A pre-certified payment application driver code configured to satisfy requirements of a particular level of a credit card data security certification compliance may be integrated with first and second POS applications to generate first and second integrated applications, respectively, as a fully integrated, tested and production-ready solution. Each integrated application meets all levels of data security compliance requirements and enables data security-compliant transactions with end-to-end encryptions by enabling, in response to a POS application initiating a payment transaction, a payment terminal to share an encryption key with a payment server. Each integrated application can receive payment data encrypted with the encryption key, transmit the encrypted payment data to the payment server for processing the payment transaction using the encrypted payment data, and receive a processing result of the payment transaction from the payment server and communicate the processing result to the POS application.

Aspects of the invention include a computer-implemented method of executing a hybrid quantum safe key exchange system. The computer-implemented method includes initially retrieving an authenticated random value from a trusted source, generating a first Z value using a first elliptic curve (EC) private key and a first certified form of an EC public key with an EC Diffie-Hellman (ECDH) algorithm, deriving a shared key using the authenticated random value and the first Z value with a key derivation function, decrypting the authenticated random value using a quantum safe algorithm (QSA) private key, generating a second Z value using a second EC private key and a second certified form of the EC public key with the ECDH algorithm and deriving the shared key using the authenticated random value and the second Z value with the key derivation function.

Disclosed in some examples are devices, systems, and machine readable mediums for establishing peer to peer mobile wallet communications (P2PMW) over short range wireless communication networks. These P2PMW communications allow exchange of information between two wallet clients. Example communications include payments, providing identification, providing loans, and the like. The use of P2PMW communications opens up the prospect of anyone accepting payment from anybody else at any time. All that is needed is a computing device with a mobile wallet. Example short range wireless communications include Wireless LANs (WLAN) such as WIFI (e.g., communicating according to an Institute for Electrical and Electronics Engineers (IEEE) 802.11 family of standards), BLUETOOTH® or the like.

A method for configuring multiple electronic devices in a batch, is described. The method can include initializing, by a first computing device a communication network based on a pre-defined configuration parameter. The pre-defined configuration parameter is associated with a first instance of an application on the first computing device. Further, the method includes identifying, by the first computing device, an initialization of a second instance of an application at a second computing device. In response to identifying the initialization of the second instance of the application at the second computing device, the method includes, sending, by the first computing device configuration settings for the second computing device over a secured communication network. In this regard, the configuration settings can comprise at least the pre-defined configuration parameter for configuring the second computing device.

Systems and methods for connecting a private device to a public device based on various connection parameters. For example, a media guidance application may receive a communication requesting to use the public device from a private device that is implementing a private interface application (e.g., Netflix™ a streaming media application). In response, the media guidance application may generate an authorization key that is unique to the private device and comprises connection parameters. The media guidance application may transmit the authorization key to the private interface application to initiate a session between the public device and the private device. Whenever a command is received from the private device, the media guidance application may verify the authorization key and determine whether the connection parameters are satisfied. In response to verifying the authorization key and the connection parameters, the public device may execute the received command.

Techniques are described herein that are capable of registering a user device with a cloud-based management service using an intermediate cloud storage. For instance, the intermediate cloud storage may store an encrypted data blob including information that identifies the user device. The intermediate cloud storage or a registration system may decrypt the encrypted data blob so that the registration system may use the decrypted data blob to register the user device with the cloud-based management service. For instance, the registration system may retrieve the encrypted or decrypted data blob from the intermediate cloud storage by providing a requisite secret to the intermediate cloud storage. The requisite secret may be provided to the registration system by the user device (e.g., via a matrix barcode, such as a QR code).

Systems and methods authenticate storage devices. In one implementation, a computer-implemented method is provided for authenticating a storage device. According to the method, a manifest that identifies a destination is receive. A transfer station reads a digital signature from the storage device. The digital signature is validated and, based on the validation of the digital signature, a transfer of one or more files from the storage device via the transfer station is authorized to the destination identified in the manifest.

A device may receive client cipher information, associated with initiating a secure session, identifying at least one key exchange cipher supported by a client device associated with the secure session. The device may determine, based on the client cipher information, that a Diffie-Hellman key exchange is to be used to establish the secure session. The device may determine whether a server device, associated with the secure session, supports use of the Diffie-Hellman key exchange. The device may manage establishment of the secure session using a first decryption technique based on determining that the server device does not support the use of the Diffie-Hellman key exchange, or manage establishment of the secure session using a second decryption technique based on determining that the server device supports the use of the Diffie-Hellman key exchange or being unable to determine whether the server device supports the use of the Diffie-Hellman key exchange.

Performing cryptographic operations such as encryption and decryption may be computationally expensive. In some contexts, initialization vectors and keystreams operable to perform encryption operations are generated and stored in a repository, and later retrieved for use in performing encryption operations. Multiple devices in a distributed system can each generate and store a subset of a larger set of keystreams.

Methods for operating a device and for managing bootstrapping of devices are disclosed. The method (100) for operating a device comprises computing (102) a derivative of a secret shared between the device and a server entity of a network, generating (104) a temporary bootstrap URI by combining at least a part of the computed derivative with a static bootstrap URI for the network, and sending (106) a bootstrap request to the temporary bootstrap URI. The method for managing bootstrapping of devices comprises generating temporary bootstrap URIs corresponding to devices operable to connect to a network, and updating a network DNS registry to map the generated temporary bootstrap URIs to the IP address of at least one of a bootstrap server instance reachable via the network and/or a bootstrap load balancer. Also disclosed are a device, a bootstrap load balancer, a bootstrap server, and a computer program.