Abstract: The present application relates to devices and components including apparatus, systems, and methods to share a credential for accessing a secured entity between an origination device and a recipient device. In some embodiments, the sharing may be cross platform where the recipient device executes a different platform than the origination device.

Abstract: The present application relates to devices and components including apparatus, systems, and methods to share a credential for accessing a secured entity between an origination device and a recipient device. In some embodiments, the sharing may be cross platform where the recipient device executes a different platform than the origination device.

Abstract: The present application relates to devices and components including apparatus, systems, and methods to share a credential for accessing a secured entity between an origination device and a recipient device. In some embodiments, the sharing may be cross platform where the recipient device executes a different platform than the origination device.

Abstract: Systems, methods, and computer-readable media for managing secure transactions between electronic devices and service providers. In one embodiment, an administration entity system may receive device order data from an electronic device, wherein the received device order data is indicative of an order for an item of value of a service provider system to be stored on the electronic device, transmit administration order data to the service provider system based on the received device order data, wherein the administration order data is indicative of the order for the item of value, receive service provider fulfillment data from the service provider system based on the transmitted administration order data, wherein the service provider fulfillment data includes the item of value, and transmit administration fulfillment data to the electronic device based on the received service provider fulfillment data, wherein the administration fulfillment data includes the item of value.

Abstract: Systems, methods, and computer-readable media for managing secure transactions between electronic devices and service providers. In one embodiment, an administration entity system may receive device order data from an electronic device, wherein the received device order data is indicative of an order for an item of value of a service provider system to be stored on the electronic device, transmit administration order data to the service provider system based on the received device order data, wherein the administration order data is indicative of the order for the item of value, receive service provider fulfillment data from the service provider system based on the transmitted administration order data, wherein the service provider fulfillment data includes the item of value, and transmit administration fulfillment data to the electronic device based on the received service provider fulfillment data, wherein the administration fulfillment data includes the item of value.

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device.

Abstract: A device implementing a user configurable direct transfer system may include at least one processor configured to receive, from an electronic device associated with a user account, a request to establish a type of transfer between a first account associated with an entity and a second account associated with the user account, the request including an entity identifier and a transfer type identifier. The at least one processor may be further configured to generate a transfer alias that is stored in association with the entity identifier, a second account identifier, and the transfer type identifier, and provide the transfer alias to the electronic device and a server associated with the entity to facilitate the type of transfer between the first account associated with the entity and the second account associated with the user account.

Abstract: Representative embodiments described herein set forth techniques for optimizing large-scale deliveries of electronic Subscriber Identity Modules (eSIMs) to mobile devices. Specifically, instead of generating and assigning eSIMs when mobile devices are being activated—which can require significant processing overhead—eSIMs are pre-generated with a basic set of information, and are later-assigned to the mobile devices when they are activated. This can provide considerable benefits over conventional approaches that involve generating and assigning eSIMs during mobile device activation, especially when new mobile devices (e.g., smartphones, tablets, etc.) are being launched and a large number of eSIM assignment requests are to be fulfilled in an efficient manner.

Abstract: A device implementing a user configurable direct transfer system may include at least one processor configured to receive, from an electronic device associated with a user account, a request to establish a type of transfer between a first account associated with an entity and a second account associated with the user account, the request including an entity identifier and a transfer type identifier. The at least one processor may be further configured to generate a transfer alias that is stored in association with the entity identifier, a second account identifier, and the transfer type identifier, and provide the transfer alias to the electronic device and a server associated with the entity to facilitate the type of transfer between the first account associated with the entity and the second account associated with the user account.

Abstract: An electronic device may attempt to provision an unprovisioned credential, such as a payment instrument, by providing a message with information specifying the unprovisioned credential to a first computer. This first computer may be associated with a first region in which: a first provisioned credential of a user is supported, the user has registered, and the user can conduct transactions based on the first provisioned credential. However, the unprovisioned credential may be supported in or otherwise associated with a second region. Consequently, the electronic device may receive, from the first computer, redirect information that specifies a second computer associated with the second region. In response, the electronic device can provide the message to the second computer. Further, the electronic device can communicate provisioning information for the unprovisioned credential with the second computer, so the credential can be provisioned.

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device.

Abstract: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called “launch day” of a device).

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device.

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, a secure element in the electronic device receives, from a third party, a notification associated with a financial transaction. This third party may be independent of a counterparty in the financial transaction, such as: a provider of the electronic device or a payment network that processes payment for the financial transaction. In response to the notification, the secure element requests, from the third party, receipt information associated with the financial transaction, and then receives the receipt information from the third party. This receipt information may include a first-level information, such as payment status. Alternatively or additionally, the receipt information may include a second-level information, such as an itemized list of purchased items, links to information and/or discounts.

Abstract: Systems, methods, and computer-readable media for facilitating frictionless credential provisioning on a user electronic device are provided.

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

Abstract: Representative embodiments described herein set forth techniques for optimizing large-scale deliveries of electronic Subscriber Identity Modules (eSIMs) to mobile devices. Specifically, instead of generating and assigning eSIMs when mobile devices are being activated—which can require significant processing overhead—eSIMs are pre-generated with a basic set of information, and are later-assigned to the mobile devices when they are activated. This can provide considerable benefits over conventional approaches that involve generating and assigning eSIMs during mobile device activation, especially when new mobile devices (e.g., smartphones, tablets, etc.) are being launched and a large number of eSIM assignment requests are to be fulfilled in an efficient manner.

Abstract: A secure trusted service manager provider may include at least one processor configured to provide, to an electronic device, a first script to provision an applet instance corresponding to a third party server, the script including a public key corresponding to the third party server. The at least one processor may be configured to receive, from the electronic device, an encrypted symmetric key and provide the encrypted symmetric key to the third party server, the symmetric key being encrypted with the public key. The at least one processor may be configured to receive, from the third party server, an encrypted data element corresponding to a transaction to be performed by the applet instance, the encrypted data element being encrypted with the symmetric key, generate a second script that includes the encrypted data element and provide, to the electronic device, the second script that includes the encrypted data element.

Abstract: Systems, methods, and computer-readable media for personalizing program credentials are provided. For example, a program credential (e.g., loyalty pass) associated with a program provider (e.g., an issuer) subsystem may be customized using personal data. The personal data can be collected from an electronic device before provisioning the customized program credential on the electronic device for use in a suitable transaction. However, such personal data may not be collected unless an administration entity subsystem is first able to validate the program provider subsystem. The administration entity subsystem can generate tracking data that may be used during the validation and/or provisioning in order to track when program credentials are personalized.

Abstract: Representative embodiments described herein set forth techniques for optimizing large-scale deliveries of electronic Subscriber Identity Modules (eSIMs) to mobile devices. Specifically, instead of generating and assigning eSIMs when mobile devices are being activated—which can require significant processing overhead—eSIMs are pre-generated with a basic set of information, and are later-assigned to the mobile devices when they are activated. This can provide considerable benefits over conventional approaches that involve generating and assigning eSIMs during mobile device activation, especially when new mobile devices (e.g., smartphones, tablets, etc.) are being launched and a large number of eSIM assignment requests are to be fulfilled in an efficient manner.