Open, on-device cardholder verification method for mobile devices

What is claimed is: 1 . A computer-implemented method, comprising: receiving, at an open, on-device Cardholder Verification Method (“CVM”) controller, CVM policies from issuer platforms; storing the CVM policies in a CVM policy database at the open, on-device CVM controller; receiving, at the open, on-device CVM controller, a request from a remote mobile device; automatically determining, by a processor of the open, on-device CVM controller, at least one issuer associated with the request; retrieving at least one CVM policy from the CVM policy database based on the determined at least one issuer; and transmitting the retrieved CVM policy to the remote mobile device. 2 . The method of claim 1 , wherein the request comprises a registration request associated with a payment token for a payment application. 3 . The method of claim 2 , wherein the payment token is associated with at least one of: (i) a credit card, (ii) a debit card, or (iii) a pre-paid stored value card. 4 . The method of claim 1 , wherein at least one CVM policy is associated with at least one of: (i) a mobile device type, (ii) a mobile device authenticator type, (iii) a personal identification number, and (iv) a transaction amount. 5 . The method of claim 1 , further comprising: transmitting a CVM policy update to the remote mobile device. 6 . An open, on-device Cardholder Verification Method (“CVM”) controller, comprising: a first communication port to receive CVM policies from issuer platforms; a CVM policy database storing the CVM policies; a second communication port to receive a request from a remote mobile device; and a controller engine to: (i) determine at least one issuer associated with the request, (ii) retrieve at least one CVM policy from the CVM policy database based on the determined at least one issuer, and (iii) transmit the retrieved CVM policy to the remote mobile device. 7 . The system of claim 6 , wherein the request comprises a registration request associated with a payment token for a payment application, and the payment token is associated with at least one of: (i) a credit card, (ii) a debit card, or (iii) a pre-paid stored value card. 8 . The system of claim 6 , wherein at least one CVM policy is associated with at least one of: (i) a mobile device type, (ii) a mobile device authenticator type, (iii) a personal identification number, and (iv) a transaction amount. 9 . A computer-implemented method, comprising: receiving, at an open, on-device Cardholder Verification Method (“CVM”) application executing in a secure execution environment of a mobile device, a CVM authentication request from a payment application executing in an application execution environment of the mobile device, the CVM authentication request being associated with a payment token; responsive to the authentication request, accessing a CVM policy based on the payment token; arranging for an authenticator of the mobile device to authenticate a user of the mobile device in accordance with the CVM policy; and when the user is authenticated, sending an authentication success indication from the open, on-device CVM application to the payment application. 10 . The method of claim 9 , wherein the mobile device comprises at least one of: (i) a smartphone, (ii) a tablet computer, (iii) a watch, (iv) an automobile, (v) a laptop computer, (vi) a pair of eyeglasses, and (vii) any other mobile device. 11 . The method of claim 9 , wherein the payment token is associated with at least one of: (i) a credit card, (ii) a debit card, or (iii) a pre-paid stored value card. 12 . The method of claim 9 , wherein at least one CVM policy is associated with at least one of: (i) a mobile device type, (ii) a mobile device authenticator type, (iii) a personal identification number, and (iv) a transaction amount. 13 . The method of claim 9 , further comprising: determining, by the payment application, that a new payment token is to be added; and sending a registration request from the payment application to the open, on-device CVM application. 14 . The method of claim 9 , further comprising: receiving the CVM policy from a remote open, on-device CVM controller via a communication network, wherein the CVM policy is associated with a plurality of potential authenticators. 15 . The method of claim 9 , wherein the open, on-device CVM application includes: (i) client application programming interfaces, (ii) business logic, (iii) a policy rules processing and storage component, and (iv) on-device authenticator application programming interfaces. 16 . A mobile device, comprising: an application execution environment executing a payment application that generates a Cardholder Verification Method (“CVM”) authentication request associated with a payment token; a plurality of authenticators; and a secure execution environment executing a CVM application to: (i) receive the authentication request, (ii) access a CVM policy based on the payment token, (iii) arranging for at least one of authenticators to authenticate a user of the mobile device in accordance with the CVM policy, and (iv) when the user is authenticate, send an authentication success indication from the open, on-device CVM application to the payment application. 17 . The mobile device of claim 16 , wherein the mobile device comprises at least one of: (i) a smartphone, (ii) a tablet computer, (iii) a watch, (iv) an automobile, (v) a laptop computer, (vi) a pair of eyeglasses, and (vii) any other mobile device. 18 . The mobile device of claim 16 , wherein the payment token is associated with at least one of: (i) a credit card, (ii) a debit card, or (iii) a pre-paid stored value card. 19 . The mobile device of claim 16 , wherein at least one CVM policy is associated with at least one of: (i) a mobile device type, (ii) a mobile device authenticator type, (iii) a personal identification number, and (iv) a transaction amount. 20 . The mobile device of claim 16 , further comprising: determining, by the payment application, that a new payment token is to be added; and sending a registration request from the payment application to the open, on-device CVM application. 21 . The mobile device of claim 16 , further comprising: receiving the CVM policy from a remote open, on-device CVM controller via a communication network, wherein the CVM policy is associated with a plurality of potential authenticators. 22 . The mobile device of claim 16 , wherein the open, on-device CVM application includes: (i) client application programming interfaces, (ii) business logic, (iii) a policy rules processing and storage component, and (iv) on-device authenticator application programming interfaces.