Abstract: The invention provides a method for transmission of sensitive information via an untrusted party. The sensitive information is held by a trusted computer and is transmitted via an untrusted computer to a recipient computer. Before transmission, the trusted computer encrypts the sensitive information using an encryption key that is associated with the recipient computer. The untrusted computer does not have access to a corresponding decryption key and is therefore unable to decrypt the sensitive information. The recipient computer is able to decrypt the encrypted sensitive information using a decryption key that it has access to and is thus able to gain access to the sensitive information without further communication with the trusted computer. This method has utility in payment transactions, particularly e-commerce transactions.

Abstract: A computer system includes a database, a communication interface, and a processor. The processor is programmed to receive a request message from an issuer computing device. The consent message includes a client ID and encrypted transaction card details for a transaction card account. The processor is also programmed to decrypt transaction card details. The processor is also programmed to match the client ID to the transaction card details using a BIN mapping table stored in the database. Based on the mapping, the processor generates an issuer access token. The issuer access token is associated with the transaction card account. The processor stores the issuer access token in the database and transmits the token to the issuer computing device.

Abstract: A computer system includes a database, a communication interface, and a processor(s). The processor(s) is programmed to receive a consent message from a cardholder computing device. The consent message includes cardholder consent information indicating consent to one or more data services. The processor(s) is also programmed to decrypt transaction card details included in a secure request message. The transaction card details correspond to a transaction card of a cardholder and are associated with a financial account of the cardholder. Based on the transaction card details, the processor(s) generates a digital access token. The digital access token is associated with the financial account and the cardholder consent information. The processor(s) stores the digital access token in the database, transmits a cardholder authentication request message to an issuer, and receives an authentication ID from the cardholder computing device.

Abstract: A computer system includes a database, a communication interface, and a processor(s). The processor(s) is programmed to receive a consent message from a cardholder computing device. The consent message includes cardholder consent information indicating consent to one or more data services. The processor(s) is also programmed to receive transaction card details from the cardholder computing device. The transaction card details correspond to a transaction card of a cardholder and are associated with a financial account of the cardholder. Based on the transaction card details, the processor(s) generates a digital access token. The digital access token is associated with the financial account and the cardholder consent information. The processor(s) stores the digital access token in the database, transmits a cardholder authentication request message to an issuer, and receives an authentication ID from the cardholder computing device.

Abstract: A server to process a tab for a customer at a merchant premises may provide a list of candidate merchant premises to a customer mobile device, receive a signal indicating a user selection of one of the candidate merchant premises, receive payment card details for the customer mobile device, obtain a specific code for a tab at the selected merchant premises, send to the customer mobile device the specific code, receive a signal from a Point of Sale (POS) terminal of the selected merchant premises, associate the customer mobile device with an open tab maintained by the POS terminal, receive from the POS terminal at least one identifier and amount for each purchase of the open tab, request payment of at least a portion of a balance of the open tab from a payment gateway using the payment card details, and notify the POS terminal of the payment.

Abstract: A server to process a tab for a customer at a merchant premises may provide a list of candidate merchant premises to a customer mobile device, receive a signal indicating a user selection of one of the candidate merchant premises, receive payment card details for the customer mobile device, obtain a specific code for a tab at the selected merchant premises, send to the customer mobile device the specific code, receive a signal from a Point of Sale (POS) terminal of the selected merchant premises, associate the customer mobile device with an open tab maintained by the POS terminal, receive from the POS terminal at least one identifier and amount for each purchase of the open tab, request payment of at least a portion of a balance of the open tab from a payment gateway using the payment card details, and notify the POS terminal of the payment.

Abstract: Systems and methods for conducting 3-D Secure transactions on-behalf-of (OBO) merchants. In an embodiment, a payer authentication response (PARes) message indicating enrollment in the 3-D Secure OBO merchants authentication service is received from an access control server by a computer and stored. The computer later receives a purchase transaction authorization request message, determines that data of the purchase transaction authorization request message matches stored PARes message data, and then injects a UCAF into the purchase transaction authorization request message to generate an updated transaction authorization request message. The updated transaction request message is then transmitted to an issuer financial institution for 3-D Secure purchase transaction authorization processing.

Abstract: A method and system for correlating cardholder identity attributes on a payment card interchange network using a computer device coupled to a database are provided. The method includes storing at a central store, personally identifiable information from an issuer for a plurality of payment card cardholders, the personally identifiable information encrypted to prevent payment card transaction data from being associated with the personally identifiable information, receiving, from a merchant, personally identifiable information during a payment card transaction, encrypting the received personally identifiable information, and comparing the encrypted stored personally identifiable information to the encrypted received personally identifiable information to determine a risk of fraud during the payment card transaction.

Abstract: A method and system for evaluating a risk of fraud in a payment card transaction using a computer device coupled to a database are provided. The method includes receiving payment card transaction messages relating to a payment card account wherein the payment card transaction messages relate to interactions with a cardholder, an issuer of the payment card account, or an agent thereof. The method further includes receiving payment card account reputation messages that include historical data relating to the trustworthiness of the payment card account, comparing at least one data element in each payment card transaction messages to at least one data element in at least one of: the payment card reputation message and prior transaction history, and determining at least one of a risk of fraud of the transaction and a trustworthiness of the payment card account based on the comparison.