Abstract: In some examples, a computer system receives, via a network and from a software module executable on a mobile device coupled to a card reader, security information that includes first security information associated with the card reader and second security information that is based on content of the software module and/or a software environment of the software module. The computer system determines validity of the first security information associated with the card reader based at least on information previously stored in the card reader and also accessible to the computer system. The computer system also determines the validity of the second security information. Based on determining the first and second security information are valid, the computer system sends, to the mobile device, an indication that the computer system has validated the security information, prompting the software module and the card reader to establish a secure communication session with each other.

Abstract: In some examples, a mobile card reader includes a card interface to read information from a card, an interface to enable the mobile card reader to communicate with a mobile device, and a processor configured to send security related information of the mobile card reader to an application executing on the mobile device. The security related information may be for transmission by the mobile device to a remote server system. The mobile card reader may receive, from the application, an indication that the application has been validated by the remote server system based on validation of the security related information of the mobile card reader and security related information of the application. In response, the mobile card reader generates a secure session key with which to carry out encrypted communication between the application and the mobile card reader.

Abstract: In some examples, a mobile card reader includes a card interface to read information from a card, an interface to enable the mobile card reader to communicate with a mobile device, and a processor configured to send security related information of the mobile card reader to an application executing on the mobile device. The security related information may be for transmission by the mobile device to a remote server system. The mobile card reader may receive, from the application, an indication that the application has been validated by the remote server system based on validation of the security related information of the mobile card reader and security related information of the application. In response, the mobile card reader generates a secure session key with which to carry out encrypted communication between the application and the mobile card reader.

Abstract: Some examples include establishing a secure communication session between a mobile device and a card reader. For instance, a trusted, remote validation server may be used to validate security information of a software module executing on the mobile device prior to the card reader and the software module establishing a secure communication session with each other. In some cases, the software module sends the security information of the software module to the validation server. The secure communication session between the software module and the card reader may be established based on a validation result of a validation process indicating that the security related information of the software module has been determined to be valid by the validation server.

Abstract: Some examples include establishing a secure communication session between a mobile device and a card reader. For instance, a trusted, remote validation server may be used to validate security information of a software module executing on the mobile device prior to the card reader and the software module establishing a secure communication session with each other. In some cases, the software module sends the security information of the software module to the validation server. The secure communication session between the software module and the card reader may be established based on a validation result of a validation process indicating that the security related information of the software module has been determined to be valid by the validation server.

Abstract: Disclosed is a technique for establishing a secure communication session between a mobile device and a card reader. The technique can involve using a trusted, remote validation server to validate security information of both the card reader and a POS module in the mobile device prior to, and as a precondition of, the card reader and the POS module establishing a secure communication session with each other. In certain embodiments the POS module sends the security information of both the card reader and the POS module to the validation server. The security information can include cryptographic keys of the POS module and the card reader and additional security information related to the POS module and its software environment.

Abstract: Disclosed is a technique for establishing a secure communication session between a mobile device and a card reader. The technique can involve using a trusted, remote validation server to validate security information of both the card reader and a POS module in the mobile device prior to, and as a precondition of, the card reader and the POS module establishing a secure communication session with each other. In certain embodiments the POS module sends the security information of both the card reader and the POS module to the validation server. The security information can include cryptographic keys of the POS module and the card reader and additional security information related to the POS module and its software environment.

Abstract: Disclosed is a technique for establishing a secure communication session between a mobile device and a card reader. The technique can involve using a trusted, remote validation server to validate security information of both the card reader and a POS module in the mobile device prior to, and as a precondition of, the card reader and the POS module establishing a secure communication session with each other. In certain embodiments the POS module sends the security information of both the card reader and the POS module to the validation server. The security information can include cryptographic keys of the POS module and the card reader and additional security information related to the POS module and its software environment.

Abstract: Disclosed is a technique for establishing a secure communication session between a mobile device and a card reader. The technique can involve using a trusted, remote validation server to validate security information of both the card reader and a POS module in the mobile device prior to, and as a precondition of, the card reader and the POS module establishing a secure communication session with each other. In certain embodiments the POS module sends the security information of both the card reader and the POS module to the validation server. The security information can include cryptographic keys of the POS module and the card reader and additional security information related to the POS module and its software environment.

Abstract: A method of encrypting a passcode is disclosed. In one embodiment, the method includes: receiving an indication of a portion of the passcode; calculating a plaintext value based at least in part on the indication, wherein the plaintext value represents an encoded portion of the passcode; encrypting the plaintext value into ciphertext using a homomorphic encryption system; and updating a cumulative encryption string by executing a cumulative operation to aggregate the ciphertext corresponding to the encoded portion into the cumulative encryption string computed for a previous portion of the passcode, wherein the cumulative operation is dictated by a homomorphic property of the homomorphic encryption system.

Abstract: Disclosed is a technique for establishing a secure communication session between a mobile device and a card reader. The technique can involve using a trusted, remote validation server to validate security information of both the card reader and a POS module in the mobile device prior to, and as a precondition of, the card reader and the POS module establishing a secure communication session with each other. In certain embodiments the POS module sends the security information of both the card reader and the POS module to the validation server. The security information can include cryptographic keys of the POS module and the card reader and additional security information related to the POS module and its software environment.