Abstract: There is provided a transaction device comprising a chip enclosure comprising a readable reference code; a chip embedded in the chip enclosure, the chip having the reference code stored therein; wherein the chip is configured to generate a cryptographically signed version of the reference code stored in the chip upon receipt of a request message, such that the reference code can be retrieved from the cryptographically signed version of the reference code for comparison with the readable reference code. There is also provided a method of a manufacturing a transaction device, wherein the method comprises storing a reference code in a chip; positioning the chip on a chip enclosure; embedding the chip in the chip enclosure; and applying the reference code to the chip enclosure in a readable format.

Abstract: A method for secured receipt and usage of payment credentials using a commercial-off-the-shelf (COTS) device includes: storing, in the COTS device, a secure application program and cryptographic keys; establishing, by the program, a secure communication channel with a back-end system inaccessible by any application program or component in the COTS device; exchanging attestation data between the program and the back-end system using the communication channel; receiving payment credentials from a payment card by a near field communication (NFC) interface in the COTS device; transmitting the payment credentials to the program by the NFC interface; enciphering, by the program, the payment credentials; and transmitting, by the program of the COTS device, the enciphered payment credentials to the back-end system using the secure communication channel.

Abstract: A method for secured receipt and usage of payment credentials using a commercial-off-the-shelf (COTS) device includes: storing, in the COTS device, a secure application program and cryptographic keys; establishing, by the program, a secure communication channel with a back-end system inaccessible by any application program or component in the COTS device; exchanging attestation data between the program and the back-end system using the communication channel; receiving payment credentials from a payment card by a near field communication (NFC) interface in the COTS device; transmitting the payment credentials to the program by the NFC interface; enciphering, by the program, the payment credentials; and transmitting, by the program of the COTS device, the enciphered payment credentials to the back-end system using the secure communication channel.

Abstract: A method for secured receipt and usage of payment credentials using a commercial-off-the-shelf (COTS) device includes: storing, in the COTS device, a secure application program and cryptographic keys; establishing, by the program, a secure communication channel with a back-end system inaccessible by any application program or component in the COTS device; exchanging attestation data between the program and the back-end system using the communication channel; receiving payment credentials from a payment card by a near field communication (NFC) interface in the COTS device; transmitting the payment credentials to the program by the NFC interface; enciphering, by the program, the payment credentials; and transmitting, by the program of the COTS device, the enciphered payment credentials to the back-end system using the secure communication channel.

Abstract: There is provided a transaction device comprising a chip enclosure comprising a readable reference code; a chip embedded in the chip enclosure, the chip having the reference code stored therein; wherein the chip is configured to generate a cryptographically signed version of the reference code stored in the chip upon receipt of a request message, such that the reference code can be retrieved from the cryptographically signed version of the reference code for comparison with the readable reference code. There is also provided a method of a manufacturing a transaction device, wherein the method comprises storing a reference code in a chip; positioning the chip on a chip enclosure; embedding the chip in the chip enclosure; and applying the reference code to the chip enclosure in a readable format.

Abstract: A secure payment system comprises a merchant POS client and a remote POS server. The merchant POS client comprises a reading device for reading a customer user token and for accepting transaction details and customer verification data, and also a computing device with access to a communications network and in communication with the reading device. The merchant POS client also comprises a merchant token associated with the remote POS server. The remote POS server is in communication with the merchant POS client through the communications network, and one or more elements of the merchant POS client business logic are assured by the remote POS server and not the merchant POS client. A merchant token for use in such a merchant POS client is described, as is a suitable reader device, and a method of conducting a transaction using such a payment system.

Abstract: A method for secured receipt and usage of payment credentials using a commercial-off-the-shelf (COTS) device includes: storing, in the COTS device, a secure application program and cryptographic keys; establishing, by the program, a secure communication channel with a back-end system inaccessible by any application program or component in the COTS device; exchanging attestation data between the program and the back-end system using the communication channel; receiving payment credentials from a payment card by a near field communication (NFC) interface in the COTS device; transmitting the payment credentials to the program by the NFC interface; enciphering, by the program, the payment credentials; and transmitting, by the program of the COTS device, the enciphered payment credentials to the back-end system using the secure communication channel.

Abstract: A secure payment system comprises a merchant POS client and a remote POS server. The merchant POS client comprises a reading device for reading a customer user token and for accepting transaction details and customer verification data, and also a computing device with access to a communications network and in communication with the reading device. The merchant POS client also comprises a merchant token associated with the remote POS server. The remote POS server is in communication with the merchant POS client through the communications network, and one or more elements of the merchant POS client business logic are assured by the remote POS server and not the merchant POS client. A merchant token for use in such a merchant POS client is described, as is a suitable reader device, and a method of conducting a transaction using such a payment system.