Abstract: Providing virtualized credential information includes determining whether a relying party device has access to a network/cloud infrastructure that contains at least some of the credential information, a license holder device providing the virtualized credential information directly to the relying party device in response to the relying party device not having access to the network/cloud infrastructure, and displaying at least some of the subset of credential data on a screen of the device of the relying party. Providing virtualized credential information may also include the license holder device providing authorization data to the relying party device in response to the relying party device having access to the network/cloud infrastructure and determining a preference for the relying party device to receive at least some of the virtualized credential information from the network/cloud infrastructure.

Abstract: Providing virtualized credentials of a holder includes authorizing a subset of credential data to be sent to a device of a relying party that is different from the holder, where the subset of credential data depends on a role of the relying party, selection by the holder, and/or contextual data of the relying party and includes displaying the subset of credential data on a screen of the device of the relying party. The contextual data may be a privacy level setting, distance between the relying party and the holder, and/or geolocation of the relying party. The role of the relying party may be provided by the relying party. Role information provided by the relying party may be provided in a verifiable format. The role information may be digitally signed or securely derived and determined by a mutual authentication algorithm between the relying party and the holder.

Abstract: A security system includes a first security badge having a visual portion that varies according to signals provided to the first security badge and an authorization server that periodically provides signals to the first security badge in response to a query of the authorization server by the first security badge while the first security badge remains in a controlled zone, the signals varying independently of reader access of the first security badge. The first security badge may be read by a reader only in connection with initial entry into the controlled zone. Authorization of a user of the first security badge may vary while the user remains in the controlled zone. The first security badge may include a visual image of a user of the first security badge and displays additional information. The additional information may include name and authorization status of the user.

Abstract: A smart tag and methods of interacting with and authenticating interactions with the same are provided. The smart tag is enabled to generate a Tag Authentication Cryptogram (TAC) and include the TAC in response to a read request. Accordingly, each response generated by the smart tag will include a different TAC. It follows that interactions between the smart tag and a reading device can be authenticated as unique interactions if the TAC is validated as a unique and correct TAC.

Abstract: Providing virtualized credentials of a license holder includes determining contextual data that governs visual information presented on a display and displaying credential data on the display, where visual characteristics of the credential data that is displayed varies according to the contextual data. The display may be a display on a device of the license holder or a display on a device that is viewable by a relying party. The visual characteristics may be modified according to a location of at least some of the credential data on the display on the device of the license holder, a particular font used, a particular color used for text, a color scheme of an existing image and/or a specific image that is independent of the credential data. The visual characteristics may be modified according to the color scheme by changing a background color on the screen of the device of the license holder.

Abstract: A smart tag and methods of interacting with and authenticating interactions with the same are provided. The smart tag is enabled to generate a Tag Authentication Cryptogram (TAC) and include the TAC in response to a read request. Accordingly, each response generated by the smart tag will include a different TAC. It follows that interactions between the smart tag and a reading device can be authenticated as unique interactions if the TAC is validated as a unique and correct TAC.

Abstract: Providing virtualized credentials of a license holder includes determining contextual data that governs visual information presented on a display and displaying credential data on the display, where visual characteristics of the credential data that is displayed varies according to the contextual data. The display may be a display on a device of the license holder or a display on a device that is viewable by a relying party. The visual characteristics may be modified according to a location of at least some of the credential data on the display on the device of the license holder, a particular font used, a particular color used for text, a color scheme of an existing image and/or a specific image that is independent of the credential data. The visual characteristics may be modified according to the color scheme by changing a background color on the screen of the device of the license holder.

Abstract: A security system includes a first security badge having a visual portion that varies according to signals provided to the first security badge and an authorization server that periodically provides signals to the first security badge in response to a query of the authorization server by the first security badge while the first security badge remains in a controlled zone, the signals varying independently of reader access of the first security badge. The first security badge may be read by a reader only in connection with initial entry into the controlled zone. Authorization of a user of the first security badge may vary while the user remains in the controlled zone. The first security badge may include a visual image of a user of the first security badge and displays additional information. The additional information may include name and authorization status of the user.

Abstract: An authentication system is provided using one-time passwords (OTPs) for user authentication. An OTP key may be stored on a different device than the device on which the OTP is generated. In an embodiment, the system described herein enables a combined authentication system, including the two separate devices communicating over a non-contact interface, to provide advantageous security features compared to the use of a single device, such as a hardware OTP token. One device may be a personal security device and the other device may be a reader device coupled to a host device via which access is being controlled.

Abstract: An authentication system is provided using one-time passwords (OTPs) for user authentication. An OTP key may be stored on a different device than the device on which the OTP is generated. In an embodiment, the system described herein enables a combined authentication system, including the two separate devices communicating over a non-contact interface, to provide advantageous security features compared to the use of a single device, such as a hardware OTP token. One device may be a personal security device and the other device may be a reader device coupled to a host device via which access is being controlled.

Abstract: A tracking system is disclosed that enables the tracking of a beacon device and a credential device being held by the beacon device. The beacon device may communicate with readers of an access control system using a first communication protocol whereas the credential device being held by the beacon device may communicate with readers of the access control system using a second communication protocol. As the beacon device and the credential device being held by the beacon device may also communicate with readers at different times, a beacon device may be associated with a credential device being held thereby such that tracking of one device enables inferred tracking of the other device.

Abstract: A smart tag and methods of interacting with and authenticating interactions with the same are provided. The smart tag is enabled to generate a Tag Authentication Cryptogram (TAC) and include the TAC in response to a read request. Accordingly, each response generated by the smart tag will include a different TAC. It follows that interactions between the smart tag and a reading device can be authenticated as unique interactions if the TAC is validated as a unique and correct TAC.

Abstract: Providing visual security verification includes an electronic credential of a credential holder causing credential holder information to be transmitted to an augmented reality device, superimposing the credential holder information on to a live image of an immediate environment of the augmented reality device to provide a superimposed image, where the credential holder information includes a picture of the credential holder, and providing security verification based on a comparison of the picture of the credential holder and the live image. The information may be stored in the augmented reality device and an identifier of the credential holder from the electronic credential may be used to look up the information. The information may be provided by the electronic credential to the augmented reality device. The augmented reality device may cache information for a subset of the credential holders. The information may be stored in a cloud storage device.

Abstract: Providing virtualized credential information includes determining whether a relying party device has access to a network/cloud infrastructure that contains at least some of the credential information, a license holder device providing the virtualized credential information directly to the relying party device in response to the relying party device not having access to the network/cloud infrastructure, and displaying at least some of the subset of credential data on a screen of the device of the relying party. Providing virtualized credential information may also include the license holder device providing authorization data to the relying party device in response to the relying party device having access to the network/cloud infrastructure and determining a preference for the relying party device to receive at least some of the virtualized credential information from the network/cloud infrastructure.

Abstract: A smart tag and methods of interacting with and authenticating interactions with the same are provided. The smart tag is enabled to generate a Tag Authentication Cryptogram (TAC) and include the TAC in response to a read request. Accordingly, each response generated by the smart tag will include a different TAC. It follows that interactions between the smart tag and a reading device can be authenticated as unique interactions if the TAC is validated as a unique and correct TAC.

Abstract: A smart tag and methods of interacting with and authenticating interactions with the same are provided. The smart tag is enabled to generate a Tag Authentication Cryptogram (TAC) and include the TAC in response to a read request. Accordingly, each response generated by the smart tag will include a different TAC. It follows that interactions between the smart tag and a reading device can be authenticated as unique interactions if the TAC is validated as a unique and correct TAC.

Abstract: A cloud card application platform is provided. The cloud card application platform enables one or more card applications to be virtualized on at least one server that is available to mobile devices via a communication network, such as the Internet. The one or more card applications virtualized on the cloud card application platform are capable of being managed remotely by service providers that have deployed and developed the one or more applications.

Abstract: An authentication system is provided using one-time passwords (OTPs) for user authentication. An OTP key may be stored on a different device than the device on which the OTP is generated. In an embodiment, the system described herein enables a combined authentication system, including the two separate devices communicating over a non-contact interface, to provide advantageous security features compared to the use of a single device, such as a hardware OTP token. One device may be a personal security device and the other device may be a reader device coupled to a host device via which access is being controlled.

Abstract: An authentication system is provided using one-time passwords (OTPs) for user authentication. An OTP key may be stored on a different device than the device on which the OTP is generated. In an embodiment, the system described herein enables a combined authentication system, including the two separate devices communicating over a non-contact interface, to provide advantageous security features compared to the use of a single device, such as a hardware OTP token. One device may be a personal security device and the other device may be a reader device coupled to a host device via which access is being controlled.

Abstract: Providing virtualized credentials of a holder includes setting conditions for determining which of a subset of credentials are to be sent to a device of a relying party that is different from the holder, where the conditions depend on a role of the relying party, selection by the holder, and/or contextual data of the holder or relying party, the relying party requesting specific ones of the credentials corresponding to the holder, the relying party receiving either none or at least some of the specific ones of the credentials according to the conditions, and displaying specific ones of the credentials received by the relying party on a screen of the device of the relying party. The contextual data may be a privacy level setting, distance between the relying party and the holder, and/or geolocation of the holder or relying party.