Abstract: The subject matter described herein includes systems, methods, and computer readable media for utilizing one or more preferred application lists in a wireless device reader. A transaction terminal designates compatible application identifiers, where each of the compatible application identifiers is respectively associated with a transaction application that is compatible with the transaction terminal. A proximity payment system environment (PPSE) application is configured to store user preferred application identifiers, where each user preferred application identifier is respectively associated with a to transaction application stored on the mobile wireless device. A wireless device reader for receives the compatible application identifiers from the transaction terminal, and stores the compatible application identifiers in preferred applications lists (PALs).

Abstract: Embodiments of the present disclosure provide a method and system for guided implicit authentication. The system first receives a request to access the controlled resource from a user. The system then determines whether the user request is inconsistent with regular user behavior by calculating a user behavior measure derived from historical contextual data of past user events. Next, the system allows the user to provide information associated with regular user behavior and/or current contextual data. The system further updates the user behavior measure based on current contextual data.

Abstract: Embodiments relate to systems and methods for maintaining attributes associated with application servers. In particular, a system administrator can register a set of services associated with an application server. Before initiating, a service can need to be configured with a set of attributes. According to embodiments, a vault service associated with the application can validate a service requesting to be configured. Further, an attribute management tool can store attributes, such as passwords and other sensitive data, associated with the requesting service. Upon a successful validation, the attribute management tool can provide the associated attributes to the vault service, which uses the attributes to configure the service.

Abstract: Embodiments of the present invention provide verification and/or authentication service engines that provide a customizable solution that can be “dialed” based on the risk level assigned to individual or grouped applications. The systems can also incorporate internal and external sources of data used to verify information provided by the user. It is dynamic and can pull information from a myriad of sources during the verification process, enabling credit reporting agencies (e.g., Equifax and others), FSPs, and other service providers to facilitate real-time approval and access to products and services.

Abstract: The invention provides a method for performing an authentication (and a system for performing the method), in conjunction with a transaction, utilizing a primary channel and a secondary channel. The method may include an authenticating entity, such as a bank, (1) receiving from a customer primary authentication information via a primary channel; (2) the authenticating entity processing the primary authentication information, and retrieving customer information based on the primary authentication information; (3) the authenticating entity transmitting secondary authentication information to the customer via a secondary channel, the secondary channel being different than the primary channel; (4) the authenticating entity receiving from the customer at least a portion of the secondary authentication information; and (5) the authenticating entity performing authentication processing on the secondary authentication information received from the customer.

Abstract: The limiting of data exposure in authenticated multi-system transactions is disclosed. A client system authenticates and requests secured data and unsecured data with an initial system. The initial system transmits to an external system a token request that corresponds to the request for the secured data. A token is generated and passed to the initial system, which relays the same to the client system. The client system uses the token to access the secured data on the external system, while also retrieving the unsecured data on the initial system. The initial system thus does not have access to the secured data, while the request therefor is known.

Abstract: An approach is provided for processing transaction payments. The transaction engine receives payment information, from a device, for completing a transaction between a first party and a second party, wherein the payment information is for requesting, at least in part, a payment approval from at least one payment service provider. Next, the transaction engine determines historical transaction data associated with one or more previous transactions between the first party and the second party. Then, the transaction engine processes and/or facilitates a processing of the historical transaction data to determine whether to initiate a delivery of at least one item associated with the transaction prior to receiving a confirmation of the payment approval from the at least one payment service provider.

Abstract: An apparatus generally directed to a combination tablet computer and game controller. The tablet computer provides a plurality of sides, in which each of the sides are disposed between an electronic display screen and a back of the tablet computer. The computer game controller provides side structures adjacent to and confining the tablet computer on at least two opposing sides of the tablet computer. The computer game controller further preferably providing input module apertures and a camera. Preferably, each input module aperture selectively accepts either a game control module or a removable keyboard module. The input module apertures are preferably adjacent each of the at least two opposing sides of the tablet computer, and the camera communicates with each the electronic game controller and the tablet computer, the camera selectively captures either still or video images. The electronic game controller further provides an integrated transaction card input feature.

Abstract: A system and method may allow for extending authentication to a two factor, out of band form, requiring an additional data element or code via a channel different from the channel used for the primary transaction, where the different channel has the attribute that it is difficult or costly to achieve many access points to it, and it is possible to limit the number of users associated with a particular access point to it.

Abstract: A secure payment method includes receiving, at a computer of a payment service, a request from a requester for a one time use transaction identification token for a transaction. The one time use transaction identification token is provided from the payment service computer to the requester. The one time use transaction identification token is received at the payment service from a merchant communications apparatus under the control of a merchant. Electronic payment information for the transaction is issued from the payment service to the merchant upon validating the one time use transaction identification token.

Abstract: A system and a method for providing a personalized biometric identification system to facilitate in securing critical transactions have been disclosed. The system includes a server which captures pre-designated biometric prints of a user, personalizes them and registers them on a bio print reader, owned by the user, over a unidirectional non-Internet based channel. The system overcomes the challenges involved in employing biometrics as a part of non-repudiation process for authorizing Internet based critical transactions for multiple entities by assuring the safety of the biometric prints of the users and eliminating additional hardware requirements.

Abstract: An identification and registration system including a scanner (J) for making a digital copy of an identity document (K), a server (A), transmission means for transmitting said digitized copy, character recognition means (E) for extracting from said digital copy information relating to identity, a database (B) for storing said digital copy and said identity-related information, a EPT/POS electronic payment terminal (I), transmission means for transmitting said identity-related information to said EPT/POS, a telephone (H) associated with a secret code, transmission means for transmitting the number of said telephone from said EPT/POS to said server, means for sending by said server to said EPT/POS a melody to be played, means (C) for calling said telephone by said server, and means of audio identification (C) by said server of said melody via said telephone call to said cellular telephone.

Abstract: The present invention provides methods and apparatuses for obtaining selected metadata from a user device. The user device has a metadata engine that stores and accesses metadata in response to a metadata query. A metadata broker verifies the authenticity of the metadata query from a service provider and returns selected metadata if the service provider has rights to obtain the metadata. The user device has a communications interface that sends a service request that is indicative of the selected service over a communications channel and receives the metadata request that is indicative of the selected metadata. An authorization center receives a metadata request from a service provider, accesses a rule set to determine selected metadata in accordance with predetermined rights, and returns a signed metadata request to the service provider. The signed metadata request has an electronic signature of an authorizing party and is indicative of the selected metadata.

Abstract: Embodiments of the invention can provide systems and methods for on-line credit card transactions. According to one example embodiment of the invention, a method can be provided. The method can include receiving, from a data manager, credit card information of a user; storing, on a secure element, the credit card information of the user; requesting a transaction with a merchant; receiving, from the merchant, a request for the credit card information; and sending, to the merchant, the credit card information of the user and a card-present indicator.

Abstract: Certain embodiments provide a user notification such as a cue in a media content player. The notification or cue indicates that there is additional content available for a piece of media being played or about to be played. The notification or cue may be superimposed on content or provided separate from the media content being provided. In certain embodiments, the notification may provide a link for accessing the additional content the notification identifies. For example, the user may click on a notification to link to a dynamically-generated webpage comprising information retrieved about the media content being presented.

Abstract: A method for performing payments in remote transactions between a buyer and a vendor is provided. The method includes receiving buyer information from a vendor's network outlet when the buyer indicates a desire to purchase a selection at a later time through an Interactive Voice Response (IVR) center; providing a token to the buyer; receiving information about the token from the buyer through the IVR center; verifying the information about the token; transferring funds from a buyer account to a vendor account. Also provided is a system for processing payments in remote transactions including an IVR center to: receive a request for token from a buyer to purchase products from a vendor, and to receive information about the product; provide the token to the buyer; access a database, the database including information from vendor's and buyer's accounts; transfer funds from buyer's account to vendor's account upon buyer confirmation.

Abstract: Techniques for generating and providing phrases are described herein. These techniques may include analyzing one or more sources to generate a statistically improbable phrase, determining words that compose the statistically improbable phrase, inputting the words into an index, and determine phrases associated with the words. The determined phrases may then be presented to a user.

Abstract: A system for removing an electronic wallet application from a mobile electronic device is provided. The system comprises a first server executing an authentication, authorization, and accounting application and a second server executing a trusted service manager application. The first server grants data network access to the mobile electronic device when a special pass has been provisioned to the first server, wherein the special pass is associated with the mobile electronic device. The second server sends the special pass associated with the mobile electronic device to the first server in response to a triggering event, establishes a data communication session with the mobile electronic device, and sends instructions to the mobile electronic device to remove the electronic wallet application from the mobile electronic device, wherein the establishment of the data communication session is mediated by the authentication, authorization, and accounting application.

Abstract: A method for providing fast and secure access to MIFARE applications installed in a MIFARE memory being configured as a MIFARE Classic card or an emulated MIFARE Classic memory, comprises: keeping a repository of MIFARE memories and user identifications assigned to said MIFARE memories as well as of all MIFARE applications installed in the MIFARE memories, wherein, when a new MIFARE application is to be installed in a MIFARE memory identified by a user identification the present memory allocation of said MIFARE memory is retrieved, an appropriate sector of said MIFARE memory is calculated, a key is calculated for said MIFARE application and the MIFARE application together with the assigned sector and key are linked to the user identification and are stored in the repository.

Abstract: A system for facilitating a financial transaction between a prospective transactor and a transactee has an identity and account verifying facility for verifying the identity of the prospective transactor and an account that the prospective transactor has with a financial institution, the identity and account verifying facility being operated by an independent verifier. The identity and account verifying facility includes a storage means for storing an identifier of the prospective transactor and details of at least one account held by the transactor at the financial institution. An identifier input means is provided whereby the transactor enters his identifier when he subscribes to the service.

Abstract: A method and a system for processing an online financial transaction executed at least partially by a computing device coupled to a communications network, comprising a rule-module nexus for processing an online financial transaction, an on-line verification platform, an online user account registry, wherein the on-line financial transaction comprises a payor-payee transaction, wherein the user is the payor and a merchant is the payee, and comprising at least one of the following: (a) the user and the payee are each directly and independently connected to the rule-module nexus during simultaneous logon sessions via a communication network, and wherein upon the user clicking on a website widget of the payee, the rule-module nexus transmits secure socket layer data directly to the user interface apparatus for display to the user via a pop-up window, without requiring application programming interface integration with a website of the payee and without requiring a form re-direct of the user away from the website

Abstract: Various embodiments are directed to methods for generating proxy account data for a financial account and authorizing payment from an account of a customer based on proxy account data. Example methods may comprise selecting a serial number for a first customer and storing an association between the serial number and an account of the first customer. The methods may further comprise encrypting the serial number and consolidating the encrypted serial number with checkable data. An association between the encrypted serial number and the checkable data may be stored and the consolidated encrypted serial number and checkable data may be encrypted to generate proxy account data.

Abstract: An approach is provided for utilizing recognition data in conducting service transactions.

Abstract: An apparatus and method for configuring, altering, controlling, securing, and extending the processing capability and functionality of PCs and POS devices using a non-volatile memory device using software and data carried within the apparatus.

Abstract: A system for enhancing interpersonal communication is disclosed. The system includes one or more personal computer devices capable of broadcasting and receiving select messages based on overlapping user interests. The device shares identity credentials with other devices to ensure credibility of the information being broadcast and maintains user interests in a portable secure database on the device.

Abstract: A method for minimizing risk of a consumer performing a fraudulent Internet purchase transactions using a transaction card is disclosed herein, the method comprising receiving an enrollment verification request for a transaction from a merchant's website, transmitting the enrollment verification request to an access control server; receiving an enrollment verification response from the access control server, determining whether the transaction is risky based on at least a portion of the enrollment verification request, if the transaction is not risky, forwarding the enrollment verification response to the merchant website and, if the transaction is risky, modifying the enrollment verification response to denote the transaction is risky and forwarding the modified enrollment, verification response to the merchant's website.

Abstract: The invention provides a user terminal and a payment system. The user terminal comprises an input device, a multi-channel selection switch, an application module, a processor, a password processing module, and a security IC chip containing information on user's ID and/or banking card therein, wherein the multi-channel selection switch is coupled with the input device, the password processing module and the processor, the password processing module is coupled with the processor, and the security IC chip is coupled with the password processing module; the application module controls the multi-channel selection switch via the processor so as to place the user terminal in a password input mode or in a normal input mode. The invention ensures the safety in entering the user's password in hardware configuration so that even when software system of the user terminal is not safe in itself, the safety of input password can be ensured.

Abstract: A digital token system and methods to provide user generated digital tokens includes receiving from a plurality of users authorization to create one or more unique tokens without approval from a central authority, wherein each user who created the unique token (“creator”) is the only user authorized to increase quantity of the same token-type; and rendering the quantity of each token type visible to recipients of the token.

Abstract: A user interface hosted by a financial institution. The user interface is accessible via a communication network by a first user using a client device and includes at least one first screen for managing financial transactions of the first user. The user interface further includes a second screen for conducting email communication between the first user and at least one party other than the financial institution.

Abstract: For solving the problem that multiple Universal Serial Bus (USB) Keys are required to be taken to realize multiple network payments in the conventional art, the provides a method and a mobile terminal for realizing network payment. The method includes: a mobile terminal selects a network payment system which is needed to implement current network payment from a plurality of network payment systems according to an instruction input by a user; when the user is confirmed to be a legal user according to the digital certificate, the mobile terminal logs on the selected network payment system and implements the network payment. The selects a network payment system which is needed to implement the current network payment from a plurality of network payment systems, thus it is not needed to take multiple USB Keys.

Abstract: A comprehensive platform for merchandising intellectual property (IP) and conducting IP transactions is disclosed. A standardized data collection method enables IP assets to be characterized, rated and valuated in a consistent manner. Project management, workflow and data security functionality enable consistent, efficient and secure interactions between the IP Marketplace participants throughout the IP transaction process. Business rules, workflows, valuation models and rating methods may be user defined or based upon marketplace, industry or technology standards.

Abstract: A system (and a method) are disclosed for generating a virtual secure digital (SD) card. One embodiment detects an SD card and reads a media key block and media identification for the SD card. The system stores the media key block and the media identification. The system creates a file system for secure data on a storage device for storage of secure data corresponding to a secure data area of the SD card and creates a file system for user data on the storage device for storage of user data corresponding to a user data area of the SD card. In addition, the system uses the virtual secure digital (SD) card. The system determines if the virtual SD card is provisioned and provisions it if not. The system accesses the data stored in the secure area of the provisioned virtual SD card. The system extracts the data from the secured area of the provisioned virtual SD card.

Abstract: A context for a service request made by a service consumer can be used to establish a constraint rules set that is applied by a service provider. A context associated with a first service request can be received from a service consumer. An identity of the service consumer can be verified. A constraint value request associated with the service request can be received from a service provider responding to the service request. One or more constraints can be derived from the first context. An identity of a service provider that will fulfill the service request can be verified. The one or more constraints can be provided to the service provider. Related systems, apparatus, methods, and/or articles are also described.

Abstract: There is presented a system and method for unlocking a content associated with media. In one aspect, the method comprises identifying the media, generating an authentication key using at least one key data from a set of key data contained in the media, determining an address in the media of at least one content unit corresponding respectively to each of the at least one key data used to generate the authentication key; requesting the at least one content unit by providing the address; receiving user data in response to the requesting; comparing the user data with the at least one key data used to generate the authentication key; and unlocking the content associated with the media if the user data matches the authentication key.

Abstract: Techniques for automated mobile transaction processing are provided. A consumer traverses to a web portal or other type of enterprise terminal device of an enterprise and proceeds to shop. During checkout, the portal contacts a transaction service and is delivered back an identifying barcode or Quick Response (QR) code. The consumer uses a mobile device to scan the code and send it to the transaction service. Previously registered payment details of the consumer are located and payment is received from the consumer. The portal is notified that payment is completed by the transaction service.

Abstract: A system and method of sending an e-mail message associated with a wireless device is provided. A request to forward or reply to an original e-mail message is sent from the wireless device to a server. The request contains one or more recipients and includes a message identifier of an original e-mail message. A portion indicator is provided for retrieving portions of the original e-mail message identified by the message identifier. An e-mail message is sent to the one or more recipients comprising any added user text and the one or more retrieved portions of the original e-mail message such that text of the original message that the user may not be aware is not forwarded to new recipients.

Abstract: Embodiments of the invention are related to systems and methods for analyzing transaction data for mobile merchant transactions, and generating a message based on the analysis. Transaction data for one or more transactions conducted at one or more mobile merchants is electronically received, the transaction data including a location for each of the one or more transactions. The transaction data is analyzed by a server computer which generates a message based on the analysis, the message being transmitted to a client device.

Abstract: In one embodiment, the invention provides a portable wireless personal communication system for cooperating with a remote certification authority to employ time variable secure key information pursuant to a predetermined encryption algorithm to facilitate convenient, secure encrypted communication. The disclosed system includes a wireless handset, such as PDA, smartphone, cellular telephone or the like, characterized by a relatively robust data processing capability and a body mounted key generating component which is adapted to be mounted on an individual's body, in a permanent or semi-permanent manner, for wirelessly broadcasting, within the immediate proximity of the individual, a secret or private key identifying signal corresponding to a time variable secure key information under the control of the certification authority.

Abstract: Devices, systems and methods are disclosed which relate to securing payments from a mobile communications device. In exemplary embodiments, a mobile communications device communicates with a payment server via a point-of-sale device to conduct a transaction. The mobile communications device uses a client payment logic to send payment information to the point-of-sale device. The point-of-sale device uses a vendor payment logic to forward the payment information to the payment server. The payment server verifies the payment information and sends confirmation to the point-of-sale device.

Abstract: A card holding device featuring a housing with a plurality of slots in the top panel that allow passage of credit cards. Card holding mechanisms are disposed in the housing, which engage the credit cards. The card holding mechanisms can store the cards or eject the cards when activated. The card holding mechanisms can be locked and unlocked via a biometric scanner. Disposed on the housing is a display adapted to display the names or icons of each credit card stored in the device. When a user presses the icon, the card holding mechanism is activated and ejects that specific credit card from the housing.

Abstract: Systems and methods are provided for authenticating a user. In one implementation, a computer-implemented method is provided. According to the method, transaction history information for each one of a set of users is maintained in a storage device. The method provides identifiers associated with items for display and receives, from one of the users, a selection of one or more of the identifiers. The method further authenticates the user as a function of the selection and a transaction history of the user.

Abstract: Systems and methods are described herein for granting permission for biometric identity verification by a third-party using a limited-use token. A merchant point of sale (“POS”) system may receive transaction payment information from a mobile device associated with a customer. The customer may consent to biometric verification allowing the mobile device to provide customer identification information and a biometric verification token to the POS system. The POS system can collect a sample of biometric information from the customer. The biometric verification token may be transmitted to an identity verification service to be authenticated as originating from the mobile device of the customer. Upon successful authentication of the biometric verification token by the identity verification service, the service may evaluate the biometric information collected from the customer as corresponding to the customer identification or not.

Abstract: Techniques for identifying a user and authenticating payment transactions based on the identification include requesting the user to send his audio, video, and/or image from the point of sale location and comparing the received audio, video, and/or image to an audio/video/image on file to identify and authenticate the user as being the official holder of the payment device being used in the transaction. Once, the user is authenticated, the payment processing can be performed using conventional techniques. Some techniques involve use of accelerometer data associated with the user in addition to or in lieu of the audio, video, and/or image data to perform the identification and authentication of the user.

Abstract: The invention relates to a telecommunication method having the following steps: establishing a first connection (101) between a first ID token (106) and a first computer system (136) via a second computer system (100) for reading at least one first attribute from the first ID token, generating a first soft token, wherein the first soft token comprises the at least one first attribute and a time specification, and wherein the first soft token is signed by the first computer system, sending the first soft token from the first computer system to a third computer system (150), wherein the first connection is a connection with end-to-end encryption.

Abstract: Methods, systems, and computer-readable media are disclosed for access control. A particular method receives a resource access identifier associated with a shared computing resource and embeds the resource access identifier into a link to the shared resource. The link to the shared resource is inserted into an information element. An access control scheme is associated with the information element to generate a protected information element, and the protected information element is sent to a destination computing device.

Abstract: The present invention relates to a roaming electronic transaction terminal. It also relates to a secure system for electronic transactions comprising one or more roaming terminals. The terminal (1) has an application package support (2) and a coupler (3) for carrying out the read and write operations on a medium that are required for the electronic transactions in conjunction with the application package. The coupler (3) comprises means for creating a write time window and a read time window on the basis of a secure input signal, all writing and all reading being disabled outside of the corresponding windows. The invention applies notably for the securing of terminals carrying out checks and contractual transactions on supports equipped with processors and memories, it being possible for these supports to be through contactless read and write cards comprising for example transport entitlements, payment means or any other entitlements to be turned to account.

Abstract: Techniques are disclosed for detecting online fraud initiated by a host infected with a malicious software application that would otherwise remain undetected by many current fraud detection systems, e.g., for detecting man-in-the-browser Trojans. A fraud detection system operates in conjunction with an IPS system to identify online transactions that have a high probability of being fraudulent or initiated by a legitimate, but compromised host.

Abstract: A portable electronic device having a memory storing application software for initiating a payment transaction with a remote system, a data interface for coupling the device to a host computer, a contactless interface for receiving payment token data from a contactless payment token, and a cellular network interface for communication of data over a cellular network. The application software is executed from the device when the device is connected to the host computer and configures the portable electronic device to initiate a payment transaction by receiving payment token data via the contactless interface means and transmitting said payment token data to the remote system via the mobile network interface means.

Abstract: A portable consumer device includes a base, and a computer readable medium on the base. The computer readable medium comprises code for an issuer verification value and a supplemental verification value. The issuer verification value is used by an issuer to verify that the portable consumer device is authentic in an on-line transaction and the supplemental verification value is used to verify that the portable consumer device is authentic in an off-line transaction.

Abstract: Additional security is provided for on-line account users beyond that which is otherwise conventionally provided by, e.g., longer passwords, passwords that include both characters and numbers, etc., by implementing an on-line server that notifies a pre-registered account holder via a short messaging system (SMS) with a short message login notification when a log-in (or even just a login attempt) occurs. Thus, even entry of the proper user/password information, which would conventionally be presumed to be authorized, will be notified to the registered SM address of the authorized user.