Secure mobile remote payments

What is claimed is: 1. A method for processing a checkout transaction, comprising: receiving, by a first server from a mobile device of a user, a selection of at least one wallet application from a list of valid digital wallet applications, where the list of applications was generated by the first server and provided by the first server to the user device; receiving, at the first server from a merchant server, a request to initiate the checkout transaction, wherein the merchant server is different from the first server; creating, by the first server, a partial transaction record at the first server in response to the request, wherein the partial transaction record includes information about the checkout transaction; assigning, by the first server, a transaction identifier to the partial record; generating, via the first server, a request token including the transaction identifier and cryptographic parameters and providing the request token to the merchant server; receiving an authorize checkout request message at the first server, wherein the authorize checkout request message includes payment information and the request token from the merchant server; matching a content of the authorize checkout request message with information in the partial transaction record; generating a verification token in a case the content of the authorize checkout request message matches information in the partial transaction record; receiving, at the merchant server, the verification token, generated by the first server, encrypted with a key of the first server; receiving at the first server, from the merchant server, a request access token message including the verification token; and providing checkout resources to a merchant for use by the merchant to complete the transaction when the verification token received by the first server is validated by the first server. 2. The method of claim 1 , wherein the request to authorize the checkout transaction is received prior to providing checkout resources to the merchant. 3. The method of claim 1 , wherein the merchant server is in communication with a merchant application on the mobile device of the user, where the checkout transaction involves a transaction between the user and the merchant associated with the merchant server and the merchant application. 4. The method of claim 1 , wherein the request to initiate a checkout transaction includes information identifying a merchant application initiating the checkout transaction and information identifying an initial transaction amount. 5. The method of claim 4 , wherein the request to initiate a checkout transaction further includes information identifying at least a first item to be purchased. 6. The method of claim 1 , further comprising: encrypting the request token with a key associated with the first server. 7. The method of claim 1 , wherein the verification token is received by a wallet server proxy. 8. The method of claim 1 , further comprising: transmitting the verification token to a wallet server proxy for transmission to the selected at least one wallet application on the mobile device of the user. 9. The method of claim 8 , wherein the verification token is generated upon receipt of a payment token associated with a payment instrument selected by the user of the mobile device. 10. The method of claim 9 , wherein the checkout resources include information associated with the payment token. 11. The method of claim 10 , wherein the checkout resources further include information identifying a transaction amount. 12. The method of claim 11 , wherein the transaction amount is one of: (i) the same as the initial transaction amount, and (ii) an amount different than the initial transaction amount. 13. The method of claim 1 , further comprising: receiving selection of a wallet and a payment device, from the user, based on the request token. 14. The method of claim 1 , further comprising: receiving the authorize checkout request message at the first server without exposing the payment information based on the inclusion of the request token in the authorize checkout request message. 15. The method of claim 1 comprising, prior to receipt at the first server of the request to initiate a checkout transaction: receiving notification of an initiation of a merchant application to the first server; generating, by the first server, the list of valid digital wallet applications for use with the merchant application; receiving the generated list of valid digital wallet applications at a user device; identifying one or more digital wallet applications on the user device that is on the generated list; verifying the identified one or more digital wallet applications at the first server; and receiving at the user device a signature for the first server. 16. A method for operating a mobile device to conduct a checkout transaction with a merchant, comprising: receiving, by a first server from a mobile device of a user, a selection of at least one wallet application from a list of valid digital wallet applications, where the list of applications was generated by the first server and provided by the first server to the user device; transmitting a transaction initiation request message from a merchant server associated with a mobile application of the mobile device to the first server based on information from the mobile device, wherein the first server is different from the merchant server; creating, by the first server, a partial transaction record at the first server in response to the request, wherein the partial transaction record includes information about the checkout transaction; assigning, by the first server, a transaction identifier to the partial record; receiving at the merchant server, from the first server, a request token including information identifying the transaction and cryptographic parameters and, based at least in part on the request token, performing a cardholder validation method to validate a user of the mobile device; transmitting, to a wallet server proxy, a token associated with a payment device to be used in the transaction; receiving at the first server, from a wallet server proxy, an authorize checkout request message, wherein the authorize checkout request message includes payment information and the request token; validating the authorize checkout request message by matching a content of the authorize checkout request message with information in the partial transaction record and using a key shared with the first server and the wallet server proxy; generating, by the first server, a verification token in a case the content of the authorize checkout request message matches information in the partial transaction record; receiving, at the merchant server, the verification token; receiving at the first server, from the merchant server, a request access token message including the verification token; and transmitting a checkout confirmation to the merchant server. 17. The method of claim 16 , wherein the first server returns actual payment credentials to the merchant.