Abstract: Systems, methods, and computer program products are provided for enabling instrument credentials on a secure element. Application identifiers of credentials are stored on at least one memory. An input to an interface causes an instrument representation corresponding to a set of credentials to be displayed on the interface. The application identifier of the displayed instrument is retrieved from the memory and transmitted in a request to a secure element to enable an applet corresponding to the application identifier. A response is received indicating whether the applet corresponding to the application identifier is enabled.

Abstract: System, methods, and computer program products are provided for managing service upgrades. A service upgrade procedure upgrades a service from a first version of the service installed on a secure element to a second version of the service. Thus, applets may be comprehensively managed post-issuance. User experience is improved.

Abstract: A system, method, and computer readable storage medium for managing applications on a secure element. A request to modify the availability state of a version of a service, the availability state of the service being stored in a memory, is received. The availability state of the version of the service stored in the memory is modified in accordance with the request. More specifically, the availability state is modified to: (i) unavailable in a case where the request includes an instruction to disable the version of the service, and (ii) available in a case where the request includes an instruction to enable the version of the service. The service is associated with a secure element profile.

Abstract: Systems, methods, and computer program products are provided for performing content management operations. At least one memory stores data, and a central security domain manages instructions on behalf of one or more service provider security domains. The instructions are received, over a network, from a trusted service manager. The instructions are processed in at least one of the one or more determined service provider security domains, using the data stored in the at least one memory. The data includes one or more generic applications, each of which can be instantiated for one or more service providers.

Abstract: Systems, methods, and computer program products are provided for managing access control. A first set of access control rules is stored in a memory of mobile communication device. The mobile communication device receives from a trusted server over a communication network a notification message indicating that an access control rule has been updated in a secure element. In response to receiving the notification message, the mobile communication device retrieves from the secure element a second set of access control rules including at least the access control rule that has been updated. The first set of access control rules is updated based on the second set of access control rules retrieved from the secure element. An applet stored on the secure element is accessed via an application running on the mobile communication device, in accordance with the updated first set of access control rules.

Abstract: Systems, methods, and computer program products are provided for managing installation of services on a secure element having a secure element profile. A request to install a service on the secure element is received. There is a determination of a preferred version of the service corresponding to the secure element profile of the secure element. There is also a determination of an existing version of the service loaded on the secure element. Using a rules engine, there is a determination of whether to install on the secure element either the existing version of the service or the preferred version of the service. A command is transmitted to either (a) install the existing version of the service or (b) delete the existing version of the service and load and install the preferred version of the service, based on the determination using the rules engine.

Abstract: Systems, methods, and computer program products are provided for managing activation in a mobile wallet. A wallet activation request is received from a wallet client. The wallet activation request is transmitted to a central trusted service manager (TSM). One or more push messages including activation data are received from the TSM, and the push messages are transmitted to the wallet client, in response to a second request from the wallet client while the wallet client is in an active state.

Abstract: Systems, methods, and computer program products are provided for managing data re-installation including service re-installation. A re-installation procedure re-installs and optionally activates data at least partially installed on a secure element without intervention middleware to repair a personalization procedure failure. Thus, personalization data on a secure element (SE) may be comprehensively managed by interfacing between one of a plurality of service provider (SP) trusted service managers (TSM) and a central trusted service manager (central TSM). The processing time required to manage the re-installation procedure is minimized.

Abstract: System, methods, and computer program products are provided for managing mobile entity states. A first notification is received over a communications network, the first notification including data indicating that a first service associated with a mobile device has been suspended. State information stored in a memory is updated based on the data included in the first notification. A second notification is transmitted over a communications network, the second notification indicating that the state information has been updated.

Abstract: Systems, methods, and computer-program products are provided for managing remote transactions. Applet data and transaction parameters are received from a mobile wallet platform over a communications network. The applet data and transaction parameters are communicated to a secure element. Transaction data is received from the secure element. The transaction data is transmitted to the mobile wallet platform over a communications network. The transaction data includes one or more of (1) an account number and (2) a verification code.

Abstract: Systems, methods, and computer-program products are provided for managing remote transactions. A first request including a wallet identifier (WID) is received from a merchant system. One or more sets of account data, each including an account identifier, are retrieved from at least one memory, based on the WID. A first response including the one or more sets of account data retrieved from the at least one memory are transmitted to the merchant system. An authorization request including an account identifier corresponding to one of the one or more sets of account data retrieved from the at least one memory are received, from either the merchant system or an acquirer system. A transaction data request including the account identifier is transmitted to an issuer system. A transaction data response including transaction data is received from the issuer system and the transaction data is transmitted to the merchant system or the acquirer system.

Abstract: System, methods, and computer program products are provided for interfacing between one of a plurality of service provider (SP) trusted service managers (TSM) and one of a plurality of secure elements (SE). A first request to renew a service is received from an SP system over a communications network. The first request includes a service qualifier associated with the service. A secure element corresponding to the service qualifier is determined. A second request to delete data associated with the service qualifier from the secure element is transmitted to the secure element. A third request to install an application on the secure element is transmitted to the secure element. A fourth request to activate the application on the secure element is transmitted to the secure element.

Abstract: Methods, systems and computer program products are provided for managing service provider offers. An offer associated with a service provider is generated and the offer includes attributes defining the offer. A campaign is selected to pair the offer to. The campaign includes criteria for receiving the offer. The offer is delivered to a mobile device associated with a consumer matching the campaign criteria, and is rendered at the mobile device.

Abstract: Methods, systems and computer program products are provided for managing service provider loyalty programs. Loyalty program information associated with a service provider is generated. The loyalty program information defines a loyalty program. An electronic loyalty card based on the loyalty program is stored at the mobile device after enrollment of the mobile device. The loyalty program information associated with the loyalty card is enabled to be redeemed at a transaction location, and the loyalty program information is reconciled between the service provider and the mobile device.

Abstract: Systems, methods, and computer program products are provided for securing and managing applications on a secure element. Mobile wallet data is stored in at least one memory. Authentication data is received from a mobile wallet. A determination is made as to whether the authentication data is valid, based on a comparison of the authentication data and the mobile wallet data. If the authentication data is valid, processing of one or more commands is enabled. A first command is received from the mobile wallet. A determination is made as to whether processing of the first command is enabled, and if the first command is enabled, the first command is processed.

Abstract: Systems, methods, and computer program products are provided for providing offers to mobile wallets. A request including offer data and authentication data is received from a client portal system. The authentication data is validated. A validation result based on the validation of the authentication data is generated. A response including the validation result is transmitted to the client portal system. An offer including the offer data is transmitted to a mobile device. The offer data includes an offer identifier (ID), and the mobile device includes a mobile wallet associated with the authentication data.

Abstract: Systems, methods and computer program products are provided for managing contactless transactions. A first tap is performed when a system is placed within a predetermined proximity to a payment terminal. A first select command including an AID corresponding to a first application is received from the payment terminal. A first response based on the first select command is transmitted to the payment terminal. A data request including information indicating supported data types is received from the payment terminal. A second response based on the data request and including transaction data is transmitted to the payment terminal. The transaction data includes at least a portion of commerce data stored in the at least one memory.

Abstract: Systems, methods, and computer program products are provided for provisioning service accounts into mobile wallets and managing events. A first request is received from a requestor system, and stored in memory. A second request based on the first request is transmitted to a server. A response, including a response code indicating a status of processing of the first request, is transmitted to the requestor system. The first request is one of a request to: set up a service account, update a service account state, update information in a mobile wallet, manage messages, obtain account information, or publish event information.

Abstract: System, methods, and computer program products are provided for detecting and managing changes associated with a mobile wallet. Current mobile wallet data is retrieved from at least one memory, and new mobile device attributes are retrieved. It is determined whether a change has occurred based on a comparison of the current mobile wallet data and the new mobile device attributes. A request to process a change is transmitted to a server on a communications network. Update data is received over the communications network, and the current mobile wallet data is updated in the at least one memory with the update data.