Abstract: Techniques for establishing mutual authentication of software layers of an application are described. During initialization of the application, the software layers execute a binding algorithm to exchange secrets to bind the software layers to one another. During subsequent runtime of the software application, the software layers execute a runtime key derivation algorithm to combine the secrets shared during initialization with dynamic time information to generate a data encryption key. The software layers can then securely transfer data with each other by encrypting and decrypting data exchanged between the software layers using the dynamically generated data encryption key.

Abstract: Techniques for updating an application installed on a communication device may include determining that an update for a private portion of the application is available at a server, sending a request for the update to the server, receiving an updated version of the private portion from the server, and installing the updated version of the private portion on the portable communication device without updating the public portion.

Abstract: Embodiments of the invention are directed to ceasing the renewal of a virtual access device that is dormant. Some embodiments may receive a dormancy request from an authorization server, where the dormancy request includes information identifying a virtual access device. Embodiments may determine that the virtual access device is dormant based at least on previous transactions involving the virtual access device and at least one dormancy rule. Certain embodiments may send a dormancy response to the authorization server indicating that the virtual access device is dormant. An authorization server may determine not to renew a virtual access device based at least upon the dormancy response. As such, the authorization server need not provision a mobile device with an updated virtual access device.

Abstract: Techniques for establishing mutual authentication of software layers of an application are described. During initialization of the application, the software layers execute a binding algorithm to exchange secrets to bind the software layers to one another. During subsequent runtime of the software application, the software layers execute a runtime key derivation algorithm to combine the secrets shared during initialization with dynamic time information to generate a data encryption key. The software layers can then securely transfer data with each other by encrypting and decrypting data exchanged between the software layers using the dynamically generated data encryption key.

Abstract: A method is disclosed. The method includes determining, by a security software application on a communication device, that the communication device has been accessed by an unauthorized user. The communication device is configured to communicate with a telecommunications network over the air through a first communication channel. The method also includes generating, by the communication device, security notification data and providing the security notification data or a derivative of the security notification data to a host computer via a second communication channel.

Abstract: Techniques for establishing mutual authentication of software layers of an application are described. During initialization of the application, the software layers execute a binding algorithm to exchange secrets to bind the software layers to one another. During subsequent runtime of the software application, the software layers execute a runtime key derivation algorithm to combine the secrets shared during initialization with dynamic time information to generate a data encryption key. The software layers can then securely transfer data with each other by encrypting and decrypting data exchanged between the software layers using the dynamically generated data encryption key.

Abstract: A method is disclosed. The method includes determining, by a security software application on a communication device, that the communication device has been accessed by an unauthorized user. The communication device is configured to communicate with a telecommunications network over the air through a first communication channel. The method also includes generating, by the communication device, security notification data and providing the security notification data or a derivative of the security notification data to a host computer via a second communication channel.

Abstract: Techniques for updating an application installed on a communication device may include determining that an update for a private portion of the application is available at a server, sending a request for the update to the server, receiving an updated version of the private portion from the server, and installing the updated version of the private portion on the portable communication device without updating the public portion.

Abstract: A method is disclosed. The method includes determining, by a security software application on a communication device, that the communication device has been accessed by an unauthorized user. The communication device is configured to communicate with a telecommunications network over the air through a first communication channel. The method also includes generating, by the communication device, security notification data and providing the security notification data or a derivative of the security notification data to a host computer via a second communication channel.

Abstract: Techniques for updating an application installed on a communication device may include determining that an update for a private portion of the application is available at a server, sending a request for the update to the server, receiving an updated version of the private portion from the server, and installing the updated version of the private portion on the portable communication device without updating the public portion.

Abstract: Embodiments of the invention are directed to ceasing the renewal of a virtual access device that is dormant. Some embodiments may receive a dormancy request from an authorization server, where the dormancy request includes information identifying a virtual access device. Embodiments may determine that the virtual access device is dormant based at least on previous transactions involving the virtual access device and at least one dormancy rule. Certain embodiments may send a dormancy response to the authorization server indicating that the virtual access device is dormant. An authorization server may determine not to renew a virtual access device based at least upon the dormancy response. As such, the authorization server need not provision a mobile device with an updated virtual access device.

Abstract: Embodiments of the invention are directed to ceasing the renewal of a virtual access device that is dormant. Some embodiments may receive a dormancy request from an authorization server, where the dormancy request includes information identifying a virtual access device. Embodiments may determine that the virtual access device is dormant based at least on previous transactions involving the virtual access device and at least one dormancy rule. Certain embodiments may send a dormancy response to the authorization server indicating that the virtual access device is dormant. An authorization server may determine not to renew a virtual access device based at least upon the dormancy response. As such, the authorization server need not provision a mobile device with an updated virtual access device.

Abstract: Techniques for updating an application installed on a communication device may include determining that an update for a private portion of the application is available at a server, sending a request for the update to the server, receiving an updated version of the private portion from the server, and installing the updated version of the private portion on the portable communication device without updating the public portion.

Abstract: Techniques for updating an application installed on a communication device may include determining that an update for a private portion of the application is available at a server, sending a request for the update to the server, receiving an updated version of the private portion from the server, and installing the updated version of the private portion on the portable communication device without updating the public portion.

Abstract: Embodiments of the invention are directed to ceasing the renewal of a virtual access device that is dormant. Some embodiments may receive a dormancy request from an authorization server, where the dormancy request includes information identifying a virtual access device. Embodiments may determine that the virtual access device is dormant based at least on previous transactions involving the virtual access device and at least one dormancy rule. Certain embodiments may send a dormancy response to the authorization server indicating that the virtual access device is dormant. An authorization server may determine not to renew a virtual access device based at least upon the dormancy response. As such, the authorization server need not provision a mobile device with an updated virtual access device.

Abstract: Techniques for establishing mutual authentication of software layers of an application are described. During initialization of the application, the software layers execute a binding algorithm to exchange secrets to bind the software layers to one another. During subsequent runtime of the software application, the software layers execute a runtime key derivation algorithm to combine the secrets shared during initialization with dynamic time information to generate a data encryption key. The software layers can then securely transfer data with each other by encrypting and decrypting data exchanged between the software layers using the dynamically generated data encryption key.

Abstract: Techniques for updating an application installed on a communication device may include determining that an update for a private portion of the application is available at a server, sending a request for the update to the server, receiving an updated version of the private portion from the server, and installing the updated version of the private portion on the portable communication device without updating the public portion.

Abstract: A method is disclosed. The method includes determining, by a security software application on a communication device, that the communication device has been accessed by an unauthorized user. The communication device is configured to communicate with a telecommunications network over the air through a first communication channel. The method also includes generating, by the communication device, security notification data and providing the security notification data or a derivative of the security notification data to a host computer via a second communication channel.