Abstract: A method is disclosed. The method comprises transmitting, by an access device to a communication device, a resource provider certificate and an access device certificate. Then, establishing a secure channel between the access device and the communication device using data from the resource provider certificate and the access device certificate. Then, transmitting to or receiving data from the communication device using the secure channel.

Abstract: Systems and methods are disclosed for preventing relay or replay attacks using time-stamped, localized footprint data. An access device may receive, from one or more beacon transmitters, a plurality of broadcast messages, each broadcast message, of the plurality of broadcast messages, comprising a timestamp and a unique identifier for a beacon transmitter, of the one or more beacon transmitters. The access device may store the timestamps and the unique identifiers. The access device may receive, from a user device, an access request comprising timestamps and unique identifiers corresponding to a subset of the broadcast messages received by the access device. The access device may verify that the stored timestamps and unique identifiers match the timestamps and unique identifiers received from the user device. Based on the verifying, the access device may authenticate the access request.

Abstract: A method includes receiving, by a server computer, a thin client identifier from a thin client on a communication device. The server computer can then retrieve an encrypted first cryptographic key based on the thin client identifier. The encrypted first cryptographic key is a first cryptographic key that is encrypted with a second cryptographic key. The server computer can initiate the sending of the encrypted first cryptographic key to the thin client. The server computer then receives an encrypted secret from the thin client, the encrypted secret being a secret encrypted with the first cryptographic key.

Abstract: Systems and methods are disclosed for performing a secure exchange of encryption keys (e.g., public keys) between two devices. One or more initialization keys are stored at both devices. In some embodiments, at least one device (e.g., a reader device) stores the initialization key(s) (e.g., a symmetric key, an asymmetric key pair) in local memory as part of performance of a manufacturing process for the device. The second device (e.g., a thin client device) may receive the initialization key(s) from an acceptance cloud (e.g., a server computer configured to perform terminal processing). The initialization key(s) are utilized to perform a secure exchange of the devices' respective public keys. Once these public keys are exchanged, the devices may proceed to establishing a secure connection with which subsequent operations may be performed.

Abstract: A method is disclosed. The method comprises transmitting, by an access device to a communication device, a resource provider certificate and an access device certificate. Then, establishing a secure channel between the access device and the communication device using data from the resource provider certificate and the access device certificate. Then, transmitting to or receiving data from the communication device using the secure channel.

Abstract: Systems and methods are disclosed for preventing relay or replay attacks using time-stamped, localized footprint data. An access device may receive, from one or more beacon transmitters, a plurality of broadcast messages, each broadcast message, of the plurality of broadcast messages, comprising a timestamp and a unique identifier for a beacon transmitter, of the one or more beacon transmitters. The access device may store the timestamps and the unique identifiers. The access device may receive, from a user device, an access request comprising timestamps and unique identifiers corresponding to a subset of the broadcast messages received by the access device. The access device may verify that the stored timestamps and unique identifiers match the timestamps and unique identifiers received from the user device. Based on the verifying, the access device may authenticate the access request.

Abstract: Systems and methods are disclosed for preventing relay or replay attacks using time-stamped, localized footprint data. An access device may receive, from one or more beacon transmitters, a plurality of broadcast messages, each broadcast message, of the plurality of broadcast messages, comprising a timestamp and a unique identifier for a beacon transmitter, of the one or more beacon transmitters. The access device may store the timestamps and the unique identifiers. The access device may receive, from a user device, an access request comprising timestamps and unique identifiers corresponding to a subset of the broadcast messages received by the access device. The access device may verify that the stored timestamps and unique identifiers match the timestamps and unique identifiers received from the user device. Based on the verifying, the access device may authenticate the access request.

Abstract: Systems and methods are disclosed for preventing relay or replay attacks using time-stamped, localized footprint data. An access device may receive, from one or more beacon transmitters, a plurality of broadcast messages, each broadcast message, of the plurality of broadcast messages, comprising a timestamp and a unique identifier for a beacon transmitter, of the one or more beacon transmitters. The access device may store the timestamps and the unique identifiers. The access device may receive, from a user device, an access request comprising timestamps and unique identifiers corresponding to a subset of the broadcast messages received by the access device. The access device may verify that the stored timestamps and unique identifiers match the timestamps and unique identifiers received from the user device. Based on the verifying, the access device may authenticate the access request.