Methods and systems for provisioning mobile devices with payment credentials

What is claimed is: 1. A method, comprising: receiving, at a server computer, a first provisioning request from a first mobile device to provision a first payment credential associated with a first account of a first user to the first mobile device; determining, by the server computer, a first risk level associated with the first provisioning request; determining, by the server computer, that the first risk level is within a predetermined risk threshold range; based on the first risk level being within the predetermined risk threshold range: setting, by the server computer, a first token representing the first payment credential to an inactive state; transmitting, by the server computer to the first mobile device, a first set of provisioning scripts and the first token in the inactive state; executing, by the first mobile device, the first set of provisioning scripts; storing, by the first mobile device, the first token and a protection flag associated with the first token in a memory of the first mobile device based on executing the first set of provisioning scripts, the protection flag representing the inactive state of the first token; performing, by the server computer, an authentication process with the first user based on direct or indirect communication with the first mobile device; determining, by the server computer, that the authentication process is successfully performed; based on a successful performance of the authentication process, transmitting, by the server computer to the first mobile device, an activation script that, when executed on the first mobile device, modifies a status of the first token from the inactive state to an active state; executing, by the first mobile device, the activation script; disabling, by the first mobile device, the protection flag associated with the first token based on executing the activation script; storing, by the first mobile device, the first token in the active state based on disabling the protection flag thereby configuring a first digital wallet application stored on the first mobile device with the first token; transmitting, by the first mobile device, the first token in the active state to a first transacting entity during a first financial transaction with the first transacting entity; receiving, at the server computer, a second provisioning request from a second mobile device to provision a second payment credential associated with a second account of a second user to the second mobile device; determining, by the server computer, a second risk level associated with the second provisioning request; determining, by the server computer, that the second risk level is below the predetermined risk threshold range; based on the second risk level being below the predetermined risk threshold range: setting, by the server computer, a second token representing the second payment credential to the active state without requiring the authentication process with the second user; transmitting a second set of provisioning scripts and the second token in the active state to the second mobile device without requiring the authentication process with the second user; executing, by the second mobile device, the second set of provisioning scripts on the second mobile device; storing, by the second mobile device, the second token in the active state based on executing the second set of provisioning scripts and without requiring the authentication process with the second user, thereby configuring a second digital wallet application stored on the second mobile device with the second token, and transmitting, by the second mobile device, the second token in the active state to a second transacting entity during a second financial transaction with the second transacting entity. 2. The method of claim 1 , further comprising: receiving, at the server computer, a third provisioning request to provision a third payment credential to a third mobile device, wherein the third payment credential is associated with a third account of a third user; determining a third risk level associated with the third provisioning request; determining that the third risk level meets or exceeds the predetermined risk threshold range; based on the third risk level being meeting or exceeding the predetermined risk threshold range, determining, by the server computer, that the third provisioning request is denied; and transmitting, by the server computer to the third mobile device, a provisioning request denial message indicating that the third provisioning request is denied. 3. The method of claim 1 , wherein: said performing the authentication process with the first user comprises providing a dynamic verification value to the first user; and said successful performance of the authentication process comprises receiving, at the server computer, a consumer verification response that includes the dynamic verification value. 4. The method of claim 3 , wherein said providing the dynamic verification value to the first user comprises: providing the dynamic verification value to the first user through an issuer of the first account by: generating, by the server computer, the dynamic verification value; and transmitting, by the server computer, the dynamic verification value to an issuer computer of the issuer to cause the issuer to provide the dynamic verification value to the first user. 5. The method of claim 3 , further comprising: receiving, at the server computer, a message transmitted by an issuer computer of an issuer of the first account, wherein the message includes the dynamic verification value; and comparing, by the server computer, the received dynamic verification value of the consumer verification response with a stored copy of the dynamic verification value received from the issuer computer, wherein said providing the dynamic verification value to the first user comprises transmitting, by the server computer to the issuer computer, a request for the dynamic verification value. 6. The method of claim 3 , further comprising: determining, by the server computer, whether the received dynamic verification value of the consumer verification response has a same value as an output of a validation algorithm utilizing at least two input values, wherein the at least two input values comprise an account identifier of the first account and a time value, wherein said providing the dynamic verification value to the first user comprises transmitting, by the server computer, a request to an issuer computer of an issuer of the first account for the dynamic verification value to be generated and provided to the first user. 7. The method of claim 1 , further comprising: generating a set of one or more consumer-specific encryption keys; providing at least one of the set of consumer-specific encryption keys to the first mobile device; encrypting a communication message using one of the set of consumer-specific encryption keys to yield an encrypted communication message; and transmitting the encrypted communication message to a wallet application provider, wherein the wallet application provider provides the encrypted communication message to the first mobile device and does not have any of the set of consumer-specific encryption keys. 8. The method of claim 1 , further comprising: receiving, at the server computer, an authorization request message for the first financial transaction; generating, by the server computer, a unique transaction identifier for the first financial transaction; and transmitting, by the server computer, the unique transaction identifier and additional transaction information for the first financial transaction, wherein the first mobile device, upon receipt of the unique t