Abstract: An authentication device that the user wears reads biometrics information and executes individual authentication by verification. Only when the individual authentication has been successfully performed, authentication with an external unit (such as a server) can be started. Then, only when both the individual authentication based on the biometrics information and the mutual authentication between the external unit (such as a server) and the authentication device have been successfully performed, subsequent data processing, such as payment processing, can be executed. Therefore, even if a fraudulent third party uses a stolen authentication device, because the party cannot satisfy the start condition of authentication with the external server or a PC, fraudulent transactions and other illegitimate behaviors are effectively prevented.

Abstract: Methods and systems for detecting fraud based on velocity counts are disclosed.

Abstract: A tap device is provided for mobile device payment at a point-of-sale (POS) terminal. The tap device monitors at least one communication line of the POS terminal and detects at least one data packet having transaction data. The tap device includes a trigger database having entries including pre-stored trigger data elements. A first processor compares the pre-stored trigger data elements with the transaction data. The tap device transmits the transaction data when at least a portion of the transaction data corresponds to at least one pre-selected trigger data element. The tap device includes a first receiver receiving a Quick Response (QR) code generated by a remote server in response to the transaction data. The QR code includes an encoding of the transaction data. The tap device includes a display displaying the QR code for image capture by a mobile device that decodes the captured QR code into the transaction data.

Abstract: Disclosed herein are systems and method for facilitating transactions between a merchant-partner and a customer. In general, the systems and methods include: (a) staging a transaction between the merchant-partner and the customer; (b) tokenizing the transaction by linking one or more transaction instructions to a token ID; (c) providing the customer with the token ID, wherein the customer can then present the token ID and a payment to a point-of-sale terminal; (d) receiving confirmation that the customer has presented, to a point-of-sale terminal, the token ID and a payment in accordance with the one or more transaction instructions; (e) notifying the merchant-partner that the customer provided the payment to the point-of-sale terminal; and (f) settling the transaction between the point-of-sale terminal and the merchant-partner.

Abstract: A fuel dispenser utilizing an application framework that comprises at least two portions, the first of which is configured to communicate with all devices, including those that handle confidential or sensitive customer data, while the second portion is configured to communicate only with devices that do not handle confidential or sensitive data. The application framework also comprises two frame buffers, one of which is only accessible by the first, secure portion. Additionally, the first portion determines which frame buffer is used by a display module to transmit data to a display in order to present a graphical representation of the data.

Abstract: Arrangements which permit the employment of dedicated user-access management architecture with more than text-based access. Particularly contemplated herein are arrangements for accepting user identifiers that are then communicated to an intermediate user-delineating architecture (i.e., architecture configured for permitting access to encrypted data or sections of a computer on a user-specific basis) in a manner to permit the user-delineating architecture to perform its own task of unlocking data or sections of a computer.

Abstract: A centralized password repository (CPR) provides network users with a password portal through which the user can manage password access to domains and applications on the network. A subset of the domains and applications on the network may be required, by design, to maintain a separate password infrastructure. For these systems, the CPR establishes a secure and authenticated communication channel and software on the system interfaces with the password infrastructure to synchronize the password in the system password infrastructure with the password in the CPR. For other systems not required to maintain a separate password infrastructure, the CPR performs password services by responding to requests from those systems seeking to validate user IDs and passwords. The CPR enables an administrator to modify network privileges and enables a user to alter passwords on the network through a single interface.

Abstract: Apparatus, system, and method having a first counter to record a number of invalid authentication requests, a first timer to set a first time period based on a value of the first counter, and an authentication module associated with the first counter and the first timer to receive an initial authentication request that includes a username and when said username is invalid, the module is to invalidate any subsequent authentication requests under the username during the first time period regardless of whether the subsequent requests includes a valid username. The system further includes a communication medium. The method includes receiving an authentication request with new information in a first session, validating the new information, and caching the validated new information in the first session.

Abstract: A system that includes computer hardware, computer software, apparatus, and methodology that enables individuals, businesses, and all types of organizations (both for profit and non-profit) to capture and securely transmit check images (including, but not limited to, personal checks, business checks, travelers checks, money orders, merchant coupons, food coupons, line of credit checks, etc.), deposit information, and other information from remote locations (i.e., locations that could include the financial institution's remote locations, other financial institution's locations, businesses, private residences, etc.), for the purpose of having those checks credited to the depositing individual's or organization's bank account(s) and having the check images (and/or physical checks) entered into the bank check clearing channels for ultimate delivery to the maker bank for payment out of the maker's account.

Abstract: A method, system and computer program product for assessing information security interviews users regarding technical and non-technical issues. In an embodiment, users are interviewed based on areas of expertise. In an embodiment, information security assessments are performed on domains within an enterprise, the results of which are rolled-up to perform an information security assessment across the enterprise. The invention optionally includes application specific questions and vulnerabilities and/or industry specific questions and vulnerabilities. The invention optionally permits users to query a repository of expert knowledge. The invention optionally provides users with working aids. The invention optionally permits users to execute third party testing/diagnostic applications. The invention, optionally combines results of executed third party testing/diagnostic applications with user responses to interview questions, to assess information security.

Abstract: Apparatuses and methods for a virtual point of sale terminal and an electronic wallet are described. One embodiment is a virtual point of sale terminal for initiating and accepting a wireless electronic payment, comprising a mobile communication device configured to communicate with a payment gateway system and a point of sale processing application installed in the mobile communications device, the point of sale processing application being configured to wirelessly transmit a request for payment of a transaction to the payment gateway system and to wirelessly receive an approval code for payment of the transaction from the payment gateway system.

Abstract: Instead of a PIN which is associated with an account and provides access to an account, a dynamically generated card identifier (dynamic CID) is used to verify that the consumer currently possesses the transaction card at the time of purchase and/or is the true card owner. At the time of purchase, a token generates a dynamic CID, which changes with each transaction. A consumer enters the dynamic CID into a pre-existing CID field in an electronic order form. The merchant then sends the dynamic CID to a card authorization system within an authorization request. The card authorization system issues a response to a merchant system via a pre-existing authorization message indicating that the transaction card and dynamic CID have been validated, thereby adjusting the fraud risk associated with the transaction.

Abstract: Disclosed are methods, systems, and computer program products for identifying sensitive data from a user-entered input sequence based on user-defined criteria. According to one method, user-defined criteria for identifying sensitive data within user-entered input sequences that include sensitive data and padding data are received. A request for sensitive data from a requesting agent is presented. A user-entered input sequence that includes sensitive data and padding data is received in response to the request for sensitive data. Sensitive data is identified within the user-entered input sequence using the user-defined criteria. The identified sensitive data is provided to the requesting agent in response to the request for sensitive data.

Abstract: In the field of communications, a method, a system, and devices for implementing a network banking service are provided. The method includes: after an agent device establishes a connection with a Point Of Sale (POS) device, the agent device performs identification with the POS device; after successful identification, the agent device performs authentication with the POS device; after successful authentication, the agent device establishes a connection with a network banking server according to a preset address of the network banking server through wireless access to the Internet; and the agent device forwards network banking service data between the POS device and the network banking server, thereby implementing the network banking service. Therefore, it is convenient for users to use a network banking service, the functions of POS devices are simplified, and the cost of manufacturing and maintaining POS devices is reduced.

Abstract: One embodiment of the present invention provides the administrator of an access restricted electronic system with a flexible management scheme. In this scheme, users request access to the electronic system. Users who submit verified access information, such as a login identification and password, are immediately granted access as authorized users. Users who have not submitted access information, are presented to the administrator through an interface that enables the administrator to grant ad hoc access.

Abstract: Embodiments of the present invention comprise systems, methods and devices for eliminating multiple submission of user credential data in a system with multiple distinct restricted sub-systems wherein a unique credential is required for each sub-system.

Abstract: Embodiments of the present invention comprise systems, methods and devices for imaging device credential submission wherein credentials are extracted by scanning graphical indicia on user documents using a primary document scanner.

Abstract: A method of providing goods and services to individuals or entities via media entails assigning at least one good or service to a medium and assigning a unique identifier to the medium. Recording information in a database relative to the medium and linking the one or more goods or services assigned to the medium with the identifier of the medium. Thereafter, the medium is distributed to an individual or entity and the individual or entity presents the medium to a provider of goods or services assigned to the medium. Upon presentment the provider delivers one or more of the assigned goods to the individual or entity making presentment. At an appropriate point in the process, a communication is directed to the database recording the results of the transaction between the provider and the individual or entity presenting the medium.

Abstract: A coin processing and redemption system includes a coin processing machine configured to receive a batch of coins in an input region and process the batch of coins to determine a value thereof. A dispensing device is provided and is configured to output a redemption ticket bearing a code. The coin processing machine is configured to associate the redemption ticket code with a coin processing transaction prior to the determination of a value of a batch of coins.

Abstract: A method including sending a device ID and financial information associated with a user of a device to a transaction device in response to receiving a transaction request from the transaction device, configuring an image capture device to capture an image of the user and send the image of the user to the transaction device, and configuring the transaction device to authenticate the financial information with the image of the user.

Abstract: A method for provisioning client devices securely and automatically by means of a network provisioning system is disclosed. Provisioning occurs before the client is granted access to the network. The provisioning is determined dynamically at the time a client connects to the network and may depend on a multitude of factors specified by data dictionaries of the provisioning system.

Abstract: Methods and systems for detecting fraud based on velocity counts are disclosed.

Abstract: The invention is directed to content bearing mediums having a capacity to receive additional content and systems and methods for updating and presenting content recorded on a content bearing medium, e.g., video cassette tape, CD or DVD, digital memory, game cartridges. In one aspect of the invention, a content bearing medium is provided. The content bearing medium has a content bearing signal stored thereon and a communication circuit. The communication circuit is adapted to exchange wireless signals with a remote programming device and to store an additional content bearing signal in a memory based upon the signals exchanged. The communication circuit is further adapted to transmit the additional content signals upon request by a player of the content bearing medium so that the player can receive the additional content signals and present an output that is based, at least in part, upon the stored signals.

Abstract: Systems and methods are disclosed for identifying circumstances where end-to-end security is not available to a mobile banking customer. The user may be alerted/warned or restricted from accessing some banking services through his/her WAP-enabled mobile device if the server (e.g., bank server) determines that end-to-end security is not available. In some instances, the bank server may access a computer data file containing a list of known end-to-end secure devices and gateways to verify the integrity of the data communication. The server may verify the integrity of the data communication using loose matching.

Abstract: A system and method for authenticating users based on personal information. The personal information may include age-related data where the users are interested in receiving age-restricted content. The personal information may include an address and a permission request is sent to the address. Biometric information may also be associated with the personal information.

Abstract: A system and method of pre-processing a transaction using a mobile device are presented. The system and method may include beginning a transaction at a mobile device. Beginning the transaction may include receiving transaction information at the mobile device. The transaction information may include a transaction identifier, type of transaction, method of payment, etc. In some examples, the transaction information may be stored at the mobile device. A network associated with a merchant or ATM associated with a financial institution may be detected at the mobile device. The mobile device may connect to the detected network and the transaction may be completed.

Abstract: Connection of a USB memory (storage device) to a USB port (data transmitting and receiving unit) is detected and the date and time of detection of this connection is stored. Using this detection of connection as trigger, a camera is caused to pick up an image of an area embracing a user positioned in a position where the user can operate a user interface. Picked-up image data outputted from the camera is stored together with shooting date and time.

Abstract: A method for separating an event-driven application in an electronic device is provided. The electronic device includes a smart-card, and the application resident in the smart-card may be separated in at least two modules: a central module and one or more complementary modules. The method includes managing the interaction between the modules by a framework of the smart-card, and generating new set of events by the framework at the end of execution of the central module. In this manner, the central module can be developed early in production and in any set of programming languages. It can access any card resources and even in an architecture dependent way.

Abstract: According to an embodiment of the present invention, a computer implemented method and system for automatically implementing a fraud strategy may involve identifying transaction data related to a customer transaction based on a payment instrument; automatically identifying a pattern based on one or more factors associated with a customer spending profile; identifying a potential fraud situation based on the identified pattern and the transaction data; executing an action for the potential fraud situation; and adjusting authorized use of the payment instrument.

Abstract: A method and apparatus are provided for validating a transaction on a transactional terminal, the transaction being associated with a user. The method includes a step of decoding a validation code preliminarily generated and displayed by the transactional terminal, entered by the user in a validation message, and transmitted by a mobile device of the user to an entity of a telecommunications network to which the mobile device and said transactional terminal are connected.

Abstract: Embodiments of the present invention comprise systems, methods and devices for imaging device credential submission wherein credentials are extracted by scanning graphical indicia on user documents using a primary document scanner.

Abstract: This invention discloses a novel system and method for providing retail point of sale terminals that are connected securely over the Internet to a back-office service that manages the retailer's data as a service using a system that supports more than one retailer, each of which will have one or more point of sale terminals.

Abstract: Methods and systems for detecting tampering of a remote display. According to one method, a first data integrity result is generated by performing a first data integrity operation on display data to be displayed on the remote display at a secure module. The display data is transmitted from the secure module to the remote display security module. The remote display security module receives the display data. A second data integrity result is generated by performing the first data integrity operation on the display data received at the remote display security module. A determination is made as to whether the remote display has been tampered with at the secure module if the first data integrity result does not match the second data integrity result.

Abstract: Embodiments of the present invention comprise systems, methods and devices for eliminating multiple submission of user credential data in a system with multiple distinct restricted sub-systems wherein a unique credential is required for each sub-system.

Abstract: Embodiments of the present invention comprise systems, methods and devices for eliminating multiple submission of user credential data in a system with multiple distinct restricted sub-systems wherein a unique credential is required for each sub-system.

Abstract: Aspects of a method and system for authorizing network transactions based on device location are provided. In this regard, a request may be received to approve a transaction that was initiated from a first communication device and comprises a need to access an account. In response to the request, a second communication device that is associated with the account may be determined, and it may be determined whether to approve the transaction based on received data relating to the identity and location of the second communication device. The transaction may be associated with the second communication device via a database stored on the location server. The transaction may be approved in instances that the first communication device is in a location associated, via the database, with the second communication device. The transaction may be approved in instances that the first communication device is in substantially the same location as the second communication device.

Abstract: Embodiments of the present invention comprise systems, methods and devices for eliminating multiple submission of user credential data in a system with multiple distinct restricted sub-systems wherein a unique credential is required for each sub-system.

Abstract: Embodiments of the present invention comprise systems, methods and devices for eliminating multiple submission of user credential data in a system with multiple distinct restricted sub-systems wherein a unique credential is required for each sub-system.

Abstract: A method includes providing a mobile device. The mobile device is programmed with a payment application program, an environment program that supports application programs, and a user interface application program. When the user interface application program is initiated, the initiation of the program includes sending a message from the user interface application program to the payment application program to clear a PIN (personal identification number) verification status flag.

Abstract: A method includes receiving point-of-sale (POS) operator identification information via a POS terminal. The POS operator identification information identifies an individual POS operator. The method further includes receiving transaction information indicative of an amount paid for a transaction and a mode of payment for the transaction. In addition, the method includes assigning incentive points to an account that belongs to the individual POS operator, based at least in part on the mode of payment and the POS operator identification information.

Abstract: Systems and methods are provided for routing data. A device is provided that includes a first data port configured to be coupled to a printer port of a point of sale system, a second data port configured to be coupled to a remote system, an optional third data port configured to be coupled to a printer, and a computing device configured to receive, via the first data port, printer control codes and receipt data from the point of sale system printer port, transmit at least a portion of the receipt data to the remote system, and optionally transmit at least a portion of the printer control codes and receipt data to the printer.

Abstract: A method and system for displaying a virtual PIN pad in varying locations on a touch screen in order to prevent fraud or the interception of personal identification numbers.

Abstract: A method, procedure and operational function of the business for inhibiting internal theft of items without inventory identifiers are provided. In one aspect, the method comprises receiving an item for sale at a POS terminal, wherein the item is missing an inventory identifier. After the item is received, a determination is made as to whether a description of the item is stored in an inventory system. If the item is not stored in the inventory system, the sale of the item is inhibited. Thereafter, the entry of identifying information in the POS terminal is requested such that the identifying information identifies the item such that the description of the item can be stored in the inventory system.

Abstract: Methods and systems for preventing fraud by a customer at a fuel dispenser within a retail fueling environment are disclosed. According to one method, an authorization to access programming mode (AAPM) signal is received at the fuel dispenser from an authorization terminal coupled to the fuel dispenser. A request is received at the fuel dispenser to enter a programming mode of operation (PMO). The PMO is entered at the fuel dispenser to allow fuel dispenser settings of the fuel dispenser to be changed after receiving the AAPM signal and the request to enter the PMO.

Abstract: A method and system for identifying and transmitting data entities in a wireless communication system including at least one mobile user terminal. The method includes the steps of identifying a primary service to be provided, identifying a plurality of data entities associated with that service, selecting which of the plurality of data entities is to be transmitted and transmitting the selected data entities in a single transaction.

Abstract: A secure payment system between a customer and a merchant, where the sales terminal wirelessly transmits a partial payment authorization transaction record including, at least a merchant terminal identification and a payment amount, but not a customer bankcard data, for a specific sales transaction, to a wireless device of the customer. Alternatively, the sales terminal displays a partial payment authorization transaction record including, at least a merchant terminal identification and a payment amount, but not a customer bankcard data, for a specific sales transaction, for the displayed record to be captured by a wireless device of the customer.

Abstract: Universal electronic card, of the smart card or intelligent card type, similar to a form of plastic card, with integrated circuital elements which are integrated in the thickness of the stratified card and within it at least one microchip, structured integrally with: i—a microprocessor associated to a memory; ii—an interchangeable flat battery within the card-thickness able to power-supply the microprocessor and the memory; iii—at least one data transmission device connected to the microprocessor and/or to the memory; iv—one fingerprint reader device integrated in it and to the processor system to read the imprint of the user, checking its authenticity before allowing the access at its various functions.

Abstract: A control method and system provides coded access to a system by acquiring account identification data corresponding to a combination of a plurality of symbols. The account identification data is transmitted, for example to a remote server, to correlate the account identification data against an account database to evaluate corresponding account information. Based on the account information, access to the system may be controlled.

Abstract: A method and wireless communication device are provided for managing information associated with purchases of active lifestyle products. The method includes receiving a notification (704) indicating a purchase transaction associated with at least one radio frequency ID enabled item. The notification is analyzed (706) and in response to the analyzing a user identifier corresponding to a user related to the purchase transaction is determined (708). A radio frequency ID associated with the at least one radio frequency ID enabled item is also determined (710). A wireless device (104) associated with the user is identified based on the user identifier (712). An information set associated with the at least one radio frequency ID enabled item is transmitted (714) to the wireless device (104). The information set includes at least the radio frequency ID associated with the at least one radio frequency ID enabled item.

Abstract: A system and method for securing a Radio Frequency (RF) transaction using a RF identification device (RFID) transaction device is provided. The method includes a RFID transaction device including a random number generator for generating a random number. The random number may be used by an account issuer to verify the validity of a RFID transaction device or RFID reader communicating on the RF transaction network. The authorizing agent may receive the random number and compare the random number to a device validating code.