Abstract: The invention creates a method for loading an electronic amount of money represented as a random number sequence to a portable data carrier, with a conversion of the random number currency to the data carrier currency, and a disbursement of one or several money unit(s) from a portable data carrier, with a conversion of the data carrier currency to the random number currency.

Abstract: Configuring a privacy policy by identifying one or more applications that are installed on a mobile device. A set of privacy-related questions are formulated based upon the one or more identified applications. A response to the set of privacy-related questions is received from a user. One or more classified privacy instances are determined for the user from the received response. A latent, implicit privacy policy is established from the one or more classified privacy instances.

Abstract: A mobile device having: a position determination device configured to determine a location of the mobile device; a transceiver configured to communicate with a transaction terminal via near field communication; a communication device configured to communicate with at least one server over internet; a memory storing a plurality of data items and a set of instructions of a mobile application; and at least one microprocessor coupled with the memory to execution the instructions of the mobile application. The mobile application is configured to: communicate the location of the mobile device, using the communication device, to the at least one server over internet; determine, via communications with the at least one server based on the location of the mobile device, an order of data items; and communicate, using the transceiver via near field communication, with the transaction terminal in accordance with the order of the data items.

Abstract: There is provided systems and method for unified payment account establishment and incorporation in a main payment account. A service provider, such as a payment provider, may offer merchants with a development kit that unifies payment methods between various merchants and the service provider so that users are provided with more easily established payment accounts with the merchants. The development kit may include an account establishment interface that may be utilized in a merchant ordering and payment application for a merchant. The interface may provide for establishment of a payment account with the merchant. When initially establishing the payment account, the user may generate a provisional account, which may be synchronized to a payment account the user has with the service provider. When synchronizing the two accounts, the user may transfer information to the merchant, which may be redacted to prevent the merchant from receiving sensitive information.

Abstract: A contactless payment device and method transmits a sequence of magnetic-field pulses directly to two or three magnetic-stripe read heads of a point-of-sale terminal. The baud rate at which the data is transmitted is modulated so that track data for one read head channel will be ignored by another read head channel, based on the change to the baud rate and/or the rate of change in the baud rate to improve acceptance of the transmitted pulses received by the read heads of the point-of-sale terminal.

Abstract: Various embodiments of the present technology generally relate to authentication. More specifically, some embodiments relate to systems and methods for mobile application infrastructure and framework for application authentication. Currently, methods and systems for authentication are not flexible or dynamic and over-authentication has become a solution because it is cheap and easy. In contrast, in accordance with some embodiments of this application, the methods and systems can analyze authentication challenges and non-authentication challenges received from a server over a network in a client side infrastructure. The client side infrastructure can determine a customized, flexible, and dynamic plan for responding to authentication challenges in manner that avoids over-authentication on the client side.

Abstract: System, method, and apparatus for providing route guidance to a customer in a shopping facility space are provided. A system for providing route guidance comprises a communication device configured to communicate with a user interface device, a store map database storing location information for a plurality of items available for purchase in the retail space, and a control circuit coupled to the communication device and the store map database. The control circuit is configured to receive a list of items for purchase from a user associated with the user interface device via the communication device, retrieve location information associated with each item of the list of items for purchase from the store map database, determine a route based on at least one user entered route preference and the location information associated with each item of the list of items for purchase, and provide the route to the user interface device.

Abstract: A system for certifying a transaction includes a physical medium adapted to store an electronic code, a device for reading a biometric parameter of the user, and a device adapted to generate a code. The code is obtained from the pairing of the electronic code contained on the physical medium and of the biometric parameter detected by the reading device. The generated code is then stored on the physical medium.

Abstract: Method for deploying an authentication application in a secure element of a communication terminal comprising a non-secure processing unit executing a program for calling the authentication applications. The method comprises the step of transferring via at least one communication network data between a first trusted server associated with a provider of the security element so as to execute a first program for managing the security element, a second trusted server associated with at least one provider of authentication applications so as to execute a program for managing authentication applications, and the communication terminal, so as to create in the secure element a secure domain and install the authentication application therein.

Abstract: A method for routing computer messages between parties is provided. The method is implemented using a message gateway computing system including a processor and a memory. The method includes receiving a message routing offer from a seller and a representing an offer to process payment card transactions. The method also includes receiving a message routing request from a buyer. The method further includes first message route between the buyer party and a first seller party of the plurality of seller parties on a message processing network. The method also includes receiving a payment card transaction from the buyer party. The method further includes identifying the first message route associated with the payment card transaction. The method also includes transmitting the payment card transaction to the first seller party based at least in part on the first message route.

Abstract: A method of securing an industrial control system includes operating the industrial control system in an open mode, wherein communications between a plurality of devices of the industrial control system are unencrypted when the industrial control system is in the open mode. The method includes exchanging security tokens between the plurality of devices of the industrial control system. The method further includes ceasing operating the industrial control system in the open mode and instead operating the industrial control system in a secure mode, wherein the communications between the plurality of devices of the industrial control system are encrypted using the security tokens when the industrial control system is operating in the secure mode.

Abstract: A request may be received to join one or more attributes of at least two independent sets of data into a data structure. The one or more attributes may include a time attribute. The two independent sets of data may be included within a data store. It may be determined that there are one or more null values associated with the join to the data structure. In response to at least the determining that there are one or more null values associated with the join, one or more values may be imputed into one or more fields corresponding to the one or more null values, wherein there are no null values in the one or more fields subsequent to the imputing.

Abstract: Various embodiments of the present invention are directed to methods, systems and computer program products for conducting an online transaction on a website involving sensitive information. Such embodiments provide methods, systems and computer program products to: (a) register at least one entity with a gate keeper module, the registering comprising associating the entity with a subscription level; (b) associate a sub-string of a character string with a unique token so that a direct link does not exist between the unique token and the character string; and (c) during processing of the online transaction: (i) using the unique token for intermediate steps during the processing of the online transaction; and (ii) only accessing the character string in storage memory to complete the online transaction after receiving a request from at least one registered entity associated with a subscription level associated with a privilege to receive the requested sensitive information.

Abstract: A method for intermediating communications with an automated system includes receiving, at an intermediating device that implements an intermediating communication application, an instruction to complete a transaction request on behalf of a user. The method also includes determining, by the intermediating communication application on the intermediating device, a destination system from which to request completion of the transaction request. The method additionally includes interacting, by the intermediating device, with the destination system to fulfill the transaction request.

Abstract: Provided is a method according to one embodiment of the present invention comprising the steps of: (a) a server generating, by means of a hash function, a message digest (MD) of a particular file when a request for authenticating same is obtained; (b) when an MD encoded with a private key of a particular user is obtained, and if (A) information for the MD, which was encoded with the private key of the particular user, decoded with a public key of the particular user matches (B) the MD generated in step (a), then the server registering, in a database, a hash value of the MD encoded with the private key of the particular user and a private key of the server; and (c) the server obtaining a transaction ID.

Abstract: A method of communicating over a network between first and second endpoints, one being and the other being a server. The method comprises: establishing a first secure transport layer channel between the first and second endpoints, establishing a second secure transport layer channel between the first endpoint and a middlebox to which the first endpoint is to delegate processing of the traffic sent over the first secure transport layer channel; the first endpoint validating the middlebox via the respective second secure transport layer channel, and on condition of said validation sharing the encryption key of the first channel with the middlebox via the second secure transport layer channel; and causing the traffic sent over the channel to be routed via the middlebox. The method thereby enables the middlebox to process, in the clear, content of the traffic sent over the first channel.

Abstract: In one embodiment of the present invention, provided is a system and methods for managing vehicles on a car dealer lot and for customer relation management after the time of sale of the vehicle, the system having a first mode, where the system tracks the location of vehicles on the dealer's lot so that vehicles can be easily found by make, model, trim level, price and other distinguishing vehicle features, the system further providing vehicle access authorization and reporting of any access or status change to the vehicle. In a second mode, data is collected from the vehicle data bus network regarding vehicle performance, driving behavior, history, and similar parameters and is analyzed and packaged so it may be usefully be communicated to the vehicle owner or others.

Abstract: A system, method, and computer product for managing a password includes receiving a new password set by a user via a key input interface, generating a diagram based on key positions, on the key input interface, of a plurality of characters associated with said new password, storing a diagram into a memory device coupled to the processing device, and providing said diagram stored in the memory device to the user as a password hint.

Abstract: A computing platform configured to receive and process an on-demand real-time patient-specific data analysis order is provided. The computing platform can receive an order, determine the viability of the order, and then perform the desired analysis based on parameters provided within the order. As part of the analysis, the computing platform can mine one or more data sources to collect data relevant to the ordered diagnostic. Once the data is collected, the computing platform can analyze the data according to one or more pre-programmed algorithms. The selection of which algorithms to apply to the data set can be determined by the type of on-demand real-time patient-specific data analysis ordered. The on-demand real-time patient-specific data analysis in some examples can be ordered using an external ordering user interface.

Abstract: A method of calculating a parking fee in a public parking space based on coordinating a transfer of a parking space between vehicles and automatically decreasing the fee accordingly, comprising: creating a command to continuously increase a calculated parking fee for a parked vehicle currently occupying a public parking space, based on duration of the occupying; receiving a message from a client terminal associated with the parked vehicle, the message includes a notification of future departure of the parked vehicle from the public parking space; selecting an arriving vehicle to occupy the public parking space when the parked vehicle is departing, based on an estimated time of the future departure and a current location of the arriving vehicle; and creating a command to halt the increasing of the calculated parking fee before identifying a transfer of the public parking space.

Abstract: A method for performing vending transactions includes generating a token upon request by a wireless appliance is provided. The method includes placing the token in a remote server; placing the token in the wireless appliance; providing the token from the wireless appliance to a point-of-sale (POS) terminal; authenticating the token with the remote server; validating the token to perform the vending transaction; and deleting the token from the remote server when the vending transaction is complete. A method for using a wireless appliance in vending transactions is provided. A method for using a remote server configured to connect to a wireless appliance and a POS terminal in vending transactions is provided. A system to perform vending transactions using an internet connection as above is provided. The system may include a remote server including a private account; the remote server configured to communicate with a POS terminal and a wireless appliance.

Abstract: A method for emulating a point of sale (POS) at a mobile device includes identifying a POS based on information associated with the POS received from a mobile device. The method includes generating emulation data descriptive of information captured at the POS, and initiating transmission of the emulation data to the mobile device. The emulation data causes the mobile device to emulate the POS at a display device of the mobile device. The information captured at the POS is associated with a consumer transaction. The method includes dynamically generating updated emulation data as the information captured at the POS changes during the consumer transaction, and initiating transmission of the updated emulation data to the mobile device. The updated emulation data causes the emulation of the POS at the display device of the mobile device to be dynamically updated during the consumer transaction.

Abstract: Systems and methods are provided for communication networks and network operations for processing partial uses of clustered access rights. The communication networks may include channels such as short-range communication channels, such as Bluetooth, BTLE, and/or near-field communication (NFC) channels.

Abstract: A computer implemented method for implementing a real time reconciling shared data structure is disclosed. The shared data structure may be stored in a memory, and a portion of the shared data structure may be coupled with a processor. The computer implemented method may be used for interacting with the shared data structure. The method may comprise the exchange of messages, requesting to change data in the shared data structure, between selected participants, wherein some of the participants must validate requested changes to the shared data. If all participants validate the requests to change data the changes to the data are made, and if less than all participants validate the requests then the changes are not made.

Abstract: A device may receive an encrypted authorization request token from a mobile device. The encrypted authorization request token may be based on at least one parameter and may have been created by a third party device. The device may decrypt the encrypted authorization request token to obtain the at least one parameter. The device may determine, based on an address for the mobile device, a mobile device identifier for the mobile device. The device may create an identification token for the mobile device. The identification token may be based on the mobile device identifier and the at least one parameter. The device may send the identification token to at least one of the mobile device or the third party device to permit the third party device to authenticate the mobile device.

Abstract: Exemplary embodiment of the present invention would provide systems, including Internet-based systems, and computer-implemented methods, for providing online Buyers and Sellers who physically transact an exchange of an item at a local meeting place, indicia of confirmation of the exchange on which to base a background online payment. In particular, exemplary embodiments of the present invention would provide a way for Buyers and/or Sellers to input an identifier for online authentication to confirm that a physical exchange of an item sold had been transacted and that would accordingly provide an online system with a basis to charge the relevant Buyer's account for a sale amount and pay the Seller for the item sold. In one exemplary embodiment of the present invention, an NFC-payment-enabled gateway device would be provided that would integrate with a merchant's NFC-enabled POS device to facilitate the merchant's NFC-enabled POS devices to accept mobile payment from devices that are not themselves NFC-enabled.

Abstract: Methods and systems are provided for facilitating payment for products purchased at events. More particularly, a ticket, rather than cash or credit cards, can be used to purchase products at events. For example, ticket holder can purchase food and drinks at a merchant's concession using the ticket or the ticket holder can purchase souvenirs at a gift shop associated with the event using the ticket. A bar code or the like can be scanned by the merchant and communicated to a payment provider to facilitate the transaction. The purchase can be made anonymously, such that information regarding the user cannot be obtained by merchant and/or sold for use by marketing companies.

Abstract: Techniques are described for characterizing and summarizing seasonal patterns detected within a time series. A set of time series data is analyzed to identify a plurality of instances of a season, where each instance corresponds to a respective sub-period within the season. A first set of instances from the plurality of instances are associated with a particular class of seasonal pattern. After classifying the first set of instances, a second set of instances may remain unclassified or otherwise may not be associated with the particular class of seasonal pattern. Based on the first and second set of instances, a summary may be generated that identifies one or more stretches of time that are associated with the particular class of seasonal pattern. The one or more stretches of time may span at least one sub-period corresponding to at least one instance in the second set of instances.

Abstract: Systems, methods, and computer program products for providing secure messaging communications are disclosed. For example, a computer-implemented method may include receiving an encrypted message and a key from a sender associated with a first computing device where the encrypted message is generated by the first computing device, verifying the received key at least in part based on a comparison with a pre-determined key, processing one or more unique factors associated with the sender in view of verifying the received key, decrypting the encrypted message, re-encrypting a result of the decrypting using a key of a receiver associated with a second computing device, and sending the re-encrypted result to the receiver associated with the second computing device.

Abstract: Technologies are disclosed herein for generating a stand-alone client application for communicating with a network service based on a proprietary communication protocol. A service model description may be parsed to identify resources associated with the network service. Thereafter, executable program code may be generated describing the resources as a set of basic commands and pathnames. The program code may be packaged as the stand-alone client application without inclusion of program code for communication via the proprietary communication protocol.

Abstract: Embodiments of systems and methods for client and/or server authentication are provided. In one embodiment, a method includes sending information from a mobile network device to a server, wherein the information comprises a seed that is used by both the mobile network device and the server to compute a series of one time passwords. The method also includes receiving, by the mobile network device, a succession of one time passwords generated by the server throughout a session. And the method further includes comparing the received one time passwords generated by the server throughout the session to corresponding one time passwords generated at the mobile network device. In this manner, the server can be authenticated. In various embodiments, the process may be reversed to facilitate client, e.g., mobile network device, authentication.

Abstract: Methods and systems are disclosed for allowing financial transactions to be conducted using consumer devices. In some embodiments, the consumer device is a mobile communication device, such as a mobile phone. A payer initiates a transaction by sending a payment request message from a mobile phone which specifies the payee and amount to be paid. Payees are identified by unique aliases, which are maintained in a database. The aliases, in turn, are comprised of multiple parts. Each part of the alias may identify a relevant aspect of the transaction. For example, one part of the alias may identify the payee and another part of the alias may identify the financial institution of the account of the payee. Methods for assembling the enrollment and alias database are included.

Abstract: A system, method, and computer-readable storage medium configured to verify minimum age of accountholders, to enable age restrictions on purchases.

Abstract: A method for regulating a plurality of collections of data includes, for each of a plurality of collections of data, analyzing the collection of data to identify one or more deviations from a standard, guideline, or best practice governing the plurality of collections of data. The method further includes determining a characteristic of the one or more deviations and, based on the characteristic, determining an action to be executed in response to the one or more deviations.

Abstract: A processor-implemented method for a secure processing environment for protecting sensitive information is provided. The processor-implemented method may include receiving encrypted data and routing the encrypted data to the secure processing environment. Then the encrypted data may be decrypted and fields containing sensitive information may be found. The method may also include obfuscating the sensitive information and returning, by the secure processing environment, the decrypted data and obfuscated data.

Abstract: A method and system for using a secured account number for processing proximity types of wireless financial transactions associated with portable consumer proximity devices is disclosed. In one embodiment, the method includes receiving a proximity type of wireless financial transaction request along with a secured account number from a portable proximity consumer device such as a contactless smart card, converting the secured account number to the user's real account number, and transmitting the financial transaction request along with the user's real account number to the issuer of the user's real account number for authorization and processing.

Abstract: For a consumer having a bank checking account but who is without a preprinted paper check, a paper check is electronically constructed for the consumer on a transaction basis.

Abstract: Techniques are described for characterizing and summarizing seasonal patterns detected within a time series. A set of time series data is analyzed to identify a plurality of instances of a season, where each instance corresponds to a respective sub-period within the season. A first set of instances from the plurality of instances are associated with a particular class of seasonal pattern. After classifying the first set of instances, a second set of instances may remain unclassified or otherwise may not be associated with the particular class of seasonal pattern. Based on the first and second set of instances, a summary may be generated that identifies one or more stretches of time that are associated with the particular class of seasonal pattern. The one or more stretches of time may span at least one sub-period corresponding to at least one instance in the second set of instances.

Abstract: A process for combining domain restriction and remote authentication may include receiving a token from a plug-in application to conduct a transaction associated with a user of a communicating device. The process may include sending an authentication request to a remote access control sever to authenticate the user, and receiving, from the remote access control server, an authentication tracking value that the remote access control server used in generation of an authentication cryptogram. The process may also include generating, using the authentication tracking value, a domain restriction cryptogram that is used for domain restriction of the token, and sending, to the plug-in application, the domain restriction cryptogram.

Abstract: Embodiments of the present disclosure are directed to, among other things, methods, systems, and computer program instructions related to building and managing secure digital wallets, a general ledger, and a transaction structure to securely and anonymously transfer digital coins from one wallet in a computing device to another wallet in the same device or another computing device in which both computing devices are connected via Internet or any other network medium and protocols.

Abstract: A method and device for sending and receiving virtual goods are provided. On detecting an invocation request from a virtual goods package generation interface, a server obtains the virtual goods package generation parameters included in the invocation request. The server transfers the virtual goods corresponding to the total amount of virtual goods in the account corresponding to the invoker client to the account corresponding to the server. Upon success of virtual goods transfer, the server generates a virtual goods package and a link for receiving the virtual goods package based on the virtual goods package generation parameters. The server sends the receiving link to the recipient client so that the recipient client interacts with the server to receive the virtual goods package by using the receiving link.

Abstract: A central platform provides proxy dynamic values for any one of a number of a cardholder's portable payment devices, upon a request for such information made during a transaction. The proxy dynamic value can be provided to the merchant, who then can route it into the acceptance network in order to initiate the authentication process. The central platform provides the actual primary account number associated with the proxy dynamic value during the authentication process.

Abstract: Informing near field communication (NFC) payment readers of NFC target device payment application availability. A payment application executing under a host operating system of an NFC target device formats a SELECT proximity payment system environment (PPSE) RESPONSE as one or more NFC Application Protocol Data Units (APDUs). The SELECT PPSE RESPONSE is formatted to respond to a SELECT PPSE command from an NFC payment reader. The SELECT PPSE RESPONSE includes a list of one or more Application Identifiers (AIDs) corresponding to one or more payment options available on the NFC target device. The payment application communicates the formatted SELECT PPSE RESPONSE to a PPSE applet executing on the NFC target device. The PPSE applet receives a SELECT PPSE command from an NFC payment reader. The PPSE applet communicates the SELECT PPSE RESPONSE to the NFC payment reader, in response to receiving the SELECT PPSE command from the NFC payment reader.

Abstract: A payment terminal can have an application processing unit coupled to a transaction processing unit. The transaction processing unit can receive payment information from a payment device via a payment interface coupled to the transaction processing unit. The transaction processing unit can encrypt the payment information in accordance with a standard payment protocol and provide the encrypted payment information and other protocol dependent information to the application processing unit. The application processing unit can execute a point-of-sale application that can have the transaction processing unit acquire the payment information and have the application processing unit transmit the encrypted payment information and other protocol-dependent information from the transaction processing unit to a payment server.

Abstract: There are disclosed systems, devices, and methods for generating insights relating to patient health using a social networking platform interconnecting a patient with a plurality of care givers. The patient is provided access to a computer application configured to solicit and collect patient data from the patient, the computer application selected based on at least one characteristic of the patient. First patient data reflective of the health condition of the patient, as collected by the computer application, are received through the social networking platform. A communication from a care giver is transmitted to the patient through the social networking platform. Second patient data reflective of the health condition responsive to the transmitted communication are received through the social networking platform. The first and second patient data are analyzed to determine at least one insight relating to health of the patient; and a report is generated to present the insight.

Abstract: A method of centralized identity authentication for use in connection with a communications network includes registering users of the communications network such that each registered user's identity is uniquely defined and determinable, and registering a plurality of vendors having a presence on the communications network. The registered vendors selectively transact with registered users, wherein the transactions include: (i) the registered vendor selling goods and/or services to the registered user; (ii) the registered vendor granting the registered user access to personal records maintained by the registered vendor; and/or (iii) the registered vendor communicating to the registered user personal information maintained by the registered vendor. The method also includes each user's identity being authenticated over the communications network prior to completion of transactions between registered vendors and registered users.

Abstract: In certain embodiments, an electronic device can include a secure element that detects a mechanical input. The mechanical input can correspond to an instruction to transmit securely stored payment information to another device and/or to release such information to an application on the device (e.g., for use in an in-app commerce transaction). This feature can inhibit or prevent unauthorized transmission of payment information. When the mechanical input is detected, payment information can be transmitted to a point of sale (POS) terminal (e.g., via near-field communication) or released to an app on the device. Further, a user can either use default payment information or interact with the device (before or after providing the mechanical input) to select appropriate payment information for a transaction. For example, the user can select between credit cards, debit cards and/or stored-value cards (e.g., transit card).

Abstract: One or more location analysis computing devices and methods are disclosed herein for determining the position of a mobile device (smartphone, tablet computer) within an interior of a vehicle. The position of the mobile device may be calculated by detecting changes in accelerometer data. The accelerometer data may first need to be translated to determine corresponding axes, since the device may not be right side up (e.g., in a pocket). The vehicle may travel over road discontinuities such as bumps, and calculating the position of the mobile device may be based on the different magnitude and angle resulting from a first tire and a second tire hitting the bump. Data from vehicle sensors or other mobile device sensors may also be used in the calculating. Once the position is determined, commands may be sent to the mobile device to deactivate certain functionality, or to a remote server for further processing.

Abstract: Certain aspects relate to systems and methods for processing payments to trigger release of digital media content for display on digital signage devices. In certain embodiments, a management server receives a user input about payment remittance information relating to an advertising campaign, which includes media content stored at the management server. The management server then transmits the payment remittance information to an associated financial institution for processing. When the financial institution sends back a confirmation that the payment remittance has been processed, the management server updates the advertising campaign to reflect the confirmation.

Abstract: Flexible fiat and cryptocurrency Payment Services (FfcPS) are disclosed for travel and credit cards. This invention applies to U.S. Dollar, European Euro and other fiat, and Bitcoin, Ethereum and other cryptocurrencies. Merchants that use this invention would add a new item to their (room) key cards and credit cards—a Merchant cryptocurrency wallet public address Quick Response (QR) Code (Merchant QR Code). The Merchant QR Code's associated cryptocurrency wallet public address is recorded on a blockchain public ledger whenever used for a cryptocurrency payment from a consumer. That cryptocurrency payment is then converted to a fiat payment that's added to a merchant account for the consumer by an online exchange. For smart consumers, this invention would allow use of fiat or cryptocurrency with the best value at time of payment for fiat charges to a room or credit card.