Abstract: Described herein are a system and techniques for detecting whether biometric data provided in an access request is genuine or a replay. In some embodiments, the system uses an machine learning model trained using genuine and replay sample data which is optimized in order to produce a result set in which results for the genuine samples are pulled closer to a genuine center and results for the replay samples are pushed away from the genuine center. Subjecting input biometric data (e.g., an audio sample) to the trained model results in a classification of the input biometric data as genuine or replay, which can then be used to determine whether or not to verify the input biometric data.

Abstract: Systems and methods are disclosed in which data associated with a transaction are protected with encryption. At an access device, a PIN associated with a payment account may be encrypted with a first key derived from an initial key of the access device and sensitive data associated with the payment account may be encrypted with a second key derived from the initial key. At a secure module associated with a host server encrypted sensitive data of an authorization request message may be decrypted. The secure module associated with the host server can re-encrypt the sensitive data using a zone encryption key associated with a payment processing network. A translated authorization request message including the re-encrypted sensitive data can be transmitted by the merchant server to the payment processing network.

Abstract: When a user enters a resource provider location with a portable communication device, the portable communication device provides an indication to a transaction processing system that the portable communication device is currently at the resource provider location. At a later time when the user conducts a transaction with a portable transaction device, the fact that the user's portable communication device had been detected at the resource provider a short time ago is taken into account as a positive indicator that the transaction is not fraudulent. By verifying that both the portable communication device and the portable transaction device are present at the resource provider, the risk of approving a fraudulent transaction from a stolen portable transaction device can be reduced.

Abstract: Described herein are a system and techniques for detecting whether biometric data provided in an access request is genuine or a replay. In some embodiments, the system uses an machine learning model trained using genuine and replay sample data which is optimized in order to produce a result set in which results for the genuine samples are pulled closer to a genuine center and results for the replay samples are pushed away from the genuine center. Subjecting input biometric data (e.g., an audio sample) to the trained model results in a classification of the input biometric data as genuine or replay, which can then be used to determine whether or not to verify the input biometric data.

Abstract: A method is disclosed. An authentication node may receive a plurality of encrypted match values, wherein the plurality of encrypted match values were formed by a plurality of worker nodes that compare a plurality of encrypted second biometric template parts derived from a second biometric template to a plurality of encrypted first biometric template parts derived from a first biometric template. The authentication node may decrypt the plurality of encrypted match values resulting in a plurality of decrypted match values. The authentication node may then determine if a first biometric template matches the second biometric template using the plurality of decrypted match values. An enrollment node may be capable of enrolling a biometric template and storing encrypted biometric template parts at worker nodes.

Abstract: Systems and methods are disclosed in which data associated with a transaction are protected with encryption. At an access device, a PIN associated with a payment account may be encrypted with a first key derived from an initial key of the access device and sensitive data associated with the payment account may be encrypted with a second key derived from the initial key. At a secure module associated with a host server encrypted sensitive data of an authorization request message may be decrypted. The secure module associated with the host server can re-encrypt the sensitive data using a zone encryption key associated with a payment processing network. A translated authorization request message including the re-encrypted sensitive data can be transmitted by the merchant server to the payment processing network.

Abstract: Described herein are a system and techniques for identifying and preventing certain fraud attacks that may be used to defeat facial recognition systems. In embodiments of the system described herein, biometric data may be segregated into regions, which are then processed separately and in parallel. Likeness scores are determined for each of the separate regions. By tracking individual region likeness scores used in access requests in accordance with embodiments of the disclosure, the system is able to identify potential fraud attacks that cannot be detected using conventional systems.

Abstract: When a user enters a resource provider location with a portable communication device, the portable communication device provides an indication to a transaction processing system that the portable communication device is currently at the resource provider location. At a later time when the user conducts a transaction with a portable transaction device, the fact that the user's portable communication device had been detected at the resource provider a short time ago is taken into account as a positive indicator that the transaction is not fraudulent. By verifying that both the portable communication device and the portable transaction device are present at the resource provider, the risk of approving a fraudulent transaction from a stolen portable transaction device can be reduced.

Abstract: Described herein are a system and techniques for identifying and preventing certain fraud attacks that may be used to defeat facial recognition systems. In embodiments of the system described herein, biometric data may be segregated into regions, which are then processed separately and in parallel. Likeness scores are determined for each of the separate regions. By tracking individual region likeness scores used in access requests in accordance with embodiments of the disclosure, the system is able to identify potential fraud attacks that cannot be detected using conventional systems.

Abstract: Systems and methods are disclosed for training a generative adversarial network (GAN) to transform images of one type (e.g., a selfie) to images of a second type (e.g., an ID document image). Once trained, the GAN may be utilized to generate an augmented training set that includes pairs of images (e.g., an image of the first type paired with an image of the second type, an image of the second type generated from an image of the first type paired with an image of the second type). The augmented training data set may be utilized to train a matching model to identify when subsequent input images (e.g., a selfie and an ID image, an ID image generated from a selfie and an actual ID image) match.

Abstract: Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device comprising a server computer receiving a payment request including encrypted payment information. The encrypted payment information being generated by a mobile payment application of the mobile device and being encrypted using a third party key. The method further comprises decrypting the encrypted payment information using the third party key, determining a transaction processor public key associated with the payment information, and re-encrypting the payment information using the transaction processor public key. The method further comprises sending a payment response including the re-encrypted payment information to a transaction processor.

Abstract: A method and system of using a vehicle mounted camera device to authenticate a user during an interaction is disclosed. The method includes receiving interaction data regarding an interaction between a user operating a communication device and an access device, the user being near other candidate users. The method then includes determining one or more match indicators, the match indicators generated by comparing different sample biometric templates of the user with different enrolled biometric templates. At least one of the different biometric sample templates may be an image-based biometric template and at least one may be a voice print biometric template. Then the method includes identifying the user based on at least the match indicator associated with the voice print biometric template. The method then includes, if the match indicators are positive match indicators, initiating a process on behalf of the user.

Abstract: Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device comprising a server computer receiving a payment request including encrypted payment information. The encrypted payment information being generated by a mobile payment application of the mobile device and being encrypted using a third party key. The method further comprises decrypting the encrypted payment information using the third party key, determining a transaction processor public key associated with the payment information, and re-encrypting the payment information using the transaction processor public key. The method further comprises sending a payment response including the re-encrypted payment information to a transaction processor.

Abstract: A method is disclosed. The method includes a server computer receiving, from a user device, a first encrypted biometric template, wherein the server computer stores a plurality of encrypted enrollment biometric templates, and a table comprising a plurality of encrypted match values and corresponding unencrypted match values. The server computer can then, for each of the plurality of encrypted enrollment biometric templates, input the first encrypted biometric template and an encrypted enrollment biometric template into a function to obtain an encrypted match value. The server computer can then, for each of the plurality of encrypted enrollment biometric templates, determine if the encrypted match value corresponds to an unencrypted match value using the table, wherein the unencrypted match value is greater than a threshold. The server computer can then provide a notification to the user device or another device associated with the unencrypted match value.

Abstract: A method and system of using a vehicle mounted camera device to authenticate a user during an interaction is disclosed. The method includes receiving interaction data regarding an interaction between a user operating a communication device and an access device, the user being near other candidate users. The method then includes determining one or more match indicators, the match indicators generated by comparing different sample biometric templates of the user with different enrolled biometric templates. At least one of the different biometric sample templates may be an image-based biometric template and at least one may be a voice print biometric template. Then the method includes identifying the user based on at least the match indicator associated with the voice print biometric template. The method then includes, if the match indicators are positive match indicators, initiating a process on behalf of the user.

Abstract: A method is disclosed. The method includes a server computer receiving, from a user device, a first encrypted biometric template, wherein the server computer stores a plurality of encrypted enrollment biometric templates, and a table comprising a plurality of encrypted match values and corresponding unencrypted match values. The server computer can then, for each of the plurality of encrypted enrollment biometric templates, input the first encrypted biometric template and an encrypted enrollment biometric template into a function to obtain an encrypted match value. The server computer can then, for each of the plurality of encrypted enrollment biometric templates, determine if the encrypted match value corresponds to an unencrypted match value using the table, wherein the unencrypted match value is greater than a threshold. The server computer can then provide a notification to the user device or another device associated with the unencrypted match value.

Abstract: A method is disclosed. An authentication node may receive a plurality of encrypted match values, wherein the plurality of encrypted match values were formed by a plurality of worker nodes that compare a plurality of encrypted second biometric template parts derived from a second biometric template to a plurality of encrypted first biometric template parts derived from a first biometric template. The authentication node may decrypt the plurality of encrypted matchvalues resulting in a plurality of decrypted matchvalues. The authentication node may then determine if a first biometric template matches the second biometric template using the plurality of decrypted match values. An enrollment node may be capable of enrolling a biometric template and storing encrypted biometric template parts at worker nodes.

Abstract: A method and system for performing a calculation of a privacy preserving scalar product are provided. A first party and a second party (e.g., a first computer and a second computer) possessing a first vector and a second vector respectively, can concurrently determine the scalar product of the two vectors, without revealing either vector to the other party. Each vector can be masked and then encrypted using a public key of an asymmetric key pair. Using homomorphic encryption operations, the scalar product of the vectors can be determined while the vectors are still encrypted. Each party can compare the scalar product, or a value derived from the scalar product against a predetermined threshold. As an example, two parties can perform the scalar product to compare two biometric templates expressed as vectors without revealing the biometric templates to one another, preserving the privacy of persons corresponding to those biometrics.

Abstract: Described herein are a system and techniques for identifying and preventing certain fraud attacks that may be used to defeat facial recognition systems. In embodiments of the system described herein, biometric data may be segregated into regions, which are then processed separately and in parallel. Likeness scores are determined for each of the separate regions. By tracking individual region likeness scores used in access requests in accordance with embodiments of the disclosure, the system is able to identify potential fraud attacks that cannot be detected using conventional systems.

Abstract: A method and system of using a vehicle mounted camera device to authenticate a user during an interaction is disclosed. The method includes receiving interaction data regarding an interaction between a user operating a communication device and an access device, the user being near other candidate users. The method then includes determining one or more match indicators, the match indicators generated by comparing different sample biometric templates of the user with different enrolled biometric templates. At least one of the different biometric sample templates may be an image-based biometric template and at least one may be a voice print biometric template. Then the method includes identifying the user based on at least the match indicator associated with the voice print biometric template. The method then includes, if the match indicators are positive match indicators, initiating a process on behalf of the user.