Abstract: Systems and methods for secure purchasing are provided in which, at a merchant device, an invoice is generated comprising a remittance amount and a merchant identification. The invoice is associated with an invoice identification. The invoice is transmitted to a remote invoice database. At a consumer device, the invoice identification is received. A request that includes the invoice identification is transmitted to the invoice database. Information about the invoice is received from the invoice database including the remittance amount and merchant identification. The remittance amount, merchant identification, and a prompt to confirm the invoice are displayed. Responsive to receiving approval from the consumer, the invoice is transmitted to a remote account database comprising an account corresponding to the consumer. At a device associated with the remote account database, after receiving the approval of the invoice from the consumer device, the amount of the invoice is remitted to the merchant.

Abstract: A system including a data storage server, a service provider's server, and a gateway including a transceiver configured to operate at a power level below 5.0 mW, the data storage server generates first tokens, receives a registration from the service provider's server, and issues first tokens to the service provider's server, and receives a first token from the service provider's server. The data storage server receives sensor data from the gateway, the gateway executes the application to receive the sensor data from sensors, and the data storage server issues second tokens to the gateway after receiving the sensor data from the gateway and stores the received sensor data on the data storage or service provider's server.

Abstract: Methods, apparatus and computer software are provided for authorizing an EMV transaction between a user device and a point of sale terminal, particularly, but not exclusively, in situations where a secure element is not made available for the deployment of a payment application on the user device. The payment application is instead deployed to a processing environment that is outside of any secure element on the user device. The payment application is associated with a certificate and a corresponding hash. The hash is adapted to be generated on the basis of an application expiration date parameter, which is adapted to comprise data indicative of an expiration date of day level granularity associated with the certificate. During processing of the EMV transaction, the point-of-sale terminal verifies the hash, thereby establishing the authenticity of the application expiration date, and hence the validity of the certificate.

Abstract: Method and system for verifying authenticity of specific personal data responsive to a unique wallet address on a public ledger of an unregulated platform. The wallet contains one or more non-transferable NFTs, each locked to the wallet and related to specific personal data. The non-transferable NFT was minted from a regulated platform to which there is a record in the public ledger. Supplying the unique address of the wallet to a service supplier affects a log-in of a client to the service supplier, whereafter message interactions over a network between the service supplier and the unregulated platform permits searching for a relevant non-transferable NFTs stored in the wallet and related to the specific personal data. Return of any relevant non-transferable NFT related to the personal data thus verifies authenticity of the specific personal data by association with a regulated platform.

Abstract: An identity theft mitigation system. The system comprises a mobile communication device transfer data store, a non-transitory memory, a processor, and an application stored in the non-transitory memory. When executed by the processor the application monitors transfers of mobile communication device credentials between different mobile communication devices and stores records of the transfers of mobile communication device credentials in the mobile communication device transfer data store. The application further identifies when a mobile communication device is involved in a number of credential transfers that is above a predefined threshold during a period of time based on searching the mobile communication device transfer data store for records of transfers the mobile communication device was involved in, and takes action based on the number of credential transfers in which the mobile communication device is involved exceeding the predefined threshold.

Abstract: A computer system receives an indication from a user that the user wishes to perform a mobile wallet transaction to transfer funds to a recipient using a mobile device. The transaction is authenticated by the computer system. The authentication includes receiving login credentials manually entered by the user and determining that the login credentials match stored login credentials for the user. The authentication further includes determining that the mobile device has a device token stored thereon that matches a device token stored in a database of the computer system. The device token uniquely identifies the mobile device in the computer system. The authentication further includes determining that the mobile device has a customer token stored thereon that matches the customer token stored in the database. The customer token uniquely identifying the customer in the computer system. The computer system transmits the funds to the recipient responsive to the authenticating step.

Abstract: Embodiments of the invention are directed to methods, apparatuses, computer readable media and systems for providing, along with a token, a token assurance level and data used to generate the token assurance level. At the time a token is issued, one or more Identification and Verification (ID&V) methods may be performed to ensure that the token is replacing a PAN that was legitimately used by a token requestor. A token assurance level may be assigned to a given token in light of the type of ID&V that is performed and the entity performing the ID&V. Different ID&Vs may result in different token assurance levels. An issuer may wish to know the level of assurance and the data used in generating the level of assurance associated with a token prior to authorizing a payment transaction that uses the token.

Abstract: Methods, apparatus and computer software are provided for authorizing an EMV transaction between a user device and a point of sale terminal, particularly, but not exclusively, in situations where a secure element is not made available for the deployment of a payment application on the user device. The payment application is instead deployed to a processing environment that is outside of any secure element on the user device. An ICC Master Key corresponding to the payment application is held by a trusted authority, such as the issuing bank. The trusted authority is adapted generate time-limited session keys on the basis of the ICC Master Key and distribute session keys to the payment application. Receipt of a session key by the payment application enables the payment application to conduct an EMV payment transaction. The session key is used to authorize a single EMV payment transaction.

Abstract: In an example implementation, a print supply cartridge comprises a microcontroller to receive a timing challenge and enable authentication of the cartridge by providing a challenge response. The challenge response is provided in a challenge response time that falls within an expected time window.

Abstract: An authorization system includes a database, and at least one computer server in communication with the database. The database includes a plurality of database records, each including an account number and an associated card number. Each card number has fewer digits than the associated account number. The server is configured to receive, from a communications terminal, a request message that initiates a transaction with the server. The server is configured to request an authentication credential from the terminal, and in the database locate the card number that matches the received authentication credential and locate the account number that is associated with the located card number. The server is configured to request authorization of a test transaction using the account number, receive an authorization response confirming authorization of the test transaction, and authorize the initiated transaction in response to the authorization response. The test transaction is different from the initiated transaction.

Abstract: A point-of-sale (POS) system used in performing a POS transaction between a merchant and a consumer. The POS system includes a display having a touch panel, a main processor and a memory device. The POS system also includes a secure enclave with a secure processor and a microcontroller. The main processor is configured to display a series of screens to guide a consumer through the POS transaction. The microcontroller provides the inputs from the touch panel to the main processor when the POS system is operated in a pass-through mode and provides the inputs from the touch panel to the secure processor when the POS system is operated in a secure touch mode.

Abstract: Aspects of the disclosure relate to computing platforms that utilize third party data for customized output generation. A computing platform may receive encrypted data corresponding to a travel history. The computing platform may decrypt a portion of the encrypted data, resulting in first decrypted travel history data. The computing platform may direct a user device to display the first decrypted travel history data, along with a first option to continue decrypting a subsequent portion of the encrypted data and a second option to delete the first decrypted travel history data. After receiving a selection of the first option, the computing platform may decrypt the subsequent portion of the encrypted data. After determining that the encrypted data is fully decrypted, the computing platform may process the decrypted data to generate a customized product output, and may direct the user device to display the customized product output.

Abstract: A computer system receives an indication from a user that the user wishes to perform a mobile wallet transaction to transfer funds to a recipient using a mobile device. The transaction is authenticated by the computer system. The authentication includes receiving login credentials manually entered by the user and determining that the login credentials match stored login credentials for the user. The authentication further includes determining that the mobile device has a device token stored thereon that matches a device token stored in a database of the computer system. The device token uniquely identifies the mobile device in the computer system. The authentication further includes determining that the mobile device has a customer token stored thereon that matches the customer token stored in the database. The customer token uniquely identifying the customer in the computer system. The computer system transmits the funds to the recipient responsive to the authenticating step.

Abstract: A computer system accesses a database to retrieve account balance information for an account held by a user at a financial institution. The computer system generates a screen display to present to the user via a mobile device. The screen display shows the account balance information. The computer system receives, via the mobile device, an indication from the user that the user wishes to perform a mobile wallet transaction to transfer funds to a recipient. The computer system transmits the funds to the recipient responsive to receiving the indication.

Abstract: Disclosed is a method and system, in FIG. 1, for verifying authenticity of specific personal data responsive to a unique wallet address (70) on a public ledger (66) of an unregulated platform (60). The wallet contains one or more non-transferable NFTs each locked to the wallet and related to specific personal data. The non-transferable NFT was minted from a regulated platform (27) to which there is a record (76) in the public ledger. Supplying the unique address of the wallet to a service supplier affects a log-in of a client (18) to the service supplier (90), whereafter message interactions over a network (12) between the service supplier and the unregulated platform (60) permits searching for a relevant (72) non-transferable NFTs (74) stored in the wallet and related to the specific personal data. Return of any relevant non-transferable NFT related to the personal data thus verifies authenticity of the specific personal data by association with a regulated platform.

Abstract: A processor-implemented system and method for dynamically retrieving an attribute value of an identity claim for a user using a digitally signed access token that is digitally signed by a user device, at a relying party device associated with a relying party. The method includes (i) making an API call to retrieve at least one identity claim for the user, (ii) processing each identity claim of the user, with the relying party device, to identify if at least one by-reference identity claim that includes a URL of an endpoint, (iii) obtaining the digitally signed access token that is digitally signed by the user device, (iv) invoking the URL of the endpoint with the at least one by-reference identity claim and the digitally signed access token, and (v) dynamically retrieving the attribute value from the URL of the endpoint from an issuing party device associated with an issuing party.

Abstract: Methods, systems, and devices for a cross-linked distributed ledger. The cross-referencing system includes multiple computing devices including a first computing device and a second computing device. A computing device of the multiple computing devices is configured to maintain a first cross-linked distributed ledger. The first cross-linked distributed ledger has a first set of multiple linked records that are associated with a first identifier. The first computing device includes a processor. The processor is configured to link or provide a first record associated with the first identifier to the first cross-linked distributed ledger. The first record has a first reference to a second record. The second record is within a second set of multiple cross-linked records of a second cross-linked distributed ledger.

Abstract: A mobile wallet computer system receives via a mobile device an indication from a user that the user wishes to perform a mobile wallet transaction to transfer funds to a merchant. The mobile wallet computer system determines an amount of merchant rewards from the merchant that are available for the user to use at the merchant. The mobile wallet computer system transmits information regarding the amount of available merchant rewards to the merchant computer system. The merchant computer system applies the merchant rewards to the transaction prior to submitting the transaction to a card network computer system.

Abstract: A computer system receives an indication from a user that the user wishes to perform a mobile wallet transaction to transfer funds to a recipient using a mobile device. The transaction is authenticated by the computer system. The authentication includes receiving login credentials manually entered by the user and determining that the login credentials match stored login credentials for the user. The authentication further includes determining that the mobile device has a device token stored thereon that matches a device token stored in a database of the computer system. The device token uniquely identifies the mobile device in the computer system. The authentication further includes determining that the mobile device has a customer token stored thereon that matches the customer token stored in the database. The customer token uniquely identifying the customer in the computer system. The computer system transmits the funds to the recipient responsive to the authenticating step.

Abstract: A system for digitally verifying credential sets and its method of use are provided. A credentials set is made up of a number of credentials, each linked to a particular Entity. If all of the credentials are validated and verified, then the credentials' status identifier will be set to a value. If the various status identifiers meet a predetermined value, the set will be verified and digitally signed.