Abstract: Described herein are techniques for facilitating push provisioning of a user payment source into a user's digital wallet without the user having a physical card. The techniques allow an issuer to provide a button in an issuer's application for the user to simply push the button to request that the payment source be imported into a pay wallet or a merchant. In this way, the payment source information is “pushed” into the pay wallet. Using push provisioning, the user need not enter any physical card information. The described techniques generate a chain of trust that can be used to ensure that a user, through an issuer and using a gateway, authorizes a token service provider to provision the payment source into the pay wallet or merchant.

Abstract: Described herein are techniques for facilitating push provisioning of a user payment source into a user's digital wallet without the user having a physical card. The techniques allow an issuer to provide a button in an issuer's application for the user to simply push the button to request that the payment source be imported into a pay wallet or a merchant. In this way, the payment source information is “pushed” into the pay wallet. Using push provisioning, the user need not enter any physical card information. The described techniques generate a chain of trust that can be used to ensure that a user, through an issuer and using a gateway, authorizes a token service provider to provision the payment source into the pay wallet or merchant.

Abstract: A gateway encryption service is used to ensure consistent, source independent tokenization for payment accounts and synchronizing payment account information with merchants. A consistent, evergreen merchant-facing token is generated and used for each payment account for the merchant, ensuring that regardless of the payment method used by the customer (e.g., plastic card point-of-sale, pay wallet, saved card information) for the same underlying account, the merchant has a single token. Further, if the account number for the underlying payment account changes (e.g., the card expires or is stolen) the merchant-facing token remains consistent. The evergreen token ensures that the system functions more efficiently, saving resources in processing and storage and ensuring less network traffic for failed transactions. The system further implements encryption and security despite the consistent tokenization, further saving resources.

Abstract: A gateway encryption service is used to ensure consistent, source independent tokenization for payment accounts and synchronizing payment account information with merchants. A consistent, evergreen merchant-facing token is generated and used for each payment account for the merchant, ensuring that regardless of the payment method used by the customer (e.g., plastic card point-of-sale, pay wallet, saved card information) for the same underlying account, the merchant has a single token. Further, if the account number for the underlying payment account changes (e.g., the card expires or is stolen) the merchant-facing token remains consistent. The evergreen token ensures that the system functions more efficiently, saving resources in processing and storage and ensuring less network traffic for failed transactions. The system further implements encryption and security despite the consistent tokenization, further saving resources.

Abstract: Described herein are techniques for facilitating push provisioning of a user payment source into a user's digital wallet without the user having a physical card. The techniques allow an issuer to provide a button in an issuer's application for the user to simply push the button to request that the payment source be imported into a pay wallet or a merchant. In this way, the payment source information is “pushed” into the pay wallet. Using push provisioning, the user need not enter any physical card information. The described techniques generate a chain of trust that can be used to ensure that a user, through an issuer and using a gateway, authorizes a token service provider to provision the payment source into the pay wallet or merchant.

Abstract: A gateway encryption service is used to ensure consistent, source independent tokenization for payment accounts and synchronizing payment account information with merchants. A consistent, evergreen merchant-facing token is generated and used for each payment account for the merchant, ensuring that regardless of the payment method used by the customer (e.g., plastic card point-of-sale, pay wallet, saved card information) for the same underlying account, the merchant has a single token. Further, if the account number for the underlying payment account changes (e.g., the card expires or is stolen) the merchant-facing token remains consistent. The evergreen token ensures that the system functions more efficiently, saving resources in processing and storage and ensuring less network traffic for failed transactions. The system further implements encryption and security despite the consistent tokenization, further saving resources.

Abstract: Described herein are techniques for facilitating push provisioning of a user payment source into a user's digital wallet without the user having a physical card. The techniques allow an issuer to provide a button in an issuer's mobile application for the user to simply push the button to request that the payment source be imported into the user's digital pay wallet. In this way, the payment source information is “pushed” into the pay wallet. Using push provisioning, the user need not enter any physical card information. The described techniques generate a chain of trust that can be used to ensure that a user, through an issuer and using an encryption gateway, authorizes a token service provider to provision the payment source into the user's digital wallet.

Abstract: Methods and systems are disclosed for executing financial transactions between customers and merchants. An identifier of a financial account is received from the customer at a merchant system. A one-time password is also received from the customer at the merchant system, with the customer having been provided with the one-time password by a mobile electronic device or contactless presentation instrument. A cryptogram is generated to include the identifier of the financial account encrypted using the one-time password. An authorization request is formulated at the merchant system. The authorization request includes the cryptogram and transaction information describing at least a portion of the financial transaction. The authorization request is transmitted from the merchant system to an authorization processor for authorization of the financial transaction.

Abstract: Methods and systems are disclosed for executing financial transactions between customers and merchants. An identifier of a financial account is received from the customer at a merchant system. A one-time password is also received from the customer at the merchant system, with the customer having been provided with the one-time password by a mobile electronic device or contactless presentation instrument. A cryptogram is generated to include the identifier of the financial account encrypted using the one-time password. An authorization request is formulated at the merchant system. The authorization request includes the cryptogram and transaction information describing at least a portion of the financial transaction. The authorization request is transmitted from the merchant system to an authorization processor for authorization of the financial transaction.

Abstract: Methods and systems are disclosed of enrolling a customer to perform an action. A first piece of information is received at an authentication processor from an over-the-air processor. The first piece of information was provided to the over-the-air processor by the customer from a mobile electronic device. A second piece of information is received at the authentication processor from a server different from the over-the-air processor. The second piece of information was provided to the server by the customer. The first and second pieces of information are associated by the authentication processor to enroll the customer.

Abstract: This disclosure describes, generally, methods and systems for implementing enrollment authentication. The method includes receiving from a customer a partial PAN and an issuing financial institution. Further, based on transaction history related to the partial PAN, the method presents challenge questions to the customer, receive answers to the challenge questions. Then, based on the partial PAN, the issuing financial institution, and the answers to the challenge questions, a complete PAN may be resolved. The method includes prompting the customer to select a mutual trust phrase, receiving the selected mutual trust phrase, and placing a call from an interactive voice response (IVR) system to the customer. Further, the method includes playing back to the customer the selected mutual challenge phrase, receiving, from a telephone (e.g.

Abstract: Methods and systems are disclosed for executing financial transactions between customers and merchants. An identifier of a financial account is received from the customer at a merchant system. A one-time password is also received from the customer at the merchant system, with the customer having been provided with the one-time password by a mobile electronic device or contactless presentation instrument. A cryptogram is generated to included the identifier of the financial account encrypted using the one-time password. An authorization request is formulated at the merchant system. The authorization request includes the cryptogram and transaction information describing at least a portion of the financial transaction. The authorization request is transmitted from the merchant system to an authorization processor for authorization of the financial transaction.

Abstract: Methods and systems are disclosed of enrolling a customer to perform an action. A first piece of information is received at an authentication processor from an over-the-air processor. The first piece of information was provided to the over-the-air processor by the customer from a mobile electronic device. A second piece of information is received at the authentication processor from a server different from the over-the-air processor. The second piece of information was provided to the server by the customer. The first and second pieces of information are associated by the authentication processor to enroll the customer.