Encryption key exchange processes are disclosed. A disclosed method includes initiating communication between a portable communication device including a token and a first limited use encryption key, and an access device. After communication is initiated, the portable communication device receives a second limited use key from a remote server via the access device. The portable communication device then replaces the first limited use key with the second limited use key. The second limited use key is thereafter used to create access data such as cryptograms that can be used to conduct access transactions.

Encryption key exchange processes are disclosed. A disclosed method includes initiating communication between a portable communication device including a token and a first limited use encryption key, and an access device. After communication is initiated, the portable communication device receives a second limited use key from a remote server via the access device. The portable communication device then replaces the first limited use key with the second limited use key. The second limited use key is thereafter used to create access data such as cryptograms that can be used to conduct access transactions.

A network device of a network may generate a network information container including information to be sent to a communication device. The network is a home network of the communication device that is served by a visited network. The network information container may be integrity protected and/or cipher protected. The network device may send, to the communication device via the visited network, a message including the network information container and a credential indicator indicating a type of credential used to protect the network information container. The type of credential may be a 3GPP or non-3GPP credential. The communication device may verify the network information container using one or more security parameters based on the type of credential, and obtain the information in the network information container when the verification succeeds, or discard the network information container when the verification fails.

Systems and methods for securely pairing a transmitting device with a receiving device are described. The systems and methods may communicate with a first device via a first communication method over a wireless communication network. The systems and methods may transmit, to the first device via a second communication method, a first sensory pattern representing a first key. In addition, the system and methods may communicate with the first device via the first communication method using the first key.

Systems and methods for securely pairing a transmitting device with a receiving device are described. The systems and methods may communicate with a first device via a first communication method over a wireless communication network. The systems and methods may transmit, to the first device via a second communication method, a first sensory pattern representing a first key. In addition, the system and methods may communicate with the first device via the first communication method using the first key.

Techniques for enabling a system to verify operations or transactions as being associated with a user account are described. A system receives message data associated with an unverified operation or an unverified transaction. The system generates first audio data that includes a representation of a first digital signature based on at least a first verification code. The system sends a message including second message data with an ability to output the first audio data responsive to first device playing the first audio data within earshot of the second device. The system receives, from a second device, second audio data that represents the first audio data. The system determines that the second audio data includes an audio representation of a second digital signature based on at least the first verification code. The system verifies the unverified operation and associates the operation with the user account to indicate that the operation is a verified operation.

A communication device may accept an input of user authentication information, cause an output unit to output specific information obtained by using a public key in a case where authentication using the inputted user authentication information is successful. In a case where the authentication using the inputted user authentication information fails, the specific information is not outputted. The communication device may receive an authentication request in which the public key is used from a first external device, send an authentication response to the first external device, receive first connection information from the first external device, and establish a first wireless connection between the communication device and a second external device by using the first connection information.

A communication device may accept an input of user authentication information, cause an output unit to output specific information obtained by using a public key in a case where authentication using the inputted user authentication information is successful. In a case where the authentication using the inputted user authentication information fails, the specific information is not outputted. The communication device may receive an authentication request in which the public key is used from a first external device, send an authentication response to the first external device, receive first connection information from the first external device, and establish a first wireless connection between the communication device and a second external device by using the first connection information.

In one implementation, a method for providing end-to-end communication security for a controller area network (CANbus) in an automotive vehicle across which a plurality of electronic control units (ECU) communicate is described. Such an automotive vehicle can include, for example, a car or truck with multiple different ECUs that are each configured to control various aspects of the vehicle's operation, such as an infotainment system, a navigation system, various engine control systems, and/or others.

In one implementation, a method for providing end-to-end communication security for a controller area network (CANbus) in an automotive vehicle across which a plurality of electronic control units (ECU) communicate is described. Such an automotive vehicle can include, for example, a car or truck with multiple different ECUs that are each configured to control various aspects of the vehicle's operation, such as an infotainment system, a navigation system, various engine control systems, and/or others.