Abstract: The disclosure relates to sequencing of asset segments of privacy policies. The asset segments are sequenced based on a set of constraints. In an embodiment the asset segments are sequenced using a set of pre-defined predecessors and a set of pre-defined successors of each asset segment through a feasible sequence generation technique and a sequence generation technique based on the constraints, wherein the constraints are preferences associated with the source entity and the target entity. Hence the disclosure bridges a communication gap between the source entity and the target entity by optimally displaying the most relevant privacy policy (mapped to the asset segments) based on the constraints associated with the source entity and the target entity. Further the disclosed system also determines a violation factor that represents a conflict between the preferences associated with the source entity and the target entity.

Abstract: A system and computer-implemented method for depersonalizing financial transaction data being switched by a switching service (e.g., an interchange network) between an acquirer and an issuer located in different countries. The acquirer's host sends a personalized transaction to a depersonalization service via an independent communications channel. The service depersonalizes the transaction and sends it back to the acquirer's host, and also sends a reverse depersonalization dictionary to the issuer's host. The acquirer's host sends the depersonalized transaction to the acquirer's interface, which sends it via the switching service to the issuer's interface, which sends it to the issuer's host. The issuer's host uses the dictionary to repersonalize the transaction, processes the repersonalized transaction, and sends a response code to the acquirer's host.

Abstract: In certain embodiments, resource allocation related to records may be facilitated by generating and using modified instances of such records. In some embodiments, a set of records associated with a user may be stored in a memory area, where each such record includes a record identifier. In response to obtaining one or more commands related to a resource transfer from a user device associated with the user, a new set of records associated with the user may be generated such that each record of the new set is (i) a modified instance of a corresponding record of the record set and (ii) includes a record identifier different from the record identifier of the corresponding record. In one use case, the new records and its data may then be utilized to perform operations related to the user commands. In another use case, the new records may replace its older corresponding records.

Abstract: Systems and methods are provided for facilitating voice authentication of a user in connection with a network transaction. One exemplary method includes receiving an authentication request for a transaction, initiated at a voice interactive device, from a merchant plug-in (MPI) associated with a merchant involved in the transaction, where the authentication request includes a pre-authentication indicator based on voice authentication of a user by the voice interactive device or by a voice authentication service. The method also includes generating a risk score for the transaction based at least in part on the pre-authentication indicator, transmitting the risk score with the authentication request for the transaction to an access controller server (ACS) associated with an issuer of an account to which the transaction is directed, and returning a result response to the MPI where the result response indicates permission to proceed in the transaction based on authentication of the user.

Abstract: One embodiment of an existing customer lead generation system comprises a vendor customer information database, a vendor criteria database, a web server, a matching engine, and a transmission component. The vendor customer information database identifies vendor's existing customers. The vendor criteria database determines which leads each vendor wants to receive. Separate criteria may be specified for consumers that are existing customers and consumers that are not existing customers. The web server receives characteristics of a consumer and a product or service. The matching engine compares the consumer characteristics with the vendor customer information database to identify vendors for which the consumer is an existing customer. The matching engine applies existing customer criteria to match the consumer with existing vendors. The matching engine applies non-existing customer criteria to match the consumer with other vendors.

Abstract: An embodiment of the invention is directed to a method comprising receiving, at a server computer, information for a portable device that includes a mobile device identifier and storing, by the server computer, the information for the portable device that includes the mobile device identifier in a database associated with the server computer.

Abstract: Systems and methods for providing a rewards payment form linked directly to a rewards account are described. The rewards points may be spent directly by the customer through the use of the payment form linked to the rewards account. The payment form may be a payment card (e.g., a physical card having an account number accessible via a magstripe, an EMV chip, etc.) or a virtual payment card loaded into a mobile wallet accessible by the customer. The rewards payment form allows the customer to spend the rewards points stored in the rewards account without first going through the extra step of converting the rewards points into currency.

Abstract: Devices and methods for securing electronic transactions in a computing network are configured to receive a transaction, access transaction contextual data for the transaction, and apply one or more authentication decision rules to the transaction contextual data to determine initial authentication assessment information for the transaction. Further, aspects are configured to convert the initial authentication assessment information into a condensed authentication assessment indicator having an assessment value selected from a plurality of assessment values based on an assessment value definition, and transmit the condensed authentication assessment indicator. Also, aspects receive a transaction authentication decision based in part on the condensed authentication assessment indicator, and process or deny processing of the transaction based on the transaction authentication decision.

Abstract: A method and system for reducing latencies in a blockchain network through the use of one or more proxy agents co-located with a first blockchain node processing a blockchain transaction. The one or more proxy agents are also associated with other blockchain nodes on a blockchain network.

Abstract: A device and method for processing a ciphertext, including determining a seed using a secret key and the ciphertext, extracting a public key candidate from the ciphertext using the seed, determining a checkvalue candidate based on the public key candidate, comparing the checkvalue candidate with a checkvalue, and further processing the ciphertext if the comparison indicates that the checkvalue candidate corresponds to the checkvalue.

Abstract: A server computing device receives authentication request messages formatted according to a first message format from a party via a computing device of a user involved in a transaction, translates the messages into modified authentication request messages formatted according to a second message format, and transmits the modified authentication request messages to an authorization computer. The server computing device may augment the modified authentication request messages by including data gathered from the received authentication request messages describing the user, user's computing device, and/or network path between the server computing device and user's computing device, as well as risk scores generated based upon the received authentication request message.

Abstract: A method for generating tokens for use in an email-based e-commerce transaction between third party vendor and a customer that is facilitated by a payment server is disclosed. The method may comprise generating a token for use with an email checkout, wherein the token comprises a customer name, and customer email address. The processor may generate an email message for at least one recipient, the email message including a mailto hyperlink including the token, wherein the mailto hyperlink generates an email response message addressed to the payment server including the token. The method may comprise receiving a notification from the payment server indicating that the at least one recipient that the email response message was successfully received by the payment server and the email-based e-commerce transaction is successful.

Abstract: The disclosed technology relates to a context service system configured to receive, from a subscriber, a shared customer lookup request that includes a first customer data identifier and identify, in a shared data partition, a second customer data identifier associated with the first customer data identifier. The context service system is further configured to determine that the second customer data identifier is associated with customer information in a subscriber data partition and transmit, to the subscriber system, the customer information from the subscriber data partition.

Abstract: Systems and methods for validating and processing payment transactions are disclosed. In the embodiments of the invention a first authorization request message and a first verification value are received at a server computer. The verification value is validated and a second authorization request message with a second verification value is generated. The first verification value may be a dynamic value and the second verification value may be static value. The second verification value is associated with portable device used to perform a transaction and it is what the issuer computers of the portable device expect to receive as part of an authorization request message in a payment transaction.

Abstract: Examples of the disclosure enable a user to be authenticated and/or a financial transaction to be authorized. In some examples, one or more identifiers associated with one or more detected devices in an area proximate to the detection device are received. It is determined whether at least one identifier of the one or more identifiers corresponds with one or more target identifiers, and whether a device presence of at least one device associated with the at least one identifier satisfies a predetermined threshold. The user is authenticated upon determining that the device presence satisfies the predetermined threshold. Aspects of the disclosure provide for a processing system to authenticate a user and/or authorize a financial transaction in an environment including a plurality of devices.

Abstract: Various examples are directed to systems and methods for secure mobile wallet transactions. A computing device on which a mobile wallet operates may receive payment credentials from other devices using near field communication (NFC) path and/or wallet-to-wallet (W2W) communication paths. The computing device may initiate an NFC mode in response to user selection or the identification of a nearby NFC-enabled device. The computing device may send the received payment credentials to a wallet service provider associated with the mobile wallet using W2W communication. The computing device may send approvals or denials of the transaction to the other device.

Abstract: Embodiments of the present invention provide a system for execution of consolidated resource-based actions. A plurality of disparate databases may be monitored and resources from these disparate databases can be aggregated or otherwise consolidated to a consolidated resource database. A request can be received from a computing device of the user, where the request includes request parameters that provide structure and specificity to the request. Relevant data is identified from the plurality of disparate databases and/or from the consolidated resource database. A determination is made for a response action based on the relevant data and the request parameters, where such a determination can be made through the assistance of artificial intelligence or machine learning engines. Finally, the responsive action is executed, which involves at least causing a user interface of the computing device of the user to communicate a response to the received request.

Abstract: A method for fraud detection may include receiving, via a first user account of a business management application (BMA), a first loan application for a first business entity. The first user account may be accessible to an accountant of an accounting firm. The method may further include receiving, via a second user account of the BMA, a second loan application for a second business entity. The second user account may be accessible to the accountant. The method may further include determining, using a cluster analysis, (i) a connection strength between the first business entity and the second business entity relative to the accounting firm, and (ii) a fraud score for the accounting firm, and determining, based on the connection strength and the fraud score, a probability that the first loan application is fraudulent.

Abstract: A system enhances capabilities by cooperatively using identity systems and identification databases. In some examples, a system uses a biometric to verify an identity for a person with an identification database, accesses identity information for the person in an identity system using the biometric, and performs an action using the identity information. In various examples, a system attempts to verify an identity for a person with an identification database using a biometric, attempts to verify the identity for the person with an identity system using the biometric, and performs an action if the identity is verified. In a number of examples, a system obtains a biometric and identity information for a person; uses at least one of the identity information or the biometric to verify an identity for the person; and, upon confirming the identity with an identification database using the biometric, enrolls the person in an identity system.

Abstract: Methods, apparatuses, computer program products, devices and systems are described that carry out accepting at least one persona from a party to a transaction; evaluating the transaction; and negotiating receipt of at least one different persona from the party to the transaction at least partly based on an evaluation of the transaction.

Abstract: A secure point-of-sale (POS) portal architecture for delivering multiple services is provided. According to one exemplary aspect of the architecture, a number of services offered by various parties are integrated for delivery to merchants. The parties offering the services include, for example, payment processors and merchant acquirers and other external value-added service providers. The integrated services, in turn, are offered to merchants and/or their respective customers via one or more POS devices and its supporting system infrastructure at the merchant locations. The integrated services include, for example, acceptance of multiple payment instruments, payment processing, user dialog management, sales promotion and customer support, loyalty programs, back office processing, receipt capture, employee training, risk management, dispute resolution, system security, system administration etc.

Abstract: A portal to provide user interfaces to users to access and/or purchase account features in connection with websites of issuers. The user interfaces have white label configurability that allows the issuers to customize the labeling of the user interfaces such that the user interfaces can be perceived as part of the websites of the issuers of the consumer accounts of the respective users. The user interfaces are configured to present, in a user friendly way, the account features currently in the consumer accounts, as well as optional account features that can be purchased at additional costs.

Abstract: The present systems and methods provide for secured communication between a mobile device and a server/gateway. The systems and methods can be used, for example, as a way to confirm whether or not a transaction was actually authorized by the user, thereby settling a chargeback dispute for a previously executed transaction. The method comprises receiving the dispute regarding the transaction including associated transaction data, and retrieving a digital signature associated with the transaction data, the digital signature computed by signing the transaction data. The digital signature is then verified using a public key, wherein the public key corresponds to a private key stored on a mobile device. It is then determined whether or not the transaction is fraudulent based on a verification result of the digital signature.

Abstract: A system and method of presenting a commerce application to an electronic device of an end-user are disclosed. The method includes establishing electronic communications from the end-user to a first server (e.g., an electronic marketplace) in response to the end-user accessing an element presented by the first server, and establishing electronic communications between the first server and a second server. The second server may be, for example, another electronic marketplace. The first server sends a graphical interface feature to the end-user. Substantially concurrent with the first server sending the graphical interface feature, the second server transmits electronically graphical content to be placed within the graphical interface feature on a browser on an electronic device of the end-user. The blending of the graphical interface feature and the graphical content is transparent to the end user; thus, the end-user may be unaware that additional information is being received from the second server.

Abstract: Embodiments of the present application relate to a method, apparatus, and system for enrolling a mobile device with an enterprise network. The method includes receiving, from a mobile device, a request to access an enrollment address. In response to receiving the request to access the enrollment address, determining whether the mobile device is pre-enrolled with the enterprise network, and in the event that the mobile device from which the request to access the enrollment address is received corresponds to the mobile device that is pre-enrolled with the enterprise network, pushing user-specific settings to the mobile device.

Abstract: A system and method of transmitting a check-type payment between a payor and a payee using a third-party service includes registering a payor, receiving a check-type payment request from the payor by the third-party service, generating a unique identifier for the check-type payment request and associating payment information with the unique identifier, transmitting a payment notice to the payee, receiving a deposit request to a deposit account from the payee by the third-party, generating a depositable item responsive to the deposit request, and depositing the depositable item into the deposit account by the third-party service.

Abstract: A device receives capability information associated with a next hop device of a wireless local area network (WLAN). The device also determines, based on the capability information, whether the next hop device is capable of implementing security for traffic, where the security includes a media access control (MAC) security standard and a layer 2 link security standard. The device further creates, via the MAC security standard, a secure channel with the next hop device when the next hop device is capable of providing security for traffic.

Abstract: Described herein is an apparatus that includes a minimum equipment list (MEL) data module and an impact assessment module. The MEL data module determines at least one operational limitation associated with deferred maintenance on a vehicle. The impact assessment module determines an operational impact associated with the deferred maintenance based on the at least one operational limitation.

Abstract: Some embodiments of the present invention include determining if updates performed by a second user include a systematic change such as a reversal of an update previously performed by a first user within a time window. The reversal is associated with a record of data used by a gamification application executing in a computer system. A time delay is introduced between the update performed by the second user and rewarding the second user if the update performed by the second user includes the reversal within the time window. An update history of the first user and the second user is evaluated to identify pattern of reversals associated with similar records within the time window. The second user is prevented from being rewarded based on identifying that there are patterns of reversals from the update history occurring within the time window.

Abstract: A mobile payment method is to be implemented by a transaction device, and includes: receiving payment information, transmitting the payment information to a payment institution server, providing the payment information to a payment device, and receiving a payment result. The payment device is enabled to generate a payment request when the payment institution server determines that the payment information received from the payment device conforms to the payment information received from the transaction device, and to transmit the payment request to the payment institution server for subsequent processing of the payment according to the payment information included in the payment request.

Abstract: A system and method of assembly and use of integration applications includes receiving a first request for services from a first client, the first request for services includes a first custom services header including one or more service descriptors, parsing the first custom services header to extract each of the service descriptors, determining a service corresponding to each of the service descriptors, inserting a request for the service into an integration application, deploying the integration application to an application server, adding a first entry to an application list, the first entry corresponding to the integration application, forwarding the first request for services to the integration application, receiving a response from the integration application, and returning the response to the first client.

Abstract: Technologies for secure inter-virtual network function communication include a computing device to determine a cryptographic key for secure communication over at least one of an inter-virtual network function (VNF) network, an inter-virtual network function component (VNFC) network, or a VNF-VNFC network based on a security policy of the computing device; and. The computing device securely communicates over at least one of the inter-VNF, inter-VNFC, or VNF-VNFC network based on the determined cryptographic key.

Abstract: Methods and systems for facilitating online transactions are disclosed. One method includes supplying content for display in a frame of a website, the website hosted by a third-party. The method also includes receiving transaction information from the third-party, and returning a token to the frame, the token including state information based on the transaction information. The method further includes passing the token from the frame to the third-party. The method optionally also includes receiving the token from the third-party and transferring funds from a first account to a second account based on the transaction information and the state information.

Abstract: Novel features to be used in a proxy card payment system include a real-time request to override a declined transaction or to select a different financial account and the insertion of user identification information into the transaction approval message sent to the merchant. A payment request is forwarded to the payment system, which maintains the proxy card account and determines whether the transaction violates a user-defined rule. If the transaction is declined by the issuer that maintains the financial account, or the payment system for violation of a user-defined rule, the payment system sends a real-time message to the user. The user is prompted to override the rule causing the transaction to be declined or to select a new account to process the transaction. Once the payment system receives authorization for the transaction, it inserts the user identification information in an approval message before transmitting the approval to the merchant.

Abstract: The present invention relates to a method of enabling a computer network transaction for a product being purchased by a buyer from a seller, comprising the steps of generating a once-only transaction identification means associated with the transaction, providing the transaction identification means to a transaction acquirer, together with a buyer identification means which identifies the buyer to the transaction acquirer, and providing the once-only identification means to the seller, whereby the seller may provide the transaction identification means to the transaction acquirer and the transaction acquirer can match the transaction identification means received from the seller with the transaction identification means they have been provided with and, if they match, can enable settlement of the transaction.

Abstract: The present invention relates to a system, a method, a service server, a mobile communication terminal, an end-point terminal, and a storage medium, for providing a service to an end-point terminal that uses authentication information of a mobile communication terminal to which it is not currently connected, wherein the end-point terminal is connected to a first mobile communication terminal and to a second mobile communication terminal through a short-range communication network and to a service server via the second mobile communication terminal. The end-point terminal uses the authentication information of the first mobile communication terminal and is connected to the service server which is connected to the first and second mobile communication terminals through the mobile communication network, for authenticating the end-point terminal that uses the authentication information of the first mobile communication terminal.

Abstract: A micropayment system and method is presented for a payor U to establish payment to payee M for a transaction T, which typically has a very low value TV. The micropayment scheme minimizes the bank's processing costs, while at the same time eliminating the need for users and merchants to interact in order to determine whether a given micropayment should be selected for payment. In one embodiment, the micropayment scheme includes time constraints, which require that an electronic check C for the transaction T be presented to a bank B for payment within a predetermined time/date interval. In another embodiment, the micropayment scheme includes a selective deposit protocol, which guarantees that a user is never charged in excess of what he actually spends, even within a probabilistic framework. In another embodiment, the micropayment scheme includes a deferred selection protocol, which provides the bank with control and flexibility over the payment selection process.

Abstract: Anonymous mobile payments enable a user to make and/or receive payments without disclosing personal or private information to another party. In some aspects, a provider of a payment may request an anonymous payment for a specified value from a host. In response, the host may transmit to the provider a code that is available for redemption. The provider may then relay the code to a recipient, who may redeem the code from the host. In other aspects, a recipient may request a temporary identifier (special code) from a host. The recipient may relay the temporary identifier to a provider, who may in turn transmit a payment, via the host, using the temporary identifier. The recipient may then claim the payment from the host. In additional aspects, the codes of the anonymous payments may include expiration times and/or restrictions on a number of uses of the code.

Abstract: Pursuant to some embodiments, methods, systems, apparatus, computer program code and means for conducting an online transaction by a user operating a computer are provided which include identifying, at the computer, that the user has selected a secure payment option during a transaction with a merchant. The computer is caused to enter a private session. During the private session, payment card data from a physical payment card held by the user is received, and the payment card data is forwarded to a payment provider to cause the payment provider to provide substitute payment card details to the merchant to complete the transaction.

Abstract: A system and method for generating a return label for merchandise being returned from a buyer or consumer in a first country to a merchant in a second country. A name and address of a consumer in the first country desiring to return merchandise and merchant or seller information including a merchant identifier is received. An address for receiving returns for the merchant or seller in the second country is accessed based on the merchant information. One or more machine readable identifiers for use by a first country carrier and for use by a second country carrier based at least on the consumer information, and information for routing the return merchandise are generated. A return label for merchandise being returned from the consumer to the merchant is generated. The return label can include the machine readable identifiers and a customs declaration for the merchandise.

Abstract: A method of authorizing a transaction involves a computer server authenticating a payment cardholder from a cardholder credential, and receiving a request from a communications terminal to initiate an online transaction with the server. The server communicates with a database of clusters, each uniquely associated with a respective cardholder and identifying an authentication card and a partial payment card number. The server requests an authentication credential from the terminal in response to determining that the requested transaction possesses a high risk of fraud. The server receives the requested authentication credential, and uses the cardholder and authentication credentials to locate the authentication card uniquely associated with the cardholder and the authentication credential in the database. The authentication credential has fewer digits than the account number of the located authentication card.

Abstract: A gateway device and methods performed therein to prevent unauthorized client devices from connecting to the host network of the gateway device is described. The gateway device does not respond right away to an individual client message sent to the gateway device. Instead, the gateway device only responds to a predetermined sequence of the client messages, which is only known to the gateway device and authorized client devices. Because the gateway device will not respond to random client messages and the likelihood that an unauthorized client device can correctly guess the predetermined sequence of the client messages is low, the risk of a malicious party being able to hack into the host network, for example, by using port scanning techniques, can be mitigated.

Abstract: A system and method of using Electronic Funds Transfer (EFT) to complete payment for goods and services. An example method of operating a transaction terminal includes identifying items selected by a customer for purchase, determining a required payment amount for the items, obtaining identification information from the customer, obtaining contact information and payment information, including bank account information and bank routing number information, from a customer profile associated with the identification information, creating a check image, sending a request for payment message providing access to the check image and the payment information to a mobile communication device of the customer using the contact information in the customer profile, and receiving a reply message from the mobile communication device authorizing payment for the items via electronic funds transfer and including a 2D barcode containing the check image and the payment information.

Abstract: An electronic document processing system 900 includes a digital image generating unit 15 generating a digital image in a predetermined range of the electronic document; an image encrypting unit 11 generating an encrypted image by converting at least a partial area of the generated digital image; a data encrypting unit 21 generating encrypted data by extracting data contained in the predetermined range in pieces of data organizing the electronic document and encrypting the data; an encrypted data storing unit 22 storing the encrypted data; and an encrypted electronic document generating unit 23 generating an encrypted electronic document by replacing the data contained in the predetermined range in the electronic document with the encrypted image.

Abstract: A method of authorizing a commercial transaction between a customer and a provider of goods or services over a network, wherein the provider of goods or services requests that the customer provide authentication by activating a fingerprint identification device, and the provider of goods or services receives at least an authentication code of the customer over the network from the fingerprint identification device, the method comprising the steps of: providing the customer with the fingerprint identification device which produces the authentication code when a fingerprint of the customer matches a stored fingerprint within the fingerprint identification device; receiving at least the authentication code from the provider of goods or services over the network; and authorizing the transaction if at least the authentication code is valid.

Abstract: Systems and methods are disclosed for performing online charging for text messages. One embodiment comprises a system that handles a Mobile Originated (MO) text message. The system receives a send request for the MO text message, and generates an online credit request for the MO text message. The system determines a type of originating network for the MO text message, and inserts an indicator of the originating network type in the online credit request. The system may also determine a type of terminating network for the MO text message, and insert an indicator of the terminating network type in the online credit request. The system then transmits the online credit request to an online charging system to charge for the MO text message.

Abstract: Request processing within a computing environment is facilitated. Request processing and analytics processing for the request are performed substantially concurrently in order to improve efficiency of request execution. The analytics processing is at least commenced, and may complete, prior to receiving an indication of success or failure of the request processing. If request processing fails, analytics processing ceases, if not already complete, and results of the analytic processing are not used.

Abstract: A secure payment method includes receiving, at a computer of a payment service, a request from a requester for a one time use transaction identification token for a transaction. The one time use transaction identification token is provided from the payment service computer to the requester. The one time use transaction identification token is received at the payment service from a merchant communications apparatus under the control of a merchant. Electronic payment information for the transaction is issued from the payment service to the merchant upon validating the one time use transaction identification token.

Abstract: An authentication server transmits authentication information used to authenticate the transmission origin of an authentication request, to a sub-authentication server, when receiving the authentication request. The authentication server transmits identification information to identify the sub-authentication server to which the authentication information is transmitted, to a terminal. The terminal includes a transmission destination storage unit that stores identification information to identify the transmission destination of the authentication request and transmits the authentication request to the transmission destination identified with the identification information stored by the transmission destination storage unit. The terminal updates the identification information using the identification information, when receiving the identification information.

Abstract: Technologies for secure inter-virtual network function communication include a computing device to determine a cryptographic key for secure communication over at least one of an inter-virtual network function (VNF) network, an inter-virtual network function component (VNFC) network, or a VNF-VNFC network based on a security policy of the computing device; and. The computing device securely communicates over at least one of the inter-VNF, inter-VNFC, or VNF-VNFC network based on the determined cryptographic key.