Abstract: Systems and methods are provided for authenticating users. An exemplary method includes receiving, by a directory server (DS), an authentication request for a transaction to an account where the request includes a token and a cryptogram, and transmitting the token and cryptogram to a digital service server (DSS). The method also includes mapping, by the DSS, the token to an account number for the account, validating the cryptogram, generating a directory server nonce (DSN) for the request, and transmitting the DSN and the account number to the DS. The method further includes transmitting, by the DS, the DSN and the account number to an access control server (ACS) associated with an issuer of the account and, in response to an issuer authentication value (IAV), compiling an accountholder authentication value (AAV) including the IAV, the DSN and an amount of the transaction and transmitting the AAV to a merchant or server.

Abstract: Systems and methods are provided for authenticating users. An exemplary method includes receiving, by a directory server (DS), an authentication request for a transaction to an account where the request includes a token and a cryptogram, and transmitting the token and cryptogram to a digital service server (DSS). The method also includes mapping, by the DSS, the token to an account number for the account, validating the cryptogram, generating a directory server nonce (DSN) for the request, and transmitting the DSN and the account number to the DS. The method further includes transmitting, by the DS, the DSN and the account number to an access control server (ACS) associated with an issuer of the account and, in response to an issuer authentication value (IAV), compiling an accountholder authentication value (AAV) including the IAV, the DSN and an amount of the transaction and transmitting the AAV to a merchant or server.

Abstract: Methods, apparatus and systems for operating a payment-enabled mobile device to facilitate a payment transaction with a merchant server. In an embodiment, a mobile device processor of the payment-enabled mobile device receives a payment transaction request from a user, transmits a payment transaction initiation message directly to a merchant server of the merchant, and receives a request message from the merchant server that includes one of a request to provide an Authorization Request Cryptogram (ARQC) or a request to provide user consent information. The user consent information may include cardholder verification results or a request to provide an ARQC.

Abstract: Examples provide a system and method for initiating contactless communication sessions between computing devices using a variety of modalities. A user pre-registers a selected modality for triggering session initiation. A session initiation device generates trigger data based on a detected occurrence of a predetermined event corresponding to a user selected modality, such as, but not limited to, biometric data, a unique user identifier (ID), a vehicle identifier, or any other type of modality. The trigger data is mapped to a mobile device ID. The mobile device ID can be requested from a connection server. The communication session is established between the first computing device and the mobile user device using the mobile device identifier. The computing device transmits data to the mobile user device via the established communication session when the computing device is brought into proximity to the mobile user device.

Abstract: Systems and methods are provided for authenticating users. An exemplary method includes receiving, by a directory server (DS), an authentication request for a transaction to an account where the request includes a token and a cryptogram, and transmitting the token and cryptogram to a digital service server (DSS). The method also includes mapping, by the DSS, the token to an account number for the account, validating the cryptogram, generating a directory server nonce (DSN) for the request, and transmitting the DSN and the account number to the DS. The method further includes transmitting, by the DS, the DSN and the account number to an access control server (ACS) associated with an issuer of the account and, in response to an issuer authentication value (IAV), compiling an accountholder authentication value (AAV) including the IAV, the DSN and an amount of the transaction and transmitting the AAV to a merchant or server.

Abstract: A method for generating transaction credentials for a user in a transaction, comprising: storing in a mobile device, an encrypted session key, and an encrypted user authentication credential; receiving an authorisation request; initiating a user authorisation process wherein in the event that the user is an authenticated user, the method comprises: decrypting the encrypted session key and encrypted user authentication credential; generating a transaction cryptogram in dependence on the user authentication credential and the session key; transmitting the transaction cryptogram and a user authentication status to a transaction processing entity for use in a transaction.

Abstract: Systems and methods are provided for authenticating users to payment accounts in connection with transactions. An exemplary method includes receiving, by at least one computing device, an authentication request for a transaction associated with a payment account where the authentication request includes a token associated with the payment account and a cryptogram, and mapping the token to a primary account number (PAN) for the payment account. The method also includes validating the cryptogram, generating a directory server nonce (DSN) for the authentication request, and transmitting the DSN and the account number to an access control server (ACS) associated with an issuer of the payment account. The method further includes, in response to an issuer authentication value (IAV), compiling an accountholder authentication value (AAV) including the IAV, the DSN and an amount of the transaction, and transmitting the AAV to one of a merchant and a server.

Abstract: Examples provide a system and method for initiating contactless communication sessions between computing devices using a variety of modalities. A user pre-registers a selected modality for triggering session initiation. A session initiation device generates trigger data based on a detected occurrence of a predetermined event corresponding to a user selected modality, such as, but not limited to, biometric data, a unique user identifier (ID), a vehicle identifier, or any other type of modality. The trigger data is mapped to a mobile device ID. The mobile device ID can be requested from a connection server. The communication session is established between the first computing device and the mobile user device using the mobile device identifier. The computing device transmits data to the mobile user device via the established communication session when the computing device is brought into proximity to the mobile user device.

Abstract: A method includes maintaining a digital wallet in a computer, and receiving a request for a transaction. The computer may receive and verify user authentication data, and then allow the user to access any payment card account in the digital wallet without requiring additional user authentication, regardless of the account selected for the transaction by the user. In some embodiments, cryptogram generation may be performed with an EMV server in association with the digital wallet, to enhance the level of security assurance for merchants, issuers and users.

Abstract: A transaction takes place between a first device and a second device. There is an authorisation system associated with the first device and a transaction support system associated with the second device. The transaction support system and the authorisation system are connected by a transaction infrastructure. A communication path is provided between the second device and the transaction support system. The second device is adapted to take the following actions. It performs a transaction with the first device and receives and generates transaction data. It splits the transaction data into basic transaction data and enhanced transaction data. It provides the basic transaction data to the transaction support system over the communication path. It also provides the enhanced transaction data by a separate route to the authorisation system for reconciliation with the processed transaction provided by the transaction support system for use by the authorisation system in authorising the transaction.

Abstract: Systems and methods are provided for authenticating users to payment accounts in connection with transactions. An exemplary method includes receiving, by at least one computing device, an authentication request for a transaction associated with a payment account where the authentication request includes a token associated with the payment account and a cryptogram, and mapping the token to a primary account number (PAN) for the payment account. The method also includes validating the cryptogram, generating a directory server nonce (DSN) for the authentication request, and transmitting the DSN and the account number to an access control server (ACS) associated with an issuer of the payment account. The method further includes, in response to an issuer authentication value (IAV), compiling an accountholder authentication value (AAV) including the IAV, the DSN and an amount of the transaction, and transmitting the AAV to one of a merchant and a server.

Abstract: In a payment-enabled smartphone, a shared cardholder verification method (CVM) applet serves a number of mobile payment cardlets. The shared CVM applet validates CVM information input by a user of the smartphone and in response issues a CVM token. The CVM token is passed to a particular one of the mobile payment cardlets that is selected for a current transaction. The selected mobile payment cardlet submits the CVM token back to the shared CVM applet for verification. Upon verifying the CVM token, the shared CVM applet enables the selected mobile payment cardlet to perform the current transaction.

Abstract: In a payment-enabled smartphone, a shared cardholder verification method (CVM) applet serves a number of mobile payment cardlets. The shared CVM applet validates CVM information input by a user of the smartphone and in response issues a CVM token. The CVM token is passed to a particular one of the mobile payment cardlets that is selected for a current transaction. The selected mobile payment cardlet submits the CVM token back to the shared CVM applet for verification. Upon verifying the CVM token, the shared CVM applet enables the selected mobile payment cardlet to perform the current transaction.

Abstract: A method for generating transaction credentials for a user in a transaction, comprising: storing in a mobile device, an encrypted session key, and an encrypted user authentication credential; receiving an authorisation request; initiating a user authorisation process wherein in the event that the user is an authenticated user, the method comprises: decrypting the encrypted session key and encrypted user authentication credential; generating a transaction cryptogram in dependence on the user authentication credential and the session key; transmitting the transaction cryptogram and a user authentication status to a transaction processing entity for use in a transaction

Abstract: In a payment-enabled smartphone, a shared cardholder verification method (CVM) applet serves a number of mobile payment cardlets. The shared CVM applet validates CVM information input by a user of the smartphone and in response issues a CVM token. The CVM token is passed to a particular one of the mobile payment cardlets that is selected for a current transaction. The selected mobile payment cardlet submits the CVM token back to the shared CVM applet for verification. Upon verifying the CVM token, the shared CVM applet enables the selected mobile payment cardlet to perform the current transaction.

Abstract: In a payment-enabled smartphone, a shared cardholder verification method (CVM) applet serves a number of mobile payment cardlets. The shared CVM applet validates CVM information input by a user of the smartphone and in response issues a CVM token. The CVM token is passed to a particular one of the mobile payment cardlets that is selected for a current transaction. The selected mobile payment cardlet submits the CVM token back to the shared CVM applet for verification. Upon verifying the CVM token, the shared CVM applet enables the selected mobile payment cardlet to perform the current transaction.

Abstract: In a payment-enabled smartphone, a shared cardholder verification method (CVM) applet serves a number of mobile payment cardlets. The shared CVM applet validates CVM information input by a user of the smartphone and in response issues a CVM token. The CVM token is passed to a particular one of the mobile payment cardlets that is selected for a current transaction. The selected mobile payment cardlet submits the CVM token back to the shared CVM applet for verification. Upon verifying the CVM token, the shared CVM applet enables the selected mobile payment cardlet to perform the current transaction.

Abstract: In a payment-enabled smartphone, a shared cardholder verification method (CVM) applet serves a number of mobile payment cardlets. The shared CVM applet validates CVM information input by a user of the smartphone and in response issues a CVM token. The CVM token is passed to a particular one of the mobile payment cardlets that is selected for a current transaction. The selected mobile payment cardlet submits the CVM token back to the shared CVM applet for verification. Upon verifying the CVM token, the shared CVM applet enables the selected mobile payment cardlet to perform the current transaction.

Abstract: Example embodiments include methods and apparatus for exchanging, using a contactless interface included in a portable device, transaction information associated with an electronic merchant device when the portable device is brought into close proximity to a contactless interface associated with the electronic merchant device, with the information identifying the electronic merchant device and identifying a handover wireless network connected to the electronic merchant device and with information including security credentials required to form a secure connection, establishing a persistent, secure wireless connection with the electronic merchant device, using a wireless network interface in the portable device and the transaction information, over the handover wireless network and exchanging transaction messages between the portable device and the electronic merchant device over the persistent, secure wireless connection during a shopping interval.

Abstract: In a payment-enabled smartphone, a shared cardholder verification method (CVM) applet serves a number of mobile payment cardlets. The shared CVM applet validates CVM information input by a user of the smartphone and in response issues a CVM token. The CVM token is passed to a particular one of the mobile payment cardlets that is selected for a current transaction. The selected mobile payment cardlet submits the CVM token back to the shared CVM applet for verification. Upon verifying the CVM token, the shared CVM applet enables the selected mobile payment cardlet to perform the current transaction.