Abstract: Systems, methods, and software can be used to detect anomalies in source code. In some aspects, a method comprises: obtaining, by a server, one or more attribute values associated with one or more code commits of source code; and generating, by the server and based on the one or more attribute values, an anomaly report indicating a risk level of the source code.

Abstract: Systems, methods, and software can be used to detect backdoors in binary software code. In some aspects, a method comprises: obtaining, by a server, binary software code corresponding to source code; generating, by the server, a backdoor abstraction of the binary software code; and generating, by the server, a backdoor risk assessment based on the backdoor abstraction of the binary software code.

Abstract: Systems, methods, and software can be used to identify security risks in software code based on software bill of materials (SBOM). In some aspects, a method includes: obtaining, by a server, software code and a SBOM corresponding to the software code; identifying, by the server and based on the SBOM, a library used by the software code; and generating, by the server, a risk assessment based on at least one metric corresponding to the library, where the at least one metric is associated with one or more maintainers of the library.

Abstract: Methods and devices for accessing protected applications. A client device accessing a protected application executing on the application server is provided. The client device configured to establish a session between the client device and the application server based on an exchange of authentication credential information between the client device and the application server; generate an authentication token from the authentication credential information associated with the protected application; transfer the authentication token to the remote server for storage at the remote server; and transmit a directive to the remote server to access the protected application executing on the application server, where the directive includes an identifier associated with the authentication token for accessing the protected application.

Abstract: A mobile communications device includes a near field communication (NFC) device, a movement determining device, and a processor coupled with the NFC device and the movement determining device. The processor performs operations for selectively switching between a first operating mode, in which the NFC device is enabled for NFC communication, and a second operating mode. When switched to the unsecure operating mode, the processor performs operations for enabling the NFC device for NFC communication until the mobile communications device moves beyond a threshold distance based upon the movement determining device.

Abstract: Methods and devices for accessing protected applications. A client device accessing a protected application executing on the application server is provided. The client device configured to establish a session between the client device and the application server based on an exchange of authentication credential information between the client device and the application server; generate an authentication token from the authentication credential information associated with the protected application; transfer the authentication token to the remote server for storage at the remote server; and transmit a directive to the remote server to access the protected application executing on the application server, where the directive includes an identifier associated with the authentication token for accessing the protected application.

Abstract: A method in an access control server of controlling access to an enterprise network includes: receiving, at the access control server from a client computing device outside the enterprise network, a request to establish a connection between the client computing device and an enterprise server in the enterprise network; at the access control server, responsive to receiving the request, obtaining a security attribute of the enterprise server from a central repository outside the enterprise network; determining, based on the security attribute, whether the enterprise server meets a predefined security threshold; and when the enterprise server does not meet the predefined security threshold, denying the request to establish a connection between the client computing device and the enterprise server.

Abstract: A mobile communications device may include a near field communications (NFC) device, an input device configured to generate a memory wipe command, a memory, and a memory controller coupled with the NFC device, the input device, and the memory. The memory controller may be capable of receiving secure data from a provisioning server to the memory, receiving wiping instruction data from the provisioning server to the memory for wiping the secure data from the memory, and wiping the secure data from the memory based upon the memory wipe command and the received wiping instruction data.

Abstract: A communications system may include a provisioning terminal comprising a first near field communications (NFC) device, where the provisioning terminal is capable of communicating with a provisioning server. The system may further include a mobile communications device comprising a second NFC device, a processor capable of providing a mobile wallet interface, a memory, and a memory controller coupled with the second NFC device, the memory, and the processor. The memory controller may be capable of receiving an applet and associated mobile wallet interface data from the provisioning server via the provisioning terminal based upon NFC communication between the first NFC device and the second NFC device, storing the applet and the associated mobile wallet interface data in the memory, and sending the mobile wallet interface data from the memory to the processor for the mobile wallet interface.

Abstract: A mobile communications device may include a near field communications (NFC) device, an input device configured to generate a memory wipe command, a memory, and a memory controller coupled with the NFC device, the input device, and the memory. The memory controller may be configured to receive secure data from a provisioning server and store the secure data into the memory, receive wiping instruction data from the provisioning server and store the wiping instruction data into the memory for wiping the secure data from the memory, and wipe the secure data from the memory without an over-the-air (OTA) connection to the provisioning server based upon the memory wipe command and the wiping instruction data stored in the memory.

Abstract: A trusted service manager (TSM) server may include at least one communications device capable of communicating with at least one application server, a verification database server, and at least one mobile communications device. The TSM server may further include a processor coupled with the at least one communications device and capable of registering the at least one application server with the verification database server, receiving a request from the at least one application server to access the memory of the mobile communications device, cooperating with the verification database server to verify the at least one application server based upon the access request and based upon registering of the at least one application server, and writing application data from the at least one application server to the memory of the at least one mobile communications device based upon verifying the at least one application server.

Abstract: A mobile communications device may include a near field communication (NFC) device, and a processor coupled with the NFC device. The processor may be configured to operate a first NFC applet and a second NFC applet, determine whether concurrent enabling of the first NFC applet and the second NFC applet will cause a compatibility conflict, and concurrently enable the first NFC applet and the second NFC applet for communicating data via the NFC device based upon a determination that concurrent enabling of the first NFC applet and the second NFC applet will not cause the compatibility conflict.

Abstract: A method and system for managing, from a communication device, a secure element for contactless transactions such as mobile payment applications. The communication device includes a memory for storing one or more device applications. The method includes determining that an application stored on the secure element does not have an association with any of the device applications, and in response to the determining, sending a communication to a server to delete the application from the secure element.

Abstract: A mobile wireless communications device may include a wireless transceiver, a processor coupled with the wireless transceiver, and a near-field communication (NFC) device coupled with the processor. The NFC device may include an NFC controller, an NFC transceiver coupled with the NFC controller, and a first memory coupled with the NFC controller. The first memory may be configured to store at least one first application. The mobile wireless communications device may also include a second memory coupled to the processor and configured to store at least one second application. The processor may be configured to disable the NFC transceiver based upon a security condition, disable access to the at least one first application, erase the at least one second application, perform reset operation, and erase the at least one application from the first memory after the reset operation.

Abstract: A mobile communications device may include a near field communication (NFC) device, a movement determining device, and a processor coupled with the NFC device and the movement determining device. The processor may be capable of selectively switching between a first operating mode, in which the NFC device is enabled for NFC communication, and an second operating mode. The processor may also be capable of, when switched to the unsecure operating mode, enabling the NFC device for NFC communication until the mobile communications device moves beyond a threshold distance based upon the movement determining device.

Abstract: A trusted service manager (TSM) server may include at least one communications device capable of communicating with at least one application server, a verification database server, and at least one mobile communications device. The TSM server may further include a processor coupled with the at least one communications device and capable of registering the at least one application server with the verification database server, receiving a request from the at least one application server to access the memory of the mobile communications device, cooperating with the verification database server to verify the at least one application server based upon the access request and based upon registering of the at least one application server, and writing application data from the at least one application server to the memory of the at least one mobile communications device based upon verifying the at least one application server.

Abstract: A communications system may include a provisioning terminal comprising a first near field communications (NFC) device, where the provisioning terminal is capable of communicating with a provisioning server. The system may further include a mobile communications device comprising a second NFC device, a processor capable of providing a mobile wallet interface, a memory, and a memory controller coupled with the second NFC device, the memory, and the processor. The memory controller may be capable of receiving an applet and associated mobile wallet interface data from the provisioning server via the provisioning terminal based upon NFC communication between the first NFC device and the second NFC device, storing the applet and the associated mobile wallet interface data in the memory, and sending the mobile wallet interface data from the memory to the processor for the mobile wallet interface.

Abstract: A method and system for managing, from a communication device, a secure element for contactless transactions such as mobile payment applications. The communication device includes a memory for storing one or more device applications. The method includes determining that an application stored on the secure element does not have an association with any of the device applications, and in response to the determining, sending a communication to a server to delete the application from the secure element.

Abstract: A mobile communications device may include a near field communications (NFC) device, an input device configured to generate a memory wipe command, a memory, and a memory controller coupled with the NFC device, the input device, and the memory. The memory controller may be configured to receive secure data from a provisioning server and store the secure data into the memory, receive wiping instruction data from the provisioning server and store the wiping instruction data into the memory for wiping the secure data from the memory, and wipe the secure data from the memory without an over-the-air (OTA) connection to the provisioning server based upon the memory wipe command and the wiping instruction data stored in the memory.

Abstract: A mobile communications device may include a near field communications (NFC) device, an input device configured to generate a memory wipe command, a memory, and a memory controller coupled with the NFC device, the input device, and the memory. The memory controller may be capable of receiving secure data from a provisioning server to the memory, receiving wiping instruction data from the provisioning server to the memory for wiping the secure data from the memory, and wiping the secure data from the memory based upon the memory wipe command and the received wiping instruction data.