Abstract: An embodiment may include transmitting a manufacturer security certificate to a provisioning server device, and establishing, with the provisioning server device, a secure connection based on the manufacturer security certificate. The embodiment may also involve transmitting, over the secure connection, device data that characterizes the client device, and receiving, over the secure connection, a server security certificate. The embodiment may further include obtaining a unique client device identifier. The embodiment may additionally include, possibly based on the server security certificate and the unique client device identifier, accessing protected information available to a particular pre-validated server device.

Abstract: An example method includes partitioning a software application into two or more instruction blocks each containing one or more software instructions. The two or more instruction blocks are arranged in a sequence defining an order in which to execute the two or more instruction blocks. The method may also involve storing, in a first block of the two or more instruction blocks, a first identifier of the first block and storing, in a second block of the two or more instruction blocks, (i) a second identifier of the second block, (ii) the first identifier of the first block, and (iii) a one-way cryptographic hash of contents of the first block. The first block is adjacent to the second block in the sequence. The method may additionally include transmitting, to a computing device, the two or more instruction blocks for execution by the computing device in the defined order.

Abstract: An automobile may contain a communications system including a local-area wireless transceiver and a wide-area wireless transceiver, a user interface, a processor, and memory. The automobile may perform operations comprising: (i) placing the communications system in a transaction mode, (ii) receiving, by way of the local-area wireless transceiver and from a first party device, a transaction token that proposes a transaction between the first party device and an entity associated with the automobile, (iii) displaying, by way of the user interface, a representation of the transaction, (iv) receiving, by way of the user interface, approval to conduct the transaction, (vi) transmitting, by way of the wide-area wireless transceiver and to a second party device, a request to conduct the transaction, and (vii) receiving, by way of the wide-area wireless transceiver and from the second party device, a confirmation that the transaction was successful.

Abstract: An embodiment may include transmitting a manufacturer security certificate to a provisioning server device, and establishing, with the provisioning server device, a secure connection based on the manufacturer security certificate. The embodiment may also involve transmitting, over the secure connection, device data that characterizes the client device, and receiving, over the secure connection, a server security certificate. The embodiment may further include obtaining a unique client device identifier. The embodiment may additionally include, possibly based on the server security certificate and the unique client device identifier, accessing protected information available to a particular pre-validated server device.

Abstract: An embodiment may involve receiving, by a computing system, a message from a wireless service provider system. The computing system may include one or more computing devices located, e.g., in the trusted cloud. The message may contain a service-provider-based identity of a client device, an indication that the service-provider-based identity has been authenticated by the wireless service provider, and a code that the client device obtained from a remote machine proximate to the client device. The computing system may generate an anonymized identity of the client device based on the service-provider-based identity. The computing system may verify that a task associated with the code is within the authorized capabilities of the anonymized identity. Possibly based on the code (and perhaps other information as well), the computing system may transmit an instruction to the remote machine. The instruction may direct the remote machine to perform the task.

Abstract: An embodiment may include transmitting a manufacturer security certificate to a provisioning server device, and establishing, with the provisioning server device, a secure connection based on the manufacturer security certificate. The embodiment may also involve transmitting, over the secure connection, device data that characterizes the client device, and receiving, over the secure connection, a server security certificate. The embodiment may further include obtaining a unique client device identifier, where the unique client device identifier is stored in a secure memory element of the client device. The embodiment may additionally include, possibly based on the server security certificate and the unique client device identifier, accessing protected information available to a particular pre-validated server device.

Abstract: An embodiment may involve receiving, by a computing system, a message from a wireless service provider system. The computing system may include one or more computing devices located, e.g., in the trusted cloud. The message may contain a service-provider-based identity of a client device, an indication that the service-provider-based identity has been authenticated by the wireless service provider, and a code that the client device obtained from a remote machine proximate to the client device. The computing system may generate an anonymized identity of the client device based on the service-provider-based identity. The computing system may verify that a task associated with the code is within the authorized capabilities of the anonymized identity. Possibly based on the code (and perhaps other information as well), the computing system may transmit an instruction to the remote machine. The instruction may direct the remote machine to perform the task.

Abstract: An embodiment may include transmitting a manufacturer security certificate to a provisioning server device, and establishing, with the provisioning server device, a secure connection based on the manufacturer security certificate. The embodiment may also involve transmitting, over the secure connection, device data that characterizes the client device, and receiving, over the secure connection, a server security certificate. The embodiment may further include obtaining a unique client device identifier, where the unique client device identifier is stored in a secure memory element of the client device. The embodiment may additionally include, possibly based on the server security certificate and the unique client device identifier, accessing protected information available to a particular pre-validated server device.

Abstract: Methods, systems, and apparatus include computer programs encoded on a computer-readable storage medium, including a method for conducting a transaction involving a consumer engaged with a machine. A transaction request initiated by a consumer device is received for a prior-registered consumer and product/service associated with the engaged machine. The transaction request includes information to identify the consumer from among registered consumers, and to identify the product or service provider associated with the engaged machine from among registered product or service providers, and information obtained from the machine to identify a proposed transaction between the consumer and the product or service provider. An authorization process for the proposed transaction is initiated for the registered consumer that is a party to the proposed transaction, an authorization decision result is received without further communication with the device or machine.