Abstract: Systems and methods for verifying users in connection with transactions are disclosed. One exemplary method includes, based on the payment card device being presented at a terminal, initiating, by a security chip of the payment card device, a timer and then based on the timer being unexpired, capturing, by a biometric sensor of the payment card device, a biometric image and verifying, by the security chip, the captured biometric image against reference biometric data stored the payment card device. The method also includes, based on the captured biometric image being verified, cooperating, by the security chip, with the terminal, to initiate a transaction to an account using a first account number specific to a biometric application of the payment card device.

Abstract: Systems and methods for verifying users in connection with transactions are disclosed. One exemplary method includes, based on the payment card device being presented at a terminal, initiating, by a security chip of the payment card device, a timer and then based on the timer being unexpired, capturing, by a biometric sensor of the payment card device, a biometric image and verifying, by the security chip, the captured biometric image against reference biometric data stored the payment card device. The method also includes, based on the captured biometric image being verified, cooperating, by the security chip, with the terminal, to initiate a transaction to an account using a first account number specific to a biometric application of the payment card device.

Abstract: Systems and methods for verifying users in connection with transactions are disclosed. One exemplary method includes, in response to a payment device being inserted at a terminal, initiating, by a security chip of the payment device, a timer and capturing, by a biometric sensor of the payment device, a fingerprint while the timer is unexpired. The method also includes verifying, by the security chip, the captured fingerprint against reference fingerprint data stored in memory in the payment device and, in response to the captured fingerprint being verified, while the timer is unexpired, initiating, by the security chip, with the terminal, a transaction to an account using an account number specific to a biometric application of the payment device. An issuer can recognize verification of a user associated with the fingerprint based on the account number in an authorization request, instead of a different account number for the account.

Abstract: Systems and methods for verifying users in connection with transactions are disclosed. One exemplary method includes, in response to a payment device being inserted at a terminal, initiating, by a security chip of the payment device, a timer and capturing, by a biometric sensor of the payment device, a fingerprint while the timer is unexpired. The method also includes verifying, by the security chip, the captured fingerprint against reference fingerprint data stored in memory in the payment device and, in response to the captured fingerprint being verified, while the timer is unexpired, initiating, by the security chip, with the terminal, a transaction to an account using an account number specific to a biometric application of the payment device. An issuer can recognize verification of a user associated with the fingerprint based on the account number in an authorization request, instead of a different account number for the account.

Abstract: Systems and methods for verifying users in connection with transactions using payment devices are disclosed. One exemplary method generally includes receiving a select command for an AID associated with a payment application from a terminal and, in response, initiating by a security chip of a payment device, a timer after power-up of the security chip by the terminal. The method also includes capturing a biometric of a user, at a biometric sensor, according to the payment application, and verifying, by the security chip, the captured biometric based on reference biometric data. The method further includes, when the timer is unexpired and the captured biometric is verified, appending a first value to a CVR and returning a first AFL to the terminal, and when the timer is expired, appending a different value to the CVR and returning a different AFL to the terminal.

Abstract: Systems and methods for verifying users in connection with transactions using payment devices, by which benefits are distributed, are disclosed. One exemplary method generally includes initiating a timer after power-up of a security chip by a terminal, capturing a biometric of a user, at a biometric sensor associated with the security chip, and comparing, by the security chip, the captured biometric to a reference biometric. When the time is unexpired, and the captured biometric matches the reference biometric, the method includes launching a biometric application, whereby the terminal appends a first account number to an authorization request for a transaction to the payment account, when the timer is expired, the method includes launching a standard payment application, whereby the terminal includes a second account number in an authorization request for a transaction to the payment account, the first account number is different than the second account number.

Abstract: Systems and methods for verifying users in connection with transactions using payment devices are disclosed. One exemplary method generally includes receiving a select command for an AID associated with a payment application from a terminal and, in response, initiating by a security chip of a payment device, a timer after power-up of the security chip by the terminal. The method also includes capturing a biometric of a user, at a biometric sensor, according to the payment application, and verifying, by the security chip, the captured biometric based on reference biometric data. The method further includes, when the timer is unexpired and the captured biometric is verified, appending a first value to a CVR and returning a first AFL to the terminal, and when the timer is expired, appending a different value to the CVR and returning a different AFL to the terminal.

Abstract: A Chip Authentication Program based on 3-D Secure protocols is provided for authenticating customers' on-line transactions. An issuer, who may be a payment card issuer, operates Access Control and Authentication Request Servers for authenticating transactions by individual customers who are identified by their personal EMV-complaint smart cards. An authentication token is generated at the point of interaction (POI) for each transaction based on information from the customer's smart card and transaction specific information sent directly by the issuer to populate a web page at the POI. Authentication tokens generated at the POI are evaluated by the Authentication Request Server to authenticate individual customer and/or card presence at the transaction POI. Authentication values are transported on-line in designated Universal Cardholder Authentication Fields consistent with 3-D Secure protocols.

Abstract: Methods and apparatus for operating a transaction terminal. In an embodiment, a method includes receiving, by a proximity reader processor via a first channel, an activation signal from a payment terminal processor indicating initiation of a payment transaction with a proximity payment device. The proximity processor then executes a first process having a first queue that causes transmission of first instructions to a second process comprising a second queue, and then the second process is executed to run concurrently with the first process, wherein the second process causes the proximity processor to transmit application activation instructions via a reader interface and a second channel to the proximity payment device. The proximity processor terminates the second process when the application activation is completed without error.

Abstract: Methods, systems and apparatus are provided including a proximity payment device reader which includes a reader control program. A first process is executed upon receipt of an activation signal indicating the initiation of a transaction involving a proximity payment device with the reader, the first process causing at least a first signal to be transmitted to a second process, the second process causing the transmission of at least a second signal to the proximity payment device through a transceiver. In some embodiments, the processes may be executed to compare application data received from the payment device to data stored in a transaction log to determine if the proximity payment device was involved in an interrupted transaction. If the proximity payment device was involved in an interrupted transaction a signal is transmitted to the proximity payment device to attempt to retry the interrupted transaction.

Abstract: A system and method for generating an authentication token which is used by an issuer associated with a integrated circuit card to authenticate a transaction. A personal card reader receives data, including an authentication cryptogram, from the integrated circuit card. The personal card reader uses the data received from the integrated circuit card to select one of at least two default bitmaps stored in a memory portion of the personal card reader. The personal card reader uses the selected default bitmap and the authentication cryptogram to build the authentication token.

Abstract: Generating authentication data for use in a transaction by providing a contactless payment device or smart card configured to communicate with a mobile device, placing the contactless chip card in a proximity to the mobile device to instantiate communication between the contactless chip card and the mobile device, inputting a first input value into the mobile device, communicating data derived from the first input value from the mobile device to the contactless chip card, the contactless chip card converting a set of conversion data, including the first input value, into at least one dynamic value based at least in part on a secret value, communicating the dynamic value from the contactless chip card to the mobile device, and communicating authentication data based at least in part on the dynamic value to a user. In some embodiments the first input value is a Personal Identification Number (PIN), a challenge, or both a PIN and a challenge.

Abstract: Methods, systems and apparatus are provided including a proximity payment device reader which includes a reader control program to control a process to execute process, where a first process is executed upon receipt of an activation signal, the activation signal indicating the initiation of a transaction involving a proximity payment device with the reader, the first process causing at least a first signal to be transmitted to a second process, the second process causing the transmission of at least a second signal to the proximity payment device through a transceiver. In some embodiments, the first process and the second process each have a queue in which received signals are placed and handled in a first in first out basis allowing the processes to run concurrently with each other.

Abstract: A system and method for generating an authentication token which is used by an issuer associated with a integrated circuit card to authenticate a transaction. A personal card reader receives data, including an authentication cryptogram, from the integrated circuit card. The personal card reader uses the data received from the integrated circuit card to select one of at least two default bitmaps stored in a memory portion of the personal card reader. The personal card reader uses the selected default bitmap and the authentication cryptogram to build the authentication token.

Abstract: A Chip Authentication Program based on 3-D Secure protocols is provided for authenticating customers' on-line transactions. An issuer, who may be a payment card issuer, operates Access Control and Authentication Request Servers for authenticating transactions by individual customers who are identified by their personal EMV-complaint smart cards. An authentication token is generated at the point of interaction (POI) for each transaction based on information from the customer's smart card and transaction specific information sent directly by the issuer to populate a web page at the POI. Authentication tokens generated at the POI are evaluated by the Authentication Request Server to authenticate individual customer and/or card presence at the transaction POI. Authentication values are transported on-line in designated Universal Cardholder Authentication Fields consistent with 3-D Secure protocols.