Abstract: A method and apparatus for processing secure transactions of a requested service at a merchant point of sale (POS) using a customer mobile device and a virtual payment gateway (VPG) server, the method comprising an authentication and a transaction. The activation establishes a mobile device transport key (mTK) at the mobile device and a server, and assigns a mobile application identifier (MAID) to a mobile application of the mobile device. The transaction is based on generating a mobile device transport session key (msTK) derived from a server generated session ID and the mobile device transport key (mTK) generated during activation. The transaction of the requested service is initiated by the customer mobile device and is processed without storing confidential data such as financial account data or financial account identification data at the POS and/or the customer mobile.

Abstract: Embodiments of the invention are directed to methods, systems, and devices for replacing a token on a user device, such as a transaction card. The transaction card includes tokens representing an actual account identifier which is not visible on the transaction card. The transaction card may store a first token on a and include a digital display that displays a second token. When the first token or the second token is compromised, the compromised token is replaced without replacing the transaction card. When the second token is compromised, the compromised token is replaced with a new replacement second token using an electronic device. The replacement second token replaces the old second token on the digital display. After the second token is compromised and before the replacement second token is provisioned on the transaction card, the transaction card may still be used for transactions using other tokens provisioned on the card.

Abstract: A near field communication (NFC)-enabled client device includes one or more computer-readable storage media and an NFC interface component operational in a card emulation mode of an NFC protocol. The client device also includes an application for performing a transaction using the NFC protocol. The application is stored on the one or more computer-readable storage media. Programming logic is configured to receive and store a state object (e.g., a cookie) provided by a security authority using the NFC protocol when performing a transaction using the application. The state object includes an identifier, data payload and a public key associated with the security authority. The programming logic is also configured to transmit the state object to the security authority upon receiving an HTTP operation identifying the state object.

Abstract: A method, server and storage medium for verifying a transaction using a smart card are disclosed. A server receives a transaction request to perform a transaction with a user of the smart card. The transaction request includes identification information and encrypted data extracted from the smart card, and transaction information. The server determines a user account linked to the identification information. The server performs a first verification process to authenticate the smart card by verifying that the smart card possesses a correct decryption key corresponding to the identification information. The server performs a second verification process to authenticate the smart card by verifying that the encrypted data extracted from the smart card encodes stored data corresponding to the respective user account linked to the identification information. If the first and the second verification processes are successful, the server processes the transaction in accordance with the transaction information.

Abstract: This disclosure relates to creating a Bluetooth and/or BLE connection between two devices without using a UUID and/or MAC address. For example, a first device storing a private key may enter advertising mode to create a Bluetooth/BLE connection. An advertising packet (e.g., advertising channel packet data unit (PDU)) may be transmitted (e.g., in encrypted format). A second device may enter scanning or initiator mode and may receive the advertising packet. A second device may request that a user log into an account associated with the first device (e.g., a customer account, a financial account, an employee account, and/or the like) in order to initiate a Bluetooth/BLE connection. A second device user may enter login credentials via the second device, which may then be transmitted to a backend system. A backend system may receive and validate the login credentials and, in response, transmit a public key to the second device. The public key may be transmitted in an encrypted format.

Abstract: A method, system, and computer program product for managing user identification codes in an internet advertising environment. One aspect implements a system including a database engine to store a plurality of signals comprising characteristics and/or values received from a user device. A user ID generator calculates collision statistics and/or fragmentation statistics to form a first mapping function that is in turn used to generate a plurality of identification codes based at least in part a first set of selected signals. A calibration module produces measurements determined from collision quantities and/or fragmentation quantities using the first mapping function, wherein the measurements are determined by comparing the plurality of identification codes to entries in a known ID database. A sequencing module generates updated sequences of mapping functions.

Abstract: Described herein is a platform and method for determining a confidence level associated with a transaction that utilizes dynamic data. In some embodiments, the confidence level is determined based on location data received in relation to the transaction. For example, some embodiments are directed to storing first location information collected from a mobile device provided in a request for the dynamic data, receiving second location information related to a transaction conducted using the dynamic data, and comparing the two with respect to the amount of time that has elapsed between collection of each to determine a confidence level associated with a likelihood that the transaction is authentic.

Abstract: Facilitating a decision of a content player is disclosed. In some cases, performance information associated with a content player is received. The information is received from a client. A determination is made that an update should be sent to the client. The update is sent to the client. In other cases, information is received from an external entity. Based at least in part on the received information, an instruction is sent to a content player.

Abstract: Techniques are described for facilitating use of invocable services by applications in a configurable manner. In at least some situations, the invocable services are Web services or other network-accessible services that are made available by providers of the services for use by others in exchange for fees defined by the service providers. The described techniques facilitate use of such invocable services by applications in a manner configured by the developers of the applications, including to allow the application developers to configure pricing terms that will be used to determine fees that end users of the applications will be charged for use of the invocable services via the applications. In some situations, the configured pricing terms for a service specify fees for end users that differ in one or more ways from the defined fees charged by the provider of that service.

Abstract: Techniques are described for generating and presenting a digital document for a transfer. A check service may generate the digital document based on provided check data. The digital document may be stored on a user device and presented to a recipient, for example through the display of the user device. The digital document may also be provided to the recipient in an email or other type of communication. The check service may generate a digital watermark to include on the digital document. The watermark may be unique to the particular document, and may be algorithmically generated based on data that is associated with the particular document, such as a serial identifier, a transaction identifier, an amount, a user identifier of the sender, etc. The digital watermark may be regenerated when the recipient presents the document for payment, to confirm document validity.

Abstract: The present invention relates to an off-line PIN authentication and an off-line PIN authentication system. The method comprises: inputting an off-line PIN1 to a POS terminal, the POS terminal generating a dynamic challenge code, and transmitting the dynamic challenge code and the off-line PIN1 to a card application; the card application verifying the first off-line PIN1 and the second off-line PIN2 are consistent with each other or not; if consistent, a digital signature being made on the first off-line PIN1 and the second off-line PIN2 to return signature data and a success status code to the POS terminal; the POS terminal verifying the signature data in case of receiving the success status code, and starting the subsequent transaction procedure if the signature data is verified successfully. According to the present invention, it not only can realize the verification of the IC card to the off-line PIN, but also can realize the verification of the terminal to the off-line PIN.

Abstract: A first device may be coupled to a second device over a network. The first device may maintain a first cryptocurrency wallet and may include mining circuitry that generates cryptocurrency rewards for the wallet. The first device may transmit a communications request to the second device. The second device may transmit payment information identifying a second wallet and a selected authentication amount to the first device. The second device may select the authentication amount to perform a desired amount of device connection rate limiting. The first device may generate an authentication transaction for a cryptocurrency network to transfer the authentication amount from the first wallet to the second wallet. The second device may determine whether the authentication transaction has been verified by the cryptocurrency network. In response to determining that the authentication transaction has been verified by the cryptocurrency network, the second device may establish the communication link.

Abstract: An example operation may include one or more of identifying a transaction from a blockchain node to be committed to a blockchain, determining available channels for assignment, assigning a channel to the blockchain node, and transmitting the transaction to the blockchain on the assigned channel.

Abstract: Aspects described herein may relate to a transaction exchange platform using a streaming data platform (SDP) and microservices to process transactions according to review and approval workflows. The transaction exchange platform may receive transactions from origination sources, which may be added to the SDP as transaction objects. Microservices on the transaction exchange platform may interact with the transaction objects based on configured workflows associated with the transactions. Processing on the transaction exchange platform may facilitate clearing and settlement of transactions. Some aspects may provide for dynamic and flexible reconfiguration of workflows and/or microservices. Other aspects may provide for data snapshots and workflow tracking, allowing for monitoring, quality control, and auditability of transactions on the transaction exchange platform.

Abstract: A method and system for detecting postage fraud using an indexed lookup procedure is provided. The method includes generating, at a postage-issuing computer system, a unique postage indicium associated with a unique tracking number allocated to a postage transaction. The unique tracking number provides a mail piece tracking capability within the United States Postal Service (USPS). The method further includes indexing the postage transaction with the unique tracking number; and receiving, at the postage-issuing computer system, a request to validate a printed postage indicium carried on a mail piece received at the USPS. The request includes a tracking number identified from information further carried on the mail piece. The method also includes returning, to the USPS and in response to the request, a determination indicating whether the tracking number in the request matches any records stored in a transaction database.

Abstract: There is described a method for transmitting a transaction message from a transaction device having a transaction device identifier. The method involves encrypting, at a transaction device, a transaction device identifier, generating, at the transaction device, a transaction message for a transaction system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data, and sending the transaction message to a transaction processing system. The generation of the transaction message comprises providing data in the first data field of the transaction message that does not identify the transaction device and providing the encrypted transaction device identifier in the second data field of the transaction message.

Abstract: In accordance with one or more aspects of selecting between client-side and server-side market detection, a determination is made at a device as to which of a client-side detected market and a server-side detected market is to have priority for a service. An application of the device is configured in accordance with a client-side market configuration setting if the client-side detected market has priority, and is configured in accordance with a server-side market configuration setting if the server-side detected market has priority.

Abstract: A Turing incomplete smart contracting source code for use in a blockchain network is disclosed that allows for static analysis of a smart contract at the time of publishing.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, employing a permissioned distributed ledger for the promotion of sustainable agriculture. In one aspect, a method includes receiving, from a purchaser of goods, payment data including a targeted payment amount and a product identifier; locating, on a permissioned distributed ledger, an attestation for a delivery of the purchased goods, the permissioned distributed ledger stores verified transactions within a supply chain for the purchased goods; processing the attestation for a delivery from a producer of the purchased goods to determine the producer of the purchased goods; providing payment information including the targeted payment amount to the producer through a producer application; receiving verification, based on biometric authentication, of an identity of the producer from the producer application; and releasing funds for the targeted payment amount to the producer.

Abstract: Providing blockchain-based subscription-as-a-service management is disclosed. In one example, a node within a customer network begins execution of a subscription-as-a-service software instance. An activation agent of the node broadcasts an activation transaction, requesting activation of the subscription-as-a-service software instance, to other nodes of the customer network. A block-issuing node within the customer network, upon receiving the activation transaction, determines whether to activate the subscription-as-a-service software instance. If so, a block-issuing agent of the block-issuing node generates a blockchain block containing the activation transaction as part of a blockchain. The blockchain block is then broadcast back to the customer network, where it is eventually received by the node executing the subscription-as-a-service software instance. Based on the blockchain block, the node enables continued execution of the subscription-as-a-service software instance.