Abstract: Disclosed are various embodiments for executing entity-specific cryptographic code in a cryptographic coprocessor. In one embodiment, an exemplary method comprises receiving encrypted code that includes implementing a cryptographic algorithm from a service via a network, wherein the encrypted code further includes a symmetric encryption key; decrypting, by a cryptographic coprocessor, the encrypted code; executing, by the cryptographic coprocessor, the decrypted code to generate a cryptogram including information encrypted using the cryptographic algorithm and the symmetric encryption key; and sending the cryptogram to the service via the network.

Abstract: System and methods are described for enabling a first client device to authorize a second client device to use a payment token for contactless payments, in which the payment token is authorized to be used by the second device with restrictions set by the first device. In one embodiment, a system comprises a computing device that includes a secure element. The system also includes machine-readable instructions that, when executed by the processor, cause the computing device to at least receive an indication for generating a sub-payment token and receive a selection of a key restriction for the sub-payment token. An application stored in the secure element is called to generate the sub-payment token based on the key restriction. The sub-payment token is received and comprises a sub-payment key and an application transaction counter range. The sub-payment token is sent through the wireless communication session to a second computing device.

Abstract: Disclosed are various embodiments for a hosted point-of-sale service that provides the security features of card-present transactions for card-not-present transactions. The various embodiments of the present disclosure can be configured to receive a merchant identifier and a transaction amount for a transaction from a merchant terminal, as well as receive the merchant identifier and encrypted payment account data for the transaction. The encrypted payment account data can then be decrypted. An authorization request for the transaction is then generated based at least in part on the merchant identifier, the transaction amount, and the payment account data. The authorization request is then sent to a payment processor, which can route the authorization request to an authorizing entity via a payment network. An authorization response is received in response from the authorizing entity via the payment processor, and the contents are forwarded on to the merchant terminal.

Abstract: Disclosed are various embodiments for executing entity-specific cryptographic code in a cryptographic coprocessor. In one embodiment, an exemplary method comprises receiving encrypted code that includes implementing a cryptographic algorithm from a service via a network, wherein the encrypted code further includes a symmetric encryption key; decrypting, by a cryptographic coprocessor, the encrypted code; executing, by the cryptographic coprocessor, the decrypted code to generate a cryptogram including information encrypted using the cryptographic algorithm and the symmetric encryption key; and sending the cryptogram to the service via the network.

Abstract: Disclosed are various embodiments for executing entity-specific cryptographic code in a cryptographic coprocessor. In one embodiment, encrypted code implementing a cryptographic algorithm is received from a service via a network. The cryptographic coprocessor decrypts the encrypted code. The cryptographic coprocessor executes the decrypted code to generate a cryptogram including information encrypted using the cryptographic algorithm. The cryptogram is sent to the service via the network.

Abstract: Disclosed are various embodiments for executing entity-specific cryptographic code in a cryptographic coprocessor. In one embodiment, encrypted code implementing a cryptographic algorithm is received from a service via a network. The cryptographic coprocessor decrypts the encrypted code. The cryptographic coprocessor executes the decrypted code to generate a cryptogram including information encrypted using the cryptographic algorithm. The cryptogram is sent to the service via the network.

Abstract: Disclosed are various embodiments for executing entity-specific cryptographic code in a trusted execution environment. In one embodiment, encrypted code implementing a cryptographic algorithm is received from a service via a network. The encrypted code is provided to an application executed in a trusted execution environment of the computing device. The encrypted code is decrypted in the trusted execution environment. The decrypted code is executed in the trusted execution environment to generate a cryptogram including information encrypted using the cryptographic algorithm.