Abstract: Cryptocurrency transactions are increasing in prevalence. An important security practice for cryptocurrency transactions includes maintaining a crypto wallet with a private key for signing cryptocurrency transactions. Hardware based crypto wallets with a secure element retaining the private key are highly secure. This disclosure provides a hardware based crypto wallet with a small form factor and a display screen for entering recovery seed phrases. The security of the display screen is enhanced via a novel data entry mechanism that does not require a separate processor but can be handled directly by a processor of a secure element.

Abstract: A cryptocurrency payment system facilitates electronic transactions at point of sale terminals using cryptocurrency. A payment card may include a secure element to sign a cryptocurrency transaction at a point of sale device. A server may interact with the point of sale terminal and a blockchain to initiate a smart contract or other mechanism for transferring control of cryptocurrency from a buyer cryptocurrency wallet to a seller cryptocurrency wallet. Upon successful transfer, the server may provide an indication of transaction approval to the point of sale terminal. In this manner, cryptocurrency may be utilized for transactions at point of sale devices in a manner similar to conventional payment cards.

Abstract: Systems, methods and devices for generating a device certificate for determining control privileges for a primary controller and a secondary controller. The system may also include an embedded device. The primary controller may include a first memory configured to store a root certificate that includes a first set of device control privileges, and a first processor coupled to the first memory. The first processor may be configured to determine that the first set of device control privileges allow the primary controller to generate a device certificate for the secondary controller, generate the device certificate with a second set of device control privileges, and assign the device certificate to the secondary controller. The first processor may be configured to issue or send the device certificate to the secondary controller and send a public key of the root certificate to the embedded device to verify the device certificate.

Abstract: Systems, methods, and devices for remote control of IoT devices include a gateway device providing interconnection between a remote gateway device and an embedded device. The embedded device may be a device with short-range or peer-to-peer communication capabilities and the gateway device may provide interconnection of the embedded device to a communication network such as the internet. Commands may be provided remotely over the communication network to the gateway device for execution by the embedded device.

Abstract: Systems, methods and devices to identify and authenticate controllers of embedded devices without direct connection to a server. The system has a plurality of controllers including a first controller and a second controller. The system has an embedded device configured to obtain a first device certificate from the first controller, obtain a second device certificate from the second controller, extract a first user identifier and a first set of device control privileges from the first device certificate, extract a second user identifier and a second set of device control privileges from the second device certificate, determine whether the second user identifier within the second device certificate is the same as to the first user identifier within the first device certificate, and allow or prevent access to the embedded device by the second controller based on the determining whether the second user identifier is the same as the first user identifier.

Abstract: Methods, systems, devices and apparatuses for sterilizing and charging a wearable device. The sterilizing and charging apparatus includes one or more light sources. The one or more light sources are configured to detect or sterilize the wearable device. The sterilizing and charging apparatus includes a wireless charging device. The wireless charging device is configured to charge the wearable device. The sterilization and charging apparatus includes a controller coupled to the one or more light sources and the wireless charging device. The controller is configured to determine, using the one or more light sources, that the wearable device is within an enclosure. The controller is configured to sterilize the wearable device using the one or more light sources and/or wirelessly charge the wearable device using the wireless charging device.

Abstract: Methods, systems, devices, and apparatuses for securely providing an over-the-air firmware upgrade. The system includes an embedded device configured to receive the firmware upgrade. The system includes a server having a memory configured to store a first key encryption key, the firmware upgrade and a firmware key and having a processor coupled to the memory. The processor is configured to obtain the firmware upgrade, the firmware key and the first key encryption key. The processor is configured to encrypt the firmware upgrade using the firmware key. The processor is configured to encrypt the firmware key with the first key encryption key and transmit the encrypted firmware upgrade and the encrypted firmware key to the embedded device.

Abstract: Methods, systems, devices and apparatuses for preventing use of fraudulent and/or counterfeit embedded devices. The anti-cloning system includes a first device configured to be coupled to or receive a first embedded device. The first embedded device has a first unique identity value. The anti-cloning system includes a controller. The controller is coupled to the first device. The controller has a controller memory. The controller memory is configured to store a public verification key. The controller has a controller processor. The controller processor is coupled to the controller memory and configured to verify the first unique identity value using the public verification key. The controller processor is configured to allow or permit the first device to operate and use the first embedded device when the first unique identity value is verified.

Abstract: Methods, systems, devices and apparatuses for securely providing an over-the-air firmware upgrade. The system includes an embedded device configured to receive the firmware upgrade. The system includes a server having a memory configured to store a first key encryption key, the firmware upgrade and a firmware key and having a processor coupled to the memory. The processor is configured to obtain the firmware upgrade, the firmware key and the first key encryption key. The processor is configured to encrypt the firmware upgrade using the firmware key. The processor is configured to encrypt the firmware key with the first key encryption key and transmit the encrypted firmware upgrade and the encrypted firmware key to the embedded device.

Abstract: Methods, systems, and apparatus for providing secure communication. The device includes a trusted environment having a memory that is configured to store an application. The device includes one or more processors configured to perform operations of the application that execute within the trusted environment. The operations include sending an access request to connect with a second device, receiving an authentication request from the second device that requests the application to provide a zero-knowledge password proof and obtaining the zero-knowledge password proof. The operations also include sending the zero-knowledge password proof to the second device and establishing a communication channel with the second device.

Abstract: Methods, systems, and apparatus for providing secure communication. The device includes a secure element for generating application key pairs. The device includes a trusted environment that is physically or logically isolated from an untrusted environment. The trusted environment includes one or more processors configured to perform operations of an application. The operations include generating an application key pair. The application key pair includes a secure element private key and a secure element public key. The operations include sending an application authentication request including one or more device identifiers and the secure element public key to a server. The operations include obtaining a digital certificate that includes the secure element public key and the one or more device identifiers. The operations include providing the digital certificate to a second device and establishing a secure communication channel between the device and the second device using the digital certificate.

Abstract: Systems and methods relating to providing long-range network service to short-range wireless devices are disclosed. The system includes a short-range wireless device, a remote server, and a long-range wireless device for establishing a data path between the short-range wireless device and the remote server. The system performs a described method by using the short-range wireless device to alternate the transmission and concealment of an incitation signal so as to allow the long-range wireless device to establish and maintain the data path without any intervention, supervision, or inputs from a human user.