Packard bell TRUSTED PC User Manual

Download

Trusted PC

User Guide

Version 1.0

Table of Contents

EMBASSY Trusted PC User Guide

TABLE OF CONTENTS.................................................................................... 1

LIST OF FIGURES.......................................................................................... 3

1 INTRODUCTION ........................................................................................4

Welcome ......................................................................................................................... 4

EMBASSY........................................................................................................................4

Assistant..........................................................................................................................4

Document Manager.......................................................................................................4

EMBASSY CSP...............................................................................................................4

Packing Slip....................................................................................................................5

2 INSTALLING EMBASSY TRUSTED PC....................................................... 6

System Requirements..................................................................................................6

Installing EMBASSY Hardware: STEP 1....................................................................7

Installing EMBASSY Software: STEP 2.....................................................................8

Installing EMBASSY Software (cont’d).......................................................................9

Installing EMBASSY Software (cont’d).....................................................................10

Installing EMBASSY Software (cont’d).....................................................................11

Installing EMBASSY Software (cont’d).....................................................................12

Installing EMBASSY Software (cont’d).....................................................................13

Installing EMBASSY Software (cont’d).....................................................................14

Installing the Trusted PC Software: STEP 3..........................................................15

Installing the Trusted PC Software (cont’d)............................................................16

Installing the Trusted PC Software (cont’d)............................................................17

Uninstalling the Trusted PC Software.....................................................................18

3 EMBASSY REGISTRATION .....................................................................19

Registration Overview.................................................................................................19

Required Information..................................................................................................19

What Happens With My Information?.......................................................................19

PINs and Passwords..................................................................................................19

4 USING EMBASSY TRUSTED PC .............................................................. 21

Overview........................................................................................................................21

5 USING ASSISTANT ................................................................................22

Overview........................................................................................................................22

Assistant Interfaces.....................................................................................................23

Getting Help..................................................................................................................23

Using Assistant the First -Time.................................................................................24

Form Fill.........................................................................................................................33

Settings..........................................................................................................................34

Profile .............................................................................................................................35

Wallet .............................................................................................................................36

Contacts ........................................................................................................................37

Favorites........................................................................................................................38

6 USING DOCUMENT MANAGER .............................................................. 39

Overview........................................................................................................................39

Using Document Manager the First -Time..............................................................40

Using Document Manager After the First -Time.....................................................41

File Shredder................................................................................................................42

7 USING EMBASSY CSP............................................................................43

Using EMBASSY CSP.................................................................................................43

EMBASSY Trusted PC User Guide

8 TROUBLESHOOTING/HELP ....................................................................45

Problems with the Installation and EMBASSY.......................................................45

Problems with Assistant............................................................................................47

Problems with Document Manager.........................................................................49

EMBASSY Manager.....................................................................................................50

EMBASSY Manager: Applets Tab..............................................................................52

EMBASSY Manager: Resources Tab.......................................................................53

EMBASSY Manager: Synchronize Tab.....................................................................54

EMBASSY Manager: Password Tab.........................................................................55

EMBASSY Manager: Register Tab............................................................................56

EMBASSY Manager: Diagnostic Tab........................................................................57

Customer Support.......................................................................................................57

9 GLOSSARY OF TERMS...........................................................................58

Glossary ........................................................................................................................58

10 LEGAL NOTICES ................................................................................... 62

Legal Notices ...............................................................................................................62

Federal Communications Commission (FCC) Notice........................................62

EMBASSY 2100 Smart Card Reader Warranty......................................................64

EMBASSY Trusted PC Privacy Policy.......................................................................66

End User Software License Agreement ..................................................................69

List of Figures

EMBASSY Trusted PC User Guide

LIST OF FIGURES

Figure 1: EMBASSY Software Installation.......................................................8

Figure 2: Choose Setup language ...................................................................8

Figure 3: EMBASSY Trusted PC Welcome .....................................................8

Figure 4: EMBASSY Trusted PC License Agreement .......................................9

Figure 5: EMBASSY Manager (Register tab).................................................10

Figure 6: Registering Message (LCD instructions) .......................................... 12

Figure 7: EMBASSY 2100 Smart Card Reader...............................................13

Figure 8: EMBASSY Manager (registration succeeded) ..................................14

Figure 9: Enter PIN Prompt ..........................................................................15

Figure 10: Trusted PC Components..............................................................15

Figure 11: Enter PIN Prompt........................................................................16

Figure 12: Setup Status ...............................................................................16

Figure 13: EMBASSY Trusted PC InstallShield Wizard Complete ...................17

Figure 14: Trusted PC Launch Pad...............................................................21

Figure 15: Trusted PC Launch Pad-Assistant................................................22

Figure 16: Trusted PC Launch Pad...............................................................23

Figure 17: Starting Assistant........................................................................24

Figure 18: Assistant First-Time Setup...........................................................24

Figure 19: Assistant First-Time Setup -- Question & Answer ...........................25

Figure 20: Assistant First-Time Setup -- Wizard guide....................................26

Figure 21: Assistant First-Time Setup -- Name & Address information .............26

Figure 22: Assistant First-Time Setup -- Edit Profile.......................................27

Figure 23: Assistant First-Time Setup -- Credit Card information into Wallet.....28

Figure 24: Assistant First-Time Setup -- Credit Card info ................................29

Figure 25: Assistant First-Time Setup -- Add another credit card?...................30

Figure 26: Assistant First-Time Setup -- Backup ...........................................30

Figure 27: Assistant First-Time Setup -- Backup progress ..............................31

Figure 28: Assistant First-Time Setup -- Success ..........................................31

Figure 29: Trusted PC Launch Pad...............................................................32

Figure 30: Assistant Form Fill......................................................................33

Figure 31: Settings -- Options Tab ...............................................................34

Figure 32: Profile Tab ..................................................................................35

Figure 33: Wallet Tab ..................................................................................36

Figure 34: Contacts Tab..............................................................................37

Figure 35: Favorites Tab ..............................................................................38

Figure 36: Trusted PC Launch Pad...............................................................39

Figure 37: Document Manager: enter PIN....................................................40

Figure 38: Empty Document Manager.........................................................40

Figure 39: Document Manager with File.......................................................41

Figure 40: Document Manager Message .....................................................41

Figure 41: File Shredder Warning Message ...................................................42

Figure 42: EMBASSY Manager Applets Tab ..................................................52

Figure 43: EMBASSY Manager Resources Tab .............................................53

Figure 44: EMBASSY Manager Synchronize Tab...........................................54

Figure 45: EMBASSY Manager Password Tab ...............................................55

Figure 46: EMBASSY Manager Register Tab .................................................56

Figure 47: EMBASSY Manager Diagnostic Tab .............................................57

1 Introduction

Welcome

Welcome to the Trusted PC developed by Wave Systems Corp. The Trusted PC is a set of applications consisting of Assistant and Document Manager running on the EMBASSY® 2100 Smart Card

Reader, a programmable platform to enhance your PC’s security.

EMBASSY Trusted PC User Guide

EMBASSY

Assistant

Document Manager

EMBASSY CSP

The EMBASSY (EMBedded Application Security SYstem) platform consists of your EMBASSY Smart Card Reader and associated software. This programmable hardware security subsystem hosts secure application processing and provides access to secure resources such as storage, time, cryptography, and key management. EMBASSY is the underlying technology that embeds security and trust in the

Trusted PC application.

Assistant is an application that provides a secure and convenient way to

manage your Internet experience. Assistant provides wallet functionality for web browsing. Its features include form fill capability, and the secure storage of URLs, credit card, personal and contact information, usernames, and passwords.

Document Manager is a tool that provides a secure and convenient way to manage your documents. Document Manager secures digital files locally using the EMBASSY Cryptographic Service Provider (CSP) technology.

Independent of the Trusted PC application, you can use the EMBASSY Cryptographic Service Provider (CSP) technology to encrypt and decrypt files, documents, or text with applications that are designed to use a CSP. For example, the EMBASSY CSP can be easily used with Microsoft Outlook for encrypting email.

Packing Slip

EMBASSY Trusted PC User Guide

The Trusted PC package contains:

• EMBASSY 2100 USB Smart Card Reader. This special USB device is essential for Trusted PC use.

• Trusted PC Smart Card. This Smart Card is essential for Trusted PC use.

• Trusted PC Quick Start Guide. Information to get you up and running quickly.

• Trusted PC User Guide (this document). A manual with basic information on installation and usage of the Trusted PC. For more detailed information, please refer to the Assistant online help.

Should you be missing any of these components, please contact Customer Support (see page 57).

EMBASSY Trusted PC User Guide

2 Installing EMBASSY Trusted PC

System Requirements

To use the Trusted PC, you will need the following minimum hardware:

Minimum Hardware Requirements

• PC with a microprocessor, 100 MHz or greater.

• VGA monitor or better, set to a minimum resolution of 800 x 600 and

256 colors, or better. A screen resolution of at least 1024 x 768 is recommended for the install process.

• Modem or network card for Internet connection.

• EMBASSY 2100 USB Smart Card Reader.

• Trusted PC Smart Card.

• Hard disk space available: 9.5 MB

• USB port available.

These are the minimum hardware requirements; you may see an improvement in performance if your PC exceeds these requirements.

Minimum Software Requirements

• Microsoft ® Windows® XP operating system.

• Microsoft Internet Explorer ® (version 6.0 or above). If you do not

have Internet Explorer, you may download it free-of-charge from the Microsoft website (www.microsoft.com).

• Internet Service. Connectivity may be obtained through any ISP (Internet Service Provider) via a dialup modem, DSL (digital subscriber line) modem, cable modem, etc.

• Adobe Acrobat Reader. This so ftware is required to be able to read the EMBASSY Online User Documentation. You may download the software free of charge from the Adobe website (http://www.acrobat.com/).

Installing EMBASSY Hardware: STEP 1

EMBASSY Trusted PC User Guide

Important:

Before starting the Trusted PC installation, please close all open programs on your PC.

To install the EMBASSY hardware: Plug the EMBASSY Smart Card Reader (SCR) into an available USB

port on your PC. The Smart Card Reader display flashes “EMBAS

Installing EMBASSY Software: STEP 2

EMBASSY Trusted PC User Guide

Go to “Start>All Programs>PC Tool Kit and Services” and click

“Trusted PC Install.”

1. The following message is displayed prompting you to continue. Click Yes.

Figure 1: EMBASSY Software Installation

2. Choose the setup language by selecting your option from the drop down box. Click OK.

Figure 2: Choose Setup language

3. A wizard is installed to guide you through the rest of the installation, and the EMBASSY Trusted PC welcome window is displayed. Click Next to continue.

Figure 3: EMBASSY Trusted PC Welcome

EMBASSY Trusted PC User Guide

Installing EMBASSY Software (cont’d)

4. The EMBASSY Trusted PC License Agreement is displayed. Please read the license agreement. In order to continue, the License Agreement must be accepted (the installation will stop if the License Agreement is not accepted). Click Yes to continue.

Figure 4: EMBASSY Trusted PC License Agreement

5. The Legal Notice screen appears. You must check all the boxes and click I Agree to proceed:

o I agree that Wave Systems may use passive

tracking mechanisms in the manner described in the Policy.

Because the servers used to provide portions of the

Services are located in the United States, we will need to transfer your personal information to the United States. The laws of certain countries require us to obtain your consent before we do so.

o I agree to the transfer of my personal information

to your servers located in the United States in order to process my request.

o I understand that sensitive information will be

transferred to your servers located in the United States to the extent I choose to use the Services in conjunction with the same and I hereby consent to such transfer in each instance.

6. The installation program checks for an Internet connection for the registration process (described later in this document—see page 19) and if there is none, prompts you to establish one. If prompted, establish an Internet connection to continue.

EMBASSY Trusted PC User Guide

Installing EMBASSY Software (cont’d)

7. To register your EMBASSY Smart Card Reader, the following EMBASSY Manager window is displayed (for more information, please see section 3 EMBASSY Registration):

Figure 5: EMBASSY Manager (Register tab)

Certain information must be input through the PC keyboard and other information through the EMBASSY SCR keypad. This information is identified within the installation program and also in the instructions below.

Important:

Enter your information into the EMBASSY Manager using your PC keyboard.

Installing EMBASSY Software (cont’d)

EMBASSY Trusted PC User Guide

Enter your Required Information: a) Country: select from among those listed in the drop-down list box.

Choose your Reset Password Question: b) Question: you must select a question in order to reset your

password, which you will be prompted to answer after registration (the following step). Select a question from the list of available questions in the drop-down list box. Please keep in mind that the answer will be input via the EMBASSY SCR keypad. The questions have only a numeric answer.

EMBASSY Trusted PC User Guide

Installing EMBASSY Software (cont’d)

Enter your Personal Information: c) Select the desired registration option:

• Required for Customer Support and Advanced Services

q First Name, Last Name, Address Line 1, City,

State/Province, Zip/Postal Code

q First Name, Last Name, Email Address

• Required for Customer Support Only:

q First Name, Last Name, Address Line 1, City,

State/Province, Zip/Postal Code

q First Name, Last Name, Email Address

• None

q No required personal information

Important:

Have your numeric password selected before clicking the Register button. You will have only 60 seconds to enter the answer to your password-reset question and only 60 seconds to enter your password.

8. Click Register.

9. As the following message indicates, please watch the LCD on your EMBASSY Smart Card Reader for the next set of instructions:

Figure 6: Registering Message (LCD instructions)

10. Registration may take a little while (this is normal). The EMBASSY Smart Card Reader will prompt you to answer the Rest Password Question you selected in the EMBASSY Manager screen. You will also be prompted to create and re-enter your password.

EMBASSY Trusted PC User Guide

[Clear] button

[Enter] button

USB connection

LCD displa y

Keypad

Installing EMBASSY Software (cont’d)

Figure 7: EMBASSY 2100 Smart Card Reader

Important:

Enter the following information using the keypad on your EMBASSY Smart Card Reader (EMBASSY device prompts are depicted below in brackets).

Enter the following Reset Password Information:

a) Answer (Please enter answer to question:). This is the answer

to your Reset Password Question selected from the EMBASSY Manager window. Use the keypad to type in your answer and then press [Enter].

b) Re-enter Answer (Please re-enter answer:). Re -enter the

answer to verify that there are no input errors and press [Enter].

Example

If you selected the password-reset question “Father’s Date of Birth?” and his birth date is June 26, 1940, you would enter 06261940.

Enter the following Required Information:

c) Password (Please enter new password:). Type your password

and press [Enter]. Passwords must be at least 6 digits long.

d) Re-enter Password (Please re-enter password:). Re -enter the

password to verify that there are no input errors and press

[Enter].

Example

Choose a number that you will easily remember for your EMBASSY password, such as your own birth date.

Installing EMBASSY Software (cont’d)

EMBASSY Trusted PC User Guide

11. The LCD on the EMBASSY Smart Card Reader displays the progress. Upon success, the following message is displayed on the PC:

Figure 8: EMBASSY Manager (registration succeeded)

12. Click OK.

Installing the Trusted PC Software: STEP 3

EMBASSY Trusted PC User Guide

1. Messages are displayed as the various components of the Trusted PC are installed. First, you are prompted to enter your PIN (Personal

Identification Number). Enter your PIN using the EMBASSY SCR keypad and press [Enter].

Important:

This PIN is the numeric password that you created during the registration process. We will use the terms “PIN” and “password” interchangeably.

Figure 9: Enter PIN Prompt

2. A message is displayed containing a brief description of the Assistant and Document Manager applications. Click Next to continue.

Figure 10: Trusted PC Components

EMBASSY Trusted PC User Guide

Installing the Trusted PC Software (cont’d)

3. You are prompted to enter your PIN again. Enter your PIN using the EMBASSY SCR keypad and press [Enter].

Figure 11: Enter PIN Prompt

4. Please wait for Trusted PC Setup:

Figure 12: Setup Status

EMBASSY Trusted PC User Guide

Installing the Trusted PC Software (cont’d)

5. The EMBASSY Trusted PC InstallShield Wizard Complete screen is displayed. Click Finish to complete the Trusted PC installation:

Figure 13: EMBASSY Trusted PC InstallShield Wizard Complete

ËË The Trusted PC is now installed and ready for your use. ËË

Important:

Trusted PC has been installed under your current user account. Trusted PC is only accessible from this user account.

Do not install Trusted PC under another user account before uninstalling it from your current account. (See “Uninstalling the Trusted PC software”).

Uninstalling the Trusted PC Software

EMBASSY Trusted PC User Guide

To remove the Trusted PC from your computer:

1. Select Start > Control Panel.

2. Select the Add or Remove Programs option.

3. Remove Trusted PC:

a) Highlight Trusted PC to select it. b) Click the Change/Remove button. c) A wizard guides you through the process; follow the onscreen

instructions. You will be prompted to confirm the deletion.

Important:

You are about to remove all components of Trusted PC! If you continue the following items will be deleted:

- Files encrypted with Document Manager

- All information saved in Assistant

- Use of the EMBASSY CSP with other applications

During this process you may be asked to enter your EMBASSY PIN. Please watch your Smart Card Reader LCD for prompts.

NOTE: Uninstalling Trusted PC requires an Internet connection.

3 EMBASSY Registration

Registration Overview

Registration is a simple, one-time process that is completed during the software installation. The registration process connects to the EMBASSY server through the Internet and establishes an association for installing applets. Registering with personal information also provides the ability for you to receive technical support. Registration is a required process in order to use your Trusted PC software.

After completing the required fields on the online registration form and clicking “Register”, you will continue the registration process by:

EMBASSY Trusted PC User Guide

Required Information

What Happens With My Information?

PINs and Passwords

1. Creating your EMBASSY password (PIN), that will be used when you install and uninstall EMBASSY applets.

2. Providing an answer to a pre-selected question that enables you to reset your EMBASSY password (PIN).

The following entries are required for registration: Country, EMBASSY password, and Password Reset Question and Answer.

While personal information is optional, registering with personal information enables you to receive technical support and periodic information about EMBASSY and the Trusted PC. If you supply personal information, choose the option “For Customer Support and Advanced Services,” if you wish to receive periodic updates. Alternatively, choose the option “For Customer Support Only,” if you wish your information to only be used for customer support purposes.

Any personal information that you provide during registration is secure and only used for the purposes you agree to. (See page 66).

The numeric password that you create during the registration process is also known as a Personal Identification Number (PIN). It never leaves the security of the EMBASSY system. We will use the terms “PIN” and “password” interchangeably.

In addition to the EMBASSY PIN you have created, the Assistant and Document Manager applications also require PINs for their secure functions. It is your responsibility to remember what you have set as a

EMBASSY Trusted PC User Guide

password or PIN. While you may choose to set the PINs to be the same as your EMBASSY password, it is your responsibility to keep track of them. (The EMBASSY and Assistant applications both have functions that enable you to reset the password/PIN if you forget them.)

EMBASSY Trusted PC User Guide

4 Using EMBASSY Trusted PC

Overview

To start the EMBASSY Trusted PC double click on the Trusted PC icon, found on the Windows desktop or go to: Start>All Programs>EMBASSY>TrustedPC.

The EMBASSY Trusted PC Launch Pad runs on the desktop. It is a compact window that can be moved easily around the screen. The Launch Pad can be kept open while other programs are running. It is ready to assist in storing and accessing information. The Launch Pad consists of the following:

• Assistant. Use this application to easily and securely manage your online data.

• Packard Bell. Link to Packard Bell’s website.

• File Shredder. Use this application to completely remove files from

your PC.

• Document Manager. Use this applica tion to encrypt and decrypt files.

• Wave Systems. Link to Wave System’s website for more information on EMBASSY and the Trusted PC.

Figure 14: Trusted PC Launch Pad

5 Using Assistant

Overview

Assistant is an application that provides for secure data storage and

access. Its features include a variety of web companion functions that simplify everyday use of the Internet. Together, these tools will enable you to get to your favorite URLs quickly so that you can shop and manage your finances with security and convenience. The Assistant features include:

• Home Mode. You are in "Home Mode" when you run Assistant from the PC where you originally installed the software. In "Home Mode", your Smart Card is used for backup purposes and is not required to run Assistant. You must backup your data to your Smart Card to have updated data for "Guest Mode".

EMBASSY Trusted PC User Guide

• Guest Mode. You are in "Guest Mode" when you use your Smart Card at another PC that has Assistant installed. In "Guest Mode", your data is read from the Smart Card. While the data on the Smart Card is read only, you can save new information that is good only for your Guest Mode session.

• Form Fill. Quick, click -and-fill online form completion. The Form Filler retrieves applicable profile information when making purchases online.

• Settings. Administrative functions (options, backup, security, and startup). This includes the feature to back up your Assistant data to the Trusted PC Smart Card.

• Profile. Name and address information.

• Wallet. Credit card information.

• Contacts. Individual email addresses, telephone numbers, and

other information about your contacts.

• Favorites. Securely store favorite URLs with their associated User IDs and passwords.

Smart Card Presence

Form Fill Settings Profile Wallet Contacts

Home or Guest Mode

Figure 15: Trusted PC Launch Pad-Assistant

Assistant Interfaces

EMBASSY Trusted PC User Guide

• The System Tray icon, located at the bottom of the Windows toolbar, can be used to start the Launch Pad, perform certain administrative functions, login or logout of Assistant, open the Form Filler, start the online help, obtain information about Assistant, and exit Assistant.

• The Launch Pad runs on the desktop. It is a compact window that can be moved easily around the screen. When your Smart Card is inserted and the application is running, the Launch Pad view is the best presentation for all normal uses of Assistant. The Launch Pad can be kept open and is ready to assist in storing and accessing information.

Getting Help

Figure 16: Trusted PC Launch Pad

For more detailed information about how to use Assistant, please refer to the Assistant online help. To access the Assistant online help, click the ? button. The online help is structured with a table of contents and an index. You can also search for a particular topic and you can print individual topics.

Using Assistant the First-Time

EMBASSY Trusted PC User Guide

The First-Time you use Assistant, a setup process walks you through the steps required to enter a PIN, name and address, and other related information. For more information, please refer to the Assistant online help. To access the Assistant online help, click the ? button.

1. Double click Assistant button on the Trusted PC launch pad to

begin or go to: Start>Programs>EMBASSY>Trusted PC.

Figure 17: Starting Assistant

2. Insert your Smart Card into the EMBASSY Smart Card Reader

(SCR) face up. The smart chip should be completely inside the reader. As the following message indicates, you will need to designate a PIN in order to use the secure functions of

Assistant. Click OK:

Figure 18: Assistant First-Time Setup

EMBASSY Trusted PC User Guide

3. The SCR LCD displays: Select PIN: Enter the desired PIN,

using the secure keypad on the SCR and press [Enter]. Numeric PIN must have 4-8 characters.

4. The SCR LCD displays: Confirm PIN: Enter the PIN again and

press [Enter].

5. You are prompted to enter an Unlock Challenge (consisting of a

question and answer). Type in a question and the answer to that question that you will always remember (ex. QUESTION: “What’s my dog’s name?” ANSWER: “Spot”). Use the keyboard to enter the information and remember that both responses are case sensitive. Click OK:

Figure 19: Assistant First-Time Setup -- Question & Answer

EMBASSY Trusted PC User Guide

6. A wizard will guide you through the rest of the setup process.

Click OK:

Figure 20: Assistant First-Time Setup -- Wizard guide

7. The following screen displays information about the Assistant

Profile feature. Click OK:

Figure 21: Assistant First-Time Setup -- Name & Address information

EMBASSY Trusted PC User Guide

8. The Edit Profile screen is displayed. Enter your name and

address information (required fields are designated with an *). Click OK. Please note that this information can be changed at a later date using Profile.

Figure 22: Assistant First-Time Setup -- Edit Profile

EMBASSY Trusted PC User Guide

9. The following window displays information about the Assistant

Wallet feature. Click OK:

Figure 23: Assistant First-Time Setup -- Credit Card information into Wallet

EMBASSY Trusted PC User Guide

10. The Credit Card window is displayed. Enter your credit card

information (required fields are indicated with an *). Your billing address must match the credit card company’s records. Create New Address if necessary. Click Save:

Figure 24: Assistant First-Time Setup -- Credit Card info

EMBASSY Trusted PC User Guide

11. You have the opportunity to enter another credit card if you

choose to do so (click Yes). Otherwise, click No.

Figure 25: Assistant First-Time Setup -- Add another credit card?

12. The following window displays information about the importance

of backing up your personal data. Click OK:

Figure 26: Assistant First-Time Setup -- Backup

EMBASSY Trusted PC User Guide

13. A current backup is made with the information just entered. The

following window displays the progress of the backup:

Figure 27: Assistant First-Time Setup -- Backup progress

Upon completion, the following message is displayed. Click OK:

Figure 28: Assistant First-Time Setup -- Success

EMBASSY Trusted PC User Guide

14. The Trusted PC Launch Pad opens and is ready for your use:

Figure 29: Trusted PC Launch Pad

Form Fill

EMBASSY Trusted PC User Guide

The Assistant Form Fill allows you to easily provide your name, address, and credit card information when making purchases online. You can easily click -and-fill or drag-and-drop the information from the Form Fill into website forms. This feature is used when you choose to manually fill a form. (See Getting Help on page 23).

Figure 30: Assistant Form Fill

Settings

EMBASSY Trusted PC User Guide

Assistant Settings provides access to your program preferences and

startup options. It also provides backup and data restore capabilities. (See Getting Help on page 23).

Figure 31: Settings -- Options Tab

The following tabs are included:

• Options. The Options tab allows you to configure web form fill, website login, browser window, auto capture, timeout, and database lookup options within Assistant.

• Backup. The Backup tab provides the ability to backup to your Smart Card, restore from your Smart Card, or clear personal data from your secure Assistant data store. It also provides information about your Assistant and Smart Card status.

Profile

EMBASSY Trusted PC User Guide

• Security. The Security tab provides you with the ability to change your Assistant PIN, unlock Assistant, change the unlock challenge, and specify when your PIN is required.

• Startup. The Startup tab allows you to configure the actions taken upon PC startup as well as Trusted PC startup.

Assistant Profile stores your personal profile information, including your name, address, phone number, and email ID. You can store various profiles so that you can organize your information by home, office, etc. You cannot have more than one active profile. (See Getting Help on page 23).

Figure 32: Profile Tab

Wallet

EMBASSY Trusted PC User Guide

The Assistant Wallet can store your data for several credit cards. You will find everything necessary for a credit card transaction, including: card type, name on the card, card number, expiration date, and billing address. This information can be easily accessed when making online purchases. You can even designate one of the credit cards as the default credit card. The Wallet tab lists all of your credit cards. (See Getting Help on page 23).

Figure 33: Wallet Tab

Contacts

EMBASSY Trusted PC User Guide

Assistant Contacts stores information about your contacts. Using the

Contacts tab, you can insert individual email addresses, telephone numbers, and other information about people with whom you are in contact. You can create folders to organize your contacts. You can create contact groups that enable you to send email to several people using a single email reference. You can also import email address books from other email applications. (See Getting Help on page 23).

Figure 34: Contacts Tab

Favorites

EMBASSY Trusted PC User Guide

Assistant Favorites stores all your favorite URLs and organizes them by

folder. User IDs and passwords associated with sp ecific websites may be securely stored along with the URLs. When you double-click your URLs on the Launch Pad, the Favorite will load in your default browser. (See Getting Help on page 23).

Figure 35: Favorites Tab

Document Manager

6 Using Document Manager

Overview

Use Document Manager to encrypt and securely store your documents within the secure data store of the Trusted PC. The Document Manager is integrated into the Trusted PC interface and is available directly from the Trusted PC Launch Pad.

Document Manager includes facilities to secure files on your PC (Document Manager icon) as well as the ability to shred files (File Shredder icon).

EMBASSY Trusted PC User Guide

File Shredder Icon

Icon

Figure 36: Trusted PC Launch Pad

Using Document Manager the First-Time

EMBASSY Trusted PC User Guide

Important:

This PIN is NOT recoverable if forgotten!!

1. Click on the Document Ma nager icon in the Trusted PC launch

pad. The following screen displays:

Figure 37: Document Manager: enter PIN

2. Enter your new numeric PIN using the SCR keypad (ex. 1234). A

minimum of 4 numbers is necessary. The following screen will appear:

Figure 38: Empty Document Manager

EMBASSY Trusted PC User Guide

3. To encrypt and store a file using Document Manager, drag and

drop the desired file to the Document Manager screen. Your file will be stored in the Document Manager as seen below:

Using Document Manager After

the First-Time

Figure 39: Document Manager with File

4. Watch your status bar to check your encryption progress.

To encrypt and store a file using Document Manager now that you’ve completed first -time setup:

1. Drag and drop the desired file into the Document Manager icon

on the Trusted PC Launch Pad. The following window is displayed. Click Yes to continue:

Figure 40: Document Manager Message

2. The EMBASSY SCR displays “Enter Current PIN:”. Type your

PIN using the SCR keypad and press [Enter]. The SCR displays “PIN entry ok”.

File Shredder

EMBASSY Trusted PC User Guide

You will receive a message confirming the encryption. The file is now stored in the secure data store of the Trusted PC.

To decrypt a file, highlight it. Click Decrypt. The file will be restored, unencrypted, to its original location.

To delete a file, highlight it. Click Remove. The file is now deleted.

Important:

Do not encrypt files that Microsoft Windows needs to run your computer.

Use the Document Manager File Shredder to shred files no longer wanted or needed.

To shred a file using Document Manager:

1. Drag the desired file to the File Shredder icon in the Trusted PC

Launch Pad. The following message is displayed asking you to confirm the action. Click Yes to continue. You will receive a confirmation message that the file has been shredded.

Figure 41: File Shredder Warning Message

Important:

Files cannot be recovered once they are shredded.

7 Using EMBASSY CSP

Using EMBASSY CSP

The EMBASSY CSP allows Microsoft Windows® to use the EMBASSY hardware to sign and/or encrypt email. The Trusted PC includes support for Microsoft’s CryptoAPI. The CryptoAPI allows Windows to use the resources of EMBASSY for basic cryptographic functions. Therefore, programs such as Microsoft Outlook or Outlook Express can use the resources of EMBASSY to sign or encrypt email.

Sending Signed Email

EMBASSY Trusted PC User Guide

You can automatically sign all your outgoing email using your digital certificate installed in your email application. Signed email allows an email recipient to verify your identity.

Sending Encrypted Email

Encrypting an email message prevents others from reading it during transmission. To encrypt an email message, you need the digital certificate of the person you are sending the email to. You use the public key in the recipient's digital certificate to encrypt the email message. Then when the recipient receives it, only he/she can decrypt it using the corresponding private key they keep protected on their PC.

Receiving Encrypted Email

When you receive an encrypted email message (the sender used your digital certificate to encrypt it), you will use your private key (which is kept safe inside your EMBASSY 2100 Smart Card Reader), to decrypt the message.

Sending Your Digital Certificate to Someone

To send someone your digital certificate so that they may send you encrypted email, simply send a digitally signed email to them. They can quickly add your certificate to their address book so that all future correspondence is automatically encrypted.

Retrieving Someone's Digital Certificate

To get someone else's digital certificate, you may ask them to send you a signed email. The signed email has the person’s digital certificate embedded in the email, by simply adding them to your address book, their public key is stored for future use.

EMBASSY Trusted PC User Guide

Following are some steps to get you started on this process.

GETTING STARTED: Step 1: You must first complete the entire installation process

described in this user manual. Step 2: Add an email account to Microsoft Outlook or Outlook Express.

You will need to have a preexisting account or set up an account with an Internet Service Provider or online service, such as Hotmail.

Step 3: Generate a certificate. Two reliable sources for digital certificates are Verisign (www.verisign.com) and Thawte (www.thawte.com). These providers are called Certificate Authorities. They provide a trusted infrastructure to authenticate your certificate against a trusted certificate held by the company. Visit the respective site to generate a certificate. You may choose a free certificate, or for higher authenticity, a verified certificate.

Step 4: When you enroll, you will specify basic information, such as your name and email address. Please be aware that you may be asked for your personal ID number. This allows a basic trust to be established with the Certificate Authority. When the certificate program asks you for your email address, specify the email address you used in Step 2.

Step 5: When the certificate program prompts you to choose a Cryptographic Service Provider, make sure you choose EMBASSY_csp from the list of CSPs. This will ensure that the cryptographic keys are created in the EMBASSY Smart Card Reader and that the private key is secure within the device.

Step 6: You will receive an email from the ce rtificate provider with instructions on how to retrieve and install your digital certificate into your email program.

Step 7: Verify that the certificate was correctly installed in Microsoft Outlook or Outlook Express by bringing up Tools > Accounts > Mail. Select your email account and select Properties. Select the Security tab and next to the certificate, choose Select, and a box will come up with the certificate that you just received.

Step 8: Compose an email, and before sending it, bring up the Options box. Select Add Digital Signature to sign the email.

Step 9: Send the email.

If you have installed someone else’s digital certificate, you can encrypt an email that only that person can read by selecting Encrypt in the Options box. If you have received an encrypted email from someone else that used your digital certificate, only you will be able to read the email.

8 Troubleshooting/Help

EMBASSY Trusted PC User Guide

Problems with the Installation and EMBASSY

Symptom Problem Resolution

Software Installation failed

Smart Card Reader was not plugged in properly

EMBASSY device driver was not loaded properly

1. Unplug the Smart Card Reader from the USB port on your PC.

2. Re-plug the Smart Card Reader into the USB port on your PC.

3. Insert the Installation CD.

4. Ensure the device drivers are installed properly (see below).

5. Follow the on-screen prompts to install the software again or double click Setup.exe from the CD to start it manually.

1. Plug Smart Card Reader into the USB port on your PC.

2. On the Windows taskbar, click the Start button.

3. On the Start menu, click Settings -> Control Panel.

4. Double click on System. Click the Hardware then Device Manager tabs.

5. Click the + sign next to Smart Card Readers to expand that folder.

6. EMBASSY 2100 Smart Card Reader should appear in the list. If not present, make sure the Smart Card Reader is plugged in securely. If it is still not working or there is a yellow question mark next to the entry, manually add the driver as described directly below.

EMBASSY Trusted PC User Guide

Symptom Problem Resolution

EMBASSY driver installation failed

PC application does not read Smart Card

Windows could not locate the driver

EMBASSY device driver was not loaded properly

1. Highlight the entry in the Device Manager list (see above).

2. Selection Action -> Uninstall or Remove .

3. Click OK.

4. Unplug the Smart Card Reader and reconnect it again. You should see the prompt New Hardware Found. Follow the directions under “Installing Drivers and Software” to install the driver.

5. If the New Hardware Found prompt does not appear, unplug the Smart Card Reader, reboot the PC, and plug in the Smart Card Reader again.

6. If it still does not appear, on the Windows taskbar, click the Start button.

7. On the Start menu, click Settings -> Control Panel.

8. Double click on Add (New) Hardware and follow the instructions on the screen.

9. If an error recurs, contact Technical Support.

1. Plug Smart Card Reader into the USB port on your PC.

2. On the Windows taskbar, click the Start button.

3. On the Start menu, click Settings -> Control Panel.

4. Double click on System. Click the Hardware then Device Manager tabs.

Application is restricted to specific hardware

Smart Card is not inserted properly or at the appropriate time

Smart Card is not appropriate for the application

5. Click the + sign next to Smart Card Readers to expand that folder.

Check the documentation for your PC application to determine which Smart Card Readers are supported and how to select the EMBASSY 2100 Smart Card Reader.

When prompted, insert your Smart Card into the Smart Card terminal slot on top of the Smart Card Reader. The card should be facing up with the smart chip on top and toward the bottom of the card. The smart chip should be completely inside the terminal.

Check the documentation for your PC application to determine which Smart Cards are supported.

EMBASSY Trusted PC User Guide

Symptom Problem Resolution

Problems with Assistant

Secure PIN entry is not recognized

Smart Card Reader display window is blank or shows all black boxes

Smart Card Reader display window is flashing “EMBASSY ”

Smart Card Reader display window shows a system error

Application is not set up to enable secure PIN and/or Smart Card is not the appropriate type.

Smart Card Reader was not plugged in properly

Software installation did not complete successfully

Smart Card Reader was not plugged in properly or application function was attempted before software was loaded

Check the documentation for your PC application to determine the setup procedure and which Smart Cards are supported.

Unplug the USB connector from the PC and plug it back in again. Make sure the USB connector is solidly inserted in to the PC. If the display on the EMBASSY 2100 Smart Card Reader is still blank, contact Technical Support or refer to your Certificate of Warranty for details.

Unplug the Smart Card Reader, and plug it back in again. Then follow the instructions in this manual to install or reinstall the EMBASSY software.

System messages indicate that the EMBASSY software cannot communicate with the Smart Card Reader. Ensure that the Smart Card Reader is plugged in appropriately to the PC and that the word EMBASSY is displayed steadily in the display window. Try your operation again.

Symptom Problem Resolution

PIN entry is not recognized for Assistant

PIN is not entered correctly

Assistant requires that all PIN entries be performed on your secure EMBASSY Smart Card Reader.

When entering your PIN, ensure that you firmly press the desired key on your Smart Card Reader. A correctly pressed key will result in an asterisk on the EMBASSY Display. If no asterisk is displayed, re-enter by pressing the desired key more firmly.

You must press the ENTER button on the EMBASSY Smart Card Reader after you have entered your PIN.

You can cancel a PIN entry by pressing the STOP button on your EMBASSY Smart Card Reader.

EMBASSY Trusted PC User Guide

Symptom Problem Resolution

Assistant forces me to perform a “FirstTime Setup”

I forgot my PIN for Assistant

Can log in for Guest Mode, but not at home

Normal operation for first time use of Assistant

Need to reset PIN

Changed PIN in Guest Mode

Assistant provides security for your personal information. You select a PIN (Personal Identification Number) to control access to information that you store in Assistant. An additional feature is Assistant’s secure and convenient way for you to reset your PIN if you forget it. This is called the Challenge Question. The Challenge Question is a question that you choose, to which only you know the answer. If the situation arises where you have forgotten your PIN, you will be allowed to select a new PIN after successfully answering the Challenge Question. First-Time Setup guides you in setting your Assistant PIN and Challenge Question and Response. Assistant cannot be used until these items are set.

Assistant provides a built-in way for you to reset your PIN when the original PIN is not known. This is called “Unlock Assistant” and it is accessible via the Security Tab in Assistant Settings. Simply insert your Smart Card, click the Unlock button, answer your Challenge question (it is case-sensitive) and you will be allowed to set a new PIN for Assistant.

In Guest Mode, you are away from your Home PC and you are using your Smart Card to transport your personal information. In the instance that you forget your PIN, Assistant allows you to use the Assistant Unlock capability to reset your PIN. PERFORMING AN ASSISTANT UNLOCK IN GUEST MODE RESULTS IN A PIN ON YOUR SMART CARDTHAT IS DIFFERENT FROM YOUR HOME PIN. This allows you to access the information on your Smart Card while you are away from your Home PC. Once you return to your Home PC, you should correct this by performing the following steps: 1. Start Trusted PC, 2. Login to Assistant or, if the PIN is not available, reset your PIN using the Unlock Assistant function (see “I forgot my PIN for Assistant”), 3. Insert your Smart Card, 4. Perform a Backup operation; this is accessible via the Backup Tab in Assistant Settings.

Assistant fills some forms but not others

Some web forms use non-standard programming

When enabled, Assistant will attempt to fill all browser-based forms with the appropriate information from your profile. Assistant will almost always be successful in performing this function, but unfortunately, there are times that Assistant will not successfully fill a web form. Problems filling forms are typically due to non-standard programming practices used by the Web designers who created the troublesome form. Wave Systems Corp. is constantly striving to handle these nonstandard situations but there is always a chance to finding a form that will not fill automatically or correctly. Use the following tips to ensure proper form filling:

1. Visually check each field filled by Assistant for correctness and manually correct if necessary.

2. Use the Manual Form Fill to fill forms that will not fill automatically.

EMBASSY Trusted PC User Guide

Symptom Problem Resolution

Previously saved username and password will not fill for some websites

Assistant will not prompt to save new username and password:

I need to restore my Assistant data

Some web forms use non-standard programming

Trusted PC was reinstalled

When enabled, Assistant will attempt to automatically fill the username and password for each saved website. Assistant will almost always be successful in performing this function, but unfortunately, there are times that Assistant will not successfully fill in a username and password. Problems filling usernames and passwords are typically due to non-standard programming practices used by the Web designers who created the troublesome login pages. When this situation occurs, you can retrieve the username and password from your Assistant Favorites. You can then manually enter the username and password to login.

When enabled, Assistant will attempt to automatically save the username and password for each website to which you login. Assistant will almost always be successful in performing this function, but unfortunately, there are times that Assistant will not successfully prompt to save a username and password. Problems in prompting to save usernames and passwords are typically due to non-standard programming practices used by Web designers who created the troublesome login pages. When this situation occurs, you can manually create an entry in Assistant Favorites and fill in the appropriate login information for later reference.

To restore your Assistant after a reinstall of the Trusted PC software, perform the following steps:

1. Insert your Smart Card.

Problems with Document Manager

2. Start Trusted PC and login to Assistant. (You will be in Guest Mode.)

3. Perform a Restore from the Backup tab in Assistant Settings. At the completion of these steps, your Assistant data will be restored securely into your EMBASSY device.

Symptom Problem Resolution

File Too Large error when trying to encrypt a file

File is not encrypted

When performing a move, original file is not deleted

File size is too large

Encrypting a shortcut

File is read only

File is open by another program

Document Manager can encrypt files up to 10 MB in size. Ensure that your file size is within this limit.

If you want to encrypt a shortcut, Document Manager only encrypts the actual shortcut, not the original file that the shortcut is referring to.

Document Manager can encrypt files marked as read-only, but will not delete the original file during a move. You can manually delete the read-only file.

If another program is using the file that you are moving to the vault, Document Manager will not delete the file during a move. You can manually delete the file once it is no longer in use by the other application.

EMBASSY Trusted PC User Guide

Symptom Problem Resolution

EMBASSY Manager

Keyset Failure error when trying to decrypt a file

Dragging a file to the Launch Pad acts differently than to the Vault

EMBASSY Manager is an application that is used to verify and manage the settings of your EMBASSY 2100 Smart Card Reader.

Use the EMBASSY Manager when you want to:

You uninstalled, and then reinstalled, the EMBASSY components

Application performs the operation differently

If you uninstall and reinstall the EMBASSY software after encrypting files, the encrypted files can no longer be decrypted as new keys are automatically created. Therefore, you MUST remove/decrypt all the contents of your vault BEFORE uninstalling your Trusted PC.

When you drag and drop a file onto the Document Manager icon in the Trusted PC Launch Pad, the file is COPIED to the vault. That is, you must copy (CTL+C) the file onto the Launch Pad.

When you drag and drop a file into the vault directly, the file is MOVED to the vault. That is, you must drag and drop the file into the vault.

• Change your device/EMBASSY password

• Reset your password and enter a new password because you’ve

forgotten the password you created during registration

• Have the EMBASSY 2100 Smart Card Reader remember your password for you so you won’t have to enter it again for the installation and uninstall of applets

• Register the EMBASSY 2100 Smart Card Reader manually because registration was not successful during the initial software installation

• Verify information for technical support

How to launch EMBASSY Manager:

EMBASSY Trusted PC User Guide

To open EMBASSY Manager, go to C:\Program Files\Wave Systems Corp\EMBASSY \bin (if C:\ is your hard drive letter) and double click on the executable Embassy Manager.

WARNING: Do not modify, delete or open any other file under the folder Wave Systems Corp.

EMBASSY Manager: Applets Tab

EMBASSY Trusted PC User Guide

The EMBASSY Manager has 6 tabs that are described in the following pages.

Applets Tab: Applets are small applications that run in the EMBASSY Smart Card Reader and which are activated by larger applications running on your PC. The Applets tab lists all applets installed on your EMBASSY Smart Card Reader. Do not uninstall any applets unless directed by a software manufacturer. Applets are an integral part of EMBASSY -enabled programs and could render the application inoperable.

Figure 42: EMBASSY Manager Applets Tab

EMBASSY Manager: Resources Tab

EMBASSY Trusted PC User Guide

Resources Tab: This tab lists the resources and capabilities of the EMBASSY Smart Card Reader. (This page is for technical support only.)

Figure 43: EMBASSY Manager Resources Tab

EMBASSY Manager: Synchronize Tab

EMBASSY Trusted PC User Guide

Synchronize Tab: This tab shows the last time the Smart Card Reader was synchronized. The EMBASSY Smart Card Reader is periodically synchronized with a secure time source. If you experience problems, Customer Service may ask you to manually synchronize your unit by clicking Synchronize Now . (Synchronizing requires an active Internet connection.) Synchronizing the unit manually resets the required synchronization clock ahead 30 days.

Figure 44: EMBASSY Manager Synchronize Tab

EMBASSY Manager: Password Tab

EMBASSY Trusted PC User Guide

Password Tab: Use this tab to change your device/EMBASSY password, reset your password, or have EMBASSY Manager remember your password for you.

Figure 45: EMBASSY Manager Password Tab

EMBASSY Manager: Register Tab

EMBASSY Trusted PC User Guide

Register Tab: Use this tab if the EMBASSY Smart Card Reader was not successfully registered during the initial setup. Once the Smart Card Reader is registered, this page becomes inactive for your protection. To change your registration information, contact Customer Service.

Figure 46: EMBASSY Manager Register Tab

EMBASSY Manager: Diagnostic Tab

EMBASSY Trusted PC User Guide

Diagnostic Tab: This tab allows you to run tests on your EMBASSY 2100 Smart Card Reader to ensure that all functions are working properly. (For technical support use only.)

Customer Support

Figure 47: EMBASSY Manager Diagnostic Tab

Support for the Trusted PC can be found at the following locations.

For Netherlands support http://www.packardbell.nl/support For Belgium support http://nl.packardbell.be/support

9 Glossary of Te rms

EMBASSY Trusted PC User Guide

Glossary

Term Definition

Applet A small program that runs within the

processor of the EMBASSY 2100 Smart Card Reader.

Assistant An application that provides wallet

functionality for web browsing. Its features include form fill capability, storage of URLs, credit card, personal and contact information, usernames, and passwords.

Auto Sync An application that ensures that the real-

time clock embedded in the EMBASSY 2100 Smart Card Reader is synchronized.

Cable (connection) A high-speed data connection for your PC

provided by Cable TV operators.

CSP Cryptographic Service Provider – a

software and/or hardware service that performs cryptographic functions for PC security.

Decrypt (Decryption) The process of turning encrypted text

back into plain text.

Digital Certificate A digital certificate is an electronic ID that

establishes your credentials when doing business or other transactions on the Web. It contains your name, a serial number, expiration dates, a copy of your public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real.

Document Manager

An application to encrypt and securely store your documents within the secure data store on your PC.

EMBASSY Trusted PC User Guide

Term Definition

Drivers (Hardware) The software components installed on

your PC, which enable the hardware to work properly.

DSL (connection) Digital Subscriber Line -- A high-speed

data connection for your PC using regular phone lines. A DSL circuit is much faster than a regular phone connection, and the wires coming into the subscriber's premises are the same (copper) wires used for regular phone lines.

EMBASSY EMBedded Application Security System --

A programmable hardware security subsystem consisting of a security co processor embedded in a Smart Card Reader. EMBASSY hosts secure application processing and provides access to secure resources such as storage, time, cryptography, and key management.

EMBASSY Manager An application used to verify and manage

the settings of the EMBASSY 2100 Smart Card Reader.

Encrypt (Encryption) The process of using keys and algorithms

to disguise a message or file in such a way as to hide its substance.

File Shredder A component of the Document Manager

application that deletes a file and erases all indications of it. A shredded file cannot be recovered.

Icon A small picture or object in Windows that

represents a file, program, web page, or command. Most of the time, the icon picture relates to the funct ion of the item that it represents.

Installation Program The software program that is used to

install EMBASSY and the Trusted PC applications.

InstallShield The software package used to create the

installation programs.

LAN (connection) Local Area Netwo rk -- a computer

network (or data communications network) that is confined to a limited geographical area.

Launch Pad A compact window/view that contains

icons for the best presentation of the normal uses of the Trusted PC.

EMBASSY Trusted PC User Guide

Term Definition

LCD (Display) Liquid Crystal Display – the display

window on your EMBASSY 2100 Smart Card Reader.

License Agreement The legal agreement to license the

Trusted PC software that must be accepted by the user during the installation process.

Contacts A tab in the Assistant application to

manage email addresses, telephone numbers, and other information about people with whom you are in contact.

Profile A tab in the Assistant application to

manage and store personal profile information, including your name, address, phone number, and email ID.

Wallet A tab in the Assistant application to store

data for credit cards.

PIN Personal Identification Number – used for

individual access to secure functions of the Trusted PC application.

Preferred Display Settings

The display settings of the PC recommended to the user for optimum experience and performance from the software.

Smart Card A plastic card the size of a credit card,

with an embedded microchip that is used to back up the data from the Trusted PC application.

System Tray The system tray is a taskbar in the

Windows desktop user interface that is used to display the clock and the Trusted PC to enable the user to easily start the Launch Pad.

URL

Uniform Resource Locator - the standard way to give the address of a resource on the Internet that is part of the World Wide Web (www). A URL looks like this: “http://www.wave.com".

USB Port Universal Serial Bus is a new method of

connecting peripheral devices to a PC. The port is the slot on the PC where the USB connector of the EMBASSY 2100 Smart Card Reader is plugged in.

EMBASSY Trusted PC User Guide

Term Definition

VGA Monitor Video Graphics Adapter -- an adapter

card which uses processors and memory to process data for display on a monitor. VGA is a circuit board that translates the information in your computer for display on the mo nitor. This will be described in the documentation for your PC.

Wizard A software program that steps a PC user

through a process, such as installing the Smart Card Reader driver or installing software.

10 Legal Notices

Legal Notices

Federal Communications Commission (FCC) Notice

GOVERNMENT RIGHTS LEGEND: Use, duplication, or disclosure by the U.S. Government is subject to restrictions set forth in the applicable Wave Systems Corp. license agreement and as provided in DFARS 227.7202-1(a) and 227.7202-3(a) (1995), DFARS 252.227-7013(c)(1)(ii) (Oct 1988), FAR 12.212(a) (1995), FAR 52.22719, or FAR 52.227-14, as applicable. IMPORTANT NOTE TO USERS: This software is provided by Wave Systems Corp. as is and any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall Wave Systems Corp. be liable for any direct, indirect, incidental, special, exemplary, or consequential damages (including, but not limited to, procurement of substitute goods or services; loss of use, data, or profits; or business interruption) however caused and on any theory of liability, whether in contract, strict liability, or tort (including negligence or otherwise) arising in any way out of the use of this software, even if advised of the possibility of such damage. The product contains strong encryption features and is currently classified for limited export from the United States. It is your responsibility to conform to U.S. export laws. Export of strong encryption products from the United States is regulated under "EI controls" of the Export Administration Regulations (EAR, 15CFR 730-744) of the U.S. Department of Commerce, Bureau of Export Administration (BXA). By the laws of the United States Bureau of Export Administration, you are prohibited from transferring ownership, control, or from exporting Wave’s technology to others. Wave Systems Corp. reserves the right to make changes without further notice to any products herein to improve reliability, function, or design. TRADEMARKS: Wave™ is a registered trademark of Wave Systems Corp. EMBASSY™ is a registered trademark of Wave Systems Corp. Other products mentioned in this document are trademarks or registered trademarks of their respective holders. Disclaimer of warranty Wave Systems Corp. makes no representations or warranties, either express or implied, by or with respect to anything in this document, and shall not be liable for any implied warranties of merchantability or fitness for a particular purpose or for any indirect, special or consequential damages.

Declaration of Conformity

This device, trade name EMBASSY 2100 Smart Card Reader, model number STR381WAV, complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions;

1. This device may not cause harmful interference, and

2. This device must accept any interference received, including interference that

may cause undesired operation.

EMBASSY Trusted PC User Guide

I have determined and warrant that the above-described device has been shown to comply with the requirements of the FCC Part 15, by having a device tested at the accredited testing laboratory KEMA Quality B.V. KEMA Quality B.V. is a Competent Assessment Body (CAB) as mentioned in the Mutual Recognitions Agreement between the U.S.A. and Europe.

Each unit marketed is identical to the device as tested. Compliance assumes no unauthorized changes will be made to the equipment and it will be maintained and operated properly. A test report has been generated. A technical file containing the test report will be maintained for a period of 2 years after manufacturing ceases.

It is also understood that any changes to the device, which could adversely affect the emission characteristics of the equipment will require retesting.

SCM Microsystems (Asia) Pte Ltd Singapore

Notice

This device has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a residential installation. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:

1. Reorient or relocate the receiving antenna.

2. Increase the separation between the equipment and receiver.

3. Connect the equipment into an outlet on a circuit different from that to which

the receiver is connected.

4. Consult the dealer or an experienced radio or television technician for help.

Modifications

The FCC requires the user to be notified that any changes or modifications made to this device that are not expressly approve by Wave Systems Corp. may void the user’s authority to operate the equipment.

EMBASSY 2100 Smart Card Reader Warranty

EMBASSY Trusted PC User Guide

Your EMBASSY 2100 Smart Card Reader comes with the following manufacturer’s warranty.

WARRANTIES. (a) WAVE SYSTEMS warrants that all Products delivered hereunder will be free

from defects in materials and workmanship for a period ending on twelve (12) months after shipment to Customer (the "Warranty Period"). In the event that any Product shall prove to be defective in materials or workmanship, Customer's remedy shall be to return the Product to WAVE SYSTEMS during the Warranty Period, transportation prepaid, for repair, replacement or refund of the purchase price, at WAVE SYSTEMS' option, without charge to Customer and, so long as WAVE SYSTEMS makes one of the foregoing remedies, this warranty will be deemed not to have failed in its essential purpose. Transportation from WAVE SYSTEMS to Customer shall be via a carrier selected by WAVE SYSTEMS with all charges borne by WAVE SYSTEMS. The aforementioned provisions will not extend the original warranty period for any Product, which has been repaired or replaced by WAVE SYSTEMS.

(b) The above warranty shall not apply to any Product which has been (i) altered,

except by WAVE SYSTEMS or with WAVE SYSTEMS' written consent, or (ii) subjected to physical or electric stress, misuse, abuse, negligence or accident.

MAKES AND CUSTOMER RECEIVES NO WARRANTIES OR CONDITIONS ON THE PRODUCTS, EXPRESS, IMPLIED, STATUTORY, OR IN ANY OTHER PROVISION OF THIS AGREEMENT OR COMMUNICATION WITH CUSTOMER, AND WAVE SYSTEMS SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. WAVE SYSTEMS MAKES NO REPRESENTATIONS EXCEPT AS SPECIFICALLY STATED IN CURRENT WAVE SYSTEMS AUTHORIZED PRODUCT SPECIFICATION SHEETS.

(d) Customer acknowledges and agrees that the purchase price for the Products

to be sold hereunder reflects the allocation of risks and the limitations of WAVE SYSTEMS' liability hereunder.

(e) THE REMEDIES SET FORTH ABOVE ARE CUSTOMER’S SOLE AND

EXCLUSIVE REMEDIES FOR BREACH OF WARRANTY AND ARE IN LIEU OF ALL OBLIGATIONS OR LIABILITIES ON THE PART OF WAVE SYSTEMS FOR DAMAGES, INCLUDING, BUT NOT LIMITED TO SPECIAL, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THE PRODUCTS. WAVE SYSTEMS'S LIABILITY FOR DAMAGES TO CUSTOMER OR OTHERS RESULTING FROM THE USE OF ANY PRODUCT FURNISHED HEREUNDER SHALL IN NO EVENT EXCEED THE PURCHASE PRICE OF SAID PRODUCT. IN NO EVENT SHALL WAVE SYSTEMS BE LIABLE FOR ANY INCIDENTAL OR CONSEQUENTIAL DAMAGES DUE TO FAILURE TO PERFORM ITS OBLIGATIONS HEREUNDER.

(f) Customer shall send Products with defects covered by the foregoing warranty

to WAVE SYSTEMS' address set forth on the front page of an invoice or order acknowledgment or such other address provided by WAVE SYSTEMS from time to time. Customer shall request authorization from WAVE SYSTEMS prior to the return of each defective Product for repair or replacement by WAVE SYSTEMS. Upon such request, WAVE SYSTEMS shall provide Customer with a Return Material Authorization ("RMA") number. Within five (5) working days of receipt of the RMA number, Customer shall return the Product with the RMA number prominently displayed on the shipping container of the defective Product. Customer shall ship such Product to WAVE SYSTEMS' repair facility, freight prepaid, pursuant to the shipping and other requirements specified by WAVE SYSTEMS in its RMA. WAVE SYSTEMS shall, at its sole option and expense, repair or replace such Product, employing at its option, new or used parts or Products to make such repair or replacement, and shall ship the repaired or replaced Product to Customer, freight prepaid. The foregoing

EMBASSY Trusted PC User Guide

states the sole liability and obligation of WAVE SYSTEMS, and Customer's exclusive remedy, arising out of this warranty.

EMBASSY Trusted PC Privacy Policy

EMBASSY Trusted PC User Guide

OVERVIEW

This EMBASSY® Trusted PC Privacy Policy (Policy) describes the personally identifiable information (Personal Information) Wave Systems collects and otherwise processes in connection with your registration for and use of the EMBASSY® Trusted PC services (Services). The Services are owned and operated by Wave Systems, unless otherwise specified. This Policy applies only to Personal Information processed by Wave Systems in conjunction with your use of the Services – it does not addres s or govern any other information exchanges between you and Wave Systems, its affiliates or subsidiaries.

If you do not agree with the terms and conditions of this Policy, do not use the Services.

Unless you provide it to us voluntarily or the information is collected via passive tracking devices as described in this Policy, Wave Systems does not collect personally identifiable information about you in connection with your use of the Services.

Wave Systems does not want to collect Personal Information from minors (children under 13 years of age, or any other age defined under applicable law). If we become aware that a minor is attempting to or has submitted Personal Information via the Services, we will notify the user that we may not accept his or her Personal Information. We will then delete any such Personal Information from our records.

INFORMATION WE ASK YOU TO SUBMIT

Depending on your selections during registration, we request certain Personal Information from you, including your first name, last name, postal address, email address, telephone number and country.

In addition, we will ask you to designate passwords and PINs. You should maintain your passwords and PINs in secrecy to prevent disclosure to any third party.

USE OF YOUR PERSONAL INFORMATION

We will use the information you submit solely for the purpose of providing the Services and otherwise providing customer support or customer support and advanced services (at your option) regarding the same.

PASSIVE TRACKING MECHANISMS

The Services aut omatically track your installation of new applets, although we do not monitor any actual use following installation. In addition, your local unit periodically must synchronize with the Trust Assurance Network via the Internet. The Services automatically track each such synchronization, which is required to provide the Services to you.

DISCLOSURE OF PERSONAL INFORMATION Personal information received by us may be disclosed to comply with applicable laws,

subpoenas or other court orders and to otherwise cooperate with law enforcement and regulatory officials. In addition, we share your Personal Information with unaffiliated third parties (Service Providers) that are under contract to perform services relating to the Services for or on behalf of Wave Systems, and that are required to uphold and maintain our policies with respect to privacy and the treatment of your Personal Information. Any access we provide to such information will be solely for the purpose of providing the Services to you.

You should understand that Wave Systems, our affiliates and Service Providers will comply with all applicable laws to the extent they and we are required to do so.

SALE OR TRANSFER OF INFORMATION

In the event of a sale, merger, liquidation, dissolution, or transfer of part or all of the business, trade or assets of Wave Systems (including without limitation, the Services), all Personal Information collected about you via the Services may be sold, assigned,

EMBASSY Trusted PC User Guide

or transferred to the party acquiring all or substantially all of the equity or assets or business of Wave Systems. By using this Service, you consent to the sale and transfer of your information as described in this paragraph.

THIRD PARTY SERVICES

This Policy applies only to the Services. The Services may include access to services offered by third parties including certain Wave Systems’ affiliates (Other Services). Other Services may include access to content, products and applications of such third parties and/or our affiliates. In some cases, these Other Services may have the same (or a similar) look and feel as our Services and therefore may appear to be part of our Services. However, whenever you choose to access Other Services via the Services, a separate web browser window will launch indicating that Other Services are initializing. We urge you to familiarize yourself with the individual privacy and other terms governing Other Services prior to submitting your Personal Information, even if such Other Services appear to be provided or operated by Wave Systems or one of its affiliates.

CHANGES TO HOW YOUR PERSONAL INFORMATION IS HANDLED

If you would like to receive a copy of the Personal Information we have about you please, send a request to privacyEU@wavesys.com, and we will make all reasonable efforts to comply with your request, subject to legal and other professional

requirements. If this information is incorrect or incomplete, please let us know, and we will correct or update it promptly (unless we require further information from you in order to fulfill your request) and in any event in accordance with applicable laws. You may also ask us to remove your name and other Personal Information from our database, in which case we will make all reasonable efforts to do so subject to legal and other requirements.

In order to terminate your use of the Services, please de-install all EMBASSY® Trusted PC and other Services related software, and send an email to:

privacyEU@wavesys.com

and we will endeavor to remove your Personal Information from our databases and servers if you so request.

NOTIFICATION OF POLICY CHANGES

We will post any material changes to this Policy at least thirty (30) days prior to the changes taking effect. If we do make material changes to this Policy that affect our treatment of your Personal Information, we will provide you with e-mail or postal mail notice and a choice to opt in under the terms of the revised Policy. After the changes take effect, all newly collected Personal Information will be subject to the terms of the revised Policy (Revised Policy ) and all previously collected Personal Information will be handled in accordance with your response to our opt in notice (in accordance with the Revised Policy if you opt in and in accordance with the previous Policy if you do not opt in).

PROTECTION OF YOUR INFORMATION Given the risks involved in any electronic transfer and storage of data, Wave Systems

does not warrant or represent that information processed or stored by us will be protected against, loss, misuse, or alteration. Nonetheless, Wave Systems takes

seriously the security of your information, and has implemented various security protocols to protect the transmission and storage of any data collected via the use of the Services. These measures include proprietary encryption methods and technical security architectures and also may include Secure Socket Layer (SSL) technology. Any data that is logged by the Services is protected behind firewalls and technical security architecture intended to prevent an outside user from accessing our database. Wave Systems reserves the right to change its storage and security procedures in its sole and reasonable discretion.

STORAGE

EMBASSY Trusted PC User Guide

The servers where we store your Personal Information are located in the United States of America (USA). If you are located in another jurisdiction, you should be aware that your Personal Information once submitted will be transferred to our servers within the USA.

The storage on servers in the USA is necessary for the purposes described in this Policy. If you are located in another jurisdiction, you should be aware that once your Personal Information is submitted, it will be transferred to our servers in the USA using secure encryption-based transmission services, and that the USA currently does not have uniform data protection laws in place.

CONSENT TO PROCESSING

You hereby consent to the collection, processing and transfer by Wave Systems of your Personal Information for the purposes described under this Policy, including but not limited to the transfer of such Personal Information between Wave Systems and its Service Providers and affiliates in accordance with this Policy. Your consent to our right to transfer Personal Information in accordance with this Policy includes consent to the transfer of your Personal Information to jurisdictions that may have different levels of privacy protection than that available to you under your local law.

OTHER TERMS

Your use of our Service is subject to and contingent upon your agreement with our EMBASSY® End User License Agreement, which is hereby incorporated by reference.

Except as described in this Policy, and subject to your choices, Wave Systems will not use your Personal Information for any purpose unless we first obtain your express authorization.

If you have questions concerning this Policy, including enforcement of this Policy, please contact our EU Privacy Administrator via email at

privacyEU@wavesys.com

This Policy was last updated August 7, 2002.

End User Software License Agreement

EMBASSY Trusted PC User Guide

You should carefully read the following terms and conditions of this agreement (the “Agreement”) before installing and/or operating the Wave Systems Corp. (“Wave”) EMBASSY Trusted PC hardware components (the “Hardware”) and installing and/or using Wave’s EMBASSY Trusted PC software (together with all related features, applications, upgrades (if any) and documentation, the “Software”). The Hardware and Software are for use with Wave’s EMBASSY Trust Assurance Network (“TAN”, and collectively with the Hardware and the Software, the “Product”). Your use of the Product is subject to your agreement to all of the terms and conditions of this Agreement as well as our EMBASSY® Trusted PC Privacy Policy (the “Privacy Policy”) (which follows at the end of this Agreement).

By clicking the “I Accept” check box (accept by clicking “Yes”) and completing the process of installing the Software and accessing or using the TAN, you consent to and agree to be bound by all of the terms and conditions of this Agreement. If you disagree with any of the terms or conditions of this Agreement, you are not permitted to install and/or use the Software or any portion thereof or to use the Product to access and/or use the TAN. Click on the “I Reject” button (reject by clicking “No”) to cancel and exit the install process.

1. Software License

The Software is owned by Wave and is licensed to you on a non-exclusive, nonsublicenseable basis on the terms and conditions set forth in this Agreement. You are not permitted to lease or rent, distribute or sublicense the Software or to use the Software in a time -sharing arrangement or in any other unauthorized manner. No license is granted to you for the human readable code of the Software (source code). Except as expressly provided in this Section 1, this Agreement does not grant you any rights to patents, copyrights, trade secrets, trademarks, or any other rights in respect to the Software. Wave reserves all rights not expressly granted to you. The following conditions and restrictions also apply:

(a) YOU MAY ONLY install and personally use the Software and any updates thereto furnished by Wave (in its sole discretion) in object code form on a single personal computer owned or controlled by you for your own use or benefit and in connection with your use of the TAN. You may not modify, copy, distribute, transmit, duplicate or otherwise reproduce the Software, except that you may make a single copy for back-up purposes only, which copy must contain all copyright and other proprietary notices present in the original Software. Your license to the Software under this Agreement continues until it is terminated by you or Wave. You may terminate the license by discontinuing use of all or any of the Software and by destroying all your copies of the Software. This Agreement will terminate automatically if (i) you violate any of the terms or conditions of this Agreement, (ii) Wave publicly posts a written notice of termination on its website www.wave.com (that, or any successor site, the “Site”); or (iii) Wave revokes this Agreement or issues a new agreement in writing or electronic form and conditions your continued use of the Software upon acceptance of the new agreement. All changes, modifications, additions or deletions shall be effective immediately upon notice thereof, which may be given by means including, but not limited to, posting on the Site, or by electronic or conventional mail, or by any other means by which you may obtain notice thereof. Use of the Software after such notice constitutes acceptance of such changes, modifications or additions.

(b) YOU MAY NOT decompile, reverse engineer, disassemble, modify, or create derivative works (as defined by the U.S. Copyright Act) or improvements (as defined by U.S. patent law) from the Software or any portion thereof, or seek to obtain intellectual property protection on the

EMBASSY Trusted PC User Guide

Software or any portion thereof. However, if you are located in a Member State of the European Community or in any other jurisdiction where applicable law is analogous to the EC Software Directive and need information about the Software in order to achieve interoperability of an independently created software program with the Software, you shall first request such information from Wave. Unless Wave refuses to make such information available, you shall not take any steps, such as reverse assembly or reverse compilation, to derive a source code equivalent to the Software. Wave may charge a reasonable fee for the provision of such information. In the event that Wave does not provide such information, then your right to reverse engineer shall be limited to the extent required by the EC Software Directive or other applicable law. You ma y not incorporate the Software into any other software, computer chip or the firmware of a computing device manufactured by or for you. You also may not, under any circumstances:

(i) Use the Software in any unlawful manner, for any

unlawful purpose or in any manner inconsistent with this Agreement;

(ii) Transfer your rights under this Agreement to another person or entity except that you may permanently transfer all of your rights under this Agreement, provided that you transfer all of the Software and retain no copies and the transferee agrees to the terms of this Agreement in writing; or

(iii) Use, acquire, ship, transport, export, or re-export the Software, except as authorized by Wave and as permitted by applicable law. In particular, but without limitation, the Software may not be acquired, shipped, transported, exported, or re-exported (1) into (or to a national or resident of) any U.S. embargoed country or (2) to anyone on the U.S. Treasury Department's list of Specially Designated Nationals or the U.S. Department of Commerce's Table of Denial Orders. You represent and warrant that you are not located in, under control of, or a national or resident of any such country or on any such list.

Product you must complete the registration process and set up a user name and password and/or PIN. You will be required to provide your user name and password/PIN each time you access and use any applications with the Software. Although we will handle any personally identifiable information submitted to us or otherwise collected by us in accordance with the terms of our Privacy Policy, you shall be solely responsible for the security of any password/PIN and user name issued to you and we shall have no liability for the theft or misuse of any such information.

(d) Mandatory Upgrades. Wave may from time to time and at

any time provide you (whether electronically by email or otherwise) with upgrades to the Software. Your continued ability to use the Product (including without limitation your continued access to the TAN) may be subject to and conditioned on your permitting Wave to install such upgrades or your prompt installation of them, as the case may be.

2. Trust Assurance Network (“TAN”)

(a) Access and Use. By completing the registration process for the

TAN, the Product as well as the personal computer with which you use the Product (collectively your “EMBASSY Device”), will generate (i) a public key identifying your EMBASSY Device to the EMBASSY Dev ice Server (a part of the TAN) on which you are registering and (ii) a private key which will reside only on your EMBASSY Device. Upon completion of this process, your EMBASSY Device will be enabled for use with the

EMBASSY Trusted PC User Guide

TAN. Provided that you comply with this Agreement, you may use your EMBASSY Device to access and use such features, applications and services of the TAN as Wave may, in its sole discretion, make available to you from time to time and at any time, which may include the following:

(i) Receiving, installing, loading, de-encrypting and executing secure

portions of applications (“Applets”) created by Wave (including the Applets contained within the Software) as well as any Applets created by authorized third party EMBASSY Application Developers that have certified such Applets for use with the TAN and have identified your Embassy Device as an authorized user of such Applets;

(ii) Using the TAN, in connection with applicable Applets and/or

applications, to encrypt and/or de-encrypt (through private and public keys) emails, financial transaction information, digital signatures, documents and other data and/or information received from or to be delivered to other users of the TAN; and

(iii) Accessing, downloading and/or using any and all other features, services or applications that Wave may, in its discretion, make available to you (or permit to be made available to you by third parties) through the TAN.

While the terms and conditions of this Agreement govern your use of and access to the features, applications and services of the TAN (or that may in the future be offered with or through the TAN), Wave, or any third party provider, may impose additional terms and conditions applicable to some or all of such features, applications or services. Your acceptance of those terms and conditions as provided therein or your use of those such features, applications or services shall constitute your agreement to those additional terms and conditions.

(b) Restrictions. You may not:

(i) Use, in connection with the TAN any device, software or routine that interferes with the proper functioning of the TAN or take any other action that interferes with other parties’ use of the TAN;

(ii) Use the TAN or any content you obtain using the TAN in any fraudulent, deceptive or misleading manner or in any manner inconsistent with or in violation of any applicable laws or regulations;

(iii) Impersonate any person or entity or falsely state or otherwise misrepresent your affiliation with a person or entity;

(iv) Use the TAN in any manner that is unlawful, harmful, threatening, abusive, harassing, tortuous, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically or otherwise objectionable;

(v) Use the TAN in any manner that infringes any patent, trademark, trade secret, copyright or other proprietary rights of any party;

(vi) Use the TAN in connection with the transmission of any unsolicited or unauthorized advertising, promotional materials, "junk mail," "spam," "chain letters," "pyramid schemes," or any other form of solicitation, except for legal promotional materials and then only in those areas (such as shopping rooms) that are designated for such purpose; and/or

(vii) Use the TAN in connection with the transmission of any material that contains software viruses, Trojan horses, worms or any other computer code, files or programs designed to interrupt, limit, destroy or improperly use the functionality of any data, computer software or hardware or telecommunications equipment, including without limitation the TAN.

EMBASSY Trusted PC User Guide

You acknowledge that Wave does not pre-screen any data, content, Applets or other transmissions you may obtain, receive and/or de-encrypt using the TAN, but that Wave and its designees shall have the right (but not the obligation) in their sole discretion to move or remove any such materials that may be available to, or provided by, you via the TAN. You agree that you must evaluate, and bear all risks associated with, the use of any such materials, including any reliance on the accuracy, completeness, or usefulness of such materials.

(i) Wave reserves the right to charge fees for future use of, access to or new features or applications of the TAN, or portions thereof, in its sole discretion. However, in no event will you be charged for access to portions of the TAN unless Wave makes available to you (whether by posting on the Site, via email or any other reasonable means) a schedule of such charges prior to your incurring any such liability. You are solely responsible for obtaining and maintaining all telephone, computer hardware, software, and other equipment needed for access to and use of the TAN and for all charges you incur related thereto. You agree to pay all fees and charges incurred through your use of the TAN at the rates in effect for the billing period in which such fees and charges are incurred, including, but not limited, to charges for any products or services offered through the TAN by Wave or by any third party vendor or service provider.

(ii) Wave may elect to provide you with customer support for the TAN and/or software upgrades, enhancements, or modifications for the Software or other features and/or applications of the TAN (collectively, "Support"), in its sole discretion, and may terminate such Support at any time without notice to you. Wave reserves the right to charge you for any Support it provides but will make a schedule of those charges available to you (whether by posting on the Site, via email or any other reasonable means) prior to your incurring any such costs. You agree to pay all fees and charges incurred through your use of Support at the rates in effect for the billing period in which such fees and charges are incurred. Wave may change, suspend or discontinue any aspect of the TAN at any time, including the availability of any feature, application, or service of the TAN. Wave may also impose limits on certain features and services or restrict your access to parts or all of the TAN wit hout notice or liability. For purposes of the Agreement, Support shall be deemed to be a part of the Product.

(iii) All fees and charges incurred pursuant to 2(c)(i) and 2(c)(ii) above shall be billed to and paid for by you in accordance with the terms set forth in the applicable billing statement. You shall pay all applicable taxes and all fees and charges not paid when due shall be subject to a late fee of 1.5% per month or the maximum amount permitted by law, whichever is lower. Wave shall also be entitled to all costs and expenses (including reasonable attorney’s fees) incurred in collecting any and all outstanding amounts not paid when due. Wave may terminate this Agreement and your access to the TAN in the event that any such invoices are not paid when due.

(d) Modifications To TAN

Wave reserves the right at any time and from time to time to modify or

discontinue, temporarily or permanently, the TAN (or any part thereof) with or without notice. You agree that Wave shall not be liable to you or to any third party for any modification, suspension or discontinuance of the TAN (or any part thereof).

(e) Termination Of TAN

You agree that Wave, in its sole discretion, may terminate your account (or

any part thereof) or use of the TAN for any reason, including, without limitation, for lack of use or if Wave believes that you have violated or acted inconsistently with the letter

EMBASSY Trusted PC User Guide

or spirit of this Agreement. Wave may also in its sole discretion and at any time discontinue providing the TAN, or any part thereof, with or without notice. You agree that any termination of your access to the TAN under any provision of the Agreement may be affected without prior notice, and acknowledge and agree that Wave may immediately deactivate or delete your account and all related information and files in your account and/or bar any further access to such files or the TAN. Further, you agree that Wave shall not be liable to you or any third-party for any termination of your access to the TAN.

(f) Third Party Items

You may, through the use of the TAN, obtain, receive or have access

to data, features, applications (including Applets) and service provided by third parties (collectively “Third Party Items”). You acknowledge and agree that Wave is not responsible for the availability of such Third Party Items and does not endorse or bear any responsibility or liability for such Third Party Items. You further acknowledge and agree that Wave shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any such Third Party Items. Your correspondence or business dealings with other users of the TAN and/or providers of Third Party Items, including payment and delivery of related goods or services, and any other terms, conditions, warranties or representations associated with such dealings, are solely between you and such third party. You agree that Wave shall not be responsible or liable for any loss or damage of any sort (a) incurred as the result of any such dealings or (b) related in any way to such Third Party Items.

3. Limited Warranty; As Is

(a) Wave warrants (the “Hardware Warranty”) that the Hardware, if

properly used, shall be free from defects in material or workmanship for a period of one (1) year from the date of shipment to you (the “Warranty Period”). Wave’s sole and exclusive liability under this warranty will be to, at Wave’s sole option, (a) repair or replace any component which fails to meet the Hardware Warranty during the Warranty Period or (b) provide a refund to you of the amount of the price you paid for the product, if any, or $US 30, whichever is less; provided (i) you have promptly in writing reported same to Wave with an description of the deficiency, (ii) Wave has, upon inspection, found the Hardware to be defective and under warranty and (iii) if requested by Wave, such Hardware is returned to Wave at your risk and expense. All replaced Hardware or parts will become Wave's property. This warranty does not cover Hardware which has been subjected to unusual physical, environmental or electrical stress, or on which the original identification marks have been removed or altered, or which is damaged due to accident, misuse, neglect, alteration, repair, improper use, installation or testing or unauthorized modification. THE RIGHTS CONTAINED IN THIS PARAGRAPH EXTEND ONLY TO THE ORIGINAL BUYER OF THE HARDWARE.

(b) EXCEPT AS SET FORTH IN SECTION 3(a), THE PRODUCT IS

PROVIDED "AS IS" AND WITHOUT WARRANTIES OF ANY KIND WHETHER EXPRESS OR IMPLIED, ORAL OR WRITTEN. WAVE DOES NOT REPRESENT OR WARRANT THAT THE PRODUCT, OR ANY PORTION THEREOF, COMPLIES WITH ANY OR ALL FEDERAL, STATE OR OTHER LAWS AND EXPRESSLY DISCLAIMS ANY AND ALL REPRESENTATIONS, WARRANTIES AND/OR OBLIGATIONS (EXPRESS OR IMPLIED) FOR THE PRODUCT OR ANY PORTION THEREOF, INCLUDING WITHOUT LIMITATION ANY REPRESENTATIONS WARRANTIES AND/OR OBLIGATIONS (i) OF ACCURACY, TIMELINESS, RELIABILITY, COMPLETENESS, INTEGRATION, ADEQUACY, TITLE, COMPATIBILITY, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, (ii) THAT THE PRODUCT WILL OPERATE ERROR-FREE, CONTINUOUSLY OR WITHOUT INTERRUPTION OR IS OR WILL BE SECURE AND FREE OF COMPUTER VIRUSES OR OTHER HARMFUL CONTENT, (iii) THAT THE PRODUCT AND/OR THE TRANSACTIONS ENTERED INTO USING THE PRODUCT

EMBASSY Trusted PC User Guide

WILL BE FREE FROM MANIPULATION AND/OR FRAUD AND (iv) THAT MAY ARISE BY USAGE OF TRADE, COURSE OF DEALING, OR COURSE OF PERFORMANCE.

YOU UNDERSTAND AND AGREE THAT ANY MATERIAL AND/OR DATA DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF THE PRODUCT IS DONE AT YOUR OWN DISCRETION AND RISK AND THAT YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR EQUIPMENT AND/OR YOUR COMPUTER SYSTEM OR LOSS OF DATA THAT RESULTS FROM SUCH MATERIAL AND/OR DATA. WAVE MAKES NO WARRANTY AND EXPRESSLY DISCLAIMS ANY LIABILITY FOR ANY GOODS OR SERVICES PURCHASED OR OBTAINED THROUGH OR USING THE PRODUCT OR ANY TRANSACTIONS ENTERED INTO USING THE PRODUCT. YOU FURTHER UNDERSTAND AND AGREE THAT ANY MATERIAL OR DATA STORED ON YOUR COM PUTER SYSTEM THROUGH USE OF THE PRODUCT WILL BE ENCRYPTED AND THAT YOU WILL NOT BE ABLE TO RETRIEVE SUCH MATERIAL OR DATA WITHOUT YOUR USER NAME; PASSWORD/PIN AND SMARTCARD. WAVE MAKES NO WARRANTY AND EXPRESSLY DISCLAIMS ANY LIABILITY FOR YOUR ABILITY OR INABILITY TO RETRIEVE ANY DATA OR OTHER MATERIAL STORED ON YOUR COMPUTER SYSTEM.

THE PRODUCT IS NOT FAULT-TOLERANT AND IS NOT DESIGNED, MANUFACTURED OR INTENDED FOR USE OR RESA LE AS ON-LINE CONTROL EQUIPMENT IN HAZARDO US ENVIRONMENTS REQUIRING FAIL-SAFE PERFORMANCE, SUCH AS IN THE OPERATION OF NUCLEAR FACILITIES, AIRCRAFT NAVIGATION OR COMMUNICATION SYSTEMS, AIR TRAFFIC CO NTROL, DIRECT LIFE SUPPORT MACHINES OR WEAPON SYSTEMS IN WHICH THE FAILURE OF THE PRODUCT COULD LEAD DIRECT LY TO DEATH, PERSONAL INJURY OR SEVERE PHYSICAL OR ENVIRONMENTAL DAMAGE.

SOME JURISDICTIONS DO NOT ALLOW CERTAIN LIMITATIONS OR EXCLUSIONS OF WARRANTIES IN SOM E CIRCUMSTANCES. ACCORDINGLY, SOME OF THE FOREGOING LIMITATIONS MAY NOT APPLY TO Y OU.

4. Limitation on Liability

YOU EXPRESSLY UNDERSTAND AND AGREE THAT WAVE, TO THE MAXIMUM EXTENT PERMITTED BY LAW, SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES, INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR LOSS OF PROFITS, GOODW ILL, USE, DATA OR OTHER INTANGIBLE LOSSES (EVEN IF WAVE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR LOSSES OR ANY REMEDY AVAILABLE TO YOU FAILS OF ITS ESSENTIAL PURPOSE), RESULTING FROM: (a) THE USE OR THE INABILITY TO USE THE PRODUCT (OR ANY PA RT THEREOF); (b) TRANSACTIONS ENTERED INTO USING THE PRODUCT (OR ANY PART THEREOF); (c) UNAUTHORIZED ACCESS TO OR ALTERATION OF YOUR TRANSMISSIONS OR DATA; OR (d) ANY OTHER MATTER RELATING TO THE PRODUCT OR YOUR USE THEREOF. IN NO EVENT WILL WAVE’S DAMAGES TO YOU EXCEED (COLLECTIVELY) $100 OR THE AMOUNT OF ANY PAYMENTS MADE DIRECTLY BY YOU TO WAVE FOR THE PRODUCT, IF ANY, WITHIN ONE (1) YEAR PRIOR TO THE DATE ANY SUCH LIABILITY IS INCURRED, WHICHEVER IS GREATER. SOME JURISDICTIONS DO NOT ALLOW CERTAIN LIMITATIONS OR EXCLUSIONS OF LIABILITY IN SOME CIRCUMSTANCES. ACCORDINGLY, SOME OF THE FOREGOING LIMITATIONS MAY NOT APPLY TO YOU.

5. Indemnification

You agree to indemnify and hold harmless Wave from and against any and all losses, damages, costs or expenses (including reasonable attorney’s fees) (a) suffered by you related in any way to the Product or this Agreement and/or (b) related to any claim or demand made by any third party in connection with or arising out of (i) any breach by

EMBASSY Trusted PC User Guide

you of any of the terms and conditions of this Agreement, (ii) your use of misuse of the Product, (iii) your violation of applicable laws, and/or (iv) your violation of the rights of any other person or entity. Wave reserves the right, at its own expense, to assume the exclusive defense and control of (but not liability for) any matter otherwise subject to indemnification by you. You will be liable to Wave for reasonable attorney’s fees in any such case.

6. Miscellaneous

(a) This Agreement constitutes the entire understanding between the parties respecting use of the Product and supersedes all prior or contemporaneous understandings regarding such subject matter. No amendment to or modification of this Agreement will be binding unless made by an authorized Wave representative acting in his or her official capacity. Wave reserves the right to revise this Agreement from time to time and at any time and you are deemed to be aware of and bound by any such changes upon publication on the Site. No waiver by Wave of any breach of this Agreement by you shall operate as a waiver of any other breach.

(b) Notices of changes to this Agreement or other matters may be made to you by displaying notices or links to notices to you generally on the Site.

(c) The terms of this Agreement shall be construed and governed exclusively by the laws of the Commonwealth of Massachusetts, excluding the application of its conflict of law provisions and rules. Any dispute, controversy or claim arising out of or relating to this Agreement or a breach of this Agreement shall be settled by arbitration before three neutral arbitrators (selected from a panel of persons having experience with and knowledge of the computer business), provided at least one of which arbitrators shall be an attorney, and administered by the American Arbitration Association in accordance with its Commercial Arbitration Rules in Boston, Massachusetts. Any provisional or equitable remedy which would be available from a court of law shall be available from the arbitrators to the parties. Judgment upon the award of the arbitrators may be enforced in any court having jurisdiction thereof. The Parties hereby consent to the non-exclusive jurisdiction of the courts of the Commonwealth of Massachusetts or to any Federal Court located within the Commonwealth of Massachusetts for any action (i) to compel arbitration, (ii) to enforce the award of the arbitrators or (iii) prior to the appointment and confirmation of the arbitrators, for temporary, interim or provisional equitable remedies, and to service of process in any such action by registered mail, return receipt requested, or by any other means provided by law. The application of the United Nations Convention of Contracts for the International Sale of Goods is expressly excluded.

(d) If the Software is supplied to or purchased by or on behalf of the

United States Government, then the Software is deemed to be a "Commercial Item," as that term is defined in 48 C.F.R. §2.101, consisting of "Commercial Computer Software" and "Commercial Computer Software Documentation," as such terms are used in 48 C.F.R. §12.212 or 48 C.F.R. §227.7202, as applicable. Consistent with 48 C.F.R. §12.212 or 48 C.F.R. §§227.7202-1 through 227.7202-4, as applicable, such Commercial Computer Software and Commercial Computer Software Documentation are licensed to U.S. Government end users (a) only as Commercial Items and (b) with only those rights as are granted to all other end users pursuant to the terms and conditions set forth in this Agreement.

(e) The Product contains proprietary and confidential information that is

protected by applicable intellectual property and other laws. Title, ownership rights and intellectual property rights in the Product shall remain in Wave or its licensors. You acknowledge su ch ownership and intellectual property rights and will not take any action to jeopardize, limit or interfere in any manner with Wave’s or Wave’s licensors’ ownership of or rights with respect to the Product. The license granted under this Agreement gives you no rights in or to the Product other than as expressly granted herein.

EMBASSY Trusted PC User Guide

(f) The Wave trademarks and service marks and other Wave logos and

product and service names are trademarks of Wave Systems Corp. (collectively, the "Wave Marks"). Without Wave’s prior permission, you may not display or use in any manner, any Wave Mark.

(g) The failure of Wave to exercise or enforce any right or provision of this Agreement shall not constitute a waiver of such right or provision. If any provision of this Agreement is found by a court of competent jurisdiction to be invalid, the parties nevertheless agree that the court should endeavor to give effect to the parties' intentions as reflected in the provision, and the other provisions of this Agreement remain in full force and effect.

(h) Except for claims arising out of a breach of Sections 1, 2, 5, and 6 of this Agreement, regardless of any statute or law to the contrary, any claim or cause of action arising out of or related to use of the Product or this Agreement must be filed within one (1) year after such claim or cause of action arose or be forever barred.

(i) The section titles in this Agreement are for convenience only and

have no legal or contractual effect.

(j) If any provision of this Agreement is declared by a court or tribunal of competent jurisdiction to be invalid, illegal, or unenforceable, such provision shall be severed from this Agreement and the other provisions shall remain in full force and effect.

(k) Sections 1.b., 2(b), 3(b), 4, 5, and 6 of this Agreement shall survive any termination or expiration of this Agreement.

(l) This Agreement and the Privacy Policy may be supplied to you in United States English and other languages. In case of conflict between any of these versions, the United States English version shall govern.

YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND THIS AGREEMENT. IF YOU ACCEPT THE TERMS AND CONDITIONS OF THIS AGREEMENT, CLICK “YES”. IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS OF THIS AGREEMENT, CLICK “NO”.

Packard bell TRUSTED PC User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual