Abstract: Various implementation described herein are directed to a method for providing access control. User information is received at a device. A request to provide access control is generated by the device based on the received user information. The request is transmitted via a network to an access manager. A response to the request is received from the access manager. Access control via the device is provided based on the response to the request.

Abstract: Methods of communicating information relating to an event are described. Elements of information relating to the event and contained in a data field are obtained and used to determine a cryptographic record. First places in the data field are filled by the elements with time information. The cryptographic record is used to fill second places in the data record. On reception of a message including the data field, the data field can be resolved into the first places and the second places. The time information associated with the event can be determined and used to establish elements of information that were combined with the time information to fill the first places. The established elements can be used to calculate a cryptographic record, which can be matched against the cryptographic record from the second places to determine that the elements of information are correct.

Abstract: A method of providing a secure service at a computing node is described. The secure service is for a requesting party external to the computing node. The following steps take place at the computing node. A service request is received from the requesting party. This service request comprises a request to generate a credential. The credential is then generated, and service-related information is obtained. The credential and the service-related information are encrypted using an encryption process to form an encrypted message part. A service-identifying clear message part is also created, and a message is sent comprising the clear message part and the encrypted message part to the requesting party. Methods of using such a message to validate the credential, and of using such a message to confirm the integrity of service-related information held in the message, are also described, as is computing apparatus adapted to carry out one or more of these methods.

Abstract: A method of providing a secure service at a computing node for a requesting party external to the computing node is described. The following steps are taken at the computing node. A service request comprising a request to generate a credential is received from a requesting party. The computing node generates the credential and obtains service-related information. A clear message part is created comprising service-identifying information. A checksum is then created from at least a part of the service-identifying information and from at least a part of the credential and the service-related information. The credential, the service-related information and the checksum are then encrypted to form an encrypted message part. A message comprising the clear message part and the encrypted message part is then sent to the requesting party.

Abstract: Communication of information relating to an event is described, where the information is contained in a data field. Methods of communicating and obtaining the information are described, together with suitable apparatus for performing these methods. One or more elements of information relating to the event are obtained and used to determine a cryptographic record of the event. A first set of places in the data field are filled by a combination of some or all of each of the elements together with time information associated with the event. The cryptographic record is used to fill a second set of places in the data record. On reception of a message including the data field, the data field can be resolved into the first set of places and the second set of places. The time information associated with the event can then be determined and used to establish the whole or partial elements of information that were combined with the time information to fill the first set of places.

Abstract: Embodiments of the invention are directed to systems and methods for authenticating a user device using an authenticating device that has previously been associated with a user and/or a credential. The user may initiate a transaction at the user device. An authenticating device associated with the transaction may be sent an authentication request corresponding to the user device. The user may indicate whether or not the user device is authenticated utilizing the authenticating device. If the user device is authenticated, the transaction may proceed. If the user device is not authenticated the transaction may be rejected.

Abstract: A network management system includes: a memory configured to store instructions; and a parallel processor configured to execute the instructions to: (a) receive a request for a transaction; (b) determine a first authorization decision for the request; (c) determine a second authorization decision for the request; and (d) perform a first procedure when the first authorization decision is different from the second authorization decision. The request corresponds to use of electronic payment for the transaction and wherein the first authorization decision is generated in parallel with generation of the second authorization decision.

Abstract: Following a tokenized consumer-initiated transaction, it is typical for subsequent merchant-initiated transactions to be processed without a cryptogram, causing a real opportunity for fraudulently generated merchant-initiated transactions to be submitted and subsequently processed. The present disclosure provides a method that solves or alleviates this problem. The method comprises: receiving a first transaction request including a payment token, first payment information, a first cryptogram and a next transaction notification identifying a future second transaction; authenticating the first transaction request based at least in part on the first cryptogram; providing an authorization response approval message to authorize the first transaction request; and providing a next transaction cryptogram suitable for use in authenticating a second transaction request.

Abstract: An authentication request message from a user conducting an interaction at a resource provider computer is received. It is determined that data representing an indication that the resource provider is trusted by the user and including a trusted marker is present in a database. Authentication to the user is provided, and information indicating that the user has been authenticated and the trusted marker are sent so that authorization request message for the interaction that includes the trusted marker is generated. The trusted marker is validated, and the authorization request message including information related to the interaction and the validated trusted marker is sent to an authorizing entity computer.

Abstract: A method is disclosed. The method includes receiving, by a token gateway, a first request message from a token requestor computer. The token gateway determines at least one token service computer from a plurality of token service computers, each token service computer in the plurality of token service computers operating independently of each other. The token gateway transmits at least one second request message to the at least one token service computer and receives, at least one first response message comprising at least one token and/or supplemental data associated with the at least one token from the at least one token service computer. The token gateway transmits a second response message to the token requestor computer, the second response message comprising the at least one token and/or the supplemental data.

Abstract: A method is disclosed. The method includes receiving, by a token gateway, a first request message from a token requestor computer. The token gateway determines at least one token service computer from a plurality of token service computers, each token service computer in the plurality of token service computers operating independently of each other. The token gateway transmits at least one second request message to the at least one token service computer and receives, at least one first response message comprising at least one token and/or supplemental data associated with the at least one token from the at least one token service computer. The token gateway transmits a second response message to the token requestor computer, the second response message comprising the at least one token and/or the supplemental data.

Abstract: A computerized system and method for processing record change requests across multiple applications is provided. A link is received from a first application, the link being associated with a record change request from a first account. A signed token is obtained from a like service using the link, wherein the signed token includes identity data associated with the first account and the record change request. An indicator of a second application is received, wherein the second application is chosen by a user for interacting with the record change request. Further, account information of a second account associated with the user is received. The second application is caused to be executed using the signed token and the indicator of the second application, wherein the second application updates a record at the second account associated with the user in response to the record change request.

Abstract: Various implementation described herein are directed to a method for providing access control. User information is received at a device. A request to provide access control is generated by the device based on the received user information. The request is transmitted via a network to an access manager. A response to the request is received from the access manager. Access control via the device is provided based on the response to the request.

Abstract: A method of providing a secure service at a computing node for a requesting party external to the computing node is described. The following steps are taken at the computing node. A service request comprising a request to generate a credential is received from a requesting party. The computing node generates the credential and obtains service-related information. A clear message part is created comprising service-identifying information. A checksum is then created from at least a part of the service-identifying information and from at least a part of the credential and the service-related information. The credential, the service-related information and the checksum are then encrypted to form an encrypted message part. A message comprising the clear message part and the encrypted message part is then sent to the requesting party.

Abstract: Various implementation described herein are directed to a method for providing access control. User information is received at a device. A request to provide access control is generated by the device based on the received user information. The request is transmitted via a network to an access manager. A response to the request is received from the access manager. Access control via the device is provided based on the response to the request.

Abstract: The present invention relates to an apparatus, a method, and a system for determining location. The apparatus comprises an apparatus comprising a camera, and a processor. The camera is configured to capture an image of a microscopic object located at a predetermined location. The microscopic object comprises coded information. The processor is configured to process the image to decode the coded information and to determine a location of the device as being the predetermined location based on the decoded information. The apparatus may further comprise a manually operated inventory carrier (such as a shopping trolley or cart) or a robotic inventory carrier. The predetermined location may be in a supermarket or an inventory facility. The microscopic object may comprise a QR code or other barcode, and may be one of an array or repeating patterns of microscopic objects.

Abstract: The CONVERGED MERCHANT PROCESSING APPARATUSES, METHODS AND SYSTEMS (“CMP”) facilitates the generation of user accounts with merchants. The user may be logged into an electronic wallet or issuer account, and may initiate an account generation process with a one-click mechanism. The CMP may provide information to the merchant in order to facilitate the generation of the account after receiving data from the electronic wallet or issuer.

Abstract: A fun and affordable animated toy robot operates with varying degrees of autonomy and anthropomorphism. The robot may include a customized chipboard controller or computer, a power source, and may be constructed with specialized connectors, magnets, servo motors, generally less-sturdy (or pliable) thin materials, such as chipboard, card stock, cardboard, or the like, used for the body and limbs of the robot, and LEDs. The specialized connectors may be used to attach the servos to these materials. An application and the controller may be used to control the motion of the robot. Young children may be able to make the attachments to build the robot with little or without the help of adults or older children. Building and operating the robot may be fun activities for children and families, and may provide enjoyable learning activities about robotics.

Abstract: A method for carrying out a wireless transaction for authorization through a transaction processing system between a first computing device and a second computing device is described. The first computing device establishes a secure network connection with a third computing device. The first computing device initiates the wireless transaction with the second computing device. The first computing device provides information to perform a security protocol for the transaction to the third computing device over the secure connection. The performance of the security protocol includes determination of a secure result. The first computing device receives a dummy secure result from the third computing device, and performs the wireless transaction with the second computing device using the dummy secure result. The third computing device prepares a true secure result for the wireless transaction. The dummy secure result may be used to reconcile the wireless transaction with the true secure result.

Abstract: A method for application of account and transaction controls on a payment token includes: storing, in a first device of a system, a control profile including a token number and transaction controls; storing, in a second device of the system, a token profile including the token number and a corresponding account number; receiving, at the first device, a transaction message including a data element having the token number and additional transaction data; determining, by the first device, compliance with the transaction controls based on the additional transaction data; transmitting the transaction message from the first to the second device; replacing, by the second device, the token number with the account number in the transaction message; and transmitting, by the second device, the transaction message to a financial institution associated with the account number.