Abstract: A method for contactless payment relay attack protection includes receiving an online authorization request including a cryptogram, a measured processing time, and a reference processing time from a terminal. The cryptogram is verified, and a determination is performed as to whether the measured processing time exceeds the reference processing time. An online authorization response authorizing or declining a monetary transaction is transmitted, based on the determination. An artificial intelligence transaction analysis can be performed based on past and current conditions (e.g., battery level, operating system, open applications) of a payment device such as a mobile phone, past and current conditions of a terminal, and/or a monetary amount. The online authorization response can be based on the artificial intelligence transaction analysis.

Abstract: A bridge service is provided to support multi-user simulated contactless cards that in response to receiving a request to provision a secure element with payment card profile information of a user, provisions a token representing the payment card profile, converts the token representing the payment card profile into a format for the payment application; and provides the payment card profile to the payment application, the payment card profile comprising a single use key. The bridge service enables simulated contactless cards to store payment card information for a user on volatile memory instead of the persistent, secure element memory.

Abstract: A method of performing a contactless transaction between a payment device and a terminal is described. The method comprises establishing a data connection between the payment device and the terminal and then establishing if the payment device and the terminal both support an enhanced security architecture. If they do not, they will then perform the contactless transaction according to a basic transaction flow using a first cryptographic system. If they do, they will perform the contactless transaction according to an enhanced transaction flow using a second cryptographic system. The first cryptographic system and the second cryptographic system comprise different asymmetric cryptographic systems. Suitable payment devices and terminals, and methods at the payment devices and terminals, are described.

Abstract: Methods and devices are provided for use in carrying out a transaction between a transaction device and a point of interaction. In connection therewith, a device for interacting with a point of interaction to carry out a transaction by a consumer includes a processor comprising a payment application and a system environment module, where the system environment module is configured to determine whether the payment application is eligible for a transaction. The device also includes an input in communication with the processor and configured to receive transaction data from a point of interaction in connection with the transaction, and an output in communication with the processor and configured to transmit transaction data to the point of interaction in connection with the transaction when the system environment module determines that the payment application is eligible for the transaction.

Abstract: A method for contactless payment relay attack protection includes receiving an online authorization request including a cryptogram, a measured processing time, and a reference processing time from a terminal. The cryptogram is verified, and a determination is performed as to whether the measured processing time exceeds the reference processing time. An online authorization response authorizing or declining a monetary transaction is transmitted, based on the determination. An artificial intelligence transaction analysis can be performed based on past and current conditions (e.g., battery level, operating system, open applications) of a payment device such as a mobile phone, past and current conditions of a terminal, and/or a monetary amount. The online authorization response can be based on the artificial intelligence transaction analysis.

Abstract: A bridge service is provided to support multi-user simulated contactless cards that in response to receiving a request to provision a secure element with payment card profile information of a user, provisions a token representing the payment card profile, converts the token representing the payment card profile into a format for the payment application; and provides the payment card profile to the payment application, the payment card profile comprising a single use key. The bridge service enables simulated contactless cards to store payment card information for a user on volatile memory instead of the persistent, secure element memory.

Abstract: Application management services for simulated contactless cards support applying payment when a provisioned card (cardholder profile) is stored in volatile memory of a computing device by maintaining a first channel open between a payment application and a provisioning service while communicating payment information to a point of sale terminal over a second channel.

Abstract: A method for verification of a bearer of a credential device at a device reader is described. The method comprises first establishing a digital communication channel with the credential device, and then determining a set of verification options for the bearer and providing the set of verification options to the credential device over the digital communication channel. The credential device then selects a verification option from the set of verification options and communicates this to the device reader. The device reader can then verify the bearer of the credential device in accordance with the selected verification option. Methods at both the credential device and the device reader are described, as are suitably programmed credential devices and device readers.

Abstract: A method of performing a contactless transaction between a payment device and a terminal is described. The method comprises establishing a data connection between the payment device and the terminal and then establishing if the payment device and the terminal both support an enhanced security architecture. If they do not, they will then perform the contactless transaction according to a basic transaction flow using a first cryptographic system. If they do, they will perform the contactless transaction according to an enhanced transaction flow using a second cryptographic system. The first cryptographic system and the second cryptographic system comprise different asymmetric cryptographic systems. Suitable payment devices and terminals, and methods at the payment devices and terminals, are described.

Abstract: Methods and devices are provided for use in carrying out a transaction between a transaction device and a point of interaction. In connection therewith, a device for interacting with a point of interaction to carry out a transaction by a consumer includes a processor comprising a payment application and a system environment module, where the system environment module is configured to determine whether the payment application is eligible for a transaction. The device also includes an input in communication with the processor and configured to receive transaction data from a point of interaction in connection with the transaction, and an output in communication with the processor and configured to transmit transaction data to the point of interaction in connection with the transaction when the system environment module determines that the payment application is eligible for the transaction.

Abstract: Methods and devices are provided for use in carrying out a transaction between a transaction device and a point of interaction. In connection therewith, a device for interacting with a point of interaction to carry out a transaction by a consumer includes a processor comprising a payment application and a system environment module, where the system environment module is configured to determine whether the payment application is eligible for a transaction. The device also includes an input in communication with the processor and configured to receive transaction data from a point of interaction in connection with the transaction, and an output in communication with the processor and configured to transmit transaction data to the point of interaction in connection with the transaction when the system environment module determines that the payment application is eligible for the transaction.

Abstract: A method of matching transaction data with a transaction receipt using one of a plurality of transaction-specific elements is described. Transaction-specific elements are determined (210) from a transaction between a payment token of a user and a terminal. Transaction identifiers are then formed (220), each from a separate transaction-specific element. At least one of the transaction identifiers is then received or generated (230) in a transaction processing system. The transaction processing system provides transaction data associated with this transaction identifier. Each of the transaction identifiers used by the transaction processing system is combined (240) to form a composite transaction identifier comprising a plurality of transaction identifier elements. Each transaction identifier is matched (250) against each transaction identifier element to identify the transaction and to associate the transaction data with a transaction receipt.

Abstract: A payment device and method and system for using the payment device is described capable of utilizing a pre-authorized amount on existing infrastructure, including POS terminals or for using offline pre-paid products on this infrastructure. The updates for the pre-authorized or offline prepaid products can be sent by the issuer and applied by the card contemporaneously with the card's processing of the issuer authentication data but without requiring any additional bytes in the issuer authentication data. The updates performed by the issuer can be larger and more extensive than could be achieved by using any available space in the issuer authentication data.

Abstract: Methods and devices are provided for use in facilitating transactions between transaction devices and points of interactions. In connection therewith, one transaction device generally includes an input and an output for communicating with a point of interaction with regard to a transaction by a consumer at the point of interaction involving the transaction device. The transaction device also includes a processor in communication with the input and the output. The processor is configured to interact with the point of interaction in connection with the transaction, store transaction data relating to the transaction in a data store during the course of the transaction, and, in response to an interruption in the transaction with the point of interaction, retrieve transaction data stored in the data store in order to resume the transaction with the point of interaction when communication with the point of interaction is restored.

Abstract: Systems, methods and IC card devices are described for updating parameters such as unblocking or blocking or re-blocking an application on an IC card device whereby an integrated circuit card device gets issued with one or more active applications and optionally one or more dormant applications. Post issuance, triggered by a cardholder action when using a primary application, the issuer will send a command, e.g. in the form of a script to the card that will update parameters of another application, e.g. to ‘wake up’ the or each dormant application. An on-card mechanism is provided for the deblocking of the dormant application while the primary application is active. For any further transactions performed with the card, the cardholder will be offered a choice between the unblocked applications on the card. Optionally the oncard mechanism can also block or re-block an application or perform other actions.

Abstract: A payment-enabled mobile device receives, during a first tap of the mobile device on a proximity reader component of a point of sale (POS) terminal, first transaction context data for a current transaction, and receives during a second tap of the mobile device on the proximity reader component, second transaction context data for the current transaction. When the mobile device determines that the second tap is for the same transaction as the first tap, and that one of a customer verification method (CVM) status or a user acknowledgment status flag has been set, then it transmits a payment card account number to the POS terminal to consummate the transaction.

Abstract: The present invention relates to a method and system for synchronizing a personal identification number (PIN) value stored in a mobile computing device, with a PIN value stored on a remote server. The remote server receives a request from the mobile computing device to record a PIN value, the request comprising the PIN value. The PIN value is recovered from the received request and stored at the remote server. An instruction set arranged to record the PIN value in a secure hardware element comprised within the mobile computing device is generated and transmitted to the mobile computing device. The instruction set executes on the mobile computing device in order to record the PIN value on the secure hardware element.

Abstract: Systems, methods and IC card devices are described for updating parameters such as unblocking or blocking or re-blocking an application on an IC card device whereby an integrated circuit card device gets issued with one or more active applications and optionally one or more dormant applications. Post issuance, triggered by a cardholder action when using a primary application, the issuer will send a command, e.g. in the form of a script to the card that will update parameters of another application, e.g. to ‘wake up’ the or each dormant application. An on-card mechanism is provided for the deblocking of the dormant application while the primary application is active. For any further transactions performed with the card, the cardholder will be offered a choice between the unblocked applications on the card. Optionally the oncard mechanism can also block or re-block an application or perform other actions.

Abstract: Systems, methods and IC card devices are described for updating parameters such as unblocking or blocking or re-blocking an application on an IC card device whereby an integrated circuit card device gets issued with one or more active applications and optionally one or more dormant applications. Post issuance, triggered by a cardholder action when using a primary application, the issuer will send a command, e.g. in the form of a script to the card that will update parameters of another application, e.g. to ‘wake up’ the or each dormant application. An on-card mechanism is provided for the deblocking of the dormant application while the primary application is active. For any further transactions performed with the card, the cardholder will be offered a choice between the unblocked applications on the card. Optionally the oncard mechanism can also block or re-block an application or perform other actions.

Abstract: Methods and devices are provided for use in carrying out a transaction between a transaction device and a point of interaction. In connection therewith, a device for interacting with a point of interaction to carry out a transaction by a consumer includes a processor comprising a payment application and a system environment module, where the system environment module is configured to determine whether the payment application is eligible for a transaction. The device also includes an input in communication with the processor and configured to receive transaction data from a point of interaction in connection with the transaction, and an output in communication with the processor and configured to transmit transaction data to the point of interaction in connection with the transaction when the system environment module determines that the payment application is eligible for the transaction.