Patent attributes
The present disclosure relates to credential management for mobile devices that can be used for access to secured physical environments. One aspect comprises a computer implemented method comprising a server system: receiving, from a mobile computing device, a provisioning request, which includes an account credential; authenticating the provisioning request based on the mobile computing device being linked to an account indicated by the account credential; generating an account token, which is bound to the account credential; generating one or more limited-use credentials (LUCs), using an application sequence counter, each of the one or more LUCs associated with a corresponding application sequence counter value; generating one or more emergency credentials; and transmitting, to the mobile computing device, the account token, the one or more LUCs, the application sequence counter values, and the one or more emergency credentials.