Abstract: Examples relate to transaction authentication. In one example, a computing device may: receive, from a payment terminal: transaction data for a transaction, a terminal identifier of the payment terminal, and a first message authentication code (MAC) for the transaction; obtain, from an authentication cache and using the terminal identifier, a terminal secret for the payment terminal; combine the transaction data and the terminal identifier to create a message; generate a second message authentication code (MAC) using the message as input and the terminal secret as a key; and determine, using the first MAC and second MAC, whether the transaction data is authentic.

Abstract: The certificate revocation lists at access points of a wireless access network can be reduced. In one embodiment, an Internet Service Provider (“ISP”) connected to the wireless access network can receive a subscription request from a user terminal capable of accessing the ISP using the wireless access network. When the ISP assigns a subscription identifier to the user terminal, it also provides a service certificate signed by a certificate authority including the subscription identifier. In addition, the ISP also provides the user terminal one or more session certificates to be used to access the wireless access network, where the session certificates having a shorter validity period than the service certificate.

Abstract: A user terminal of a wireless access network can use a digital certificate to authenticate itself to access points of the wireless access network. In one embodiment, the user terminal includes a memory to store an identity certificate signed by a certificate that the user terminal can use for authentication, where the identity certificate being based, at least in part, on hardware included in the user terminal. In one specific embodiment, the identity certificate is tied to the serial number of the user terminal.

Abstract: The certificate issued by a certificate authority used in authenticating a user terminal can be scrambled prior to being set to an access point. In one embodiment, the present invention includes a user terminal having a memory in which a user terminal certificate is stored. The user terminal also has a processor coupled to the memory to scramble the user terminal certificate using a shared secret to be known only by the user terminal and an access point of the wireless access network, and a transmitter coupled to the processor to send a message to the access point, the message including the scrambled user terminal certificate.