Abstract: Described herein are techniques for facilitating push provisioning of a user payment source into a user's digital wallet without the user having a physical card. The techniques allow an issuer to provide a button in an issuer's mobile application for the user to simply push the button to request that the payment source be imported into the user's digital pay wallet. In this way, the payment source information is “pushed” into the pay wallet. Using push provisioning, the user need not enter any physical card information. The described techniques generate a chain of trust that can be used to ensure that a user, through an issuer and using an encryption gateway, authorizes a token service provider to provision the payment source into the user's digital wallet.

Abstract: Described herein are techniques for facilitating push provisioning of a user payment source into a user's digital wallet without the user having a physical card. The techniques allow an issuer to provide a button in an issuer's application for the user to simply push the button to request that the payment source be imported into a pay wallet or a merchant. In this way, the payment source information is “pushed” into the pay wallet. Using push provisioning, the user need not enter any physical card information. The described techniques generate a chain of trust that can be used to ensure that a user, through an issuer and using a gateway, authorizes a token service provider to provision the payment source into the pay wallet or merchant.

Abstract: A computer-implemented method of conducting wireless transaction includes receiving, using an antenna of a point of sale device, one or more electromagnetic signals from a mobile device of a customer. The electromagnetic signals are interpreted using a communications module of the point of sale device to determine information related to a financial account of the customer. Using a network interface of the point of sale device, a connection with an acquirer system is initiated. Using the network interface a packet of data including an authorization request is transmitted over the connection to the acquirer system. The packet of data includes the information related to the financial account, a merchant identifier, a date, and a transaction amount. An authorization code is received from the acquirer system using the network interface. An electronic receipt is transmitted to the mobile device using the network interface.

Abstract: Systems and methods are provided for a decentralized distributed ledger that hosts a directory service for customer aliases to facilitate obtaining customer account details.

Abstract: A method of tokenizing sensitive data from a terminal device includes receiving, a connection request comprising a hardware serial number associated with a terminal device and validating the hardware serial number associated with the terminal device. The method includes sending a command to a terminal device that causes the terminal device to display a prompt for sensitive data associated with a user interacting with the terminal device and receiving an encrypted data packet from the terminal device. The encrypted data packet includes the sensitive data. The method includes sending the encrypted data packet to a gateway system for tokenization, receiving a token that represents the sensitive data, and providing the token to the terminal device.

Abstract: Systems and methods for handling tokens. In one aspect, a token is intercepted by a data processor and a contact is made with a detokenization provider by the data processor. In another aspect, token service is aggregated. In another aspect, tokenization is extended to physical cards, to deter certain kinds of fraud.

Abstract: Described herein are techniques for facilitating push provisioning of a user payment source into a user's digital wallet without the user having a physical card. The techniques allow an issuer to provide a button in an issuer's application for the user to simply push the button to request that the payment source be imported into a pay wallet or a merchant. In this way, the payment source information is “pushed” into the pay wallet. Using push provisioning, the user need not enter any physical card information. The described techniques generate a chain of trust that can be used to ensure that a user, through an issuer and using a gateway, authorizes a token service provider to provision the payment source into the pay wallet or merchant.

Abstract: This disclosure describes systems, methods, and computer-readable media related to mobile device purchase flows. In some embodiments, a mobile device may obtain a uniform resource identifier (URI). The mobile device may launch a browser based at least in part on the URI. The mobile device may submit a first set of data to a server based at least in part on the URI and receive a re-direct URI. The mobile device may launch an application in response to receiving the re-direct URI from the server, wherein the application submits a second set of data to the server. The mobile device may facilitate completion of a transaction by the application based at least in part on matching the first set of data and the second set of data at the server.

Abstract: Described herein are techniques for facilitating push provisioning of a user payment source into a user's digital wallet without the user having a physical card. The techniques allow an issuer to provide a button in an issuer's application for the user to simply push the button to request that the payment source be imported into a pay wallet or a merchant. In this way, the payment source information is “pushed” into the pay wallet. Using push provisioning, the user need not enter any physical card information. The described techniques generate a chain of trust that can be used to ensure that a user, through an issuer and using a gateway, authorizes a token service provider to provision the payment source into the pay wallet or merchant.

Abstract: This disclosure describes systems, methods, and computer-readable media related to providing a point of sale platform. In some embodiment, a point of sale (POS) device may receive information associated with an order and payment information associated with the order. The POS device may generate a first object based at least in part on the information associated with the order and a second object based at least in part on the payment information. The POS device may store the first object and the second object in a queue. The POS device may transmit the first object and the second object to a remote server.

Abstract: A gateway encryption service is used to ensure consistent, source independent tokenization for payment accounts and synchronizing payment account information with merchants. A consistent, evergreen merchant-facing token is generated and used for each payment account for the merchant, ensuring that regardless of the payment method used by the customer (e.g., plastic card point-of-sale, pay wallet, saved card information) for the same underlying account, the merchant has a single token. Further, if the account number for the underlying payment account changes (e.g., the card expires or is stolen) the merchant-facing token remains consistent. The evergreen token ensures that the system functions more efficiently, saving resources in processing and storage and ensuring less network traffic for failed transactions. The system further implements encryption and security despite the consistent tokenization, further saving resources.

Abstract: A gateway encryption service is used to ensure consistent, source independent tokenization for payment accounts and synchronizing payment account information with merchants. A consistent, evergreen merchant-facing token is generated and used for each payment account for the merchant, ensuring that regardless of the payment method used by the customer (e.g., plastic card point-of-sale, pay wallet, saved card information) for the same underlying account, the merchant has a single token. Further, if the account number for the underlying payment account changes (e.g., the card expires or is stolen) the merchant-facing token remains consistent. The evergreen token ensures that the system functions more efficiently, saving resources in processing and storage and ensuring less network traffic for failed transactions. The system further implements encryption and security despite the consistent tokenization, further saving resources.

Abstract: Methods, systems, and machine-readable media are disclosed for registering a mobile device for use in a mobile commerce system. According to one embodiment, a method of registering a mobile device for use in a mobile commerce system can comprise receiving at a service provider system a registration request from a user of the mobile device. A determination can be made with the service provider system whether to allow registration of the mobile device. In response to determining to allow registration of the mobile device, the registration request can be sent from the service provider system to an acquirer system.

Abstract: Described herein are methods and systems for enhancing security of transaction requests from POS terminals by utilizing ANI-DNIS information. The header of the transaction request can include automatic source information (“ASI”), which can be extracted from the header by the line handler. The ASI information can be provided to the front end interface, which can compare the ASI information with known customer information. The comparison can provide information indicating whether the transaction is legitimate or fraudulent. If fraudulent, the transaction request can be declined. The ASI information can further be stored in a security analysis database and further queried to identify larger threats including denial of service attacks.

Abstract: Tables and techniques to configure the same are provided. In some embodiments, configuration of one or more memory devices can permit or otherwise facilitate including transaction records in a table or another type of data structure, where the transaction records can be organized based at least on a defined location for a merchant or another type of organization associated with the transaction records.

Abstract: This disclosure describes systems and methods related to facilitating card present transaction. In one embodiment, a service provider system may receive a request from a merchant to initiate a card present transaction associated with a consumer. The service provider system may determine an identifier associated with a mobile device associated with the consumer. The service provider system may communicate to the mobile device, based at least in part on the identifier, a message that facilitates invocation of a transaction module associated with the mobile device. The service provider system may facilitate the car present transaction based at least in part on an interaction with the transaction module.

Abstract: A computing system for remotely activating a transaction device including at least one memory having instructions stored thereon that, when executed by the at least one processor, cause the at least one processor to receive, from a mobile device, a transaction device identifier, receive, from the transaction device, an authorization request associated with a payment account for a transaction at the transaction device, receive location information from the mobile device and location information from the transaction device in response to receiving the authorization request, compare the location information to determine whether the mobile device is in proximity to the transaction device, and upon determining that the mobile device is in proximity to the transaction device, determine an authorization status of the authorization request, and transmit a signal to activate the transaction device to complete the transaction, wherein the signal is transmitted based on the transaction device identifier.

Abstract: A method of remotely activating a transaction device includes receiving, at a computing system, a mobile device identifier from a mobile application executed on a mobile device. A selection of the transaction device is received from the application. The selection includes an identifier of the transaction device. A selection of a transaction amount related to purchase of a product is received from the application. An authorization request for a payment account associated with the mobile device is communicated to an issuer of the payment account. The authorization request is for a transaction of at least the transaction amount. An authorization approval for the transaction is received from the issuer and a signal to activate the transaction device to dispense the product is sent based on the identifier. The transaction device is deactivated upon dispensing the transaction amount and a receipt of the transaction is provided to the mobile device.

Abstract: A system for detecting breach of merchant systems includes an extraction management system for extracting wildcard data from a dump site at which stolen account data is offered for sale. The system also includes an account breach identifying system for accessing stored transaction data from multiple banks and merging the extracted dump site data with the transaction data to create unique PAN (primary account number) data records (each set of wildcard data corresponds to only a single PAN) and multiple PAN data records (each set of wildcard data corresponds to multiple PANs). The unique and multiple PAN data records are stored and analyzed separately, and reduce the amount of data needed to identify a breached merchant.

Abstract: Described herein are methods and systems for enhancing security of transaction requests from POS terminals by utilizing ANI-DNIS information. The header of the transaction request can include automatic source information (“ASI”), which can be extracted from the header by the line handler. The ASI information can be provided to the front end interface, which can compare the ASI information with known customer information. The comparison can provide information indicating whether the transaction is legitimate or fraudulent. If fraudulent, the transaction request can be declined. The ASI information can further be stored in a security analysis database and further queried to identify larger threats including denial of service attacks.