Abstract: A system and method for generating a limited use login credential associated with an account maintained by an institution, where the credential facilitates secure access to the account.

Abstract: A method for determining third party network compliance with a host entity network is provided. The method may include generating a scanning file that includes host entity network compliance standards and transferring the scanning file to an intermediary entity network. The method may further include generating an executable file that may run a plug-in scanning file to scan hardware and software resident at the third-party network for compliance. The method may further include transferring the executable file from the intermediary entity network to the third party network. The method may further include executing the executable file, generating a log file upon the completion of the running of the plug-in scanning file and digitally signing the log file. The method may further include deciphering the log file at the intermediary entity network, generating a readable report based on the deciphering and transferring the readable report to the host entity network.

Abstract: A system and method for generating a limited use login credential associated with an account maintained by an institution, where the credential facilitates secure access to the account.

Abstract: A biometric handheld vaporizer has a housing, a mouthpiece, an oil reservoir, an atomizer, a battery, a battery charging port, a fingerprint sensor, and a microcontroller. The handheld vaporizer remains inoperable until a user submits a photo ID for age verification. One method of using a biometric handheld vaporizer involves inputting fingerprints into the vaporizer, the fingerprints stored on the microcontroller; and, when a user desires to use the vaporizer, placing the authorized fingerprint on the fingerprint sensor, which, upon authorization, closes a circuit to activate an atomizer within the vaporizer.

Abstract: An order processing method comprises: obtaining, by a third party payment institution, an order that is paid but not successfully delivered; and initiating, by the third party payment institution, a refund operation for the order.

Abstract: A biometric handheld vaporizer has a housing, a mouthpiece, an oil reservoir, an atomizer, a battery, a battery charging port, a fingerprint sensor, and a microcontroller. The handheld vaporizer remains inoperable until a user submits a photo ID for age verification. One method of using a biometric handheld vaporizer involves inputting fingerprints into the vaporizer, the fingerprints stored on the microcontroller; and, when a user desires to use the vaporizer, placing the authorized fingerprint on the fingerprint sensor, which, upon authorization, closes a circuit to activate an atomizer within the vaporizer.

Abstract: Methods and systems for providing an automated virtualized signal marketplace or exchange for signals from distributed data sources for use in advertising. Systems and methods to automatically discover and recommend which of the signals controlled by multiple entities may be most effective toward a given objective associated with advertising campaigns. Signals are indicators of data that are derived from data sources and abstracted to protect the underlying data. Each entity that sells data in the virtual marketplace first converts data into a “signal” or indicator that represents the data without disclosing it or providing it. Signal sellers determine if they want share signals based upon buyer, price, and other rules, including limitations on signal use; signal buyers determine signal value based upon their objectives.

Abstract: There is provided a physical redemption device such as a card and a system for purchasers to buy cryptocurrencies through a digital sale system. Cards are printed and packaged using a printer system to include a (secret) unique redemption code in a tamper resistant/tamper evident manner as well as a viewable unique verification code. The cards are distributed through retailers, similar to gift cards, for redemption via an online store or mobile application. Retailers activate the cards for purchasing. The redemption process is provided by an electronic interface (e.g. software system) that provides access to buy a cryptocurrency, preferably from among many different kinds of cryptocurrencies. Redemption uses the respective redemption code applied to each card. The verification code may be used to verify the authenticity and redeemability of the card prior to or after purchase.

Abstract: A method, system and computer program product for secure mobile affirmative consent management is provided and includes receiving from a requesting individual a request to manage affirmative consent with a different individual. In response, the requesting individual is prompted to specify a self-assessed indication of sobriety and a sobriety test is administered to the requesting individual and a performance scored. The scored performance is compared with a pre-stored typical performance for individuals having a same self-assessed indication and the self-assessed indication is validated based upon the comparison. A payload is received from the different individual, and combined with data identifying the requesting individual, and including the validated self-assessed indication. Finally, the combination is stored in remote storage.

Abstract: An embodiment includes a secure and stable method for sending information across a compute continuum. For example, the method may include executing an application (e.g., video player) on a first node (e.g., tablet) with a desire to perform “context migration” to a second node (e.g., desktop). This may allow a user to watch a movie on the tablet, stop watching the movie, and then resume watching the movie from the desktop. To do so in a secure and stable manner, the first node may request security and performance credentials from the second node. If both credential sets satisfy thresholds, the first node may transfer content (e.g., encrypted copy of a movie) and state information (e.g., placeholder indicating where the movie was when context transfer began). The second node may then allow the user to resume his or her movie watching from the desktop. Other embodiments are described herein.

Abstract: Anti-money laundering, anti-terrorist financing and other anti-crimes measures are enforced in compliance with the Bank Secrecy Act and the USA PATRIOT Act in the USA or equivalent laws in other countries, and crimes in financial transaction activities such as online banking, trading, money services, shopping, payment, etc. are reduced. Embedded identification information is read from a machine-readable official government issued identification document such as a passport, driver's license, etc., and such information is sent to a financial institution for approval and for anti-money laundering, anti-terrorist financing and other anti-crimes purposes.

Abstract: The disclosed embodiments include a method for receiving data packets at a host system. In one embodiment, the method includes the steps of: intercepting a data packet, at a data link layer, that is being sent to an input/output (I/O) port of the host system using a hardware device that is located between a hardware network interface and the input/output port of the host system; reading, using the hardware device, at least one parameter from the data packet; determining, by the hardware device using instructions written in memory of the hardware device, whether the at least one parameter meets an authentication criteria, wherein the host system is unable to write to the memory of the hardware device; and in response to determining that the at least one parameter meets an authentication criteria, forwarding, by the hardware device, the data packet to the input/output port of the host system.

Abstract: The present invention provides a method of operating a mobile unit in a wireless communication system. Embodiments of the method may include providing access request message(s) including information indicative of a first counter and a message authentication code formed using a first key. The first key is derived from a second key and the first counter. The second key is derived from a third key established for a security session between the mobile unit and an authenticator. The first counter is incremented in response to each access request provided by the mobile unit.

Abstract: The present application discloses methods, devices and systems for information processing, and in particular for financial transactions. In some embodiments, a check-out terminal acquires and decrypts an encrypted image displayed by or sent from a paying terminal associated with a user. The encrypted image encodes information such as account identifiers and a payment amount. Then, the check-out terminal sends a payment request to a server so that the server can respond with a message that prompts the user to provide verification information. In some embodiments, the prompting message is displayed by the check-out terminal and the verification information includes biometric information of the user. The verification information is transferred from the check-out terminal to the server to be used by the server to verify the payment request. If the verification is successful, the server generates processing results for the payment request and sends the results to the check-out terminal.

Abstract: A mobile deposit application including a remotely accessible bank administrative interface module for setting a plurality of geographic-based security rules, a rules module communicative coupled to the bank administrative interface module, the rules module comprising bank-definable location parameters for enabling mobile deposit based on the geographic location of a mobile device, a geolocation module communicatively coupled to the rules module, the geolocation module receives coordinates of the mobile device and applies said coordinates to the rules module to determine if mobile deposit features are enabled or disabled and an exception presentation module communicatively coupled to the rules module, the exception presentation module displaying notifications to the mobile device responsive to a disabling of the mobile deposit features responsive to the geolocation module reporting the mobile device falls outside the bank-definable location parameters.

Abstract: An exemplary method includes transmitting, via a network interface, at least a currency amount in an attempt to confirm a financial transaction; responsive to the transmitting, receiving a confirmation indicator for the financial transaction; storing at least the currency amount in non-volatile memory; hashing at least the currency amount to generate a hash and storing the hash in a secure non-volatile memory; hashing at least the currency amount stored in the non-volatile memory to generate a verification hash; and in an attempt to verify at least the financial transaction, comparing the verification hash to the hash stored in the secure non-volatile memory. Various other apparatuses, systems, methods, etc., are also disclosed.

Abstract: Provided are computer implemented methods and systems for messaging, calling, and one-touch payments via mobile and wearable devices. An exemplary system comprises a processor and a database in communication with the processor. The processor is configured to provide an integrated interface for selection of an activity mode. The activity mode includes a messaging mode, a calling mode, and a one-touch payment mode. The processor is further configured to receive the selection of the activity mode via the integrated interface from a user. If the messaging mode is selected, a message from the user is received and sent to a recipient via a data network. If the calling mode is selected, a data network call is initiated on a call request of the user. If the one-touch payment mode is selected, a payment request is transmitted to a financial organization.

Abstract: A secure data transmission device: employs a proprietary arrangement of individualized encodable micro-machined electromagnets embedded in a compact, plastic (or apt substrate) which insulates each electromagnet from one another. The electromagnets mimic the magnetic strip on a credit card, but have the capability to temporarily capture data, and then transmit said data to be read by a magstripe terminal. The electromagnetic device can receive, and momentarily capture a variety of data, depending on which digital data is chosen by user. It then converts that data it to an analog signal, and then by using such components as microphone amplifier, a digital-to-analog converter, and microprocessor in the mobile device, transmits that data to the secure information device, which can write that data to a magnetic card terminal. The secure transmission device can be rewritten over and over again each time the user has a separate transaction, using different transaction data.

Abstract: Embodiments of the invention are directed to systems, methods and computer program products for enrolling a user in a device identification program. In some embodiments, a system is configured to: receive device identification information from a mobile device, receive user information associated with a user, the user information enabling identification of the user, associate the device identification information with the user information, and create a record based on the device identification information and the user information.

Abstract: An electronic payment system provided by a mobile communication device, the system including a memory storing instructions for interacting with a EMV card reader to cause payment from an issuing bank associated with a cardholder to an acquiring bank of a merchant associated with the electronic payment processing system; and one or more processors in communication with the memory configured to: initiate a transaction by passing transaction information, including a transaction amount, to the EMV card reader; receive encrypted payment authorization from the EMV card reader to process a payment from the issuing bank to the acquiring bank, wherein the one or more processors are in communication with the EMV card reader; pass the encrypted payment authorization to the acquiring bank over a data connection; and receive a confirmation of payment from the acquiring bank over the data connection.

Abstract: An apparatus that operates to cause financial transfers responsive to data read from data bearing records, includes a processor that is in operative connection with a card reader and a touch screen display. The processor can cause the card reader to read card data from a user card, and can determine whether the read card data corresponds to an authorized financial account. Without the touch screen display surface visibly providing indicia that corresponds to a desired character, the user can still input the character through user contact with the touch screen display surface. The processor can resolve the desired character from the user contact.

Abstract: A platform service that is used by an application may be linked to an advertising service. A cost of using the platform service may be reduced based on the linking.

Abstract: A card actuated automated banking machine (10) is operative to early out financial transactions responsive to data included on user cards. The banking machine includes a user interface (15) including a display (24). The user interface includes a card reader (16) which is operative to read data on user cards which identify at least one of user and a user's financial accounts. A fascia of the machine includes a keypad (404, 438, 458) through which users input confidential data. Covers (400, 422, 430) prevent unauthorized persons from viewing confidential inputs to the keypad. Authorization signals assure that the display is operating in a manner that provides appropriate user instructions. A visual indicator is operative to indicate to a user that keypad inputs are being encrypted. Alternatively a touch screen display module (608) is operative to securely receive manual inputs and/or card data.

Abstract: Information applied to a packet at an ingress port of a network may be used for enhancing security. The information applied to a packet may be “context information” which replaces at least some bits of layer 2 information (e.g., a header). Users or customers may define security policies. They may define different security policies for different types of transactions. They may also define security policies based on the location from which the transaction originated. If the customer is an organization with different classes of users, it may define different security policies. The class of user may be identified based on at least a part of the “context information”. At least a part of the context information may also be used to monitor a location from which a transaction originated, thereby permitting fraudulent uses to be traced.

Abstract: Embodiments of a multimode system for use in, for example, a fuel dispenser, are configured for receiving data in a retail environment. The multimode system can include: a secure input module for receiving high security input and low security input from a customer, the high security input to be communicated by the secure input module in cipher text, and the low security input to be communicated by the secure input module in plaintext. The multimode system is adapted to operate in a high security mode and a low security mode. The multimode system is adapted to enter the low security mode upon detection by the multimode system of a security breach condition. In the high security mode, the secure input module accepts low security input and high security input. In the low security mode, the secure input module accepts the low security input and does not accept the high security input.

Abstract: The present invention relates to a touch screen having an integrated EPP and an input information processing method for an automated teller machine using the same, and more particularly, to a touch screen provided as user interface in an automated teller machine, wherein the touch screen and an EPP module are formed integrally such that a screen displayed on the touch screen is configured to be controlled by a security CPU of the EPP module integrated with the touch screen when a customer using the automated teller machine inputs information required to be encrypted, such as a password required for a financial transaction, through the touch screen of the automated teller machine during the financial transaction, thereby initially preventing the leakage of important financial information through the illegal hacking of the CPU of the automated teller machine and the like.

Abstract: A mobile banking system that uses a cryptographic expansion device attached to a communication component of a mobile device and a secure gateway device to enable end-to-end secure communications between the mobile device and a payment processing network is disclosed. The cryptographic expansion device enables the mobile device to perform cryptographic operations on communications sent to and from the mobile device. The secure gateway device prevents unauthorized accesses to the payment processing network.

Abstract: Systems, methods, and computer storage mediums for placing advertisements on photographic images of geolocations. The method includes retrieving a photographic image associated with a geolocation, where the geolocation is based on a user action. An advertisement to place on the photographic image is also retrieved based on at least the geolocation. The photographic image is then analyzed to determine a position on the photographic image for placing the advertisement. Finally, the advertisement is placed at the determined position on the photographic image.

Abstract: Disclosed are systems and methods for managing transactions in which an order is specified online and payment is received at a point of sale (POS). Methods are disclosed for managing payment for such transactions at a POS, including transactions involving payment for both in-store purchases and online orders. Methods are also disclosed for managing inventory and price changes for such transactions where payment can occur at any time in a pay period following order creation. Also disclosed are methods for processing refunds for online orders for which payment was made at a POS. Finally, methods for preventing fraud and abuse as well as restricting the availability of this payment method for certain items are disclosed.

Abstract: In one embodiment, a user device is configured to allow a user to select any one of a plurality of accounts associated with the user to employ in a financial transaction. In one embodiment, the user device includes a biometric sensor configured to receive a biometric input provided by the user, a user interface configured to receive a user input including secret information known to the user and identifying information concerning an account selected by the user from the plurality of accounts. In a further embodiment, the user device includes a communication link configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, the user interface, and the communication link.

Abstract: The present invention relates to a roaming electronic transaction terminal. It also relates to a secure system for electronic transactions comprising one or more roaming terminals. The terminal (1) has an application package support (2) and a coupler (3) for carrying out the read and write operations on a medium that are required for the electronic transactions in conjunction with the application package. The coupler (3) comprises means for creating a write time window and a read time window on the basis of a secure input signal, all writing and all reading being disabled outside of the corresponding windows. The invention applies notably for the securing of terminals carrying out checks and contractual transactions on supports equipped with processors and memories, it being possible for these supports to be through contactless read and write cards comprising for example transport entitlements, payment means or any other entitlements to be turned to account.

Abstract: A method to be implemented using a computer system, the method comprising the steps of providing a resource database that specifies locations of resources for use by consumers, receiving a location communication originated by a mobile consumer device associated with a consumer at a time temporally proximate a time when the consumer accesses a resource where the location communication indicates the location of the consumer device and using the location of the consumer device indicated in the communication to update the resource database.

Abstract: A mobile communication device and a data verification system applying a smart card having double chips are applicable to data verification processing when the mobile communication device drives the smart chip to perform transaction with a front end access device. The mobile communication device includes a wireless communication unit, a processing unit and a smart chip. When the processing unit receives a transaction request sent by the front end access device or the processing unit executes a transaction procedure, the processing unit performs data verification processing during transaction through the smart chip.

Abstract: Particular embodiments provide a method for orchestrating an order fulfillment business process that includes a sub-process. In one embodiment, abstraction of business processes from an underlying information technology (IT) infrastructure is provided. An orchestration process can be designed using sub-processes such that the sub-process is assembled at run-time into an executable process. The sub-process may be defined in an interface as a single step. A plurality of services as then assembled as steps in the executable process at run-time.

Abstract: A payment terminal using a mobile communication device (4), such as a mobile phone, is located on a removable memory card (1), e.g. type microSD card, which is adjusted in such a way so it can be inserted into an additional hardware slot, e.g. memory slot. A payment POS terminal application runs on a removable memory card (1), which contains at least one payment card. The payment card's unit (7) with the card's payment application is located in the secured part of the memory, separately from the terminal's configuration data unit (6). The configuration data of the terminal's selected identity and the payment card's data are located in the separate parts of the secure element or in completely independent secure elements or they can also be localized in the Sales Device of the merchant and there e.g. within the ICC card (29) or SAM card (42).

Abstract: An artist or a music company creates multimedia music contents using interactive media creating tools on their computer and upload to a fans club server. The fans club server maintains all fans registration information and client uploaded multimedia music/songs contents. An interactive media description module on the fans club server generates the interactive media using the multimedia contents provided by the client or the artist as its input. The generated interactive media will be distributed among the fans of the respective artist for playing on their mobile phones and review their contents online for a feedback before the songs being released in the market. The interactive media also prompts mobile phone user for purchasing the songs online. The mobile phone user can also purchase trial songs, and download on their mobile phone and make the online payment.

Abstract: A device is configured to allow a user to select any of a plurality of accounts to employ in a financial transaction. The user device includes a biometric sensor configured to receive a biometric input, a user interface configured to receive a user input including secret information known to the user and identifying information concerning an account selected by the user from the plurality of accounts. The user device includes a communication link configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, the user interface, and the communication link. The processor is configured to generate a non-predictable value and encrypted authentication information from the non-predictable value, the identifying information, and at least one of the information concerning the biometric input and the secret information, and communicate the authentication information via the communication link to the secure registry.

Abstract: An embodiment defines access control allowing the expression of access control rules using ontology based semantics and references an ontology subset using XPath as the ontological expression. The access control rules or access criteria are defined by an access control statement and may be expressed using classification criteria and ontology classes. The access control statement comprises a structural description that is used to define an asset and a logical expression that may be used to express the classification criteria. The access control statement defines access policy for various assets.

Abstract: A magnetic stripe reader assembly for a point of sale terminal is provided. The magnetic stripe reader reads the account data from a card and may encrypt it within the magnetic head. An encrypted representation of the account data may be provided to a host processor in the terminal for carrying out a financial transaction, such as a payment for goods or services. The account data is typically recorded on the magnetic stripe on the card in a magnetic flux pattern that is sensed and then converted to an analog signal. Such sensing and conversion and other processing of the account data to produce the encrypted representation of the account data typically involves one or more parameters, and may include at least one parameter that is adjustable.

Abstract: Embodiments of a near-field communication (NFC) system and method for private near-field communication are generally described herein. In some embodiments, a resonance-coupled channel is masked with a random channel-masking signal. The channel-masking signal may be scaled based on near-field channel conditions. Signals received through the channel may be unmasked with the scaled channel-masking signal to determine data that may have been conveyed by an NFC transmitting device by affecting the impedance of the resonance-coupled channel. In some embodiments, a reference signal may be scrambled with a mask to generate the channel-masking signal. The mask may include at least one of a random symbol mask, an amplitude mask and a phase mask. For additional privacy, the mask may include a random symbol mask and at least one of an amplitude mask and a phase mask.

Abstract: A communication system includes a terminal having a first storage section for storing a number of pieces of content information, a second storage section for storing a number of pieces of the content information, a storage control section for placing a content ID stored in the second storage section into purchase information for each terminal and stored in the second storage section, an access control section for controlling access to the content information corresponding to the content ID stored in the second storage section, and an accounting setting section for setting an amount of a fee to be imposed on the terminal in response to the purchase information.

Abstract: A system for point-to-point encryption is provided. A card reader system reads unencrypted card data stored on a magnetic stripe of a card and encrypts the card data, the card reader system being contained in a first housing. A point of sale device coupled to the card reader system and contained in a second housing separate from the first housing has a user interface for obtaining a transaction amount. A transaction request system transmits the transaction amount and the encrypted card data to an authorization gateway, wherein the unencrypted card data is prevented from being processed by the point of sale device.

Abstract: Embodiments of methods and apparatus for tag-based personalization of kiosk computing devices are disclosed. In embodiments, an authentication server/system may receive, from a mobile device, a plurality data packets having data associated with a display tag of a kiosk computing device. The authentication system/server may, in response, instruct the kiosk to activate an account-specific mode based on an account associated with the mobile device. Other embodiments may be described and/or claimed.

Abstract: A secure terminal, such as one used for point-of-sale debit card transactions, has a secure enclosure containing some or all of the terminal components, and is configured to send sensitive and non-sensitive data to a display located outside of the secure enclosure. The terminal includes a source chip that protects data sent from the terminal to the display. The source chip protects the data by detecting that the display is connected, authenticating the display as a device that is authorized to receive the data, and encrypting the data before transmission. Preferably, the display is a commercially-available consumer electronic device, such as a television or computer monitor. The source chip communicates with a receiver chip on the display to perform the detection, authentication, and encryption methods of the invention.

Abstract: Phishing attacks succeed by exploiting a user's inability to distinguish legitimate websites from spoofed websites. Most prior work focuses on assisting the user in making this distinction; however, users must make the right security decision every time. Unfortunately, humans are ill-suited for performing the security checks necessary for secure site identification, and a single mistake may result in a total compromise of the user's online account. Fundamentally, users should be authenticated using information that they cannot readily reveal to malicious parties. Placing less reliance on the user during the authentication process enhances security and eliminates many forms of fraud. We disclose using a trusted device to perform mutual authentication that eliminates reliance on perfect user behavior, thwarts Man-in-the-Middle attacks after setup, and protects a user's account even in the presence of keyloggers and most forms of spyware.

Abstract: Systems and methods for implementing a secure processor stick are described. In one aspect, the system for implementing a secure processor stick with a computer, the system comprising: a secure processor stick, including: a processor; a memory coupled to said processor; a smart chip coupled to said processor, said smart chip storing data for implementing a secure environment; and an operating system adapted to run on said memory and said processor, wherein said operating system is adapted to provide a secure environment for display on a computer using said data.

Abstract: The authentication method is based on the exchange of text messages between an User electronic equipment, in the form of a mobile phone terminal, and an Intermediary electronic equipment, and between a Manager electronic equipment and an Intermediary electronic equipment; upon a request of authentication of a User by a Manager to an Intermediary, the Intermediary electronic equipment sends to the mobile phone terminal an authentication key by means of an encrypted text message; the mobile phone terminal decrypts the encrypted text message via a cryptography key, the cryptography key has been previously encrypted via a PIN and stored inside the mobile phone terminal; if the mobile phone terminal correctly replies to the encrypted text message by sending to the Intermediary electronic equipment an appropriate encrypted text message, authentication is successful; typically, SMS or MMS and asymmetric encryption are used for implementing this method.

Abstract: Communication and validation of information transfer from a transmitter to a receiver is achieved by generating a cipher (400) from a message m (410) using parameters of an elliptic curve, a generator point P (406) on the elliptic curve and a public key Q (416) of the receiver. The cipher includes a first element that is the product kP of a random number k (404) with the generator point P and a second element that is the product of m and the x-coordinate of the product kQ. The message m is generated from two mathematically independent representations of the information and, optionally, a random number. The cipher is communicated to the receiver and decoded to recover a message m? (502). A validation token (500) is generated by the receiver and passed to the transmitter, which validates communication of the information to the receiver if the product mkQ is equal to the validation token.

Abstract: A lottery game system and methodology incorporates a terminal-based game component and a subsequent interactive-based game component. A player is provided access and is entitled to participation in the interactive-based game component as a function of a winning outcome in the terminal-based game component. The interactive-based game component may incorporate a wagering function.

Abstract: The invention relates to a method for securing an on-line transaction, comprising a proximity test which permits the proximity of the physical presence of the client to the on-line processing station (PT) with the authentication authority (AA) to be verified, an authentication test for the holder of the chipcard (CP) and a non-repudiation test for the transaction.