Abstract: A multimode system for receiving data in a retail environment includes: a secure input module for receiving high security input and low security input from a customer, the high security input to be communicated by the secure input module in cipher text, and the low security input to be communicated by the secure input module in plaintext. The multimode system is adapted to operate in a high security mode and a low security mode. The multimode system is adapted to enter the low security mode upon detection by the multimode system of a security breach condition. In the high security mode, the secure input module accepts low security input and high security input. In the low security mode, the secure input module accepts the low security input and does not accept the high security input.

Abstract: Systems and methods for providing a resource-based distributed public crypto currency blockchain include system provider device(s) that receive first crypto currency transaction information for a first crypto currency transaction that is configured to provide for the transfer of a crypto currency to a payee via a primary distributed public crypto currency blockchain maintained by computing devices. The system provider device(s) identify resource information provided by each computing device and use the resource information to select a subset of the computing devices for processing the first crypto currency transaction. The system provider device(s) then broadcast, via the network to each computing device, the first crypto currency transaction information for the first crypto currency transaction in order to cause a first computing device to process the first crypto currency transaction as part of a first block that is added to the primary distributed public crypto currency blockchain.

Abstract: The disclosed embodiments include methods and systems for providing tokenized transaction accounts. In one embodiment, a computer-implemented method is provided that may include generating, by one or more processors, a first tokenized transaction account from a first transaction account associated with a first user. The method may also include providing the first tokenized transaction account to a client device associated with the first user for storage in the client device and use in transactions. The method may also include updating the first tokenized transaction account based on one or more conditions and providing the updated first tokenized transaction account to the client device for storage and use in a subsequent transaction.

Abstract: A payment managing system and method for enhancing the security of electronic user payment data can include employing a two factor authentication and keeping e-commerce host system outside the PCI scope. The two-factor authentication can include using a session ID and a one-time token (OTT). The session ID can identify a payment session that is initiated upon initiation of an e-commerce transaction. The payment managing system can provide a computing device initiating the transaction an iFrame to handle input user input data on an information resource. The OTT can be used to tokenize the user input data. The OTT can be included in payment authorization requests sent to the payment managing system. The payment managing system can obtain payment authorization without the user payment data being shared with e-commerce host systems.

Abstract: Systems, methods, and computer-readable media for communicating electronic device secure element data over multiple paths for online payments are provided. In one example embodiment, a method includes, inter alia, at a commercial entity subsystem, receiving, from an electronic device, device transaction data that includes credential data indicative of a payment credential on the electronic device for funding a transaction with a merchant subsystem, accessing a transaction identifier, deriving a transaction key based on transaction key data that includes the accessed transaction identifier, transmitting, to one of the merchant subsystem and the electronic device, merchant payment data that includes a first portion of the credential data and the accessed transaction identifier, and sharing, with a financial institution subsystem using the transaction key, commercial payment data that includes a second portion of the credential data that is different than the first portion of the credential data.

Abstract: Certain exemplary embodiments relate to techniques for processing PIN-inclusive transactions in connection with an electronic device or terminal, e.g., where PIN code encryption keys are not necessarily stored on the electronic device or terminal, and/or where payment instrument data is maintained in a separate system from PIN code data at least until certain elements are combined in a highly secure system for submission to an electronic funds transfer network. One or more separate or physically separated systems may be used in this regard, e.g., taking advantage of more prevalent computer networks such as the Internet. Similarly, the ability to provide less expensive terminals or electronic devices at a point-of-sale, point-of-purchase, etc., may be advantageous. The interchange rate is not necessarily driven up in certain example instances.

Abstract: A system, apparatus, method, and machine readable medium are described for performing advanced authentication techniques and associated applications. For example, one embodiment of a method comprises: receiving a policy identifying a set of acceptable authentication capabilities; determining a set of client authentication capabilities; and filtering the set of acceptable authentication capabilities based on the determined set of client authentication capabilities to arrive at a filtered set of one or more authentication capabilities for authenticating a user of the client.

Abstract: An authentication and encryption computer system and method are disclosed. An encrypted channel is established with a first device. Transaction information is received over the encrypted channel, including an instrument identifier, wherein the instrument identifier is tokenized, a first amount for item acquisition by a first person, a second amount specified by the first person, and identification information of a second person. An identity of a user of a second device is authenticated to determine that the user is the second person and in response to such authentication, a user interface is provided, including the second amount and an identification of one or more entities is displayed. An instruction is received to distribute at least a portion of the second amount to specified entities. A secure communication is established via remote systems and a portion of the second amount is distributed among respective destinations associated with the specified entities.

Abstract: The present invention relates to a method, system, and program product for depositing, holding and/or distributing collateral in the form of a stable value token for a security token, the tokens being on the same underlying blockchain. Furthermore, the present invention relates to methods, systems and program products for lending digital assets, such as crypto currency, and related products.

Abstract: A distributed enhanced payment processing system includes a merchant point of sale (POS) terminal system and a remote payment management system. The POS terminal system initiates a transaction that includes receiving a payment amount, a purchaser account identifier, a virtual electronic payment indicator, and a merchant ID via a payment client. Subsequently, the POS terminal system outputs the transaction to the remote payment management system which generates a token for the transaction. The payment management system then provides the purchaser account identifier, a merchant account identifier, and the payment amount to a remote virtual electronic payment (VEP) entity system. Upon receiving a VEP entity system response, the payment management system outputs the response and token to the POS terminal system.

Abstract: Systems and methods are provided for identifying an account via a hash key specific to the account and presented to a third party, in connection with a network interaction. One example method includes receiving, by a computing device, from the third party, the hash key in connection with the network interaction, determining a primary account number (PAN) for the account based on the hash key, and identifying an issuer of the account based on the determined PAN. The method also includes transmitting a verification request to the issuer, to verify details of the account, and receiving a code from the issuer indicative of the verification. The method further includes intercepting an authorization request for the network interaction based on the authorization request including the hash key and, in response to the authorization request further including said code, directing the authorization request to the issuer.

Abstract: Methods, systems, and techniques for application isolation by remote-enabling applications are provided. Example embodiments provide an Adaptive Rendering Application Isolation System (“ARAIS”), which transparently enables applications to run in an isolated execution environment yet be rendered locally in a manner that facilitates preventing theft of sensitive information while allowing users to interact with any third-party application or website via the local environment without overburdening available bandwidth or computational resources by, in some cases, evaluating only select information responsive only to select events, as compared to whitelist/blacklist techniques, monitoring all information provided by the user, or other techniques. The ARAIS typically includes an orchestrator server that comprises one or more of a sensitive-information theft-prevention logic engine, information-theft prevention engines, or a rules engine.

Abstract: Methods and systems related to distributing payment keys to multiple discrete devices in a point of sale (POS) system are disclosed. One method includes storing a payment key on a first discrete device for a POS system and a public key certificate on a second discrete device for the POS system. The method also includes communicatively connecting the first discrete device with the second discrete device using a wire, transmitting the public key certificate from the second discrete device to the first discrete device using the wire, and verifying the public key certificate on the first discrete device. The method also includes finalizing a secure connection between the first discrete device and the second discrete device over the wire using a transport layer secure (TLS) protocol after the public key certificate is verified.

Abstract: A payment managing system and method for enhancing the security of electronic user payment data can include employing a two factor authentication and keeping e-commerce host system outside the PCI scope. The two-factor authentication can include using a session ID and a one-time token (OTT). The session ID can identify a payment session that is initiated upon initiation of an e-commerce transaction. The payment managing system can provide a computing device initiating the transaction an iFrame to handle input user input data on an information resource. The OTT can be used to tokenize the user input data. The OTT can be included in payment authorization requests sent to the payment managing system. The payment managing system can obtain payment authorization without the user payment data being shared with e-commerce host systems.

Abstract: Technologies for securely processing payment transactions include a mobile device configured to generate a secure payment transaction request message for a payment transaction. The request message includes a public key address derived from a public key of a public/private key pair. A multi-factor device receives the request message and generates a reference public key address as a function of the corresponding private key of the public/private key pair. The multi-factor device determines whether the public key address included in the received request message matches the generated reference public key address. The multi-factor device generates and transmits a response message to the mobile device including status indicator data based on the determination whether the received public key address matches the generated reference public key address. The mobile device processes or blocks the payment transaction as a function of the status indictor data. Other embodiments are described and claimed.

Abstract: Systems, methods, and computer-readable storage media utilized in remote math based currency (MBC) transactions. One method includes receiving, from a customer computer system, a token generation request associated with a remote MBC transaction including an amount of MBC funds to transfer, wherein the token generation request includes an identifier of a recipient computer system, and generating and transmitting, to the customer computer system, a token embedded with at least an MBC account number of the customer computer system. The method further includes receiving, from the recipient computer system, the token, wherein the recipient computer system is associated with a recipient MBC account, and creating a first and second public and private key pair. The method further includes transmitting the first public and private key pair to a recipient account destination of the recipient MBC account, and updating a pooled MBC account database with the second public and private key pair.

Abstract: Embodiments include a method of performing a math based currency (“MBC”) transaction. The method includes receiving, from a recipient computer system, information regarding an MBC backed credit card account, information regarding a recipient account and an amount of funds to be transferred to the recipient account from the MBC backed credit card account. The method further includes verifying, by the financial institution computer system, that the amount of funds that are available in the MBC backed credit card account. In various embodiments the method includes updating, by the financial institution computer system, an overlay ledger to increase the balance owed by a customer that holds the MBC backed credit card account.

Abstract: A portable apparatus includes one or more biometric sensors, one or more memories, and one or more processors operative to execute program instructions from the one or more memories. A public key infrastructure (PKI) certificate, which is stored in the one or more memories, includes a first code derived from encoding a first biometric digital signature of a person who has been registered and authorized to use the portable apparatus. The one or more processors cause the portable apparatus to acquire, by the one or more biometric sensors, biometric pattern of a person who attempts to access the portable apparatus; determine whether the biometric pattern is matched with the first biometric digital signature and the first code; and in response to determining that the biometric pattern is matched with the first biometric digital signature and the first code, transmit authentication information to a remote server over a network.

Abstract: Systems and methods for providing analytics data to payment facilitators and sub-merchants via a dynamic dashboard, in response to receiving transaction data from one or more Internet of Things (IoT) devices. In one implementation, a method includes receiving transaction data and a unique identifier of a sub-merchant, analyzing that data, and transmitting an unrequested analytics report to a dashboard.

Abstract: Systems and methods which are adapted to generate multiple indicia in a single secure environment session are described. Embodiments provide for generation of a plurality of postage indicia in a single postage security device (PSD) transaction, whereby the PSD loads and unloads corresponding virtual PSD information a single time for generating the plurality of postage indicia (i.e., in a single secure environment session). The indicia generated in a same secure environment session according to embodiments of the invention may comprise a plurality of indicia requested by a same, single user. Additionally or alternatively, the indicia generated in the same secure environment session may comprise a plurality of indicia requested by multiple different users.