Abstract: The SECURE DYNAMIC PAGE CONTENT AND LAYOUTS APPARATUSES, METHODS AND SYSTEMS (“DPCL”) transform dynamic layout template requests, device, user, and surroundings security profiles, and layout usage monitor packages using DPCL components into customized secure dynamic layouts. In some implementations, the disclosure provides a processor-implemented method of transforming the content of an electronically generated user facing page for displaying on a user display.

Abstract: The MULTI-SOURCE, MULTI-DIMENSIONAL, CROSS-ENTITY, MULTIMEDIA MERCHANT ANALYTICS DATABASE PLATFORM APPARATUSES, METHODS AND SYSTEMS (“MDB”) transform data aggregated from various computer resources using MDB components into updated entity profiles and/or social graphs. In one implementation, the MDB aggregates data records including search results, purchase transaction data, service usage data, service enrollment data, and social data. The MDB identifies data field types within the data records and their associated data values. From the data field types and their associated data values, the MDB identifies an entity. The MDB generates correlations of the entity to other entities identifiable from the data field types and their associated data values. The MDB also associates attributes to the entity by drawing inferences related to the entity from the data field types and their associated data values.

Abstract: The presenting invention relates to techniques for implementing a secure operating environment for the execution of applications on a computing devices (e.g., a mobile phone). In The secure operating environment may provide a trusted environment with dedicated computing resources to manage security and integrity of processing and data for the applications. The applications may be provided with a variety of security services and/or functions to meet different levels of security demanded by an application. The secure operating environment may include a security engine that enumerates and/or determines the security capabilities of the secure operating environment and the computing device, e.g., the hardware, the software, and/or the firmware of the computing device. The security engine may provide security services desired by applications by choosing from the security capabilities that are supported by the secure operating environment and the computing device.

Abstract: A central platform provides proxy dynamic values for any one of a number of a cardholder's portable payment devices, upon a request for such information made during a transaction. The proxy dynamic value can be provided to the merchant, who then can route it into the acceptance network in order to initiate the authentication process. The central platform provides the actual primary account number associated with the proxy dynamic value during the authentication process.

Abstract: A method is disclosed. The method includes transmitting by a computing device, an account creation request to a remote server computer. The method further includes automatically provisioning the computing device with an access token in response to receiving a request to create the account.

Abstract: A method and a server computer are provided for authenticating a cardholder account. The server computer implements the method, which includes obtaining a first identifier and a cryptogram from a first entity, identifying an issuer associated with the cardholder account, forwarding the first account identifier and the cryptogram to a second entity for validation, receiving a second identifier from the second entity, and sending the second identifier to the first entity. The first identifier can be associated with the cardholder account. The second identifier can be generated by the second entity and associated with a validated form of the first identifier.

Abstract: Systems and methods for transferring resource access from a sender to a recipient are disclosed that can allow a sender to specify an amount of a resource to provide access to (e.g., an amount of money or an amount of access rights), while still providing security for the sender's sensitive credential information (e.g., PAN and/or PIN). These systems and methods can allow a sender to transfer resource access from any location and at any time of the day. In the case of money transfers, the recipient can quickly and directly obtain the money from any ATM location associated with any bank and at any time of the day, even without a bank account.

Abstract: Embodiments of the invention are directed to methods, systems and devices for providing sensitive user data to a mobile device using an encryption key. For example, a mobile application on a mobile device may receive encrypted sensitive user data from a mobile application server, where the user sensitive data is encrypted with a key from a token server computer. The mobile application may then request that the encrypted payment information be sent to the token server. The mobile device may then receive a payment token associated with the payment information from the token server.

Abstract: Embodiments of the present invention are directed to systems, methods, and apparatus for allowing an issuer to initiate account provisioning on a mobile device without interacting with an accountholder. The issuer may initiate the process by sending a provisioning information request message to a mobile device with a secure element. The mobile device may recognize the provisioning request message and gather the requisite provisioning information without requiring user input. The provisioning information may include information associated with the secure element of the mobile device. The mobile device may then send a provisioning request message to a provisioning system. The provisioning request message may include the requisite provisioning information to allow the provisioning system to provision the financial account on the secure element of the mobile device.

Abstract: Embodiments of the invention relate to methods of generating and using an image-based derived key. In various embodiments, the image-based derived key may be used to facilitate user authentication and data encryption. For some embodiments, a method is disclosed comprising determining an image-based derived key, wherein the image-based derived key is generated from a selection of authentication images chosen by a user, encrypting data using the image-based derived key, and transmitting the encrypted data.

Abstract: The REMOTE DECOUPLED APPLICATION PERSISTENT STATE APPARATUSES, METHODS AND SYSTEMS (“P-STATE”) transforms purchase action input, cookie states search criteria input, and cookie states selection input via P-STATE components such as cookie/states storage (“CSS”) component; cookie states search presentation (“CSSP”) component; and cookie/states reload/recreate (“CSRR”) component, into cookie state presentation outputs.

Abstract: Techniques for provisioning access data may include receiving, by a first application installed on a communication device, user input selecting an account to provision to a second application installed on the communication device. The first application may invoke the second application and send a session identifier (ID) to the second application. The second application may send a user ID associated with the second application, a device ID, and the session ID to the first application. The first application may then generate encrypted provisioning request data and send the encrypted provisioning request data to the second application. The second application may send the encrypted provisioning request data to a remote server computer to request access data that can be used to access a resource. The second application may receive the access data provided by the remote server computer based on validation of the encrypted provisioning request data.

Abstract: Embodiments of the invention relate to systems and methods for efficiently provisioning mobile devices with personalization data. For some embodiments, a method is disclosed comprising receiving a request for provisioning comprising device information for a mobile device and user authentication information for a user, generating a partial personalization script, an activation script, and a deletion script using the device information, sending the partial personalization script, the activation script, and the deletion script to an application provider computer, wherein the application provider computer initiates execution of the partial personalization script on the mobile device, authenticating the user authentication information, and sending an activation message to the application provider computer, wherein the application provider computer initiates execution of the activation script.

Abstract: The RESTRICTED-USE ACCOUNT PAYMENT ADMINISTRATION APPARATUSES, METHODS AND SYSTEMS (hereinafter “RUAP”) transform purchase item information inputs or purchase receipt inputs via RUAP components into restricted-use account payment settlement outputs.

Abstract: Techniques for conducting a transaction in a midrange wireless communication system are described. The techniques may include detecting a beacon transmission from a midrange wireless base station, determining that the beacon transmission includes a transaction service identifier, and invoking a transaction application associated with the transaction service identifier. The techniques may also include receiving transaction information for a transaction associated with a transaction identifier mapped to the device identifier; and sending a transaction cryptogram from the transaction application to the midrange wireless base station to conduct the transaction.

Abstract: One embodiment of the invention is directed to a computer-implemented method comprising, receiving registration information for one or more application programming interfaces (APIs) at a registrar computer system associated with a federated network of computing devices. The method further comprises generating a unique address for each API included in the registration information. The method further comprises generating a token confirming the registration of the APIs where the token identifies a trust relationship within the federated network of computing devices. The method further comprises receiving a request for the token from another registrar computer system that includes a canonical address for a particular API of the one or more APIs. The method further comprises providing the token to establish a secure connection with the federated network of computing devices.

Abstract: Embodiments of the invention are directed to apparatus and methods for providing motion-based communication mode selection on a mobile device. In some embodiments, a mobile device can compare a detected motion of the mobile device to a plurality of predetermined motions. Each of the plurality of predetermined motions being can be associated with a different communication mode of the mobile device. A communication mode associated with the detected motion can be identified by the mobile device based at least in part on the comparison, and the identified communication mode can correspond to a communication protocol. The mobile device can generate a data message in accordance with the communication protocol, and can provide this data message to a receiver device.

Abstract: The E-WALLET STORE INJECTION SEARCH APPARATUSES, METHODS AND SYSTEMS (“SIS”) transform aggregated automated shopping lists and user location data using SIS components into automated shopping item availability messages and merchant location navigation responses. In some implementations, the disclosure provides a processor-implemented method of providing an automated store injection search service.

Abstract: In one aspect, a computing apparatus is configured to facilitate the redemption of loyalty currency in a payment transaction via facilitating awareness of the payment transaction, managing the consumer segmentation and offering promotions, validating available points currency, managing a currency value exchange rate, applying deductions to consumer currency balance, facilitating consumer reimbursement, invoicing for currency exchange, and/or providing consumer engagement.

Abstract: Embodiments of the present invention are directed to systems and methods for providing a central entity that can provision mobile payment applications on mobile communication devices and personalize the mobile payment applications with consumer and account information. The personalization of the mobile payment application on the mobile communication device may include provisioning a payment account on the mobile payment application. The central entity may provision the account on the mobile payment application without interacting with the issuer during the provisioning of the account. The central entity may provision the account on the mobile communication device by decrypting, using a secure element key, encrypted payment account information received from the mobile communication device. The payment account information may be encrypted by a secure element of the mobile communication device using the same secure element key.