Abstract: Systems and methods are provided for imposing self-exclusion preferences for data access. One example computer-implemented method includes, in response to a request by a user to impose a self-exclusion preference on a digital identity of the user, requesting a token for the digital identity. The method also includes receiving and storing the token and a secret associated with the token in a record associated with the user and assigning the self-exclusion preference to the token. The method then includes receiving a request to share an identity attribute of the user's digital identity with a relying party, where the request includes the token, and retrieving the self-exclusion preference assigned to the token. And, in response to validation of the request to share the identity attribute, based on the self-exclusion preference, authorizing a mobile device of the user to share the at least one identity attribute with the relying party.

Abstract: A method for establishing payment via a dynamic card number using blockchain to protect consumer privacy includes: receiving transaction details for a proposed payment transaction including a transaction amount and primary payment details, wherein the primary payment details are associated with a transaction account; identifying a transaction identifier for the proposed payment transaction and dynamic payment details, wherein the dynamic payment details are separate and distinct from the primary payment details; generating a first blockchain data entry including the transaction identifier, primary payment details, dynamic payment details, and transaction amount; generating a second blockchain data entry including the transaction identifier, dynamic payment details, and transaction amount; and transmitting the first blockchain data entry and the second blockchain data entry to at least one blockchain node of at least one blockchain network.

Abstract: A method for secure storage of cybersecurity data in a blockchain includes: identifying, by a processor of a processing server, a device profile for a computing device; encrypting, by the processor of the processing server, the device profile into an encrypted device profile using a public key of a first cryptographic key pair; encrypting, by the processor of the processing server, the encrypted device profile into a converted device profile via quantum cryptography using a first configuration key; and transmitting, by a transmitter of the processing server, the converted device profile to a blockchain node in a blockchain network.

Abstract: A method for facilitating entity resolution is provided. A server generates a graph based on a first dataset comprising a first entity and a second dataset comprising a plurality of entities. Each node in the generated graph corresponds to the first entity or one of the plurality of entities. The server generates a plurality of embeddings for the plurality of nodes in the generated graph. Each of the plurality of embeddings represents an entity as a point in a d-dimensional embedding space. The server identifies a set of nearest neighbors for the first entity based on the plurality of embeddings. The server determines a similarity metric for each of the identified nearest neighbor with respect to the first entity. The server associates the first entity with a second entity of the second dataset that corresponds to a nearest neighbor in the set of nearest neighbors.

Abstract: A method of maintaining a secure relationship between a client device and a server is described. The client device receives a first challenge from the server and determines and provides a first response to the first challenge. A cookie is established associated with the secure relationship. This cookie is shared between the client and the server. To establish the secure relationship in a later interaction, the client provides the cookie to the server. The server then provides both the first challenge and a second challenge, to which the client determines a first response and a second response. The client then provides a composite response from which the first response and the second response are derivable by the server, allowing the server to be assured that the secure relationship exists. Each challenge uses a challenge function adapted to provide a fingerprint of the client device. Methods at both client and server, and suitably configured client and server, are also described.

Abstract: A bridge service is provided to support multi-user simulated contactless cards that in response to receiving a request to provision a secure element with payment card profile information of a user, provisions a token representing the payment card profile, converts the token representing the payment card profile into a format for the payment application; and provides the payment card profile to the payment application, the payment card profile comprising a single use key. The bridge service enables simulated contactless cards to store payment card information for a user on volatile memory instead of the persistent, secure element memory.

Abstract: A computer system including a processor, in communication with a database, programmed to identify a plurality of billers from the database, including biller information, and receive a payee file including payee information identifying a payee which issued a bill to a payor. The processor determines an approximate match score for each of the billers in a first set of billers of the plurality of billers by comparing payee information to biller information and identifies a candidate list of billers from the first set of billers having an approximate match score indicating a likelihood of matching the payee information. The processor adjusts the candidate list of billers by altering the match score of at least one candidate biller by comparing a payee account number of the payee information to an account mask associated with the candidate biller and generates an output file of candidate biller information from the adjusted candidate list.

Abstract: A computer-implemented method for authentic payee verification for online payment transactions includes: receiving a personal account identifier; initiating a deposit routed according to the personal account identifier; and enabling verifier access to deposit account data of a putative payee, with the deposit account data including one or more data types that are comparable to authentic payee data held by a payor for performing the verification.

Abstract: A computer system that includes a database for storing a plurality of records, and an electronic message processing server. Each of the records corresponds to a respective message received by the server. The processor is programmed to store a first record of a first message in the database, the first record including a first message relationship unique identifier (MUI) as a tag. The first MUI corresponds to a first message family. The processor is also programmed to receive a second message, and execute a matching process. The processor is further programmed to store a second record of the second message, including, in response to a match of the second message to the first record, including the first MUI as a tag, and in response to the result indicating no match, generating a second MUI for the second message and including the second MUI as the tag on the second record.

Abstract: Provided herein is a computing system for detecting compromised merchants in a payment card network.

Abstract: A system and method for improving the accuracy of fraud detection in transactions for a more effective fraud response. First and second models each receive transaction request data, evaluate the transaction request data for fraud, and produce first and second initial fraud results, respectively. The first model includes a first set of features which is relevant to detecting fraud and which includes one or more dominant features. The second model includes a second set of features which excludes the one or more dominant features. A score generator receives and combines the first and second initial results to generate a final fraud score. A response module takes an action based on the final score, such as rejecting or allowing the transaction request. The first and second models may use the same or different machine learning or other modeling technologies. The score generator may be a combination module or a combination model.

Abstract: A method for reporting diversity compliance for participants in a blockchain network includes: receiving, by a blockchain node in the blockchain network, diversity data associated with a registered participant in a blockchain and generating a new block including the diversity data that is added to a sidechain to the blockchain. The blockchain includes a smart contract that when it detects addition of the generated new block to the sidechain or periodically self-executes to: analyze additional diversity data included in each of one or more blockchain data entries stored in the sidechain that are associated with the registered participant, generate a reporting message based on the analyzed additional diversity data, and transmit the generated reporting message to one or more external computing systems.

Abstract: A computer system includes a database, communication interface, and processor(s). The processor(s) is programmed to receive a consent message from a cardholder computing device. The consent message includes cardholder consent information indicating consent to one or more data services. The processor(s) is also programmed to receive transaction card details from the cardholder computing device. The transaction card details correspond to a transaction card of a cardholder and are associated with a financial account of the cardholder. Based on the transaction card details, the processor(s) generates a digital access token. The digital access token is associated with the financial account and the cardholder consent information. The processor(s) stores the digital access token in the database, transmits a cardholder authentication request message to an issuer, and receives an authentication ID from the cardholder computing device.

Abstract: An authentication platform for authenticating an online user is provided. The authentication platform includes a memory device including an authentication profile and at least one processor coupled to the memory device. The at least one processor is programmed to receive an authentication request message for a transaction. The authentication request message includes authentication data. The at least one processor is also programmed to extract the authentication data from the authentication request message and determine if the ACS is available to process the transaction. If the ACS is unavailable, the at least one processor is further programmed to generate, based at least in part on the extracted authentication data, risk-based authentication (RBA) result data including a risk score and transmit an authentication response message based on the RBA result data.

Abstract: Embodiments provide methods and systems for controlling payment transactions in a payment card using a companion payment application installed on a user device. The payment application and the payment card may be provided by an issuer server. Using the payment application, the number of transactions allowed on the payment card or an amount limit is set for the payment card. The payment application is used to set, reset, change the value of a counter in the card, which determines the number of allowed transactions. When the user attempts to make a transaction at a POS terminal, the payment card reads the value of counter, and if the value is not equal to a threshold value, the payment card exchanges data with the POS terminal and updates the value of the counter. The payment card is precluded from transaction when value of the counter is equal to threshold value.

Abstract: A method for supplying a controlled payment number for use on behalf of a tokenized payment account in a digital wallet for e-commerce includes: receiving, by a wallet server, at least a token identifier from an external computing device, the token identifier being associated with a tokenized payment account in the external computing device; transmitting, by the wallet server, at least the token identifier and a request flag to a processing server; identifying, by the processing server, a transaction account number associated with the token identifier, wherein the transaction account number corresponds to the payment account; identifying, by the processing server, a controlled payment number corresponding to the payment account; receiving, by the wallet server, the identified controlled payment number from the processing server; and transmitting, by the wallet server, the identified controlled payment number to the external computing device.

Abstract: Methods and server systems for performing similarity-search are described herein. Method performed by server system includes accessing entity-related dataset and using that generating set of entity-specific features including subset of numerical features and subset of categorical features corresponding to each of plurality of entities. Method includes determining label corresponding to each of plurality of entities based on subset of categorical features. Method includes generating via first model, first set of entity-specific embeddings corresponding to each of plurality of entities based on corresponding subset of numerical features and corresponding label.

Abstract: A processor is programmed with instructions to receive coupon data from a program creator. The coupon data defines a coupon and/or coupon program. The processor creates a first unique coupon program ID for the coupon data and writes the first unique coupon program ID and the coupon data to a database table. The processor transmits the first unique coupon program ID to the program creator. The processor also receives, from a user computing device, a coupon request message. The coupon request message includes a second unique coupon program ID. The processor extracts the second unique coupon program ID, retrieves the first unique coupon program ID, and matches the second unique coupon program ID to the first unique coupon program ID. Based on the matching, the processor generates a digital coupon token and transmits the digital coupon token to the user computing device via the communications interface.

Abstract: A financial account proxy system receives a data packet from a first cardholder device. The data packet includes a limited use machine-readable code, receiver information corresponding to a second cardholder device, and one or more limitations. The machine-readable code, receiver information, and limitations are stored. The machine-readable code is associated with a primary account number of a financial account of the primary cardholder. A pre-authorization request message is transmitted to an issuer of the financial account, and pre-authorization details are received from the issuer. The limited use machine-readable code is transmitted to the second cardholder device. A transaction request authorization message is received from a POS terminal. The transaction request authorization message is associated with a transaction performed with the machine-readable code. The transaction request authorization message includes transaction details and the machine-readable code.

Abstract: The disclosure herein describes using a password reset agent to automatically change the password of a computing device. A password reset agent is executed at a root level of the computing device, wherein the password reset agent is associated with a public key. A data source is polled by the password reset agent for a private key associated with the public key. Based on finding the private key on the data source, a reset password is determined and based on determining the reset password, the password reset agent changes a current password of the computing device to the determined reset password. The password reset agent runs in the background on the computing device, enabling the agent to change the password, even when the computing device is locked or otherwise inaccessible. The described password reset agent can also be used on virtual machines.