Abstract: In a purchase transaction between a merchant and a customer, a merchant device sends transaction information to a payment gateway and sends a beacon signal containing a transaction identifier to a customer mobile device. The customer mobile device sends the transaction identifier and payment information corresponding to a customer payment account to the payment gateway. The payment gateway applies the transaction identifier to access the transaction information received from the merchant device and sends purchase information based on the transaction information to the customer mobile device. The customer mobile device displays the purchase information to the customer, obtains an indication of customer assent to pay for the item and sends a confirmation of customer assent to the payment gateway. Upon receiving the confirmation of customer assent from the customer mobile device, the payment gateway processes the purchase transaction based on the payment account information.

Abstract: In a purchase transaction between a merchant and a customer, a merchant device sends transaction information to a payment gateway and sends a beacon signal containing a transaction identifier to a customer mobile device. The customer mobile device sends the transaction identifier and payment information corresponding to a customer payment account to the payment gateway. The payment gateway applies the transaction identifier to access the transaction information received from the merchant device and sends purchase information based on the transaction information to the customer mobile device. The customer mobile device displays the purchase information to the customer, obtains an indication of customer assent to pay for the item and sends a confirmation of customer assent to the payment gateway. Upon receiving the confirmation of customer assent from the customer mobile device, the payment gateway processes the purchase transaction based on the payment account information.

Abstract: A communication system includes a development sector for registering a plurality of wireless devices, a business sector for controlling utilization of an application program and for receiving application data, a service sector for deploying the application program and for providing the application data to the business sector in accordance with communication with at least one wireless device of the plurality; and a mobile sector comprising the plurality of wireless devices, each device for receiving the application program deployed by the service sector, executing the application program in response to the business sector, and communicating with the service sector to support provision of the application data to the business sector. The wireless device, such as a cell phone, personal digital assistant, or palm top computer may include an auxiliary device such as a bar code scanner, a magnetic stripe card reader, or a printer.

Abstract: The present invention relates generally to facilitating secure voice and data communication by way of a commercially available communication device (i.e., smartphone/smartdevice). Specifically, the device and system for pairing a specialized cryptographic device with a non-specialized communication device, wherein the two devices engage in bidirectional communication to facilitate encryption of voice and data for secure transmission over a network. While providing the sensitive cryptographic features for secure communications, the cryptographic device further implements and enforces security policies for the communication device by way if an intermediary native application executed at the communication device. The encryption device is suitably designed to be carried discreetly and may be used in conjunction with a commercially available communication device.

Abstract: The invention relates generally to a smart card device that is configured to facilitate wireless network access and credential verification. The device combines the features of the SIM with Common Access Card or Personal Identity Verification card features to allow a network subscriber to invoke secure payment transactions over a carrier's network. The system includes data storage for maintaining a plurality of network and transaction instrument profiles and a profile gateway for receiving transaction information from a payment gateway, sending an authorization request to a user's mobile device, receiving a transaction authorization from the mobile device, and sending transaction information to a payment gateway to finalize the payment transaction. The system further includes a protocol element that facilitates communication between the device and a transceiver for wireless communication between a mobile device and a computing system.

Abstract: The present invention involves providing secure Voice Over IP (VOIP) communications to a mobile communications device. Specifically, the disclosed systems and methods enable a standard remote communications device (e.g., a cellular telephone) to utilize the Secure Communications Interoperability Protocol (SCIP) as designed by the U.S. Department of Defense. The invention provides SCIP access to users without requiring specific hardware configurations to be built into, or added to, the remote communications device. The remote communications device is equipped with software that emulates what was previously accomplished through a hardware configuration in order to facilitate secure VOIP communications over standard mobile communication devices.

Abstract: The present invention relates generally to a system and device for compartmentalizing data acquisition functions within various hardware and software components and web services. More specifically, the system comprises a number of data providers including web services configured to receive transaction parameters from a payment network gateway system. The gateway system routes payment requests to appropriate payment processors and further parses the payment request for parameters. An information request including the parameters is sent to a cataloging service, which selects one or more web services based on the information request and parameters. The cataloging service sends the parameters to the one or more web services, which retrieves information based on a parameter and returns the information to the gateway server. The gateway server processes the information with the original transaction data and stores the combined information in a database.

Abstract: The present invention relates generally to a system and device for compartmentalizing data acquisition functions within hardware and software components, web services, and the like. More specifically, the system comprises a number of data providers including web services configured to receive transaction parameters from a payment network gateway system. The gateway system routes payment requests to appropriate payment processors and further parses the payment request for parameters. An information request including the parameters is sent to a cataloging service, which selects one or more web services based on the information request and parameters. The cataloging service sends the parameters to the one or more web services, which retrieves information based on a parameter and returns the information to the gateway server. The gateway server processes the information with the original transaction data and stores the combined information in a database.

Abstract: In a mobile communication device, multiple sets of sensor measurement data are obtained, each from a corresponding hardware sensor resident on the device. Insufficiently random data is filtered from each of the data sets to produce random data sets Which are combined to produce entropy data which is stored in an entropy data cache. An entropy pool is monitored to determine a level of entropy data available and, based on the level determined, entropy data is provided from the entropy data cache to the entropy pool. Entropy data from the entropy pool is then applied to perform a cryptographic operation such as the generation of an encryption key for encrypting communications sent or received by the mobile communication device.

Abstract: In a mobile communication device, multiple sets of sensor measurement data are obtained, each from a corresponding hardware sensor resident on the device. Insufficiently random data is filtered from each of the data sets to produce random data sets which are combined to produce entropy data which is stored in an entropy data cache. An entropy pool is monitored to determine a level of entropy data available and, based on the level determined, entropy data is provided from the entropy data cache to the entropy pool. Entropy data from the entropy pool is then applied to perform a cryptographic operation such as the generation of an encryption key for encrypting communications sent or received by the mobile communication device.

Abstract: In a mobile communication device, multiple sets of sensor measurement data are obtained, each from a corresponding hardware sensor resident on the device. Insufficiently random data is filtered from each of the data sets to produce random data sets which are combined to produce entropy data which is stored in an entropy data cache. An entropy pool is monitored to determine a level of entropy data available and, based on the level determined, entropy data is provided from the entropy data cache to the entropy pool. Entropy data from the entropy pool is then applied to perform a cryptographic operation such as the generation of an encryption key for encrypting communications sent or received by the mobile communication device.

Abstract: In a mobile communication device, multiple sets of sensor measurement data are obtained, each from a corresponding hardware sensor resident on the device. Insufficiently random data is filtered from each of the data sets to produce random data sets which are combined to produce entropy data which is stored in an entropy data cache. An entropy pool is monitored to determine a level of entropy data available and, based on the level determined, entropy data is provided from the entropy data cache to the entropy pool. Entropy data from the entropy pool is then applied to perform a cryptographic operation such as the generation of an encryption key for encrypting communications sent or received by the mobile communication device.

Abstract: In a mobile communication device, multiple sets of sensor measurement data are obtained, each from a corresponding hardware sensor resident on the device. Insufficiently random data is filtered from each of the data sets to produce random data sets which are combined to produce entropy data which is stored in an entropy data cache. An entropy pool is monitored to determine a level of entropy data available and, based on the level determined, entropy data is provided from the entropy data cache to the entropy pool. Entropy data from the entropy pool is then applied to perform a cryptographic operation such as the generation of an encryption key for encrypting communications sent or received by the mobile communication device.

Abstract: In a mobile communication device, multiple sets of sensor measurement data are obtained, each from a corresponding hardware sensor resident on the device. Insufficiently random data is filtered from each of the data sets to produce random data sets which are combined to produce entropy data which is stored in an entropy data cache. An entropy pool is monitored to determine a level of entropy data available and, based on the level determined, entropy data is provided from the entropy data cache to the entropy pool. Entropy data from the entropy pool is then applied to perform a cryptographic operation such as the generation of an encryption key for encrypting communications sent or received by the mobile communication device.

Abstract: In a mobile communication device, multiple sets of sensor measurement data are obtained, each from a corresponding hardware sensor resident on the device. Insufficiently random data is filtered from each of the data sets to produce random data sets which are combined to produce entropy data which is stored in an entropy data cache. An entropy pool is monitored to determine a level of entropy data available and, based on the level determined, entropy data is provided from the entropy data cache to the entropy pool. Entropy data from the entropy pool is then applied to perform a cryptographic operation such as the generation of an encryption key for encrypting communications sent or received by the mobile communication device.

Abstract: A communication system includes a development sector for registering a plurality of wireless devices, a business sector for controlling utilization of an application program and for receiving application data, a service sector for deploying the application program and for providing the application data to the business sector in accordance with communication with at least one wireless device of the plurality; and a mobile sector comprising the plurality of wireless devices, each device for receiving the application program deployed by the service sector, executing the application program in response to the business sector, and communicating with the service sector to support provision of the application data to the business sector. The wireless device, such as a cell phone, personal digital assistant, or palm top computer may include an auxiliary device such as a bar code scanner, a magnetic stripe card reader, or a printer.

Abstract: A communication system includes a development sector for registering a plurality of wireless devices, a business sector for controlling utilization of an application program and for receiving application data, a service sector for deploying the application program and for providing the application data to the business sector in accordance with communication with at least one wireless device of the plurality; and a mobile sector comprising the plurality of wireless devices, each device for receiving the application program deployed by the service sector, executing the application program in response to the business sector, and communicating with the service sector to support provision of the application data to the business sector. The wireless device, such as a cell phone, personal digital assistant, or palm top computer may include an auxiliary device such as a bar code scanner, a magnetic stripe card reader, or a printer.

Abstract: A data control system prevents non-point of sale devices (135, 155) from sending data over an external network (160) via a secure connection reserved for point of sale devices (125, 145), but allows non-point of sale devices (135, 155) to send data over the external network (160) other than via the secure connection. The secure connection is, for example, a virtual private network connection. The data control system may allow the data from non-point of sale devices (135, 155) to be sent only if it is not destined for a restricted destination. The restricted destination may be, for example, a payment host (170) or secure host (180) on the external network (160).

Abstract: A communication system includes a development sector for registering a plurality of wireless devices, a business sector for controlling utilization of an application program and for receiving application data, a service sector for deploying the application program and for providing the application data to the business sector in accordance with communication with at least one wireless device of the plurality; and a mobile sector comprising the plurality of wireless devices, each device for receiving the application program deployed by the service sector, executing the application program in response to the business sector, and communicating with the service sector to support provision of the application data to the business sector. The wireless device, such as a cell phone, personal digital assistant, or palm top computer may include an auxiliary device such as a bar code scanner, a magnetic stripe card reader, or a printer.

Abstract: A data control system allows non-point of sale devices (135, 155) on the LAN to receive data from an external network (160) when established conditions are met. The data control system may allow the data to be sent to a non-point of sale device (135, 155) only if the data has not been received via a secure connection reserved for point of sale devices (125, 145). The secure connection is, for example, a virtual private network connection. The data control system may also allow the data to be sent to a non-point of sale device (135, 155) only if the data is associated with a communication session initiated by the non-point of sale device (135, 155). The data control system may also allow the data to be sent to the non-point of sale device (135, 155) only if it is not received from a restricted source. The restricted source may be, for example, a payment host (170), a secure host (180) or any unidentified source.