Abstract: Techniques are described herein for mobile document provisioning. An example method includes a device receiving, from an inspection system of a first jurisdiction, a request for a mobile identification document of a second jurisdiction. The device can transmit, to the inspection system, the mobile identification document based on the request, the mobile identification document comprising a mobile identification document public key. The device can receive from the inspection system, a mobile supplemental document, the mobile supplemental document comprising a mobile supplemental document public key derived from the mobile identification document public key, the inspection system being configured to derive the mobile supplemental document public key from the mobile identification document public key.

Abstract: An embodiment includes a method to increase the efficiency of security checkpoint operations. A security checkpoint kiosk serves as a Relying Party System (RPS). The RPS establishes a secure local connection between the RPS and a User Mobile-Identification-Credential Device (UMD). The RPS sends a user information request to the UMD, via the secure local connection, seeking release of user information associated with a Mobile Identification Credential (MIC). The RPS obtains authentication of the user information received in response to the user information request. The RPS retrieves user travel information based on the user information. The RPS determines that the user travel information matches the user information. When the user travel information matches the user information, the RPS approves the user to proceed past the security checkpoint kiosk.

Abstract: An embodiment includes a method to increase the efficiency of security checkpoint operations. A security checkpoint kiosk serves as a Relying Party System (RPS). The RPS establishes a secure local connection between the RPS and a User Mobile-Identification-Credential Device (UMD). The RPS sends a user information request to the UMD, via the secure local connection, seeking release of user information associated with a Mobile Identification Credential (MIC). The RPS obtains authentication of the user information received in response to the user information request. The RPS retrieves user travel information based on the user information. The RPS determines that the user travel information matches the user information. When the user travel information matches the user information, the RPS approves the user to proceed past the security checkpoint kiosk.

Abstract: The present disclosure generally relates to digital identification credential user interfaces.

Abstract: Systems, methods, and computer-readable media for communicating electronic device secure element data over multiple paths for online payments are provided. In one example embodiment, a method includes, inter alia, at a commercial entity subsystem, receiving, from an electronic device, device transaction data that includes credential data indicative of a payment credential on the electronic device for funding a transaction with a merchant subsystem, accessing a transaction identifier, deriving a transaction key based on transaction key data that includes the accessed transaction identifier, transmitting, to one of the merchant subsystem and the electronic device, merchant payment data that includes a first portion of the credential data and the accessed transaction identifier, and sharing, with a financial institution subsystem using the transaction key, commercial payment data that includes a second portion of the credential data that is different than the first portion of the credential data.

Abstract: An embodiment includes a method to increase the efficiency of security checkpoint operations. A security checkpoint kiosk serves as a Relying Party System (RPS). The RPS establishes a secure local connection between the RPS and a User Mobile-Identification-Credential Device (UMD). The RPS sends a user information request to the UMD, via the secure local connection, seeking release of user information associated with a Mobile Identification Credential (MIC). The RPS obtains authentication of the user information received in response to the user information request. The RPS retrieves user travel information based on the user information. The RPS determines that the user travel information matches the user information. When the user travel information matches the user information, the RPS approves the user to proceed past the security checkpoint kiosk.

Abstract: Systems, methods, and computer-readable media for communicating electronic device secure element data over multiple paths for online payments are provided. In one example embodiment, a method includes, inter alia, at a commercial entity subsystem, receiving, from an electronic device, device transaction data that includes credential data indicative of a payment credential on the electronic device for funding a transaction with a merchant subsystem, accessing a transaction identifier, deriving a transaction key based on transaction key data that includes the accessed transaction identifier, transmitting, to one of the merchant subsystem and the electronic device, merchant payment data that includes a first portion of the credential data and the accessed transaction identifier, and sharing, with a financial institution subsystem using the transaction key, commercial payment data that includes a second portion of the credential data that is different than the first portion of the credential data.

Abstract: A device for controlled identity credential release may include at least one processor configured to receive a request to release an identity credential of a user, the identity credential being stored on the device. The at least one processor may be further configured to authenticate the user associated with the identity credential. The at least one processor may be further configured to, responsive to the authentication, provide at least a portion of the identity credential, such as for display and/or to a terminal device over a direct wireless connection. The at least one processor may be further configured to cause the electronic device to enter a locked state and/or to remain in a locked state, responsive to providing the at least the portion of the identity credential.

Abstract: Techniques are disclosed relating to authenticate a user with a mobile device. In one embodiment, a computing device includes a short-range radio and a secure element. The computing device reads, via the short-range radio, a portion of credential information stored in a circuit embedded in an identification document issued by an authority to a user for establishing an identity of the user. The computing device issues, to the authority, a request to store the credential information, the request specifying the portion of the credential information. In response to an approval of the request, the computing device stores the credential information in the secure element, the credential information being usable to establish the identity of the user. In some embodiments, the identification document is a passport that includes a radio-frequency identification (RFID) circuit storing the credential information, and the request specifies a passport number read from the RFID circuit.

Abstract: An embodiment includes a method to increase the efficiency of security checkpoint operations. A security checkpoint kiosk serves as a Relying Party System (RPS). The RPS establishes a secure local connection between the RPS and a User Mobile-Identification-Credential Device (UMD). The RPS sends a user information request to the UMD, via the secure local connection, seeking release of user information associated with a Mobile Identification Credential (MIC). The RPS obtains authentication of the user information received in response to the user information request. The RPS retrieves user travel information based on the user information. The RPS determines that the user travel information matches the user information. When the user travel information matches the user information, the RPS approves the user to proceed past the security checkpoint kiosk.

Abstract: Systems, methods, and computer-readable media for communicating electronic device secure element data over multiple paths for online payments are provided. In one example embodiment, a method includes, inter alia, at a commercial entity subsystem, receiving, from an electronic device, device transaction data that includes credential data indicative of a payment credential on the electronic device for funding a transaction with a merchant subsystem, accessing a transaction identifier, deriving a transaction key based on transaction key data that includes the accessed transaction identifier, transmitting, to one of the merchant subsystem and the electronic device, merchant payment data that includes a first portion of the credential data and the accessed transaction identifier, and sharing, with a financial institution subsystem using the transaction key, commercial payment data that includes a second portion of the credential data that is different than the first portion of the credential data.

Abstract: Techniques are disclosed relating to authenticate a user with a mobile device. In one embodiment, a computing device includes a short-range radio and a secure element. The computing device reads, via the short-range radio, a portion of credential information stored in a circuit embedded in an identification document issued by an authority to a user for establishing an identity of the user. The computing device issues, to the authority, a request to store the credential information, the request specifying the portion of the credential information. In response to an approval of the request, the computing device stores the credential information in the secure element, the credential information being usable to establish the identity of the user. In some embodiments, the identification document is a passport that includes a radio-frequency identification (RFID) circuit storing the credential information, and the request specifies a passport number read from the RFID circuit.

Abstract: The present disclosure generally relates to digital identification credential user interfaces.

Abstract: Techniques are disclosed relating to authenticating a user with a mobile device. In some embodiments, a computing device stores a first signed attestation indicating an ability of the computing device to securely perform a user authentication. The computing device receives a request to store credential information of an identification document issued by an issuing authority to a user for establishing an identity of the user. In response to the request, the computing device sends, to the issuing authority, a request to store the credential information, the sent request including the first signed attestation to indicate an ability to perform a user authentication prior to permitting access to the credential information. In response to an approval of the sent request based on the first signed attestation, the computing device stores the credential information in a secure element of the computing device.

Abstract: Systems, methods, and computer-readable media for managing near field communications during a low power management mode of an electronic device are provided that may make credentials of a near field communication (“NFC”) component appropriately secure and appropriately accessible while also limiting the power consumption of the NFC component and of other components of the electronic device.

Abstract: If a user loses an electronic device that has the capability to conduct financial transactions, the user may report that the electronic device is lost using a lost-device software application to a management electronic device associated with a provider of the electronic device. In response to receiving this information, a disabling command is sent to a payment network associated with the financial account of the user to temporarily disable use of the electronic device to conduct the financial transactions. In particular, the electronic device may include a secure element that stores a payment applet for a financial account, and the disabling command may disable a mapping from a virtual identifier for the financial account to a financial primary account number. Subsequently, if the user finds the electronic device, the user may re-enable the capability (and, thus, the mapping) by providing authentication information to the electronic device.

Abstract: Systems, methods, and computer-readable media for managing near field communications during a low power management mode of an electronic device are provided that may make credentials of a near field communication (“NFC”) component appropriately secure and appropriately accessible while also limiting the power consumption of the NFC component and of other components of the electronic device.

Abstract: A device for wireless terminal authentication may include at least one processor configured to receive, from a wireless terminal device, a request for user information, the request comprising a certificate corresponding to the wireless terminal device. The at least one processor may be further configured to verify the certificate based at least in part on a public key stored on the electronic device. The at least one processor may be further configured to, when the certificate is verified, determine whether the certificate indicates that the wireless terminal device is authorized to receive the requested user information. The at least one processor may be further configured to transmit, to the wireless terminal device, the requested user information when the certificate indicates that the wireless terminal device is authorized to receive the requested user information.

Abstract: The present disclosure generally relates to digital identification credential user interfaces.

Abstract: The present disclosure generally relates to digital identification credential user interfaces.