Abstract: Systems, methods, and computer program products may store, in a distributed cache, a rule associated with a plurality of accounts in a Real-Time Payments (RTP) network, the rule being stored in association with account data associated with the plurality of accounts; receive an account level exclusion directive associated with the account; store, in the distributed cache, the account level exclusion directive in association with the account; receive transaction data associated with a transaction in the RTP network between the account and another account; retrieve, from the distributed cache, the rule, the account level exclusion directive, and the account data associated with the account; exclude, based on the account level exclusion directive, use of the rule for processing the transaction; and process, without applying the rule, the transaction in the RTP network.

Abstract: The present invention relates to a system and computer implemented method for dynamic merchant configuration in a payment terminal for transacting in a virtual environment. The payment terminal receives a location information of a virtual user corresponding to a physical user performing a transaction in one of the one or more establishments configured in a virtual environment from a Virtual Reality (VR) device. Further, merchant and associated details corresponding to one of the one or more establishments is determined based on the location information upon the physical user initiating payment for the transaction using a physical payment card. Thereafter, a transaction message comprising the merchant and associated details is sent to an issuer system via a gateway associated with the merchant for authorization. Finally, a result of authorization of the transaction message is received from the issuer system via the gateway.

Abstract: Methods are provided for maintaining user privacy, and may include establishing a secret key for communication between a plurality of user devices, the plurality of user devices including a first user device associated with a requesting user and a second user device associated with a second user, wherein at least one server computer does not have access to the secret key; receiving from the first user device, a split-payment request message comprising encrypted data, the encrypted data included in the split-payment request message encrypted based on the secret key; generating an encrypted balance for the requesting user and the second user based on the encrypted data of the split-payment request message; and transmitting to the second user device, a split-payment confirmation message including the encrypted balance for the requesting user and/or the second user. Systems and computer program products are also provided.

Abstract: Systems and methods are described for provisioning access credentials to a mobile device using device and authorization codes. Once provisioned, a mobile device can be used to conduct a transaction.

Abstract: A method is disclosed. The method comprises receiving, by a digital identity computer, a request for personal data associated with a user. The digital identity computer may retrieve encrypted personal data, wherein the personal data is encrypted with a public key associated with the user. The digital identity computer may encrypt the encrypted personal data with a first public key associated with a relying party or derivative thereof to form subsequently encrypted personal data. The method may then proceed to transmit the subsequently encrypted personal data or derivative thereof to a relying party computer, or a user device. If the user device receives the subsequently encrypted personal data, the user device may thereafter transmit the subsequently encrypted personal data or derivative thereof to the relying party computer. Then, the relying party computer obtains the personal data from the subsequently encrypted personal data or derivative thereof.

Abstract: Described herein are a system and techniques for updating balance information for a disbursement module on a portable device using a transaction module on that same portable device. In some embodiments, each of the transaction module and the disbursement module may be associated with a different transaction processing system. A client device may be used to interact with the transaction module of the portable device via a communication element. In some embodiments, the client device may be configured to receive an account identifier from the transaction module, generate and transmit an authorization request message to an authorization entity, and upon receiving authorization from the authorization entity, cause the transaction module on the portable device to update a balance associated with the disbursement module.

Abstract: A Web site comprise detection method and system are disclosed. The method includes obtaining a resource identifier associated with a remote computer, and then receiving source code associated with the resource identifier. The method also includes parsing the source code, analyzing the source code to determine an indicator of compromise is present in the source code, determining that the indicator of compromise is associated with malware meta-data, and storing the resource identifier associated with the source code associated with the malware meta-data in a database.

Abstract: Embodiments of the invention generally relate to mobile payments. For example, an application running on a phone can verify a passcode of a consumer. An indication of whether the passcode was verified and a time associated with when the passcode was verified is then sent to a mobile gateway. Later, when a user conducts one or more transactions, a payment processing network can use the indication sent to the mobile gateway to determine whether a the one or more transactions were conducted within a time window, which can be used to authorize the one or more transactions.

Abstract: A blockchain based alias directory may be utilized. Encrypted lists of aliases may be stored on the blockchain and may be accessible to network computers and secure gateways. Embodiments are directed to secure gateways and user devices for accessing the alias directory stored in the blockchain during a financial transaction. The user device may be provided with a list of aliases from which a user may select a payment account. Upon selection the user may be redirected to an identity verification system of the associated payment network.

Abstract: Techniques for obfuscating and deploying digital assets (e.g., mobile applications) are provided to mitigate the risk of unauthorized disclosure. An asset can be received that is to be deployed to a plurality of mobile devices, each of the mobile devices associated with a corresponding account having account attributes. A deployment group of one or more mobile devices for deploying the asset can be identified based on a set of one or more obfuscation parameters, comprising account attributes shared among the one or more mobile devices within the deployment group. A customized obfuscation scheme to be applied to the asset can be determined based at least in part on the set of obfuscation parameters. The customized obfuscation scheme can be applied to the asset to generate an obfuscated asset. The obfuscated asset can be transmitted and/or updated over a network to the one or more mobile devices within the deployment group.

Abstract: A trust token may be created including authentication data for a user and his or her associated communication device. The trust token may be transmitted by the communication device to one or more recipients, such as a token server. The recipients may interpret the trust token and verify it against data written to one or more nodes of a blockchain when the user and the communication device registered for the trust token. Once the trust token is verified, the token server may be configured to generate, maintain, and provision account tokens representing sensitive data. The token server may push one or multiple account tokens to the communication device, thereby allowing the communication device to perform transactions with the account tokens. In other words, the implementation of a trust token may allow the communication device to be provisioned with multiple account tokens, without requiring multiple logins or transmissions of sensitive data.

Abstract: Provided is a computer-implemented method for conducting a payment transaction to ensure data integrity of the payment transaction that includes generating a transaction authorization request message, where the transaction authorization request message comprises a payload associated with an electronic funds transfer at a point-of-sale (POS) device, and where generating the transaction authorization request message includes generating a digital signature for the payload using a private key of a payment gateway system and inserting the digital signature for the payload into the transaction authorization request message, transmitting the transaction authorization request message including the digital signature, and receiving a transaction authorization response message from a transaction service provider system. A system and computer program product are also provided.

Abstract: Techniques for enhancing the security of a communication device when conducting a transaction using the communication device may include using a limited-use key (LUK) to generate a transaction cryptogram, and transmitting a token instead of a real account identifier and the transaction cryptogram to an access device to conduct the transaction. The token and the transaction cryptogram can be transmitted to a magnetic stripe reader by generating an emulated magnetic signal. The LUK may be associated with a set of one or more limited-use thresholds that limits usage of the LUK, and the transaction can be authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds.

Abstract: A computer-implemented method comprising providing a graphical user interface for user selection of fraud rules that comprises fraud transaction parameters determined based on transaction parameters included in a plurality of known fraudulent transactions. The GUI also comprises high risk merchants with a fraud rate that exceeds a threshold fraud rate. The method includes receiving a user selection of fraud rules relating to at least the fraud transaction parameters, the high risk merchants, and the high frequency merchants. The method includes receiving test transaction data including at least one transaction parameter and at least one merchant associated with the test transaction, applying the fraud rules to the received transaction data to identify probable fraudulent transactions.

Abstract: A method is disclosed and includes receiving a push transfer message with a first transaction amount, and a digital tag, a credential or a token from an application server computer, in a transaction. In the transaction, a first user using a first user device interacts with a second user using the digital tag. The digital tag associated with the credential or the token, and the first user device has a transfer application that receives the digital tag and is in communication with the application server computer. The push transfer message is transmitted to an authorizing entity computer where a second amount is credited to the second user's account.

Abstract: Provided is a computer-implemented method for conducting a secure payment transaction for a purchase at a merchant using a client device and a remote point-of-sale (POS) system associated with the merchant. The method includes receiving, with a client device, at least one identifier for at least one product to be purchased, the at least one product associated with a transaction value, and detecting a checkout action with the client device. In response to detecting the checkout action, the method includes generating at least one transaction message based on the transaction value of the at least one item to be purchased and at least one account identifier, generating a cryptogram based at least partially on the at least one transaction message and the at least one issuer key, and transmitting the cryptogram to the remote POS system associated with the merchant. A system and computer program product are also disclosed.

Abstract: A node in a plurality of nodes can perform an identity set generation process. The node can then determine a leader node. The node may diffuse an identity set from each node of the plurality of nodes to the plurality of nodes. The node can then determine a majority set including identities occurring in at least one half of the identify sets, wherein the leader node diffuses the majority set of the leader node to the plurality of nodes. The node can verify the majority set of the leader node. The node may then update the identity set based on the majority set of the leader node.

Abstract: A method is disclosed. The method includes receiving, by a token service computer, a token request message, the token request message being originated from a token requestor computer. The method also includes determining, by the token service computer, two or more access tokens based upon a single credential, and then transmitting the two or more access tokens to the token requestor computer in a token response message.