Abstract: A cardholder authentication method includes receiving, at an authentication network, an authentication request involving an account. The method further includes determining, based at least in part on a portion of an account identifier associated with said account, an authentication service. In addition, the method includes determining, based at least on said authentication service and a portion of said account identifier, an authentication response. The method also includes transmitting, to a merchant associated with a transaction involving said account, said authentication response.

Abstract: A cardholder authentication method includes receiving, at an authentication network, an authentication request involving an account. The method further includes determining, based at least in part on a portion of an account identifier associated with said account, an authentication service. In addition, the method includes determining, based at least on said authentication service and a portion of said account identifier, an authentication response. The method also includes transmitting, to a merchant associated with a transaction involving said account, said authentication response.

Abstract: A secure on-device cardholder authentication method and system. In an embodiment, a consumer's mobile device uses a mobile application to receive a user authentication request from an entity. A biometric data capture request is then transmitted to a biometric sensor of the mobile device, and a determination made that the mobile application is authorized to use an authenticator API. Next, the mobile device processor prompts the user to provide at least one form of biometric data in accordance with business rules, receives a user authentication response when the user provided biometric data matches locally stored biometric data, generates a positive user authentication response message, and transmits the positive user authentication response message to the entity.

Abstract: According to some embodiments, a requesting application executing on a mobile device may request a transport layer security key pair in connection with a payment transaction. Responsive to the request, a trusted execution environment client of the mobile device may route a request to a payment application executing in a secure trusted execution environment of the mobile device. It may then be arranged, within the secure trusted execution environment, to create the transport layer security key pair and provide key pair to the requesting application. Moreover, in some embodiments, the mobile device may transmit payment transaction information to an access control server and receive a request for biometric authentication. It may then be arranged for hardware within the mobile device to biometrically authenticate a user of the mobile device.

Abstract: A secure on-device cardholder authentication method and system. In an embodiment, a consumer's mobile device uses a mobile application to receive a user authentication request from an entity. A biometric data capture request is then transmitted to a biometric sensor of the mobile device, and a determination made that the mobile application is authorized to use an authenticator API. Next, the mobile device processor prompts the user to provide at least one form of biometric data in accordance with business rules, receives a user authentication response when the user provided biometric data matches locally stored biometric data, generates a positive user authentication response message, and transmits the positive user authentication response message to the entity.

Abstract: A method includes receiving, from a merchant, transaction data and supplemental data relating to a payment account transaction. The method further includes accessing at least one service selection rule. Also, based on the at least one service selection rule and the transaction data and supplemental data, at least one service is selected. The selected service(s) are provided to the merchant in connection with the payment account transaction.

Abstract: According to some embodiments, a requesting application executing on a mobile device may request a transport layer security key pair in connection with a payment transaction. Responsive to the request, a trusted execution environment client of the mobile device may route a request to a payment application executing in a secure trusted execution environment of the mobile device. It may then be arranged, within the secure trusted execution environment, to create the transport layer security key pair and provide key pair to the requesting application. Moreover, in some embodiments, the mobile device may transmit payment transaction information to an access control server and receive a request for biometric authentication. It may then be arranged for hardware within the mobile device to biometrically authenticate a user of the mobile device.

Abstract: Systems and methods for multi-factor user authentication techniques usable in transactions. In some embodiments, an authentication platform receives a request to authenticate a user in conjunction with an online transaction and determines an authentication rule. The authentication platform then transmits an authentication request to the user's mobile device, receives authentication response data from the user mobile device, and authenticates the user in conjunction with the transaction when the authentication response data matches stored user authentication data. An authentication message is then transmitted to the user's mobile device. In some embodiments, the authentication response data is biometric data of the user obtained from at least one authenticator of the user's mobile device.

Abstract: Methods, media, and systems to receive a request for an authentication value for a transaction in an application programming interface (API) call from a software application; determine the request for the authentication value includes an indication of a first transaction type; generate, in response to the determination that the request for the authentication value includes an indication of the first transaction type, an authentication value for the transaction; and as an indication of a verified authentication send, to the software application, an API response including the generated authentication value for the transaction.

Abstract: Multi-factor authentication techniques are described that use secure push authentication technology for transactions. An embodiment includes receiving, by an assurance platform operating as an authentication service platform, a user authentication request and transaction data from an access control server (ACS), determining an authentication rule, generating a user validation request message, transmitting the user validation request message to a user mobile device, and receiving user authentication data. The assurance platform then validates the user authentication data, transmits a device authentication request, receives a device authentication response signed with a private key of the user, and authenticates the user based on the device authentication response and private key.

Abstract: A cardholder authentication method includes receiving, at an authentication network, an authentication request involving an account. The method further includes determining, based at least in part on a portion of an account identifier associated with said account, an authentication service. In addition, the method includes determining, based at least on said authentication service and a portion of said account identifier, an authentication response. The method also includes transmitting, to a merchant associated with a transaction involving said account, said authentication response.