Abstract: Providing backup digital certificates comprises an application provider, such as a digital wallet system, that obtains signed digital certificates from a certificate authority. The digital wallet system provides an application, such as a digital wallet application, to a user computing devise along with a primary digital certificate and a backup digital certificate. The user computing device utilizes the primary digital certificate to ensure a secure connection with the digital wallet system. If the primary digital certificate is compromised, the digital wallet system may communicate the backup digital certificate to the digital wallet system when a subsequent secure connection is requested. The user computing device may access the backup digital certificate and verify the provided digital certificate. The digital wallet system provides a new backup digital certificate to the user computing device, and the user computing device deletes the compromised digital certificate.

Abstract: Systems, methods, and computer program products are provided for application validation. A first request is transmitted to a ticket generation application. A first ticket is received, including a first unencrypted portion and a first encrypted portion. A second request is transmitted to the ticket generation application. A second ticket is received, including a second unencrypted portion and a second encrypted portion. The first and second unencrypted portions are concatenated to form an unencrypted shared encryption key. The first and second encrypted portions are concatenated to form an encrypted shared encryption key. The unencrypted shared encryption key is stored in a memory, and the encrypted shared encryption key is transmitted to a server.

Abstract: Providing backup digital certificates comprises an application provider, such as a digital wallet system, that obtains signed digital certificates from a certificate authority. The digital wallet system provides an application, such as a digital wallet application, to a user computing devise along with a primary digital certificate and a backup digital certificate. The user computing device utilizes the primary digital certificate to ensure a secure connection with the digital wallet system. If the primary digital certificate is compromised, the digital wallet system may communicate the backup digital certificate to the digital wallet system when a subsequent secure connection is requested. The user computing device may access the backup digital certificate and verify the provided digital certificate. The digital wallet system provides a new backup digital certificate to the user computing device, and the user computing device deletes the compromised digital certificate.

Abstract: System, methods, and computer program products are provided for interfacing with and providing a cloud-based secure storage. A payment system and procedure optionally stores security-critical information in a cloud-based secure store. Personalization data on the cloud-based secure store may be comprehensively managed by interfacing with a contactless front end (CLF) module in a near field communication (NFC) device and an interceptor. Non-security-critical information remains on the device. The processing time required to manage a payment transaction using Host-based Card Emulation (HCE) is minimized. User experience is improved.

Abstract: Systems, methods, and computer program products are provided for application validation. A first request is transmitted to a ticket generation application. A first ticket is received, including a first unencrypted portion and a first encrypted portion. A second request is transmitted to the ticket generation application. A second ticket is received, including a second unencrypted portion and a second encrypted portion. The first and second unencrypted portions are concatenated to form an unencrypted shared encryption key. The first and second encrypted portions are concatenated to form an encrypted shared encryption key. The unencrypted shared encryption key is stored in a memory, and the encrypted shared encryption key is transmitted to a server.