Abstract: Various systems and methods for securely sharing private information are described herein. A mobile device comprises instruction to configured the mobile device to identify a verifier device having an available wireless connection, the wireless connection having a wireless connection strength; determine that a triggering event occurs, the triggering event based on the wireless connection strength; when the triggering event occurs; connect to the verifier device; transmit a digital credential to the verifier device, each of a plurality of data elements of the digital credential separately encrypted using distinct encryption keys; receive a request to access a requested data element of the digital credential; prompt a user of the mobile device for consent to share the requested data element; and transmit information to the verifier device when the user consents sharing the requested data element, the information used to decrypt only the requested data element.

Abstract: Providing virtualized credentials of a license holder includes determining contextual data that governs visual information presented on a display and displaying credential data on the display, where visual characteristics of the credential data that is displayed varies according to the contextual data. The display may be a display on a device of the license holder or a display on a device that is viewable by a relying party. The visual characteristics may be modified according to a location of at least some of the credential data on the display on the device of the license holder, a particular font used, a particular color used for text, a color scheme of an existing image and/or a specific image that is independent of the credential data. The visual characteristics may be modified according to the color scheme by changing a background color on the screen of the device of the license holder.

Abstract: A method, access control system, and readers for use in an access control system are described. One example of the disclosed method providers the ability to securely augment an existing physical access control system that relies on access control tokens (e.g., credentials) with a secure mobile-based solution allowing the secure local offline exchange of a new access control token for another that can be used with the existing installed access control system.

Abstract: An access control system may comprise a credential including credential data, and at least one reader. The at least one reader is configured to receive, over a link, the credential data. The at least one reader is configured to verify that the credential is valid based on the credential data, and mark the credential as valid and track a location of the credential relative to the at least one reader. The at least one reader is configured to make or delay an access control decision for the credential based on the location of the credential.

Abstract: A method, access control system, and readers for use in an access control system are described. One example of the disclosed method providers the ability to securely augment an existing physical access control system that relies on access control tokens (e.g., credentials) with a secure mobile-based solution allowing the secure local offline exchange of a new access control token for another that can be used with the existing installed access control system.

Abstract: Providing virtualized credential information includes determining whether a relying party device has access to a network/cloud infrastructure that contains at least some of the credential information, a license holder device providing the virtualized credential information directly to the relying party device in response to the relying party device not having access to the network/cloud infrastructure, and displaying at least some of the subset of credential data on a screen of the device of the relying party. Providing virtualized credential information may also include the license holder device providing authorization data to the relying party device in response to the relying party device having access to the network/cloud infrastructure and determining a preference for the relying party device to receive at least some of the virtualized credential information from the network/cloud infrastructure.

Abstract: An access control system may comprise a credential including credential data, and at least one reader. The at least one reader is configured to receive, over a link, the credential data. The at least one reader is configured to verify that the credential is valid based on the credential data, and mark the credential as valid and track a location of the credential relative to the at least one reader. The at least one reader is configured to make or delay an access control decision for the credential based on the location of the credential.

Abstract: Various systems and methods for securely sharing private information are described herein. A mobile device comprises instruction to configured the mobile device to identify a verifier device having an available wireless connection, the wireless connection having a wireless connection strength; determine that a triggering event occurs, the triggering event based on the wireless connection strength; when the triggering event occurs: connect to the verifier device; transmit a digital credential to the verifier device, each of a plurality of data elements of the digital credential separately encrypted using distinct encryption keys; receive a request to access a requested data element of the digital credential; prompt a user of the mobile device for consent to share the requested data element; and transmit information to the verifier device when the user consents sharing the requested data element, the information used to decrypt only the requested data element.

Abstract: Various systems and methods for securely sharing private in formation are described herein. A mobile device comprises instruction to configured the mobile device to identify a verifier device having an available wireless connection, the wireless connection having a wireless connection strength; determine that a triggering event occurs, the triggering event based on the wireless connection strength; when the triggering event occurs: connect to the verifier device; transmit a digital credential to the verifier device, each of a plurality of data elements of the digital credential separately encrypted using distinct encryption keys; receive a request to access a requested data element of the digital credential; prompt a user of the mobile device for consent to share the requested data element; and transmit information to the verifier device when the user consents sharing the requested data element, the information used to decrypt only the requested data element.

Abstract: An access control system is described in which a primary credential device has a master key and a secondary credential device has a key derived from the master key. Both the master key and the derivative key are required to gain access to the resource protected by the access control system. If the secondary credential device is lost, misplaced, or stolen, it cannot be used to gain illicit access to the protected resource, and it can be easily replaced by providing a different secondary credential device with another key derived from the master key.

Abstract: Various systems and methods for securely sharing private in formation are described herein. A mobile device comprises instruction to configured the mobile device to identify a verifier device having an available wireless connection, the wireless connection having a wireless connection strength; determine that a triggering event occurs, the triggering event based on the wireless connection strength; when the triggering event occurs: connect to the verifier device; transmit a digital credential to the verifier device, each of a plurality of data elements of the digital credential separately encrypted using distinct encryption keys; receive a request to access a requested data element of the digital credential; prompt a user of the mobile device for consent to share the requested data element; and transmit information to the verifier device when the user consents sharing the requested data element, the information used to decrypt only the requested data element.

Abstract: Providing virtualized credentials of a holder includes authorizing a subset of credential data to be sent to a device of a relying party that is different from the holder, where the subset of credential data depends on a role of the relying party, selection by the holder, and/or contextual data of the relying party and includes displaying the subset of credential data on a screen of the device of the relying party. The contextual data may be a privacy level setting, distance between the relying party and the holder, and/or geolocation of the relying party. The role of the relying party may be provided by the relying party. Role information provided by the relying party may be provided in a verifiable format. The role information may be digitally signed or securely derived and determined by a mutual authentication algorithm between the relying party and the holder.

Abstract: A method, access control system, and readers for use in an access control system are described. One example of the disclosed method providers the ability to securely augment an existing physical access control system that relies on access control tokens (e.g., credentials) with a secure mobile-based solution allowing the secure local offline exchange of a new access control token for another that can be used with the existing installed access control system.

Abstract: Maintaining information for a traveler includes creating a virtual travel credential containing information from a physical passport of the traveler and/or physical travel document(s) of the traveler, storing at least a portion of the virtual travel credential in a mobile device carried by the traveler, monitoring a location of the mobile device, and providing a signal in response to the mobile device transitioning from a first country/territory to a second country/territory. Monitoring the location of the mobile device may include detecting a cellular network in communication with the mobile device or using GPS functionality of the mobile device or receiving information that the traveler boarded a plane headed for the second country/territory. At least a portion of the virtual travel credential may be stored in a virtual travel credential server. The virtual travel credential server may communicate with the mobile device using a cellular network.

Abstract: A method, access control system, and readers for use in an access control system are described. One example of the disclosed method providers the ability to securely augment an existing physical access control system that relies on access control tokens (e.g., credentials) with a secure mobile-based solution allowing the secure local offline exchange of a new access control token for another that can be used with the existing installed access control system.

Abstract: A smart tag and methods of interacting with and authenticating interactions with the same are provided. The smart tag is enabled to generate a Tag Authentication Cryptogram (TAC) and include the TAC in response to a read request. Accordingly, each response generated by the smart tag will include a different TAC. It follows that interactions between the smart tag and a reading device can be authenticated as unique interactions if the TAC is validated as a unique and correct TAC.

Abstract: Providing virtualized credentials of a license holder includes determining contextual data that governs visual information presented on a display and displaying credential data on the display, where visual characteristics of the credential data that is displayed varies according to the contextual data. The display may be a display on a device of the license holder or a display on a device that is viewable by a relying party. The visual characteristics may be modified according to a location of at least some of the credential data on the display on the device of the license holder, a particular font used, a particular color used for text, a color scheme of an existing image and/or a specific image that is independent of the credential data. The visual characteristics may be modified according to the color scheme by changing a background color on the screen of the device of the license holder.

Abstract: An access control system may comprise a credential including credential data, and at least one reader. The at least one reader is configured to receive, over a link, the credential data. The at least one reader is configured to verify that the credential is valid based on the credential data, and mark the credential as valid and track a location of the credential relative to the at least one reader. The at least one reader is configured to make or delay an access control decision for the credential based on the location of the credential.

Abstract: A smart tag and methods of interacting with and authenticating interactions with the same are provided. The smart tag is enabled to generate a Tag Authentication Cryptogram (TAC) and include the TAC in response to a read request. Accordingly, each response generated by the smart tag will include a different TAC. It follows that interactions between the smart tag and a reading device can be authenticated as unique interactions if the TAC is validated as a unique and correct TAC.

Abstract: Providing virtualized credentials of a license holder includes determining contextual data that governs visual information presented on a display and displaying credential data on the display, where visual characteristics of the credential data that is displayed varies according to the contextual data. The display may be a display on a device of the license holder or a display on a device that is viewable by a relying party. The visual characteristics may be modified according to a location of at least some of the credential data on the display on the device of the license holder, a particular font used, a particular color used for text, a color scheme of an existing image and/or a specific image that is independent of the credential data. The visual characteristics may be modified according to the color scheme by changing a background color on the screen of the device of the license holder.