Abstract: A point of sale (POS) device comprises: a base; a first display panel hinged on one end of the base; and a second display panel hinged on an opposite end of the base. The first and second display panels may be hinged to the base such that, in an operational configuration, an end of the first display panel distal the base meets an end of the second display panel distal the base. The base may be relatively planar and the one end of the base spaced apart from the plane of the base such that, in a stowed configuration, the second display panel can fold to lie flat against the base and the first display panel can fold to lie flat against the second display panel.

Abstract: A merchant website automatically detects whether a customer device has a registered payment application; if so, the website generates a custom protocol message that is triggered on checkout to initiate payment via the payment application. Details of the transaction are passed to the payment application via a payment server so that the user can authorize the transaction within the payment application.

Abstract: A computer-implemented method of providing authenticated delivery of a purchase to an authorised recipient comprises: a. authorising (S2-1) a purchase, including designating an authorised recipient for the purchase; b. providing (S2-3) corresponding delivery tokens (4a, 4b) to a recipient device (3) of the authorised recipient and to a delivery device (13) associated with delivery of the purchase; c. at the point of delivery, determining (S2-7) whether the delivery token (4a) of the recipient device (3) matches the delivery token (4b) of the delivery device (13); and, if so: d. confirming (S2-9) that delivery of the purchase is authorised.

Abstract: A system and method for processing an online application for a payment instrument is described, in which user details are received, a payment instrument is assigned based on the received user details, wherein the payment instrument is associated with unique identifying data, and the user is informed of the assigned payment instrument by transmitting a first portion of said unique identifying data via a first communication channel, and transmitting a second portion of said unique identifying data via a second communication channel different to the first communication channel.

Abstract: A computer-implemented method for sharing user data associated with a first user. The method comprises receiving, from a second system, a first access message associated with a request for access to the user data stored at a first system. The first access message comprises a second system label indicative of an identifier of the second system. In response to receiving the first access message, the second system label is compared with a plurality of authorised entity labels and a plurality of unauthorised entity labels. In response to identifying that the second system label matches an authorised entity label and that the second system label does not match an unauthorised entity label, a grant message is transmitted indicative that the request for access is granted.

Abstract: A system and method for processing an online application for a payment instrument is described, in which user details are received, a payment instrument is assigned based on the received user details, wherein the payment instrument is associated with unique identifying data, and the user is informed of the assigned payment instrument by transmitting a first portion of said unique identifying data via a first communication channel, and transmitting a second portion of said unique identifying data via a second communication channel different to the first communication channel.

Abstract: User Authentication A mobile user authentication application is operable to perform one or more of the following operations: ?authenticate a user in a voice call to a telephony service, by passing an authentication code to the telephony service within the voice call [FIGS. 2, 2c]; ?validate a user instruction during a secure messaging session [FIG. 3]; and ?authenticate a user at a physical local service by obtaining a challenge code at that local service, validating the challenge code with a remote authentication service, obtain a confirmation code from the authentication service and presenting the confirmation code for validation at the local service [FIGS. 4, 4a and 4b].

Abstract: A client system obtains an access token for accessing a protected resource stored at a resource system. A storage resource of the system stores a plurality of grant method code portions, a plurality of authentication method code portions and a configurable database. The client system comprises processing circuitry configured to receive an access request from a user device. The access request comprises an instruction for the client system to access a protected resource and a request identifier indicative of an authorization system for authorizing access to the protected resource. The client system uses the configurable database and code portions to execute the grant and authentication methods supported by the authorization system. The client system receives the access token from the authorization sever, in response to executing the grant and authentication methods.

Abstract: A client system comprises processing circuitry configured to receive, from an authorisation system, a first grant token for identifying the client system at the authorisation system, the first grant token having a corresponding time to expire indicative of a time at which the first grant token will not be valid for obtaining a protected resource from a resource system. The client system transmits, to the authorisation system, a refresh request for a second grant token for identifying the client system at the authorisation system, wherein the refresh request is transmitted based on the expiry time of the first grant token; and receives the second grant token at the client system, in response to the refresh request.

Abstract: A method of securely processing data in a third party cloud environment is provided. Third party computer executable code is executed in a secure portion of the third party cloud environment. An external data request for external data to be received from an external data provider is then processed whereby the external data request comprises at least a portion of the secure data. The third party cloud environment determines whether to authorise the first external data request, and if the request is so authorised the request is sent to the external data provider and the external data is received from the external data provider.

Abstract: A computer implemented method for resolving a Domain Name System, DNS, query received at a third party cloud computing environment comprises: receiving a DNS query at the third party cloud computing environment. The DNS query is forwarded to a sinkhole DNS server if the DNS query comprises an unauthorised domain name. The DNS query is forwarded to a default DNS server of the third party cloud computing environment if the DNS query does not comprise an unauthorised domain name.

Abstract: There is provided a method of securely processing data in a third-party cloud environment, and a secure portion of a third-party cloud environment configured to perform the method.

Abstract: A pipeline for securely validating computer executable code in a third-party cloud environment is provided. The pipeline comprises an on-boarding account and a run account. The on-boarding account is configured to allow the user to access computer executable code input into the third-party cloud environment from the user and prevent the user from accessing the protected data input into the third-party cloud environment from a secure provider. The on-boarding account is also configured to transmit the computer executable code from the on-boarding account to another account in the third-party cloud environment if a first predetermined criterion is met. The run account is configured to allow the user to execute the computer executable code with the protected data and prevent the user from accessing the computer executable code. Moreover, a process for generating the pipeline and a method of securely validating computer executable code in a third-party cloud environment using the pipeline is provided.

Abstract: A mobile payment system is described that facilitates efficient and secured payment transactions from an electronic wallet on a user portable electronic device with a merchant point of sale terminal over a communication link. In one aspect, a mobile device is configured for transaction operations from a plurality of mobile transaction accounts in an electronic wallet. The mobile device includes a plurality of transaction modules operable to process transaction operations with a respective mobile transaction account, each transaction module configured for transaction operations to be completed after an authentication process using a central authentication module coupled to the plurality of transaction modules, operable to verify a user input passcode and to respond to authentication requests from the plurality of transaction module after the user input passcode is verified.

Abstract: Method and system for recording data describing a first entity, the data endorsed by a second entity comprising the second entity validating data describing the first entity, wherein an identifier is associated with the data, the identifier being generated from a public key of the first entity. Cryptographically signing data corresponding with the data describing the first entity using at least a private key of the second entity. Posting a transaction to a block chain including the cryptographically signed data. Method and system for obtaining data describing a first entity the data endorsed by a second entity comprising. Receiving an identifier of data describing the first entity. Retrieving an entry from a block chain based on the received identifier. Authenticating the entry using a public key of the second entity. Extracting the data describing the first entity from the retrieved entry.

Abstract: Method and system for providing access to information comprising the steps of receiving a request for information derived from data from a requester having one or more requester properties. Determining if the one or more requester properties meet one or more predetermined criteria associated with the data, if the one or more requester properties meet the predetermined criteria then providing the requested information to the requester. Storing data describing the request within a blockchain. In another aspect, there is provided a method and system for anonymising data comprising the steps of at a first source of data determining one or more parameters of a procedure for dividing a first data set into subsets of data, such that each subset of data meets one or more criteria. Providing the parameters to a second source of data. At the second source of data amending the parameters such that the procedure will divide a second data set data into subsets of data that each meet the one or more criteria.

Abstract: A computer-implemented method for securing a user device is disclosed. A signed device authentication key is requested and received from a user application executing on the user device. The signed device authentication key is obtained via a software module installed on the user device and associated with a secure data processing provider. A device setup request is transmitted from the user device to the secure data processing system using the signed device authentication key. The device setup request comprises the signed device authentication key. The authenticity of the device setup request is verified at the secure data processing system based on the signed device authentication key.

Abstract: The present disclosure relates to a method and apparatus for purchasing a product from a merchant by a consumer using an electronic device. An association between a transaction identifier and transaction information is stored in a database, the transaction information comprising a merchant identifier, which is associated with merchant information, and a transaction amount. The consumer may purchase the product by having the transaction identifier provided to an application on an electronic device and transmitting the transaction identifier from the application to a transaction processing server. The merchant information and the transaction amount associated with the transaction identifier is transmitted from the transaction processing server to the application and the transaction completed using the application on the basis of the transaction information on the database.

Abstract: A mobile payment system and method are described that facilitates the secure and real time user authentication and activation of a mobile payment account for a user portable electronic device over a communications network.

Abstract: A smart card (1) interfaces with a smart card reader (2) to generate an authentication message (PSRQ), which is sent to a PIN servicing centre (5, 6). If the authentication message (PSRQ) is validated by the PIN servicing centre (5, 6), a validation response message (PSRS) is sent back to the user (3). The user (3) enters the validation response message (PSRS) on the reader (2), which authenticates the validation response message (PSRS) with the smart card (1); the PIN servicing function may then be performed. The smart card cryptographic messages are generated internally and solely by the smart card (1)—the reader (2) acts merely as an input mechanism into the smart card (1) or as an output mechanism from the smart card (1) to the display (10). The reader (2), therefore, does not need to contain any customer information or be personalised by the card issuer.