Abstract: A system and method for facilitating use of a digital electronic wallet by a cardholder for cashless transactions. The method comprises receiving a selection by a first cardholder to pair a first digital wallet held by a first wallet holder with a first merchant, the first digital wallet having therein an electronic representation of at least one payment device usable to fund a cashless transaction, and verifying the cardholder's identity. Thereafter, facilitating a communication between the first cardholder and the first wallet holder to record consent by the first cardholder to share wallet information with the first merchant. The present disclosure further comprises receiving from the first wallet holder authorization to generate a wallet token usable for acquiring wallet information on behalf of the first merchant, using the first digital wallet as selected by the first cardholder, and preparing a merchant token corresponding to the wallet token.

Abstract: A method and system for securely propagating client identities in a service call from a first system to a target service system are provided. The system includes a memory device for storing data and a service provider (SP) computer system. The SP computer system is programmed to determine identities to transmit to the target system in association with a request, construct a data structure to represent each identity and additional information related to the identity, digitally sign the identity information, pair the identity information and the corresponding digital signature in a header of a request message from the first system to the target service system, receive the request message and extract the identity information and corresponding digital signatures from the header, validate the corresponding digital signatures, and construct using the corresponding identity information a data structure that represents each of the original identities established in the first system.

Abstract: A method and system for signing a digital certificate in real time for accessing a service application hosted within a service provider (SP) computer system through an open application programming interface (API) platform is provided. The API platform is in communication with a memory device. The method includes receiving registration data from a developer computer device wherein the developer computer device is associated with a developer and configured to store a developer application, receiving a certificate signing request (CSR) from the developer computer device wherein the CSR includes a public key associated with the developer, verifying the registration data as being associated with the developer, signing the CSR to produce a signed certificate after verifying the registration data wherein the verifying and signing steps are performed by the SP computer system in real time, and transmitting the signed certificate and a client ID to the developer computer device.

Abstract: A method and system for throttling a volume of request messages to a service application stored within a service provider (SP) computer system through an open application programming interface (API) platform is provided. The SP computer system is in communication with a memory device. The method includes storing a throttling profile for a developer application within the memory device wherein the throttling profile includes at least a throttling amount threshold and a throttling time period, receiving at the API platform a request message initiated by the developer application wherein the request message is included within a volume of request messages initiated by the developer application, identifying the request message as being associated with the developer application, retrieving the throttling profile for the developer application, and validating the volume of request messages as complying with the throttling profile.

Abstract: A method and system for signing a digital certificate in real time for accessing a service application hosted within a service provider (SP) computer system through an open application programming interface (API) platform is provided. The API platform is in communication with a memory device. The method includes receiving registration data from a developer computer device wherein the developer computer device is associated with a developer and configured to store a developer application, receiving a certificate signing request (CSR) from the developer computer device wherein the CSR includes a public key associated with the developer, verifying the registration data as being associated with the developer, signing the CSR to produce a signed certificate after verifying the registration data wherein the verifying and signing steps are performed by the SP computer system in real time, and transmitting the signed certificate and a client ID to the developer computer device.

Abstract: A method and system for securely propagating client identities in a service call from a first system to a target service system are provided. The system includes a memory device for storing data and a service provider (SP) computer system. The SP computer system is programmed to determine identities to transmit to the target system in association with a request, construct a data structure to represent each identity and additional information related to the identity, digitally sign the identity information, pair the identity information and the corresponding digital signature in a header of a request message from the first system to the target service system, receive the request message and extract the identity information and corresponding digital signatures from the header, validate the corresponding digital signatures, and construct using the corresponding identity information a data structure that represents each of the original identities established in the first system.

Abstract: A method and system for throttling a volume of request messages to a service application stored within a service provider (SP) computer system through an open application programming interface (API) platform is provided. The SP computer system is in communication with a memory device. The method includes storing a throttling profile for a developer application within the memory device wherein the throttling profile includes at least a throttling amount threshold and a throttling time period, receiving at the API platform a request message initiated by the developer application wherein the request message is included within a volume of request messages initiated by the developer application, identifying the request message as being associated with the developer application, retrieving the throttling profile for the developer application, and validating the volume of request messages as complying with the throttling profile.