Abstract: Multi-factor authentication techniques are described that use secure push authentication technology for transactions. An embodiment includes receiving, by an assurance platform operating as an authentication service platform, a user authentication request and transaction data from an access control server (ACS), determining an authentication rule, generating a user validation request message, transmitting the user validation request message to a user mobile device, and receiving user authentication data. The assurance platform then validates the user authentication data, transmits a device authentication request, receives a device authentication response signed with a private key of the user, and authenticates the user based on the device authentication response and private key.

Abstract: The sharing of content from one mobile station with a group of mobile stations using near-field communication (NFC) may be initiated, for example, by the one mobile station establishing a NFC link with another mobile station. The one mobile station verifies that the linked mobile station is part of the group, and transmits information regarding the content to be shared to the linked mobile station using NFC. The one mobile station uploads the content to a server using the mobile communication network, such that the content can be retrieved from the server via the mobile communication network by all other mobile stations in the group. The one mobile station or the server can send a notification to the other mobile stations in the group including information for retrieving the uploaded content.

Abstract: A mobile device includes a transceiver for performing wireless communication; one or more secure elements which execute applications in a secure environment; a near field communication system for performing wireless communication independent of the transceiver and at a lower amount of power than said transceiver; and a contactless front end included in the near field communications system for receiving a data message from a near field communication device. The contactless front end includes a filter list for evaluating the data message and for controlling whether each data message is transmitted further into the mobile device.

Abstract: The described examples provide a system and methods for identifying a location of a mobile device within an indoor venue using cellular communication signals obtained while the mobile device is within the indoor venue. An array of antennas arranged within the indoor venue detects cellular communication signals transmitted by the mobile device. The detected cellular communication signals have detectable and measurable signal parameters that allow the location of the mobile device within the indoor venue and an identifier of the mobile device to be determined. The determined identifier of the mobile device may also be used to identify the mobile device subscriber. The mobile device indoor location information may be used to update an anonymized subscriber profile associated with the mobile device subscriber.

Abstract: A system and method are described in which direct communication between a removable tamper-resistant module in a mobile terminal and a third party server is permitted only after security information is transmitted indirectly through a secure server in a mobile network operator that provides mobile communication services to the mobile terminal. The third party server is logically located outside of the mobile network operator. The secure server is configured to be able to communicate with the removable tamper-resistant module via the secure communication link. The information is transmitted from the removable tamper-resistant module to the third party server or from the third party server to the removable tamper-resistant module and includes a key for encryption or decryption or a certificate for verifying data or program transmissions therebetween.

Abstract: A system for adaptive application of device settings is disclosed. In the system, a first device may receive information identifying settings that are applied to one or more second devices. The settings may correspond to interactions, by a user, with the one or more second devices over a period of time. The one or more second devices be may non-mobile devices associated with one or more facilities. The first device may determine information identifying one or more conditions, associated with environmental conditions or conditions associated with the user's mood or physical state, under which the settings are applied to the one or more second devices; store information that correlates the settings of the one or more second devices with the one or more conditions; determine that at least one of the one or more conditions is met; and apply the settings to the one or more second devices.

Abstract: A mobile device includes a transceiver for performing wireless communication; one or more secure elements which execute applications in a secure environment; a near field communication system for performing wireless communication independent of the transceiver and at a lower amount of power than said transceiver; and a contactless front end included in the near field communications system for receiving a data message from a near field communication device. The contactless front end includes a filter list for evaluating the data message and for controlling whether each data message is transmitted further into the mobile device.

Abstract: Systems and methods for managing information about content transmission are disclosed. In some implementations, a first mobile device communicates with a second mobile device, via a short-range radio of the first mobile device, to either send or receive a content item. The first mobile device tags the content item with a tag. The tag identifies the second mobile device. The first mobile device transmits to a server, via an additional radio of the first mobile device, data identifying the content and the second mobile device. The additional radio is different from the short-range radio. The data is transmitted to the server for analyzing short-range radio transmissions between mobile devices.

Abstract: One or more devices may store attribute information identifying multiple attributes associated with a client device that is associated with a particular classification; reclassify the client device based on the attribute information; and provide, based on reclassifying the client device, classification information to a network device to cause the network device to associate a particular policy set, of multiple policy sets, with the client device. The classification information may identify an updated classification of the client device. The updated classification may be different from the particular classification. The particular policy set may be based on the updated classification of the client device. The particular policy set may include an instruction used to process a data flow provided to or provided from the client device.

Abstract: One or more devices may receive attribute information identifying multiple attributes associated with a client device; classify the client device based on the attribute information; and provide, based on classifying the client device, classification information to a network device to cause the network device to associate a particular policy set, of multiple policy sets, with the client device. The classification information may identify a classification of the client device. The particular policy set may be based on the classification of the client device and may include an instruction used to process a data flow provided to or provided from the client device.

Abstract: Exemplary embodiments provide a campaign tool that enables content providers to bid for the opportunity to transmit their content mobile devices associated with consumers though a cloud based computing environment. The campaign tool is hosted by another entity. The content may be any of a variety of different contents types and may be tailored to be relevant to the consumer. The campaign tool may have a bidding system that implements one or more algorithms to manage the bidding process. The content is pushed to the mobile device following an affirmative action, such as an NFC tap, by the consumer.

Abstract: The sharing of content from one mobile station with a group of mobile stations using near-field communication (NFC) may be initiated, for example, by the one mobile station establishing a NFC link with another mobile station. The one mobile station verifies that the linked mobile station is part of the group, and transmits information regarding the content to be shared to the linked mobile station using NFC. The one mobile station uploads the content to a server using the mobile communication network, such that the content can be retrieved from the server via the mobile communication network by all other mobile stations in the group. The one mobile station or the server can send a notification to the other mobile stations in the group including information for retrieving the uploaded content.

Abstract: A mobile station is configured to authenticate applications running thereon in order to control access by the authenticated applications to secure data stored in a subscriber identity module of the mobile station. Sensitive data securely stored in the subscriber identity module is associated with one of multiple personas implemented on the mobile station. When an application running on the mobile station requests access to the secure data, a secure domain controller processes the request and authenticates the application, for example based on an application authentication key. The secure domain controller further determines whether the application is associated with the same persona as the secure data identified in the request. If the application is authenticated, the secure domain controller then allows the application to access secure data associated with the same persona, but prevents the application from accessing secure data associated with other personas.

Abstract: A mobile station is configured to authenticate applications running thereon in order to control access by the authenticated applications to secure data stored in a subscriber identity module of the mobile station. Sensitive data securely stored in the subscriber identity module is associated with one of multiple personas implemented on the mobile station. When an application running on the mobile station requests access to the secure data, a secure domain controller processes the request and authenticates the application, for example based on an application authentication key. The secure domain controller further determines whether the application is associated with the same persona as the secure data identified in the request. If the application is authenticated, the secure domain controller then allows the application to access secure data associated with the same persona, but prevents the application from accessing secure data associated with other personas.

Abstract: A system and method are described in which direct communication between a removable tamper-resistant module in a mobile terminal and a third party server is permitted only after security information is transmitted indirectly through a secure server in a mobile network operator that provides mobile communication services to the mobile terminal. The third party server is logically located outside of the mobile network operator. The secure server is configured to be able to communicate with the removable tamper-resistant module via the secure communication link. The information is transmitted from the removable tamper-resistant module to the third party server or from the third party server to the removable tamper-resistant module and includes a key for encryption or decryption or a certificate for verifying data or program transmissions therebetween.

Abstract: An authentication semiconductor element (such as a chip for a user identity card) and an associated user device include magnetic elements for automatically aligning and holding in place the authentication element on electrical contacts of the user device. The authentication semiconductor element includes a substrate, an electrical circuit, electrical contacts formed on the surface of the substrate, and at least two magnetic elements located on the substrate. The user device includes a communication interface, a processor, and a socket for receiving an authentication semiconductor element. The socket includes electrical contacts and at least two magnetic elements positioned to magnetically interact with the magnetic elements of the authentication element and automatically align the electrical contacts of the authentication element on corresponding electrical contacts of the socket.