Abstract: Embodiments of the invention are directed to a method for submitting a tokenization request via an access device. Embodiments allow tokens to be retrieved for complex mobile devices as well as basic card-type devices. Token requests can be formatted as authorization request messages and transmitted along authorization communication channels.

Abstract: A method for distributed-ledger based intercompany netting may include: receiving, from a first entity within an organization, a deposit of a first amount of funds to a first account; tokenizing the first amount of funds and writing the first amount of funds to a first token wallet for the first entity on a distributed ledger; receiving, from a second entity within an organization, a deposit of a second amount of funds to a second account; tokenizing the second amount of funds and writing the second amount of funds to a second token wallet for the second entity on the distributed ledger; and executing a transaction involving a transfer of a transaction amount from the first entity to the second entity by deducting the transaction amount from a token balance in the first wallet and adding the transaction amount to a token balance in the second wallet.

Abstract: A computer system receives an indication from a user that the user wishes to perform a mobile wallet transaction to transfer funds to a recipient using a mobile device. The transaction is authenticated by the computer system. The authentication includes receiving login credentials manually entered by the user and determining that the login credentials match stored login credentials for the user. The authentication further includes determining that the mobile device has a device token stored thereon that matches a device token stored in a database of the computer system. The device token uniquely identifies the mobile device in the computer system. The authentication further includes determining that the mobile device has a customer token stored thereon that matches the customer token stored in the database. The customer token uniquely identifying the customer in the computer system. The computer system transmits the funds to the recipient responsive to the authenticating step.

Abstract: The present disclosure involves systems, software, and computer implemented methods for providing rapid approval of blockchain-based transactions. This includes approval of transactions prior to the transaction being written to the blockchain. A transaction system can register with a transaction manager, such as a cloud-based or cloud transaction manager, which can maintain a queue of pending transactions and provide approval for transactions in real-time or near real-time, while later verifying the pending transactions are written into the blockchain as expected. This allows the transaction system to securely confirm the transaction is approved prior to the transaction being written in the blockchain, based on a real-time or near real-time analysis of each customer's corresponding account and transactions.

Abstract: Techniques for managing licensing of a software application that includes a plurality of executables are presented. The techniques can include detecting an initiation of the software application on a client computer; obtaining a license for a usage of a first executable of the plurality of executables; detecting an initiation of at least a second executable; obtaining execution type data for the second executable specifying one of: a license for a usage of the second executable is not required if an instance of the second executable is executing on the client computer, or a license for a usage of the second executable is not required if at least one executable of the plurality of executables is executing on the client computer; determining, based on the execution type data, that a license for a usage of the second executable is not required; and executing the second executable.

Abstract: A new approach is proposed to support instant merchant activation for secured in-person payment at a point of sale (POS) of a merchant. When a customer initiates an in-person payment request at a payment initiation device associated with the merchant, the payment initiation device collects both sensitive and non-sensitive portions of electronic payment transaction data for the request and encrypts the sensitive data portion for secured transmission. A payment gateway in the payment transaction process relays the data and the payment request to a payment processor for approval by an issuer and transmits only the non-sensitive portion of the data to a payment service engine for risk analysis if the payment request is approved by the issuer. The payment service engine determines if the payment request is at high risk based on risk analysis of non-sensitive portion of the data and notifies the payment initiation device and/or merchant accordingly.

Abstract: Systems, methods, and computer readable media are disclosed for providing a hand free interaction between a user and a dispenser device. In embodiments of the invention, a mobile communication device and a beacon device associated with the dispenser device (or the dispenser device operating as a beacon device) may perform mutual authentication with a federated platform. Once the entities are authenticated, the user may be allowed to dispense the resource utilizing the dispenser device. Data associated with the interaction and related to the resource dispensed may be provided to the federated platform via the mobile communication device and the interaction data may be recorded. The federated platform may subsequently provide the interaction data to a resource provider to enable the resource provider to conduct a settlement process.

Abstract: Systems and methods for securely storing digital assets using a secure portal are disclosed. Using an isolated computer within an electronic isolation chamber, a plurality of digital asset accounts may be generated, and one or more private keys and a digital asset account identifier corresponding to each of the digital asset accounts may be obtained. A respective reference identifier may be associated with each digital asset account. At least one of the one or more private keys corresponding to each digital asset account may be divided into a plurality of private key segments and written to a card along with the respective reference identifier to create sets of collated cards, wherein each set comprises cards corresponding to different private keys.

Abstract: Systems and methods are provided for use in distributing payment transaction notifications. One exemplary method includes identifying, by a computing device, transaction data for a transaction associated with a child token to a group payment account and identifying, by the computing device, in a data structure, a parent token with which the child token is associated. The parent token is enrolled to receive a notification for the transaction associated with the child token. As such, the method further includes transmitting, by the computing device, a notification to a communication device of a group member associated with the parent token in response to the transaction involving the child token, where the notification includes transaction data associated with the transaction such that the transaction is thereby identified to the group member along with the associated transaction data.

Abstract: A method for using authentication information is provided. The method includes steps of: (a) a managing server, if a request for using the authentication information is acquired, acquiring a transaction ID corresponding to a specific user's identification information; (b) the managing server acquiring an output of a specific transaction corresponding to the transaction ID from a blockchain; (c) the managing server determining revocation of the authentication information by referring to the output of the specific transaction; and (d) the managing server supporting a communication by providing the specific user's public key in the output of the specific transaction, if the authentication information is not revoked, and if (i) a hash value of the specific user's identification information included in the output of the specific transaction or its processed value corresponds to (ii) a hash value of the specific user's identification information pre-stored in a certain database or its processed value.

Abstract: A method, system, and computer program product for managing user identification codes in an internet advertising environment. One aspect implements a system including a database engine to store a plurality of signals comprising characteristics and/or values received from a user device. A user ID generator calculates collision statistics and/or fragmentation statistics to form a first mapping function that is in turn used to generate a plurality of identification codes based at least in part a first set of selected signals. A calibration module produces measurements determined from collision quantities and/or fragmentation quantities using the first mapping function, wherein the measurements are determined by comparing the plurality of identification codes to entries in a known ID database. A sequencing module generates updated sequences of mapping functions.

Abstract: The present disclosure relates to a method for approving the use of a card by using a token-ID, wherein, in a state where a card token ID, identification information of a user, a push token ID, and a public key of the user are registered in a blockchain database and a blockchain transaction ID corresponding thereto is managed, when payment request information is acquired, a relay server: requests authentication of order data from a user terminal; checks whether a user signature value obtained in response to the authentication request is valid, and registers the order data in the blockchain database; and registers, in the blockchain database, approval result information which is obtained through verification of the order data by a financial server, and transmits the approval result information to at least one of a service providing terminal and the user terminal.

Abstract: A virtual payment system for paying for goods, services and content ordered over an internetwork is disclosed. The virtual payment system includes a commerce gateway. Buyers and sellers becomes registered participants by applying for virtual payment buyer and seller accounts. Once an account is established with the commerce gateway, a digital certificate is stored on the registered participant's computer. A buyer can then order a product, i.e., goods, services or content from a seller and charge it to the virtual payment account. When the product is shipped, the seller notifies the commerce gateway, which applies the charges to the buyer's virtual payment account. The buyer can settle the charges using a prepaid account, a credit account, or by using reward points earned through use of the virtual payment account. A buyer may create sub-accounts.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for receiving, from a user device, a request to include financial data describing a financial account in an interface, the financial account being associated with a particular financial institution; identifying one or more metadata attributes for accessing the financial account associated with the particular financial institution; obtaining a public digital key associated with the financial institution; providing, to the user device, data describing the one or more metadata attributes and the public digital key associated with the financial institution; receiving, from the user device, respective values for the one or more metadata attributes, the corresponding values having been encrypted by the user device using the public digital key; and storing the encrypted values for the one or more metadata attributes for use in accessing and aggregating financial data describing the financial account.

Abstract: A system and method provide efficient, secure and highly reliable authentication for transaction processing and/or access control applications in which only biometric input is required from the user. A Personal Digital Key stores a biometric profile that comprises a representation of physical or behavioral characteristics that are uniquely associated with an individual that owns and carries the PDK. The PDK wirelessly transmits the biometric profile over a secure wireless transaction to a Reader for use in a biometric authentication process. The Reader compares the received biometric profile to a biometric input acquired at the point of transaction in order to determine if the transaction should be authorized.

Abstract: Methods and systems for electronic document authentication are disclosed. In one aspect, a method of generating an electronic postmark includes receiving, via a server, a request message from an electronic network, the request message comprising request data including payload data and meta data, generating a timestamp in response to receiving the message, hashing the payload data to generate a payload hash, digitally signing the metadata, the payload hash, and the timestamp to generate a digital signature, generating a response message, the response message generated to comprise the metadata, the payload hash, the timestamp, and the digital signature; and transmitting the response message onto the electronic network.

Abstract: Methods and systems for electronic document authentication are disclosed. In one aspect, a method of generating an electronic postmark includes receiving, via a server, a request message from an electronic network, the request message comprising request data including payload data and meta data, generating a timestamp in response to receiving the message, hashing the payload data to generate a payload hash, digitally signing the metadata, the payload hash, and the timestamp to generate a digital signature, generating a response message, the response message generated to comprise the metadata, the payload hash, the timestamp, and the digital signature; and transmitting the response message onto the electronic network.

Abstract: A client device comprises a first secure element and a second secure element. The first secure element comprises a first computer-readable medium having a payment application comprising instructions for causing the client device to initiate a financial transaction. The second secure element comprises a second computer-readable medium having a security key, a payment instrument, stored authentication data and instructions for generating a secure payment information message responsive to the payment application. The secure payment information message comprises the payment instrument and is encrypted in accordance with the security key.

Abstract: A distributed private ledger function of a server of a first consortium member receives data representing an alias for one of its customers from the customer and also receives data that represents an alias for a customer of a second member replicated by a distributed private ledger function of a server of the second member to all members of the consortium. Thereafter, the distributed private ledger function of the first member's server identifies a recipient account of the second member's customer based on an account pointer associated with the alias of the second member's customer and initiates a transfer of funds from a source account of the first member's customer corresponding to an account pointer associated with the alias for the first member's customer to the identified recipient account of the second member's customer.

Abstract: A first application may output a form comprising payment fields. An operating system (OS) may receive, from a contactless card, a uniform resource locator (URL) comprising encrypted data. A second application received from the URL by the OS may be executed. The second application may transmit the encrypted data to an authentication server, the authentication server to verify the encrypted data. The second application may receive, from a virtual account number server, a virtual account number, an expiration date associated with the virtual account number, and a CVV associated with the virtual account number. The second application may provide the virtual account number, expiration date, and CVV to an autofill service of the OS. The autofill service of the OS may autofill the virtual account number the payment fields of the first application.