主权项 |
1. A method comprising:
detecting, by a point-of-sale (POS) software module that executes in a mobile device, initiation of a session between the POS software module and a mobile card reader coupled to the mobile device; receiving, by the POS software module from the mobile card reader, security related information of the mobile card reader; causing the security related information of the mobile card reader and security related information of the POS software module to be transmitted from the mobile device to a remote computer system, for validation by the remote computer system, wherein the security related information of the POS software module includes data indicative of a software environment of the POS software module; receiving, by the POS software module, an indication that the security related information of the POS software module and the security related information of the mobile card reader have been validated by the remote computer system, wherein the indication includes a cryptographic key of the POS software module, signed by the remote computer; and sending the cryptographic key of the POS software module, signed by the remote computer, from the POS software module to the mobile card reader, and generating, in cooperation with the mobile card reader, a secure session key for encrypted communication between the POS software module and the mobile card reader. |