Abstract: Systems and methods may be used for providing wireless power from a mobile device to a digital lock. The mobile device may include a proximity communication antenna to receive an authentication request from the digital lock. The proximity communication antenna may facilitate the mobile device providing wireless power to the digital lock via a wireless power protocol. The proximity communication antenna may send an authorization to the digital lock to cause the digital lock to open.

Abstract: Systems and methods may be used for controlling physical access using a cloud transaction. A method may include receiving an authentication attempt for a user from a mobile device, and authenticating the user for access to a physical space based on the authentication attempt. The method may include receiving identification information corresponding to the user from an access control device, and sending authorization to the access control device to permit the user to access the physical space based on the authenticating the user.

Abstract: It is provided a method for providing hardware integrity control of an electronic device (2). The method comprising: triggering (40) each one of a plurality of components (4a-d) of the electronic device to generate of respective partial secret keys (10a-d) forming part of a threshold cryptography scheme (11) associated with a public key (12), wherein a threshold number of the plurality of partial secret keys (10a-d) are required to be applied in the threshold cryptography scheme (11) for verification against the public key (12); and providing (42) the public key (12) to a hardware verification device (3). A corresponding hardware integrity device (1), computer program (67, 91) and computer program product (64, 90) are also provided.

Abstract: A method of integrating a logical access control system with a physical access control system is disclosed. A soft token is received at a hard-ware accessory from a client device of a user. The soft token includes a payload. The payload includes information about the user that is stored in a user profile of the logical access control system. Based on a verifying of the soft token using a certificate extracted from a trust store of the hardware accessory, the information about the user that is included in the payload is parsed. Based on the information about the user satisfying one or more access criteria of a reader associated with a physical access control system, the reader is triggered. The triggering includes emulating a transaction associated with the physical access control system.

Abstract: A method of provisioning an authentication device of an authentication system comprises sending an authentication application from an authentication system backend server to a backend network of a cellular network operator; verifying, by the backend network of the cellular operator, the authentication application and including the authentication application in an operator profile; sending the authentication application with the operator profile from the backend network of the cellular network operator to a local profile assistant (LPA) of the authentication device; and installing the authentication application in a secure zone of the authentication device using the LPA.

Abstract: A method of encoding a credential device of an authentication system comprises sending credential device information to a backend server of the authentication system using a mobile device, verifying ownership of the credential device and the mobile device using the backend server, generating, using the backend server, a quick response (QR) code that includes encoding information for the credential device, generating using the backend server a quick response (QR) code that includes encoding information for the credential device, decoding the QR code to retrieve the encoding information, and encoding the credential device with the encoding information.

Abstract: A method and system for in-field encoding of credentials to a credential device. An example method comprises receiving a request to at least one of add or update credentials to a credential device; providing an invitation code for an in-field device, the in-field device being separate from the credential device; receiving, from the in-field device, the invitation code along with information from the credential device for establishing a secure communication channel with the credential device; establishing a secure communication channel with the credential device using the in-field device as an intermediate; generating one or more commands for encoding credentials to the credential device based on the request; and sending the one or more commands, via the secure communication channel using the in-field device as an intermediate, to the credential device.

Abstract: Methods and systems are provided for performing operations comprising: generating, on a publicly accessible server, a secure enclave, the secure enclave having isolated memory and processing resources of the server; installing, on the secure enclave, a virtual machine comprising a guest operating system of a first entity; installing, by the virtual machine, one or more cryptographic processes associated with the first entity; and encrypting and decrypting cryptographic keys associated with the first entity using the one or more cryptographic processes.