Abstract: Methods, system, and apparatuses are presented for performing location-based fraud detection (e.g., in e-commerce transactions) while alleviating privacy concerns. Location-based fraud detection may utilize an intermediary (i.e., third party server), which collects the actual location of mobile phones and then obfuscates the collected location information. Obfuscation of location information may comprise assigning region identifiers to geographical regions, where a region identifier can be associated with a transaction that was conducted in a corresponding geographical region. Overlapping regions of varying resolutions may be utilized, each region size corresponding to a set of regions. The intermediary may provide obfuscated location information to an entity (i.e., fraud detection system) that performs the location-based fraud detection based on the obfuscated location information.

Abstract: Techniques for enhancing the security of a communication device when conducting a transaction using the communication device may include encrypting account information with a first encryption key to generate a second encryption key, and encrypting key index information using the second key to generate a limited-use key (LUK). The key index information may include a key index having information pertaining to generation of the LUK. The LUK and the key index can be provided to the communication device to facilitate generation of a transaction cryptogram for a transaction conducted using the communication device, and the transaction can be authorized based on the transaction cryptogram generated from the LUK.

Abstract: Embodiments of the present invention are directed to methods and systems for providing a payment token issuance system using account issuer-defined payment token request rules generated and stored by a token issuer computer. The token issuer computer allows an account issuer to define payment token request rules, and the token issuer computer can automatically apply the payment token request rules to a payment token request without requiring additional decisioning by the account issuer.

Abstract: Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device. The method comprises receiving, by a mobile payment application on a secure memory of the mobile device, transaction data from a transaction processor application on the mobile device. The method further comprises validating that the transaction processor application is authentic and in response to validating the transaction processor application, providing encrypted payment credentials to the transaction processor application. The transaction processor application further initiates a payment transaction with a transaction processor server computer using the encrypted payment credentials.

Abstract: Embodiments are described that are directed to optimizing the provisioning of payment account credentials to mobile devices utilizing mobile wallets. In some embodiments, one of multiple provisioning schemes may be selectively chosen for payment account credential provisioning based upon a determined risk involved with a particular provisioning request. A low risk provisioning request leads to an immediate provisioning of a payment credential, whereas a provisioning request of high risk results in the provisioning request being denied. In some embodiments, medium risk provisioning requests will cause an additional user authentication to be performed before the payment account provisioning is finalized. The additional user authentication may occur using a separate communication channel than the channel in which the provisioning request was received.

Abstract: Systems, apparatuses, and methods are provided for enabling a transaction using a token associated with a first payment network to be conducted using a second payment network. When a transaction using a token is submitted to a payment network, the payment network can determine the payment network associated with the token. If the token is associated with a second payment network, a token verification request including the token can be sent to the second payment network. The second payment network can then return a token verification response including a primary account identifier such as a primary account number (PAN) corresponding to the token and a validation result. The transaction may then be processed using the primary account identifier.

Abstract: Systems and methods for interoperable network token processing are provided. A network token system provides a platform that can be leveraged by external entities (e.g., third party wallets, e-commerce merchants, payment enablers/payment service providers, etc.) or internal payment processing network systems that have the need to use the tokens to facilitate payment transactions. A token registry vault can provide interfaces for various token requestors (e.g., mobile device, issuers, merchants, mobile wallet providers, etc.), merchants, acquirers, issuers, and payment processing network systems to request generation, use and management of tokens. The network token system further provides services such as card registration, token generation, token issuance, token authentication and activation, token exchange, and token life-cycle management.

Abstract: Systems and methods for interoperable network token processing are provided. A network token system provides a platform that can be leveraged by external entities (e.g., third party wallets, e-commerce merchants, payment enablers/payment service providers, etc.) or internal payment processing network systems that have the need to use the tokens to facilitate payment transactions. A token registry vault can provide interfaces for various token requestors (e.g., mobile device, issuers, merchants, mobile wallet providers, etc.), merchants, acquirers, issuers, and payment processing network systems to request generation, use and management of tokens. The network token system further provides services such as card registration, token generation, token issuance, token authentication and activation, token exchange, and token life-cycle management.

Abstract: Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device comprising a server computer receiving a payment request including encrypted payment information. The encrypted payment information being generated by a mobile payment application of the mobile device and being encrypted using a third party key. The method further comprises decrypting the encrypted payment information using the third party key, determining a transaction processor public key associated with the payment information, and re-encrypting the payment information using the transaction processor public key. The method further comprises sending a payment response including the re-encrypted payment information to a transaction processor.

Abstract: A merchant computer generates a token including a “pay-me” merchant account identifier and transaction data for a transaction conducted by a consumer. The merchant token can be obtained by a mobile communication device and transmitted to a payment processing network along with a device identifier for the mobile communication device and an authentication token provided by the consumer. The payment processing network can authenticate the device using the authentication token, retrieve a consumer account number based on the device identifier, and complete the transaction by pushing money into the merchant “pay-me” account from the consumer account.

Abstract: Embodiments of the present invention are directed to methods, systems, and apparatuses for providing a secure authentication scheme for authenticating users and accounts on behalf of a service provider server computer offering services to a user. Upon determining, by the secure authentication scheme, that the user and/or account identifier associated with the user is authenticate, the service provider server computer may be provided with assurance that the user is authenticate and thereafter provide a service requested by the user.

Abstract: Systems and methods are disclosed in which data associated with a transaction are protected with encryption. At an access device, a PIN associated with a payment account may be encrypted with a first key derived from an initial key of the access device and sensitive data associated with the payment account may be encrypted with a second key derived from the initial key. At a secure module associated with a host server encrypted sensitive data of an authorization request message may be decrypted. The secure module associated with the host server can re-encrypt the sensitive data using a zone encryption key associated with a payment processing network. A translated authorization request message including the re-encrypted sensitive data can be transmitted by the merchant server to the payment processing network.

Abstract: Data to be exchanged in a transaction is protected by using a hashing function to transform sensitive data into a scrambled form. The hashing function can use as its inputs data derived entirely or in part from portions of the data to be exchanged. The hashing function can also use as its inputs data derived entirely or in part from other locally available data. The output of the hash function is then transmitted to a destination that attempts to recreate the output of the hash function in order to validate the data transmission.

Abstract: An apparatus and method are disclosed for an improved semiconductor interconnect scheme using a simplified process. In an embodiment of the apparatus, a polysilicon shape is formed on a silicon area. The polysilicon shape is created having a bridging vertex. When a spacer is created on the polysilicon shape, the spacer width is formed to be small enough near the bridging vertex to allow a silicide bridge to form that creates an electrical coupling between the silicon area and the bridging vertex. Semiconductor devices and circuits are created using the improved semiconductor interconnect scheme using the simplified process.

Abstract: An apparatus and method are disclosed for an improved semiconductor interconnect scheme using a simplified process. In an embodiment of the apparatus, a polysilicon shape is formed on a silicon area. The polysilicon shape is created having a bridging vertex. When a spacer is created on the polysilicon shape, the spacer width is formed to be small enough near the bridging vertex to allow a silicide bridge to form that creates an electrical coupling between the silicon area and the bridging vertex. Semiconductor devices and circuits are created using the improved semiconductor interconnect scheme using the simplified process.

Abstract: Disclosed herein is a method for providing assurance information regarding a business entity to a customer for an electronic transaction. The method comprises submitting a compliance token to a certificate authority as part of a certificate signing request wherein the compliance token comprises an assessment result describing the business entity's level of compliance with an assurance policy, as determined by an assessor, receiving an assurance certificate from the certificate authority, wherein the certificate includes the compliance token, and providing the assurance certificate to a customer in order to provide security information to the customer as part of an electronic transaction.

Abstract: Disclosed herein is a method of providing one or more transaction card services to a holder of a transaction card, the method comprising receiving a registration code from the holder, wherein the registration code is associated with the issuer of the transaction card and with the transaction card, determining the issuer of the transaction card based on at least a portion of the registration code, transmitting the registration code to the issuer of the transaction card, receiving account information from the issuer, wherein the account information is associated with the registration code and with the transaction card, displaying at least a portion of the account information to the holder, receiving a verification value corresponding to the account information from the holder, and if the verification value is valid, permitting the holder to select one or more services in which to enroll.

Abstract: A FinFET body contact structure and a method for creating the FinFET body contact structure are disclosed. The body contact structure comprises a wide fin portion of a semiconductor fin, the wide fin portion having a polysilicon polygon shape formed on a top surface of the wide fin portion. The polysilicon polygon shape has a center area having no polysilicon. FinFETs are formed on two vertical surfaces of the wide fin portion and gates of the FinFETs are coupled to the polysilicon polygon shape. Top surfaces of the wide fin portion and the polysilicon polygon shape are silicided. Silicide bridging is prevented by sidewall spacers. All convex angles on the polysilicon polygon shape are obtuse enough to prevent creation of bridging vertices. The center area is doped of an opposite type from a source and a drain of an associated FinFET.

Abstract: An apparatus and method is disclosed for determining polysilicon conductor width for 3-dimensional field effect transistors (FinFETs). Two or more resistors are constructed using a topology in which polysilicon conductors are formed over a plurality of silicon “fins”. A first resistor has a first line width. A second resistor has a second line width. The second line width is slightly different than the first line width. Advantageously, the first line width is equal to the nominal design width used to make FET gates in the particular semiconductor technology. Resistance measurements of the resistors and subsequent calculations using the resistance measurements are used to determine the actual polysilicon conductor width produced by the semiconductor process. A composite test structure not only allows calculation of the polysilicon conductor width, but provides proof that differences in the widths used in the calculations do not introduce objectionable etching characteristics of the polysilicon conductors.

Abstract: An apparatus and method are disclosed for measuring alignment of polysilicon shapes relative to a silicon area wherein the presence of an electrical coupling is used to determine the presence of bias or misalignment. Bridging vertices on the polysilicon shapes are formed. Bridging vertices over the silicon area create low resistance connections between those bridging vertices and the silicon area; other bridging vertices over ROX (recessed oxide) areas do not create low resistance connections between those other bridging vertices and the silicon area. Determining which bridging vertices have low resistance connections to the silicon area and how many bridging vertices have low resistance connections to the silicon area are used to determine the bias and misalignment of the polysilicon shapes relative to the silicon area.