Abstract: Systems and methods are disclosed for securely communicating sensitive such as an identifier. A user device may receive a first message comprising a terminal type indicator. For certain values of the terminal type indicator, the user device may be configured to transmit a request message comprising a first identifier and an encrypted identifier. For other values of the terminal type indicator, the user device may be configured to generating an obfuscated identifier based at least in part on a first portion of a second identifier and a second portion of the encrypted identifier. The user device may then transmit a request message that includes the obfuscated identifier and the encrypted identifier.

Abstract: An issuing authority (IA) may validate the identity of a user and issue a digital license to the user. IA may generate IA public-private key pair, and provide IA public key to the certification authority (CA). IA may sign the digital license with IA private key, and provision the signed digital license on the user device. IA may request CA to certify the digital license. CA may use IA public key to validate the digital license, and sign IA public key with CA private key, thereby generating a digital certificate associated with the issuing authority that is linked to the digital license. A relying party may use CA public key to validate the digital license. The relying party can retrieve the information from the digital license and trust that the retrieved information is legitimate.

Abstract: An issuing authority (IA) may validate the identity of a user and issue a digital license to the user. IA may generate IA public-private key pair, and provide IA public key to the certification authority (CA). IA may sign the digital license with IA private key, and provision the signed digital license on the user device. IA may request CA to certify the digital license. CA may use IA public key to validate the digital license, and sign IA public key with CA private key, thereby generating a digital certificate associated with the issuing authority that is linked to the digital license. A relying party may use CA public key to validate the digital license. The relying party can retrieve the information from the digital license and trust that the retrieved information is legitimate.

Abstract: A smart device is provided between a transaction terminal (e.g. an access device, a point of sale terminal) and a payment card to facilitate a secure transaction. The smart device receives transaction details from the transaction terminal. The transaction terminal suspends the transaction. The smart device is brought in communication with a payment device in control of the user (e.g. the user of the payment device does not hand over the payment device to a merchant, clerk, waitstaff). The smart device receives a cryptogram identifying an account from the payment device and transmits the cryptogram to the transaction terminal. The transaction terminal resumes the transaction, generates a transaction authorization request message including the cryptogram, and transmits the transaction authorization request message to an issuer of the account. The transaction terminal receives an authorization response message from the issuer, and notifies the smart device of the transaction being approved or declined.

Abstract: A smart device is provided between a transaction terminal (e.g. an access device, a point of sale terminal) and a payment card to facilitate a secure transaction. The smart device receives transaction details from the transaction terminal. The transaction terminal suspends the transaction. The smart device is brought in communication with a payment device in control of the user (e.g. the user of the payment device does not hand over the payment device to a merchant, clerk, waitstaff). The smart device receives a cryptogram identifying an account from the payment device and transmits the cryptogram to the transaction terminal. The transaction terminal resumes the transaction, generates a transaction authorization request message including the cryptogram, and transmits the transaction authorization request message to an issuer of the account. The transaction terminal receives an authorization response message from the issuer, and notifies the smart device of the transaction being approved or declined.

Abstract: An issuing authority (IA) may validate the identity of a user and issue a digital license to the user. IA may generate IA public-private key pair, and provide IA public key to the certification authority (CA). IA may sign the digital license with IA private key, and provision the signed digital license on the user device. IA may request CA to certify the digital license. CA may use IA public key to validate the digital license, and sign IA public key with CA private key, thereby generating a digital certificate associated with the issuing authority that is linked to the digital license. A relying party may use CA public key to validate the digital license. The relying party can retrieve the information from the digital license and trust that the retrieved information is legitimate.

Abstract: A method is disclosed. The method includes receiving, from a resource provider computer, a token request message comprising a credential, after a user provides the credential to the resource provider computer. The method also includes transmitting, to the resource provider computer, a token response message comprising one or more supplemental data identifiers and one or more tokens associated with the one or more supplemental data identifiers. The one or more tokens are linked to the credential. Then, a user selects a supplemental data identifier. The method also comprises receiving, from the resource provider computer, an authorization request message comprising a token of the one or more tokens, the token linked to the selected supplemental data identifier, and a value, determining the credential using the token; and transmitting, to an authorizing entity computer, a modified authorization request message comprising the credential, the value, and the supplemental data identifier.

Abstract: A method and system for authorizing a secure transaction using a portable device is disclosed. The method includes an authorization process performed in real-time that includes two phases: an authentication phase and a transaction processing phase. In the authentication phase, a resource provider system may receive a cryptogram from a portable device and verify the cryptogram. Upon the resource provider system obtaining an authentication response indicator, the transaction processing phase may include the resource provider system generating and transmitting an authorization request message to a processing computer. The resource provider system may then receive an authorization response message from the processing computer including an authorization response indicator, which completes the authorization process.

Abstract: Systems and methods are disclosed for securely communicating sensitive such as an identifier. A user device may receive a first message comprising a terminal type indicator. For certain values of the terminal type indicator, the user device may be configured to transmit a request message comprising a first identifier and an encrypted identifier. For other values of the terminal type indicator, the user device may be configured to generating an obfuscated identifier based at least in part on a first portion of a second identifier and a second portion of the encrypted identifier. The user device may then transmit a request message that includes the obfuscated identifier and the encrypted identifier.

Abstract: A method is disclosed. The method includes obtaining a biometric match score from a device that is used to conduct an interaction at a location and then receiving additional data associated with the device or the location. The method also includes determining, by the computer, an expected match score function based upon at least the additional data, and comparing the biometric match score to the expected match score function. The method also includes determining if the interaction is to proceed based on at least the comparing.

Abstract: A smart device is provided between a transaction terminal (e.g. an access device, a point of sale terminal) and a payment card to facilitate a secure transaction. The smart device receives transaction details from the transaction terminal. The transaction terminal suspends the transaction. The smart device is brought in communication with a payment device in control of the user (e.g. the user of the payment device does not hand over the payment device to a merchant, clerk, waitstaff). The smart device receives a cryptogram identifying an account from the payment device and transmits the cryptogram to the transaction terminal. The transaction terminal resumes the transaction, generates a transaction authorization request message including the cryptogram, and transmits the transaction authorization request message to an issuer of the account. The transaction terminal receives an authorization response message from the issuer, and notifies the smart device of the transaction being approved or declined.

Abstract: A method is disclosed. The method includes obtaining a biometric match score from a device that is used to conduct an interaction at a location and then receiving additional data associated with the device or the location. The method also includes determining, by the computer, an expected match score function based upon at least the additional data, and comparing the biometric match score to the expected match score function. The method also includes determining if the interaction is to proceed based on at least the comparing.