Abstract: Described herein are techniques for facilitating push provisioning of a user payment source into a user's digital wallet without the user having a physical card. The techniques allow an issuer to provide a button in an issuer's application for the user to simply push the button to request that the payment source be imported into a pay wallet or a merchant. In this way, the payment source information is “pushed” into the pay wallet. Using push provisioning, the user need not enter any physical card information. The described techniques generate a chain of trust that can be used to ensure that a user, through an issuer and using a gateway, authorizes a token service provider to provision the payment source into the pay wallet or merchant.

Abstract: A gateway encryption service is used to ensure consistent, source independent tokenization for payment accounts and synchronizing payment account information with merchants. A consistent, evergreen merchant-facing token is generated and used for each payment account for the merchant, ensuring that regardless of the payment method used by the customer (e.g., plastic card point-of-sale, pay wallet, saved card information) for the same underlying account, the merchant has a single token. Further, if the account number for the underlying payment account changes (e.g., the card expires or is stolen) the merchant-facing token remains consistent. The evergreen token ensures that the system functions more efficiently, saving resources in processing and storage and ensuring less network traffic for failed transactions. The system further implements encryption and security despite the consistent tokenization, further saving resources.

Abstract: This disclosure describes systems and methods related to facilitating card present transaction. In one embodiment, a service provider system may receive a request from a merchant to initiate a card present transaction associated with a consumer. The service provider system may determine an identifier associated with a mobile device associated with the consumer. The service provider system may communicate to the mobile device, based at least in part on the identifier, a message that facilitates invocation of a transaction module associated with the mobile device. The service provider system may facilitate the car present transaction based at least in part on an interaction with the transaction module.

Abstract: Described herein are methods and systems for enhancing security of transaction requests from POS terminals by utilizing ANI-DNIS information. The header of the transaction request can include automatic source information (“ASI”), which can be extracted from the header by the line handler. The ASI information can be provided to the front end interface, which can compare the ASI information with known customer information. The comparison can provide information indicating whether the transaction is legitimate or fraudulent. If fraudulent, the transaction request can be declined. The ASI information can further be stored in a security analysis database and further queried to identify larger threats including denial of service attacks.

Abstract: Systems and methods are provided for a decentralized distributed ledger that hosts a directory service for customer aliases to facilitate obtaining customer account details.

Abstract: A method of tokenizing sensitive data from a terminal device includes receiving, a connection request comprising a hardware serial number associated with a terminal device and validating the hardware serial number associated with the terminal device. The method includes sending a command to a terminal device that causes the terminal device to display a prompt for sensitive data associated with a user interacting with the terminal device and receiving an encrypted data packet from the terminal device. The encrypted data packet includes the sensitive data. The method includes sending the encrypted data packet to a gateway system for tokenization, receiving a token that represents the sensitive data, and providing the token to the terminal device.

Abstract: A method of tokenizing sensitive data from a terminal device includes receiving, a connection request comprising a hardware serial number associated with a terminal device and validating the hardware serial number associated with the terminal device. The method includes sending a command to a terminal device that causes the terminal device to display a prompt for sensitive data associated with a user interacting with the terminal device and receiving an encrypted data packet from the terminal device. The encrypted data packet includes the sensitive data. The method includes sending the encrypted data packet to a gateway system for tokenization, receiving a token that represents the sensitive data, and providing the token to the terminal device.

Abstract: Described herein are techniques for facilitating push provisioning of a user payment source into a user's digital wallet without the user having a physical card. The techniques allow an issuer to provide a button in an issuer's application for the user to simply push the button to request that the payment source be imported into a pay wallet or a merchant. In this way, the payment source information is “pushed” into the pay wallet. Using push provisioning, the user need not enter any physical card information. The described techniques generate a chain of trust that can be used to ensure that a user, through an issuer and using a gateway, authorizes a token service provider to provision the payment source into the pay wallet or merchant.

Abstract: Tables and techniques to configure the same are provided. In some embodiments, configuration of one or more memory devices can permit or otherwise facilitate including transaction records in a table or another type of data structure, where the transaction records can be organized based at least on a defined location for a merchant or another type of organization associated with the transaction records.

Abstract: Systems and methods for handling tokens. In one aspect, a token is intercepted by a data processor and a contact is made with a detokenization provider by the data processor. In another aspect, token service is aggregated. In another aspect, tokenization is extended to physical cards, to deter certain kinds of fraud.

Abstract: Users of mobile devices communicate through a mobile gateway to a transaction processing system. The transaction processing system manages accounts, such as debit card accounts, for the users. The accounts include a main account for each user and sub accounts that are linked or related to the main account. Funds may be transferred between a main account and its linked sub accounts, including automatic funds transfer when a transaction (e.g., a payroll deposit from an employer or a debit transaction at a specified retailer) is made against the main account and meets certain parameters established by a user. Access to linked sub accounts is made through use of internal account IDs, rather than the account number of the main account.

Abstract: Systems and methods for handling tokens. In one aspect, a token is intercepted by a data processor and a contact is made with a detokenization provider by the data processor. In another aspect, token service is aggregated. In another aspect, tokenization is extended to physical cards, to deter certain kinds of fraud.

Abstract: A system for detecting breach of merchant systems includes an extraction management system for extracting wildcard data from a dump site at which stolen account data is offered for sale. The system also includes an account breach identifying system for accessing stored transaction data from multiple banks and merging the extracted dump site data with the transaction data to create unique PAN (primary account number) data records (each set of wildcard data corresponds to only a single PAN) and multiple PAN data records (each set of wildcard data corresponds to multiple PANs). The unique and multiple PAN data records are stored and analyzed separately, and reduce the amount of data needed to identify a breached merchant.

Abstract: A system for detecting breach of merchant systems includes an extraction management system for extracting wildcard data from a dump site at which stolen account data is offered for sale. The system also includes an account breach identifying system for accessing stored transaction data from multiple banks and merging the extracted dump site data with the transaction data to create unique PAN (primary account number) data records (each set of wildcard data corresponds to only a single PAN) and multiple PAN data records (each set of wildcard data corresponds to multiple PANs). The unique and multiple PAN data records are stored and analyzed separately, and reduce the amount of data needed to identify a breached merchant.

Abstract: A method of tokenizing sensitive data from a terminal device includes receiving, a connection request comprising a hardware serial number associated with a terminal device and validating the hardware serial number associated with the terminal device. The method includes sending a command to a terminal device that causes the terminal device to display a prompt for sensitive data associated with a user interacting with the terminal device and receiving an encrypted data packet from the terminal device. The encrypted data packet includes the sensitive data. The method includes sending the encrypted data packet to a gateway system for tokenization, receiving a token that represents the sensitive data, and providing the token to the terminal device.

Abstract: Embodiments of the invention may relate to systems, methods, and apparatus for using a contactless transaction device reader with a computing system. According to one embodiment, a system for conducting a transaction on a personal computing system using a contactless transaction device may include a communications interface operable to connect with a network, a memory, a contactless transaction device reader operable to communicate wirelessly with a contactless transaction device, and a processor in communication with the memory, the communications interface, and the contactless transaction device reader.

Abstract: A gateway encryption service is used to ensure consistent, source independent tokenization for payment accounts and synchronizing payment account information with merchants. A consistent, evergreen merchant-facing token is generated and used for each payment account for the merchant, ensuring that regardless of the payment method used by the customer (e.g., plastic card point-of-sale, pay wallet, saved card information) for the same underlying account, the merchant has a single token. Further, if the account number for the underlying payment account changes (e.g., the card expires or is stolen) the merchant-facing token remains consistent. The evergreen token ensures that the system functions more efficiently, saving resources in processing and storage and ensuring less network traffic for failed transactions. The system further implements encryption and security despite the consistent tokenization, further saving resources.

Abstract: Provisioning a data rate includes receiving a digitally signed request from a requester device for data and appending the request to a distributed ledger. At least one set of digitally signed data is received from at least one data provider system. Each data set is appended to the ledger and a particular data set is selected from the at least one data set. The selected data set is provided to the requester device. A digitally signed command to provision the selected data set is received from the requester device. The command is digitally signed using the public key of the requester device. The command to provision the selected data set is appended to the ledger, causing the data provider system to be notified, and the selected data set is provisioned.

Abstract: Methods, systems, and machine-readable media are disclosed for securely authorizing a financial transaction utilizing an electronic payment credential. According to one embodiment, a method of authorizing a financial transaction utilizing an electronic payment credential can comprise maintaining information identifying an account associated with the electronic payment credential. The information can also identify one or more electronic devices authorized to use the electronic payment credential. A request to authorize the transaction can be received. The request can include information identifying an electronic device presenting the payment credential. The transaction can be authorized based at least in part on the information identifying the account. Authorizing can comprise determining the electronic device presenting the payment credential is one of the electronic devices authorized to use the electronic payment credential.

Abstract: Embodiments of the present disclosure provide systems and methods for increasing participation in loyalty programs. In embodiments, the customer opts into a loyalty program. The customer is then provided with information about his or her loyalty participation and also is provided with information about one or more other customer's participation in the loyalty program. In another embodiment, one or more loyalty members can form their own competition or group within the loyalty program. The members can create loyalty sub-program rules for a competition and allow fellow loyalty members to participate in the competition. The customizable loyalty sub-program competitions further enhance member participation.