Virtual POS terminal method and apparatus

We claim: 1. A mobile computing system comprising: application processor circuitry arranged to operate a point of sale (POS) user interface (UI) module to: receive a transaction initiation, and provide a selection of a payment credential to be used to process a POS transaction; a trusted execution environment (TEE), the TEE communicatively coupled with the application processor circuitry, the TEE arranged to process the POS transaction in response to the selection of the payment credential, wherein the TEE comprises: a payment credential storage unit arranged to store one or more payment credentials including the selected payment credential; and a virtual POS terminal arranged to validate a merchant associated with the transaction initiation, obtain the selected payment credential from the payment credential storage unit, process the POS transaction using the selected payment credential to generate payment data, and encrypt the payment data, wherein the POS UI module is arranged to receive the encrypted payment data from the virtual POS terminal; and network interface circuitry communicatively coupled with the application processor circuitry, the network interface circuitry arranged to communicate the encrypted payment data to a merchant system owned or operated by the merchant. 2. The computing system of claim 1 , wherein the transaction initiation indicates one or more payment options to be used for the POS transaction, and the selected payment credential is to match one of the one or more payment options. 3. The computing system of claim 1 , wherein the POS UI module is arranged to provide a selected payment credential that defines authentication parameters required to validate a merchant identity of the merchant and the trusted execution environment is to process the POS transaction using the payment credential, wherein the virtual POS terminal is arranged to provide the authentication parameters to the network interface circuitry via the POS UI module for transmission to the merchant system. 4. The computing system of claim 3 , wherein: the POS UI module is arranged to receive, via the network interface circuitry and the POS UI module, a cryptographic merchant certificate that is based on the authentication parameters, and the virtual POS terminal is arranged to decrypt the cryptographic merchant certificate to validate the merchant identity, and upon validation of the merchant identity, the virtual POS terminal is arranged to generate and encrypt transaction data, wherein the transaction data includes a cryptographic client certificate, payment credential transaction terms defined by the authentication parameters, and a merchant authentication challenge. 5. The computing system of claim 4 , wherein the POS UI module is arranged to: receive, via the network interface circuitry and the POS UI module, a personal identification number (PIN) solicitation upon proper decryption of the cryptographic client certificate by the merchant system; and upon proper decryption of the merchant authentication challenge and in response to PIN solicitation, the POS UI module is arranged to: cause a UI to input a PIN to be generated and displayed; and provide the input PIN to the network interface circuitry via the POS UI module for transmission to the merchant system, wherein the POS UI module is arranged to receive, from the merchant system via the network interface circuitry, a PIN block and updated transaction terms upon validation of the input PIN. 6. The computing system of claim 5 , wherein the updated transaction terms are based on a combination of the payment credential transaction terms and merchant required transaction terms, and wherein: the POS UI module is arranged to provide the updated transaction terms to the virtual POS terminal, and the virtual POS terminal is arranged to accept or deny the updated transaction terms, process the POS transaction according to the payment credential transaction terms when the virtual POS terminal denies the updated transaction terms, and process the POS transaction according to the updated transaction terms when the virtual POS terminal accepts the updated transaction terms. 7. The computing system of claim 5 , wherein the updated transaction terms include transaction terms which are common to both the payment credential transaction terms and merchant required transaction terms, wherein any transaction terms are required by one of the payment credential transaction terms or the merchant required transaction terms but not included in the other one of the payment credential transaction terms or the merchant required transaction terms, and wherein: the POS UI module is arranged to provide the updated transaction terms to the virtual POS terminal, and the virtual POS terminal is arranged to process the POS transaction according to the updated transaction terms. 8. The computing system of claim 5 wherein the virtual POS terminal is arranged to receive the PIN block from the POS UI module, decipher the PIN block, and upon a proper decipher of the PIN block, the virtual POS terminal is arranged to generate the payment data wherein the payment data includes a digital signature associated with the payment credential and a payment address associated with the payment credential. 9. The computing system of claim 8 , wherein the POS UI module is arranged to receive a payment confirmation from the merchant system via the network interface circuitry when the encrypted payment information is properly decrypted by a payment acquiring service associated with the payment credential. 10. The computing system of claim 1 , wherein the payment credential storage unit is arranged to store a plurality of payment credentials, and the POS UI module is arranged to cause display of a set of the plurality of payment credentials based on information contained in the transaction initiation. 11. The computing system of claim 1 , wherein the payment credential storage unit is arranged to store a plurality of passcodes in association with a corresponding one of a plurality of payment credentials wherein the selected payment credential is one of the plurality of payment credentials, and the passcode stored in association with the selected payment credential is to be entered to authorize use of the selected payment credential, and wherein the POS UI module is arranged to cause a UI for input of passcodes to be displayed. 12. The computing system of claim 1 , wherein the transaction initiation includes a purchase price of the POS transaction and a currency to be used to process the POS transaction. 13. The computing system of claim 1 , wherein the TEE is a tamper-resistant chipset including a secure processor, and the virtual POS terminal is arranged to operate on the secure processor to process the POS transaction, and the POS UI module is an only module outside of the TEE communicatively coupled with the virtual POS terminal. 14. The computing system of claim 1 , wherein the TEE is one of Intel® Management Engine, Intel® Software Guard Extensions, or Intel® Converged Security Engine (CSE). 15. The computing system of claim 1 , wherein the network interface circuitry is arranged to receive the transaction initiation via a text message or a messaging service message, wherein a unique identifier of the computing system is provided by a user of the computing system to initialize the transaction initiation. 16. The computing system of claim 15 , wherein the text message is one of a short message service (SMS) message or a multimedia messaging service (MMS) message, and the messaging ser