Abstract: The disclosed embodiments include methods and systems for providing tokenized transaction accounts. In one embodiment, a computer-implemented method is provided that may include generating, by one or more processors, a first tokenized transaction account from a first transaction account associated with a first user. The method may also include providing the first tokenized transaction account to a client device associated with the first user for storage in the client device and use in transactions. The method may also include updating the first tokenized transaction account based on one or more conditions and providing the updated first tokenized transaction account to the client device for storage and use in a subsequent transaction.

Abstract: The disclosed embodiments include computerized systems and methods for generating secured blockchain-based ledger data structures that track occurrences of events across fragmented and geographically dispersed lines-of-business of an enterprise. In one instance, an apparatus associated with a rules authority of the secured blockchain-based ledger may detect an occurrence of a triggering event, and may access and decrypt a set of rules hashed into the secured blockchain-based ledger using a confidentially-held master cryptographic key. The apparatus may identify a rule associated with the detected event, and perform one or more operations consistent with the rule, including a disbursement of various rewards to employees in response to customer-specific interactions with the enterprise. The disclosed embodiments provide a rules process for aggregating mutually incompatible enterprise data that specifies the events, and for tracking the events in uniform data structures accessible across the enterprise.

Abstract: The disclosed embodiments include computerized systems and methods for generating secured block-chain-based ledger data structures that track subdivide ownership and usage of one or more assets, such as Internet-connected devices. In one instance, an apparatus associated with a rules authority of the secured block-chain-based ledger may detect an occurrence of a triggering event related to at least one of partial ownership interests in the assets, and may access and decrypt a set of rules hashed into the secured block-chain-based ledger using a confidentially-held master cryptographic key. The apparatus may identify a rule associated with the detected event, and perform one or more operations consistent with the rule, including a generation of additional data blocks reflecting a change in at least one of the partial ownership interests, and additionally or alternatively, processes that adaptively monitor a compliance of one or more partial owners with an imposed usage restriction.

Abstract: An authorization system includes a database, and at least one computer server in communication with the database. The database includes a plurality of database records, each including an account number and an associated card number. Each card number has fewer digits than the associated account number. The server is configured to receive, from a communications terminal, a request message that initiates a transaction with the server. The server is configured to request an authentication credential from the terminal, and in the database locate the card number that matches the received authentication credential and locate the account number that is associated with the located card number. The server is configured to request authorization of a test transaction using the account number, receive an authorization response confirming authorization of the test transaction, and authorize the initiated transaction in response to the authorization response. The test transaction is different from the initiated transaction.

Abstract: Mobile communications devices, systems and methods are provided for identifying a risk of fraudulent activity associated with a merchant before a user executes a transaction with the merchant. In an embodiment, a mobile communications device obtains first information identifying prior instances of fraudulent activity associated with a merchant. The mobile communications device may determine a level of risk of fraudulent activity associated with the merchant based on the obtained first information, and may identify, based on the determined risk level, one or more payment instruments and associated incentives appropriate for financial services transactions involving the merchant. The mobile communications device may present, to a user, a notification including the identified payment instruments and associated incentives prior to execution of a transaction between the user and the merchant.

Abstract: A message processing server includes a message processor and a database of multi-layer tokens. Each token in the database includes a plurality of encrypted data layers. The first layer includes the second layer and a first pointer. The second layer includes a second pointer. The message processor is configured to receive a first authorization message including a first cryptographic key and a second value; decrypt the first layer of one of the tokens with the first key; validate the first pointer by receiving confirmation of the first pointer pointing to a database entry comprising the second value; receive a second authorization message including a second cryptographic key and a third value; decrypt the second layer of the token with the second key; and validate the second pointer by receiving confirmation of the second pointer pointing to a database entry comprising a maximum data value not less than the third value.

Abstract: A message processing server includes a message processor and a database of multi-layer tokens. Each token in the database includes a plurality of encrypted data layers. The first layer includes a first data pointer. A primary layer includes the first layer and identifies a reference data value. The message processor receives from a communications device an authentication request identifying a first data value, validates the authentication request from the first data value and the reference data value configured in one of the multi-layer tokens, receives a first authorization message including a first cryptographic key, derives a first decrypted data layer from the first cryptographic key and the first encrypted data layer of the one multi-layer token, and validates the first data pointer by receiving confirmation of the first data pointer pointing to a database entry comprising a second data value less than the reference data value.

Abstract: The disclosed embodiments include methods and point-of-sale terminals for authenticating a user. The disclosed embodiments include, for example, a method for receiving, by one or more processors, authentication data from an authentication network, the authentication data including an authentication code identifying an authentication transaction associated with an authenticating partner system. The method may also include validating, by the one or more processors, the authentication data, the validating comprising comparing the authentication data with validation data corresponding to a prior authentication event associated with the user. The method may also include generating, by the one or more processors, validation information based on the validating, the validation information comprising a determination whether to validate the user for the authentication transaction. The method may also include providing, by the one or more processors, the validation information to the authentication network.

Abstract: The disclosed embodiments include methods and systems for providing account and event status notifications. The disclosed embodiments include, for example, a communications device including a memory storing software instructions and one or more processors configured to execute the software instructions to perform operations. In one aspect, the operations may include receive a notification of a status of an account parameter. The operations may also include identifying a device eligible to access the notification in accordance with a user-specified data restriction, and identifying at least a portion of the notification that is consistent with the data restriction. The communications device provide the identified portion of the notification to the eligible device without receiving input from the user, and the eligible device may present at least one of a visual, audible, or tactile indicator of the status of the account parameter.

Abstract: The disclosed embodiments include computerized systems and methods that generate secured blockchain-based ledger structures that facilitate event-based control of tracked assets. In one embodiment, an apparatus associated with a centralized authority of the secured blockchain-based ledger may detect an occurrence of an event, and may access and decrypt a set of rules hashed into the secured blockchain-based ledger using a confidentially-held master cryptographic key. The apparatus may identify a rule associated with the detected event, and perform one or more operations consistent with the rule and involving at least one of assets tracked within the secured blockchain-based ledger or an owner of a portion of the tracked assets. By way of example, the detected event may triggering a sale, transfer, and/or re-allocation of an ownership interest in a tracked asset, and the identified rule may specify a distribution of proceeds derived from the sale, transfer, and/or re-allocation.

Abstract: A payment processing method involves a server receiving a payee identifier, and linking the payee identifier to a device identifier identifying a payee device. The server receives from a payor device a payment initiation request identifying a specified payment amount and a payor identifier, links a unique token to the specified payment amount and to the payor identifier, and provides the payor device with the token. The token excludes the payor identifier and particulars of the associated payor. The server receives a payment completion request including the payee identifier and the token, and excluding the payment amount, the payor identifier and payor particulars. The server uses the payee identifier to confirm that the payment completion request was signed with the device identifier, uses the payee identifier to locate a payee account, and uses the token to determine the specified payment amount and a payor account associated with the payor identifier.

Abstract: A message processing server includes a message processor, a network interface, and a memory storing a token database of multi-layer tokens. Each token in the database includes a plurality of encrypted data layers. The message processor receives, via the network interface, at least one authorization message that identifies one of the tokens, derives a first decrypted data layer from the first encrypted data layer of the token, and extracts from the first decrypted data layer a second pointer to a secondary database that stores a predetermined data value. The message processor excises the predetermined data value from the secondary database.

Abstract: The disclosed embodiments include computerized systems and methods that generate secured blockchain-based ledger structures that facilitate event-based control of tracked assets. In one embodiment, an apparatus associated with a rules authority of the secured blockchain-based ledger may obtain data indicative of an initiated transfer of funds between parties, and may access and decrypt a set of restrictions imposed on the initiated transfer and a set of rules associated with the restrictions, which may hashed into the secured blockchain-based ledger using a confidentially-held master cryptographic key. The apparatus may determine that the initiated transfer violates at least one of the restrictions, and may perform operations consistent with at least one of the rules associated with the at least one violated restriction.

Abstract: An event monitoring processor includes a processor and at least one memory. The memory stores a database of cohort definitions. Each cohort definition defines a respective cohort. The processor is configured to receive particulars of a member event initiated by a member of one of the cohorts, generate an additional cohort definition from the particulars of the member event, and save the additional cohort definition in the cohort definitions database. The processor is also configured to receive member data associated with the cohort member, select one of the cohorts in the cohort definitions database from a correlation between the member data and the cohort definitions, and save in a cohort member database a member record that identifies a correlation between the member event and an event defined in the selected one cohort.

Abstract: The disclosed embodiments include computerized systems and methods for generating secured blockchain-based ledger data structures that track an ownership and usage of one or more assets, such as Internet-connected devices. In one instance, an apparatus associated with a rules authority of the secured blockchain-based ledger may detect an occurrence of a triggering event, and may access and decrypt a set of rules hashed into the secured blockchain-based ledger using a confidentially-held master cryptographic key. The apparatus may identify a rule associated with the detected event, and perform one or more operations consistent with the rule, including a determination of metrics indicative of a care, risk, and/or valuation of one or more of the Internet-connected devices, and additionally or alternatively, a modification of an operational or communicative functionality of the Internet-connected devices.

Abstract: The disclosed embodiments include methods, systems, system terminals, and point-of-sale terminals for authenticating a user. The disclosed embodiments include, for example, a method for receiving, by one or more processors, authentication data from an authentication network, the authentication data including an authentication code identifying an authentication transaction associated with an authenticating partner system. The method may also include validating, by the one or more processors, the authentication data, the validating comprising comparing the authentication data with validation data corresponding to a prior authentication event associated with the user. The method may also include generating, by the one or more processors, validation information based on the validating, the validation information comprising a determination whether to validate the user for the authentication transaction.

Abstract: The disclosed embodiments include computerized methods and systems that facilitate two-factor authentication of a user based on a user-defined image and information identifying portions of the image sequentially selected by the user. In one aspect, a communications device presents a first digital image of a first user on a touchscreen display. The communications device may receive, from the first user, information identifying portions of the first digital image selected in accordance with a candidate authentication sequence established by the first user. The selected first image portions may, for example, be associated with corresponding facial features of the first user. The communications device may determine whether the candidate authentication sequence matches a reference authentication sequence associated with the first digital image, and may authenticate an identity of the first user, when the first selection sequence is determined to match the second selection sequence.

Abstract: An authorization system includes a database, and at least one computer server in communication with the database. The database includes a plurality of database records, each including an account number and an associated card number. Each card number has fewer digits than the associated account number. The server is configured to receive, from a communications terminal, a request message that initiates a transaction with the server. The server is configured to request an authentication credential from the terminal, and in the database locate the card number that matches the received authentication credential and locate the account number that is associated with the located card number. The server is configured to request authorization of a test transaction using the account number, receive an authorization response confirming authorization of the test transaction, and authorize the initiated transaction in response to the authorization response. The test transaction is different from the initiated transaction.

Abstract: A method and system for recommending a physical location at which to complete an electronic activity are disclosed. In some examples, the system identifies an incomplete portion of an electronic activity initiated at a first device, and identifies a plurality of candidate locations for completion of the electronic activity based on at least one characteristic of the incomplete portion. When a prior location of the first device is closer to a first one of the candidate locations than to a second one of the candidate locations, the system selects the first candidate location for the completion of the electronic activity and provides activity data characterizing the electronic activity to a second device disposed at the first candidate location.

Abstract: An event monitoring processor includes a processor and at least one memory. The memory stores a database of cohort definitions. Each cohort definition defines a respective cohort. The processor is configured to receive particulars of a member event initiated by a member of one of the cohorts, generate an additional cohort definition from the particulars of the member event, and save the additional cohort definition in the cohort definitions database. The processor is also configured to receive member data associated with the cohort member, select one of the cohorts in the cohort definitions database from a correlation between the member data and the cohort definitions, and save in a cohort member database a member record that identifies a correlation between the member event and an event defined in the selected one cohort.