electronic monitoring of
fraud, namely, in relation to electronic or online fraud,
electronic or online fraud behavior patterns, methods of
combating electronic or online fraud, and electronic or
online fraud information and data.
09 - Scientific and electric apparatus and instruments
16 - Paper, cardboard and goods made from these materials
17 - Rubber and plastic; packing and insulating materials
37 - Construction and mining; installation and repair services
41 - Education, entertainment, sporting and cultural services
42 - Scientific, technological and industrial services, research and design
Goods & Services
Machines for automatically inserting or affixing plastic
cards or other objects including non-card form factors onto
or into transmittal forms; machines for inserting paper or
cards onto a carrier or into an envelope for transmittal;
envelope stuffing and inserting machines; envelope feeders;
embossing machines; machines for laser marking or engraving
on plastic cards, plastic sheets, and chip cards; printing
machines for commercial or industrial use and component
parts therefor; laser engraving machines; laser marking
machines; machines for milling plastic cards and embedding
integrated circuits in cards and using dies for punching
plastic; machines for embossing, encoding, topping and
laminating financial cards, identity cards, smart cards,
secure credentials, loyalty cards, transportation cards and
passports. Card issuance systems for financial cards, identity cards,
smart cards, loyalty cards, transportation cards, and secure
credentials comprised primarily of one or more of the
following, namely, printers, indent printers, encoders,
laminators, topcoat applicators, topping foil applicators,
optical character readers, optical scanners, cameras, card
readers, chip readers and writers, magnetic strip verifiers,
chip verifiers, microprocessor controllers, controllers for
multiple function embossing, encoding and printing systems,
feeders, stackers, sorters, label applicators, roller
cleaning tapes, and computer hardware and computer firmware
for operating such systems; passport issuance systems
comprised primarily of one or more of the following, namely,
printers, encoders, laminators, feeders, optical character
readers, optical scanners, cameras, card readers, chip
readers and writers, chip verifiers, microprocessor
controllers, controllers for multiple function embossing,
encoding and printing systems, and computer hardware and
computer firmware for operating such systems; desktop
printers, and printers comprised primarily of desktop
printers and embossers for printing, embossing, encoding,
topping, chip programming, and laminating financial cards,
identity cards, smart cards, loyalty cards, transportation
cards, secure credentials and passports; computer software
for secure issuance of financial cards, identity cards,
smart cards, loyalty cards, transportation cards, secure
credentials and passports; downloadable or recorded computer
software for managing the production process for financial
cards, identity cards, smart cards, loyalty cards,
transportation cards, secure credentials and passports;
downloadable or recorded computer software for managing data
and identity capture processes, and integrated workflow
functions and for the issuance and post-issuance of
financial cards, identity cards, smart cards, loyalty cards,
transportation cards, secure credentials, and passports;
downloadable or recorded computer software for designing,
customizing and personalizing financial cards,
identification cards, smart cards, loyalty cards,
transportation cards, secure credentials and passports, and
delivery forms and carriers; downloadable or recorded
computer software for electronic digitization of graphics
and images, namely, facial images, artwork, logos, secure
printing, microtext; computer peripherals for implementing
security features in financial cards, identity cards, smart
cards, loyalty cards, transportation cards, secure
credentials and passports; high-resolution optically
variable devices (OVDs) for use on identity documents;
downloadable or recorded computer software for fraud
detection management, fraud detection analytics and
reporting, and providing real time data feeds of fraud
intelligence; downloadable or recorded computer software for
authentication and authorization, namely, multi-factor
authentication and one-time passcodes; downloadable or
recorded computer software for encryption and decryption,
identity and access management, identity federation, and
e-mail security, namely, public key infrastructure (PKI) and
digital certificate issuance, verification, validation,
revocation and management; downloadable or recorded computer
software for searching and managing digital certificates
from multiple digital certificate authorities and providing
information to track their location, expiration, purpose or
status; downloadable or recorded computer software to secure
interaction between and among connected devices;
downloadable or recorded computer software for providing
internet security; downloadable or recorded computer
software for monitoring and control of online activity;
downloadable or recorded computer software for providing
online transaction security; downloadable or recorded
computer software for management of internet of things
(IoT)-enabled devices and to facilitate updates and remote
diagnostics of internet of things (IoT)-enabled devices;
downloadable or recorded computer software for data
analytics, namely, data aggregation, filtering and
edge-analytics for internet of things (IoT)-enabled devices;
downloadable or recorded computer software to enable users
to perform electronic business transactions via a global
computer network; downloadable or recorded computer software
for managing the preparation, issuance, tracking,
installation, de-installation, and maintenance of software
applications on smart cards; computer peripheral devices,
namely, accelerators and encryptographic accelerators for
data security; downloadable or recorded computer software,
namely, encoded computer programs and firmware for
encryption, decryption, signing, and verification of digital
signatures for use with hardware security modules,
accelerators and encryptographic accelerators for data
security; downloadable or recorded computer encryption
software for internet security; hardware security modules;
tamper-resistant computer hardware for the secure
management, processing, and storing of data and
cryptographic keys; downloadable or recorded computer
software and computer hardware for the protection of
cryptographic infrastructure; downloadable or recorded
encoded computer programs for security, namely, for data
encryption, key management, entity identification,
authentication, and warranting; downloadable mobile
applications for authorization, authentication, encryption,
decryption, identity and access management; print heads for
document printers. Adhesive labels; thermal and dye sublimation transfer
ribbons; indent printer ribbons; re-transfer printer
ribbons; printer roller cleaning tapes; polyester transfer
ribbon, adhesive cleaning tapes and adhesive cleaning
rollers for cleaning dust and debris from cards. Laminates, namely, clear and holographic polymeric topcoats
and overlays for plastic cards. Technical support services, namely, technical consultation,
advice, and troubleshooting in installation project
management, configuration, migration, installation and
implementation of equipment for the production and issuance
of financial cards, identity cards, smart cards, loyalty
cards, transportation cards, secure credentials, and
passports; installation, customization, maintenance, and
repair of computer hardware; installation, customization,
maintenance and repair of equipment for the production and
issuance of financial cards, identity cards, smart cards,
loyalty cards, transportation cards, secure credentials, and
passports. Training services in the field of information security and
cybersecurity, namely, authentication, encryption, public
key infrastructure (PKI) and digital certificates; training
services in the field of production and issuance of
financial cards, identity cards, smart cards, loyalty cards,
transportation cards, secure credentials and passports;
providing online non-downloadable videos in the fields of
information security, cybersecurity, and production and
issuance of financial cards, identity cards, smart cards,
loyalty cards, transportation cards, secure credentials and
passports; providing information regarding electronic or
online fraud news, via communications networks; providing
information by means of online web links to other web sites
for obtaining information regarding online fraud news. Authentication, issuance, verification, revocation, and
management of digital certificates; providing online
non-downloadable software for identity and access management
and identity federation; providing online non-downloadable
software for searching and management of digital
certificates from multiple digital certificate authorities
and providing information to track their location,
expiration, purpose or status, digital receipts, certificate
validation, encryption and permissions management services;
providing online non-downloadable software to secure
interaction between and among users, computer networks, the
internet, and connected devices; providing online
non-downloadable software for managing internal, external,
or federated identity information for access to information
resources and applications; providing online
non-downloadable software for management of internet of
things (IoT)-enabled devices and to facilitate updates and
remote diagnostics of internet of things (IOT)-enabled
devices; providing online non-downloadable software for data
analytics, namely, data aggregation, filtering and
edge-analytics for internet of things (IOT)-enabled devices;
providing online non-downloadable software for encryption,
decryption, authentication and verification of digital
signatures, identity management, fraud detection, secure
e-mail, and verification and management of digital keys and
credentials, namely, public key infrastructure (PKI) and
digital certificate issuance, verification, validation,
revocation, and management; providing an online,
non-downloadable cloud-based enterprise authentication
platform featuring flexible authentication capabilities and
a broad range of authenticators, assurance levels and access
controls; providing online non-downloadable software for
access control and identity authentication to control access
to websites, mobile devices, kiosks, physical access control
systems and other digital and physical resources and for
enforcing, restricting and controlling access to cloud,
mobile, or network computer resources; providing online
non-downloadable software for risk assessment of computers,
mobile devices, and users of software, computers, computer
networks, websites, mobile devices, kiosks, physical access
control systems, and other digital and physical resources;
providing user authentication services in electronic
transactions and communications; software customization,
installation and support; technical support services,
namely, troubleshooting in the nature of diagnosing computer
hardware and software problems; technical support services,
namely, technical consultation, advice and troubleshooting
in planning, migration and implementation of software and
equipment for the production and issuance of financial
cards, identity cards, smart cards, loyalty cards,
transportation cards, secure credentials and passports;
providing information via a website in the fields of
information security and cybersecurity, namely,
authentication, encryption, public key infrastructure (PKI)
and digital certificates; providing information via a
website in the fields of design and personalization of
financial cards, identity cards, smart cards, loyalty cards,
transportation cards, secure credentials and passports;
consulting services in the field of internet and information
security, namely, in the fields of authentication,
encryption, public key infrastructure (PKI) and digital
certificates; providing information regarding electronic
monitoring of fraud, namely, in relation to electronic or
online fraud, electronic or online fraud behavior patterns,
electronic or online fraud detection rules, electronic or
online fraud detection data, methods of combating electronic
or online fraud, and electronic or online fraud information
and data via communications networks; providing information
by means of online web links to other web sites for
obtaining information regarding electronic monitoring of
fraud, namely, in relation to electronic or online fraud,
electronic or online fraud behavior patterns, methods of
combating electronic or online fraud, and electronic or
online fraud information and data.
An impresser mechanism that is configured to create impressions on plastic cards. The impresser mechanism includes an anvil that is configured to resiliently support the plastic card while the impression is formed on the plastic card by a die. By resiliently supporting the plastic card while the impression is created, the resulting impression on the plastic card is substantially evened out.
09 - Scientific and electric apparatus and instruments
37 - Construction and mining; installation and repair services
42 - Scientific, technological and industrial services, research and design
Goods & Services
(1) Laser marking machines, laminators, topcoat applicators, topping foil applicators, feeders, stackers, sorters, label applicators, roller cleaning tapes, all for card issuance; laser marking machines, laminators, feeders, all for passport issuance; embossers for printing, embossing, encoding, topping, chip programming, and laminating financial cards, identity cards, smart cards, loyalty cards, transportation cards, secure credentials and passports.
(2) Card issuance systems for financial cards, identity cards, smart cards, loyalty cards, transportation cards, and secure credentials comprised of card printers, indent printers, encoders, optical character readers, optical scanners, cameras, card readers, chip readers and writers, magnetic strip verifiers, chip verifiers, and computer hardware and recorded computer firmware for operating such card issuance systems; passport issuance systems comprised of passport printers, encoders, optical character readers, optical scanners, cameras, card readers, chip readers and writers, chip verifiers, and computer hardware and recorded computer firmware for operating such card issuance systems; desktop printers, and printers comprised primarily of desktop printers; downloadable or recorded computer software for secure issuance of financial cards, identity cards, smart cards, loyalty cards, transportation cards, secure credentials and passports; downloadable or recorded computer software for managing the production process for financial cards, identity cards, smart cards, loyalty cards, transportation cards, secure credentials and passports; downloadable computer security software; downloadable computer software for identity capture processes, and integrated workflow functions and for the issuance and post-issuance of financial cards, identity cards, smart cards, loyalty cards, transportation cards, secure credentials, and passports; downloadable or recorded computer software for designing, customizing and personalizing financial cards, identification cards, smart cards, loyalty cards, transportation cards, secure credentials and passports, and delivery forms and carriers; downloadable or recorded computer software for electronic digitization of graphics and images, namely, facial images, artwork, logos, secure printing, microtext; computer hardware for implementing security features in financial cards, identity cards, smart cards, loyalty cards, transportation cards, secure credentials and passports; high-resolution optically variable devices (OVDs) for use on identity documents; downloadable or recorded computer software for real-time monitoring of networks, fraud detection management, fraud detection analytics and reporting, and providing real time data feeds of fraud intelligence; downloadable or recorded computer software for authentication, authorization, encryption and decryption, identity and access management, identity federation, and issuance, verification, validation, revocation and management of digital certificates; downloadable or recorded computer software for searching and managing digital certificates from multiple digital certificate authorities and providing information to track their location, expiration, purpose or status; computer software for data security; downloadable or recorded computer software for providing network, internet, and computer security; downloadable or recorded computer software for monitoring and control of computer and online activity; downloadable computer software and recorded computer software for providing online transaction security; computer software for accessing, querying and analyzing information stored in databases and data warehouses; downloadable or recorded computer software to enable users to perform electronic business transactions via a global computer network; downloadable or recorded computer software for managing the preparation, issuance, tracking, installation, de-installation, and maintenance of software applications on smart cards; computer hardware; computer hardware devices, namely, accelerators and encryptographic accelerators for data security; downloadable or recorded computer software, namely, computer programs and firmware for encryption, decryption, signing, and verification of digital signatures for use with computer hardware security modules, accelerators and encryptographic accelerators for data security; downloadable or recorded computer encryption software for internet security; computer hardware security modules; tamper-resistant computer hardware for the secure management, processing, and storing of data and cryptographic keys; computer hardware and computer software for the management of cryptographic security of electronic transmissions across computer networks; downloadable or recorded computer programs for security, namely, for data encryption, key management, entity identification, authentication, and warranting; computer software for use in the encryption and decryption of digital files; print heads for document printers (1) Technical support services, namely, providing technical advice in the field of equipment for the production financial cards, identity cards, smart cards, loyalty cards, transportation cards, secure credentials, and passports; technical consulting services in the field of installation, maintenance and repair of equipment for the production and issuance of financial cards, identity cards, smart cards, loyalty cards, transportation cards, secure credentials, and passports; troubleshooting in the nature of computer hardware repair and maintenance; installation, customization, maintenance, and repair of computer hardware; installation of custom equipment for the production financial cards, identity cards, smart cards, loyalty cards, transportation cards, secure credentials, and passports; technical support services in the nature of troubleshooting computer hardware repair issues; maintenance and repair of computer hardware.
(2) Authentication, issuance, verification, revocation, and management of digital certificates; software as a service (SAAS) services featuring non-downloadable security software; providing online non-downloadable software for issuance, verification, validation, revocation and management of digital certificates; providing online non-downloadable software for searching and management of digital certificates from multiple digital certificate authorities and providing information to track their location, expiration, purpose or status; software as a service (SAAS) services featuring computer software for use in the detection, analysis, mitigation and resolution of threats in the field of cybersecurity assessment and protection; digital certificate validation, encryption and permissions management services; software as a service (SAAS) services featuring non-downloadable software for computer network security; providing online non-downloadable software for managing internal, external, or federated identity information for access to information resources and applications; software as a service (SAAS) services featuring non-downloadable software for computer security; software as a service (SaaS) featuring data analytics, namely, data aggregation, filtering and edge-analytics all in the field of computer data privacy; providing online non-downloadable software for information security, encryption, decryption, authentication, and verification of data, digital signatures, identity management, fraud detection, and verification and management of digital keys and credentials; software as a service (SaaS) featuring non-downloadable software for multi-factor authentication, flexible authentication capabilities and a variety of authenticators; providing temporary use of non-downloadable authentication software for controlling access to and communications with computers, computer networks, software, applications, websites, mobile devices, kiosks, and physical access control systems; software as a service (SaaS) services featuring non-downloadable software for computer security risk management for computers, mobile devices, software, computer networks, websites, kiosks, and physical access control systems; computer security services, namely, enforcing, restricting and controlling access privileges of users of computing resources for cloud, mobile, or network resources based on assigned credentials; computer software installation, integration and deployment services in the field of information security; providing user authentication services in electronic transactions and communications; software customization, installation and support; technical support services, namely, troubleshooting in the nature of diagnosing computer hardware and software problems; computer security consultation; technical support services, namely, technical consultation, advice and troubleshooting in planning, migration and implementation of software and equipment for the production and issuance of financial cards, identity cards, smart cards, loyalty cards, transportation cards, secure credentials and passports; providing information via a website in the fields of information security and cybersecurity; providing information via a website in the fields of production and issuance of financial cards, identity cards, smart cards, loyalty cards, transportation cards, secure credentials and passports; consulting services in the field of internet and information security; providing information regarding electronic or online fraud, electronic or online fraud behavior patterns, electronic or online fraud detection rules, electronic or online fraud detection data, methods of combating electronic or online fraud, and electronic or online fraud news, information and data via communications networks; providing information by means of online web links to other web sites for obtaining information regarding electronic or online fraud, electronic or online fraud behavior patterns, methods of combating electronic or online fraud, and electronic or online fraud news, information and data.
