Apparatus and methods for secure element transactions and management of assets

1 . (canceled) 2 . A method comprising: at a client device including a secure element: transmitting, to a remote server, a provisioning request for provisioning a virtualized medium of exchange (VME) to the client device; receiving, from the remote server, an asset identifier associated with the VME; requesting delivery of the VME, from the remote server, via a delivery request comprising the asset identifier associated with the VME; receiving, from the remote server, the VME; and sending the VME to the secure element. 3 . The method of claim 2 , further comprising: executing a transaction with a merchant device to charge a user account associated with the VME. 4 . The method of claim 2 , wherein the VME comprises a virtual credit card. 5 . The method of claim 2 , wherein the provisioning request comprises identifying information verifying that the secure element is associated with an account corresponding to the VME. 6 . The method of claim 2 , wherein the VME is encrypted using a key unique to the secure element. 7 . The method of claim 2 , further comprising: prior to the receiving the VME: obtaining, from the secure element, a device identifier corresponding to the client device; and transmitting, to the remote server, the device identifier. 8 . The method of claim 7 , further comprising: obtaining, from the secure element, a challenge value, wherein the challenge value comprises a one-time-use value preloaded on the secure element; and transmitting, to the remote server, the challenge value. 9 . An apparatus comprising: a memory; and one or more processors, wherein the memory includes instructions, that when executed by a processor of the one or more processors, cause the apparatus to perform operations comprising: transmitting, to a remote server, a provisioning request for provisioning a virtualized medium of exchange (VME) to the apparatus, wherein the provisioning request includes a one-time-use challenge value associated with the secure element, receiving, from the remote server, an asset identifier associated with the VME, requesting delivery of the VME, from the remote server, via a delivery request comprising the asset identifier associated with the VME, receiving, from the remote server, the VME, and sending the VME to a secure element, wherein the secure element is included in the apparatus. 10 . The apparatus of claim 9 , wherein the VME comprises a virtual credit card. 11 . The apparatus of claim 9 , wherein the operations further comprise: executing a transaction with a merchant device to charge a user account associated with the VME. 12 . The apparatus of claim 9 , wherein the VME is encrypted using a key unique to the secure element. 13 . The apparatus of claim 9 , wherein the operations further comprise: obtaining, from the VME, a received challenge value. 14 . The apparatus of claim 9 , wherein the operations further comprise: prior to the receiving the VME: obtaining, from the secure element, a device identifier corresponding to the apparatus; and transmitting, to the remote server, the device identifier. 15 . The apparatus of claim 14 , wherein the operations further comprise: obtaining, from the secure element, a challenge value, wherein the challenge value comprises a one-time use value preloaded on the secure element; and transmitting, to the remote server, the challenge value. 16 . A secure element comprising: a secure memory; and a secure processor, wherein the secure memory comprises instructions that when executed by the secure processor cause the secure element to perform operations comprising: sending, to an associated device processor, a stored device identifier that identifies a device containing the secure element and the associated device processor, receiving, from the associated device processor, a challenge request, performing a session handshake with a remote server, generating, subsequent to the session handshake, a challenge value, sending, to the associated device processor, the challenge value, and receiving, from the remote server, a data item comprising a virtualized medium of exchange (VME). 17 . The secure element of claim 16 , wherein the session handshake avoids exhaustion of challenge values in the event of a denial of service attack. 18 . The secure element of claim 16 , wherein the operations further comprise: prior to the sending the stored device identifier: receiving an identifier request; generating, based on the stored device identifier and responsive to the identifier request, a digital signature that uniquely identifies the secure element; and providing the stored device identifier and the digital signature to the associated device processor. 19 . The secure element of claim 16 , wherein the received challenge value is associated with the secure element. 20 . The secure element of claim 16 , wherein the operations further comprise: verifying that a received challenge value of the VME matches the generated challenge value. 21 . The secure element of claim 20 , wherein the operations further comprise: subsequent to the verifying: deleting the challenge value from a set of challenge values maintained by the secure element.