Abstract: A system and method for the management of electronic credentials stored on mobile devices. The system may encrypt information that is provided to a lock device and an access control system using diversification keys. The diversification keys may be generated by supplying a master key and a component identifier such as, for example, a mobile device identifier, to a diversification algorithm. The mobile device may be a conduit for the communication of information between the access control system and the lock device. The mobile device may be unable to decrypt information that has been encrypted by a diversification key. Embodiments also provide for enrolling administrative mobile devices with the access control system, the distribution and revocation of credential identifiers for user mobile device, and removing administrative mobile devices that are enrolled with lock devices.

Abstract: A server may receive information from a computer, store the information in a database at the server, determine a reader device that is configured to receive and/or process credential information and/or a unique identifier and to receive the information based on an analysis of the information, select one or more mobile devices to deliver the information to the reader, and transmit data to the one or more mobile devices where the data includes at least a portion of the information.

Abstract: A wireless connection may be established between a mobile device and a reader device and/or a sensor. The reader device and/or sensor may authenticate the mobile device. The reader device and/or sensor may receive a credential or token from the mobile device. An action may be performed based on certain criteria such as if the credential or token is valid.

Abstract: Methods and systems for controlling a network access control system that includes a server encrypting a first identifier that can be related to a registered user and communicating the encrypted first identifier to the mobile device. The lock device receives, from the mobile device, a first data set that includes at least the encrypted first identifier. The lock device may encrypt the first data set to generate a second data set and communicates the encrypted second data set to the mobile device. The server receives a third data set that includes at least the encrypted second data set and a second identifier that can also be related to the registered user. The server extracts from the communicated third data set the first and second identifiers, and the extracted first and second identifiers are compared to verify that the second identifier is indeed related to the first identifier.

Abstract: A wireless access control system is provided including an electronic lock, a wireless transport device configured for wireless communication with a network and with the electronic lock and having access privilege to the electronic lock, and wherein the wireless transport device is configured to wirelessly receive data from the network, to wirelessly deliver the data to the electronic lock, and to verify to the network that the data has been successfully transferred to the electronic lock. In one embodiment, the wireless transport device is a cellular phone. A method is also provided including transporting data wirelessly from a network to a plurality of cellular phones having access privileges to an electronic lock, and delivering the data to the electronic lock wirelessly using at least one of the cellular phones.

Abstract: A reader device may generate a first identifier. The reader device may transmit the first identifier to a mobile device. The reader device may receive encrypted data and unencrypted data from the mobile device in which the encrypted data includes a second identifier. The reader device may evaluate whether the first identifier and the second identifier correspond to one another.

Abstract: A reader device may generate a first identifier. The reader device may transmit the first identifier to a mobile device. The reader device may receive encrypted data and unencrypted data from the mobile device in which the encrypted data includes a second identifier. The reader device may evaluate whether the first identifier and the second identifier correspond to one another.

Abstract: Methods and systems for controlling a network access control system that includes a server encrypting a first identifier that can be related to a registered user and communicating the encrypted first identifier to the mobile device. The lock device receives, from the mobile device, a first data set that includes at least the encrypted first identifier. The lock device may encrypt the first data set to generate a second data set and communicates the encrypted second data set to the mobile device. The server receives a third data set that includes at least the encrypted second data set and a second identifier that can also be related to the registered user. The server extracts from the communicated third data set the first and second identifiers, and the extracted first and second identifiers are compared to verify that the second identifier is indeed related to the first identifier.

Abstract: A system and method for the management of electronic credentials stored on mobile devices. The system may encrypt information that is provided to a lock device and an access control system using diversification keys. The diversification keys may be generated by supplying a master key and a component identifier such as, for example, a mobile device identifier, to a diversification algorithm. The mobile device may be a conduit for the communication of information between the access control system and the lock device. The mobile device may be unable to decrypt information that has been encrypted by a diversification key. Embodiments also provide for enrolling administrative mobile devices with the access control system, the distribution and revocation of credential identifiers for user mobile device, and removing administrative mobile devices that are enrolled with lock devices.

Abstract: A wireless connection may be established between a mobile device and a reader device and/or a sensor. The reader device and/or sensor may authenticate the mobile device. The reader device and/or sensor may receive a credential or token from the mobile device. An action may be performed based on certain criteria such as if the credential or token is valid.

Abstract: A reader device may generate a first identifier. The reader device may transmit the first identifier to a mobile device. The reader device may receive encrypted data and unencrypted data from the mobile device in which the encrypted data includes a second identifier. The reader device may evaluate whether the first identifier and the second identifier correspond to one another.

Abstract: A reader device may generate a first identifier. The reader device may transmit the first identifier to a mobile device. The reader device may receive encrypted data and unencrypted data from the mobile device in which the encrypted data includes a second identifier. The reader device may evaluate whether the first identifier and the second identifier correspond to one another.

Abstract: A wireless access control system is provided including an electronic lock, a wireless transport device configured for wireless communication with a network and with the electronic lock and having access privilege to the electronic lock, and wherein the wireless transport device is configured to wirelessly receive data from the network, to wirelessly deliver the data to the electronic lock, and to verify to the network that the data has been successfully transferred to the electronic lock. In one embodiment, the wireless transport device is a cellular phone. A method is also provided including transporting data wirelessly from a network to a plurality of cellular phones having access privileges to an electronic lock, and delivering the data to the electronic lock wirelessly using at least one of the cellular phones.

Abstract: A method, system or apparatus including a server that may receive information from a computer, store the information in a database at the server, determine a reader device to receive the information based on an analysis of the information, select one or more mobile devices to deliver the information to the reader device, and transmit viral data to the one or more mobile devices where the viral data includes at least a portion of the information.

Abstract: Initiating and completing transactions using a notification architecture associated in part with an operating system executing on a first computing device. The transactions are associated with a second computing device (e.g., a merchant computing device). Transaction messages relating to the transactions are conveyed via the notification architecture to the first computing device of a user. User interface notification elements associated with the operating system on the first computing device display the transaction messages, and receive authorization from the user relating to the transactions. The authorization is provided to the merchant computing device by the notification architecture. The transactions are completed without executing, on the first computing device, an application associated with the merchant computing device.