Abstract: A secure and convenient product purchasing system and method are disclosed to allow for online sale and purchase of goods by means of a social network site using a mobile wallet system as an m-Commerce shopping cart checkout linked to a secure financial closed-loop proxy account. A proprietary graphical or barcode-represented on-line digital product code and details to be posted to one user's social network wall, so as to be either scanned or directly selected, then paid for using the secure financial closed-loop proxy account and a pre-registered personal handheld mobile device where all funds within the account remain in an “inactive” non-usable state until activated and allocated by another user through their mobile device, where both users are registered to the secure financial closed-loop proxy account.

Abstract: A secure product purchasing system and method are disclosed to allow for online purchase of goods or services by means of a proprietary graphical or barcode-represented printed or on-line digital product code and details to be either sent to or discovered by a customer, so as to be scanned then paid for using a secure financial closed-loop proxy account and a pre-registered personal handheld mobile device where all funds within the account remain in an “inactive” non-usable state until activated and allocated only by the customer through the mobile handheld device, wherein the merchant is registered to the secure financial closed-loop proxy account.

Abstract: A method for efficiently decrypting asymmetric SSL pre-master keys is divided into a key agent component that runs in user mode, and an SSL driver running in kernel mode. The key agent can take advantage of multiple threads for decoding keys in a multi-processor environment, while the SSL driver handles the task of symmetric decryption of the SSL encrypted data stream. The method is of advantage in applications such as firewalls with deep packet inspection in which all encrypted data traffic passing through the firewall must be decrypted for inspection.

Abstract: At least one embodiment of the present invention relates to a method for ensuring authenticity of an electronic transaction performed during a transaction session. The method includes receiving, over a first network, a request from a user for the completion of an electronic transaction; receiving, over the first network, an authentication code from the user which has been provided to the user over a second network separated from the first network, thereby authenticating the user, completing the electronic transaction; and storing information associated with the electronic transaction and the transaction session. The method further includes generating a one-way hash value based on information comprised in the electronic transaction and information associated with the transaction session, and providing the one-way hash value to the user, wherein the one-way hash value is usable for ensuring the authenticity of the electronic transaction.

Abstract: A system for facilitating data access and management on a smart card is provided. According to one exemplary aspect of the system, a storage architecture is provided in the smart card which allows data stored thereon to be shared by multiple parties. Access to data stored on the smart card is controlled by various access methods depending on the actions to be taken with respect to the data to be accessed.

Abstract: A user authentication method and system. A computing system receives from a user, a first request for accessing specified functions executed by a specified software application. The computing system enables a security manager software application and connects the specified software application to a computing apparatus. The computing system executes first security functions associated with the computing apparatus. The computing system executes second security functions associated with additional computing apparatuses. The computing system determines if the user may access the specified functions executed by the specified software application based on results of executing the first security functions and the second security functions. The computing system generates and stores a report indicating the results.

Abstract: This disclosure describes, generally, methods and systems for authenticating the identities of customers. For example, a method comprising receiving a service request from a customer and retrieving customer profile information related to the customer is described. The method further comprises generating questions based on the customer profile information and receiving answers to the questions from the customer. Furthermore, the method comprises analyzing the answers by comparing the answers with the customer profile information and calculating an authentication score based on the analysis of the answers. The method further authenticates the customer based on the authentication score being greater than a threshold score level.

Abstract: A document accessible over a network can be registered. A registered document, and the content contained therein, cannot be transmitted undetected over and off of the network. In one embodiment, a plurality of stored signatures are maintained in a signature database, each signature being associated with one of a plurality of registered documents. In one embodiment, the signature database is maintained by de-registering documents by removing the signatures associated with de-registered documents. In one embodiment, the database is maintained by removing redundant and high detection rate signatures. In one embodiment, the signature database is maintained by removing signatures based on the source text used to generate the signature.

Abstract: Improved computer-implemented techniques for providing relevant information to mobile electronic devices are disclosed. According to one aspect, usage of mobile electronic devices can be monitored and usage data can be formed. The usage data can then be used to perform an action. The action can operate to provide more relevant information, such as digital (e.g., online) information or rewards, to the user. In one embodiment, usage of mobile electronic devices can be monitored and users of such mobile electronic devices can be provided with rewards based on their usage. Another aspect pertains to monitoring locations of a mobile electronic device for a duration of time and then providing location-specific information based on the locations of the device.

Abstract: A method and system for a photo ID payment card transaction verification system for use with a payment card interchange network is provided. The system is programmed to receive a photo of a cardholder, the photo verified to be of the cardholder, assign a unique photo identifier to the photo, the unique photo identifier associated with the cardholder's payment card account, receive payment card transaction information for a payment cardholder from the interchange network, the interchange network configured to process payment card transactions between a merchant through a merchant bank and a cardholder through an issuer bank, the payment card transaction information including data relating to a purchase of goods or services made by the cardholder at a merchant, and transmit at least one of the photo and an access to the photo to the merchant with an authorization request response during a payment card transaction.

Abstract: Techniques for network-based self-checkout are provided. A consumer of an establishment uses a mobile app to self-scan barcodes of items for purchase. A running list of the items is maintained by a network shopping manager. The consumer uses the app to purchase the items when desired and the shopping manager sends a code to the app to validate the purchase. When exiting the establishment, the app provides the code to a self-service checkout system and as the customer bags the items, each item is validated against the list without requiring any additional action on the part of the consumer.

Abstract: Various consumer interface platforms are converged to facilitate user access to an electronic network of wallets. The functions of both remote and NFC payment, among other interface platforms, give the purchaser access to a single electronic wallet for online E-commerce and a variety of mCommerce scenarios, some including brick and mortar, face-to-face (F2F), and/or point-of-sale (POS) transaction payments. The network of wallets has a network operator intermediating payment transactions between merchants and wallet providers. In this way, the parallel consumer interface platforms, such as remote platform enabling e-commerce payments, an NFC platform, and/or others, into a single converged payment platform that is usable in either or both transaction settings.

Abstract: Computer-implemented methods and apparatus to perform a valid transfer of an electronic mobile ticket on a mobile device by a ticketing application system of a ticket processing center. One method includes: receiving a first electronic message from a first user, where the first message includes an encrypted electronic mobile ticket and a mobile device number of a second user, and where the electronic mobile ticket is encrypted with a key shared between the first user and the ticketing application system; decrypting the encrypted electronic mobile ticket; generating an electronic mobile ticket encrypted with a key shared by the ticketing application system and the second user; and transmitting a second electronic message that includes the electronic mobile ticket encrypted with the key shared between the ticketing application system and the second user to a mobile device of the second user.

Abstract: One or more instances of a bonus game (e.g., Class II games such as Bingo games) may be provided to players of another wagering game (e.g., a Class III game such as a slot game, a poker game, etc.). Some implementations of the invention allow players to exchange indicia of credit (e.g., money, game credits, or player loyalty points) for bonus opportunities. For example, players may be able to purchase one or more Bingo cards for Bingo bonus games. Some implementations award bonus opportunities to players based on wager levels, game results, a player's level in a player loyalty program and/or other criteria.

Abstract: Value tracking of automated clearing house (“ACH”) payments processed by an ACH operator includes receiving an ACH file for ACH processing. The ACH file comprises ACH payments originated by a remote sending point on behalf of a sending customer. A sum value of the ACH payments is added to a value of prior payments processed for the sending customer during a specified time period to obtain an accumulated payment value. The accumulated payment value is compared to a pre-established payment cap to determine whether the accumulated payment value exceeds the payment cap. The ACH payments are processed in response to a determination that the accumulated payment value does not exceed the payment cap. Whether to override the payment cap can be determined in response to a determination that the accumulated payment value exceeds the payment cap.

Abstract: In one embodiment, a method for promoting the sale of a substitute product at the point of sale (POS). Upon the presentation of an original product for purchase by a consumer at a POS terminal, various manufacturers may decide to offer a substitute product to the consumer, prior to completing the purchase of the original product. If the customer accepts the offer, the point of sale terminal completes the sale of the substitute product.

Abstract: An online card-present transaction system facilitates card-present type transactions with a merchant over a public network. A host system is configured to accept authentication data from a user via an authentication device. The host system, after authenticating a user is configured to retrieve the user's account information from a user database system and translate a user account number into a temporary transaction number. The temporary transaction number is then transmitted directly from the host system to the merchant, thereby eliminating the need for the user to send to the merchant over the internet, the user's transaction account number.

Abstract: According to one aspect, the invention provides a system for authenticating identities of a plurality of users. In one embodiment, the system includes a first handheld device including a wireless transceiver which is configured to transmit authentication information, a second device including a wireless receiver, where the second device is configured to receive the authentication information.

Abstract: In general, the subject matter described in this specification can be embodied in methods, systems, and program products for providing access to secured resources. A token providing system stores a primary authentication token that is used to obtain temporary authentication tokens. The token providing system provides, to application programs that are unable to access the primary authentication token, the temporary authentication tokens. The token providing system receives, from a first application program of the application programs, a first request to obtain a first temporary authentication token. The first request does not include the primary authentication token. The token providing system transmits a second request to obtain the first temporary authentication token. The second request includes the primary authentication token. The token providing system receives the first temporary authentication token.

Abstract: An apparatus and method for aggregating and accessing data according to user information are provided. According to one aspect, an interface device for providing data between a first device and a second device comprises an input, an output, logic, and a repository for storing personal data and data associated with one or more users. The input of the interface device receives data in a first format from the first device. The logic receives a data request, identifies a second device for receiving the data, identifies a second format for the second device, and translates the data to the second format. The translated data is then transmitted to the second device via the output. The logic may further collect, aggregate, and transmit the aggregated data to a requesting device. The input may be a product identification input device. The second device may be billed for the data services.

Abstract: According to one embodiment, a conditional access (CA) control system comprises circuitry that is adapted to: (i) transmit information including a unique identifier assigned to a digital device and mating key generator values to the remote source, (ii) receive a mating key from the remote source, the mating key being based on the transmitted unique identifier and mating key generator values, the mating key being used to encrypt data used for scrambling either additional key information or program data prior to transmission to the digital device, and (iii) transmit the mating key generator values and the encrypted data to the digital device, the mating key generator values are used to regenerate the mating key in the digital device.

Abstract: A method for processing a financial transaction using a mobile cloud account mapped to a payment account includes: storing, in a mapping database, a plurality of mapping records, each mapping record including a master key identifier, a mobile cloud account number (MCA), and a real card account number (RCA), the MCA being based on attributes of the RCA; receiving transaction data related to a financial transaction, wherein the transaction data includes at least an MCA and a payment cryptogram; validating, by a validation device, the payment cryptogram; identifying, in the mapping database, a specific mapping record, wherein the specific mapping record includes the MCA included in the received transaction data; and transmitting at least the RCA included in the specific mapping record and a validation result indicating a success or failure of the validation of the payment cryptogram.

Abstract: The present invention relates to a mobile financial transaction system (1) and method (100) which is operated on mobile device (3) and enables user information to be carried on SIM card (2) by being encrypted. With the inventive system (1) and method (100), the user can carry out his/her financial transactions on the bank (B) desired.

Abstract: Methods for effecting transmitter and receiver synchronization are disclosed. A method includes reading an authentication key value that is calculated by a receiver that is to receive protected content from a transmitter, determining if there has been a change in the authentication key value calculated by the receiver since it was last read and determining if a counter associated with the transmitter has a zero value. A re-authentication of the receiver is initiated if the counter associated with the transmitter has a non zero value and the authentication key value that is calculated from the receiver has changed.

Abstract: A method and apparatus for conducting a transaction involving transmission of a dynamic authentication code in place of a static PIN block using currently existing messaging standards or PIN acceptance devices. Minimal changes to existing processes an equipment are made while greatly improving security and fraud minimization.

Abstract: A method of eliminating the need to wait in line to conduct a payment transaction in a retail establishment includes initiating a network-based electronic payment transaction with a communications device in a retail establishment. A shopper initiates the network-based electronic payment transaction. Moreover, the method includes entering a machine readable code from at least one good with the communications device, determining a price of the at least one good and a total payment transaction cost, and displaying the total payment transaction cost on a screen of the communications device. Furthermore, the method includes determining whether to approve payment for the electronic payment transaction, authenticating the shopper, completing the electronic payment transaction in the retail establishment, and transmitting a transaction complete message to the communications device when the shopper is authenticated.

Abstract: When two parties of a cyberspace transaction register their identity attributes under a CITA system each party is assigned a unique, encrypted and digitally signed identity token. When the consuming party seeks access too, or payment for, cyberspace services, the providing party submits their identity token to the consuming party. The consuming party creates a request token, containing both the consumers' and the providers' identity tokens, and the transaction related information, to the CITA system. The CITA system validates the identity tokens and either creates a payment confirmation token by processing the payment request, or creates an access confirmation token by dynamically defining the minimal consumer identity attributes required to gain access to the provider's service. The confirmation token is encrypted and digitally signed and returned to the consumer, and then forwarded to the provider to complete the transaction without either party openly exchanging personal identity attributes.

Abstract: A secure payment system provisions a payment transaction proxy with virtual EMV-type chipcards on secure backend servers. Users authorize the proxy in each transaction to make payments in the Cloud for them. The proxy carries out the job without exposing the cryptographic keys to risk. User, message, and/or device authentication in multifactor configurations are erected in realtime to validate each user's intent to permit the proxy to sign for a particular transaction on the user's behalf. Users are led through a series of steps by the proxy to validate their authenticity and intent, sometimes incrementally involving additional user devices and communications channels that were pre-registered. Authentication risk can be scored by the proxy, and high risk transactions that are identified are tasked by further incrementally linking in more user devices, communications channels, and user challenges to increase the number of security factors required to authenticate.

Abstract: A “lock-and-key” consumer billing data protection capability is provided to telemarketing systems which are based upon previously-acquired consumer lists. The lists contain only partial billing information for each consumer, which is insufficient to access the consumer's account. Thus, at the time a telemarketer employing this capability communicates with a consumer to offer them a product or service, the telemarketer, the seller and any entity hired to perform billing operations for such consumer purchases all remain “locked” out from accessing the consumer's account. When the consumer wishes to authorize the purchase of an offered product or service, the consumer must “reach into their wallet” to provide the “key” to their account, which is the missing billing information not acquired from the third-party list provider.

Abstract: Methods and apparatus, including computer program products, for gift card services. In general, data characterizing a request to provide a merchant credit service to an intended recipient is received and a message to be sent to the intended recipient is generated, where the message characterizes a phone number to call to activate the merchant credit service. Data characterizing authentication by a call to the phone number to activate the merchant credit service from the mobile phone number of the intended recipient is received, where the authentication includes checking caller identification of the call to ensure the call is from the mobile phone number of the intended recipient. The merchant credit service is activated. Credit associated with an account of a merchant credit service may be redeemed by providing an account number of the service. Redemption may be authorized based on caller identification of a mobile phone number associated with an account.

Abstract: A method for calculating a risk score of a data object may include obtaining a severity level associated with a data object. The severity level may be calculated based on presence of confidential information in the data object. The data object may be a file or a folder. The severity level may be calculated using a data loss prevention policy. The method may further include obtaining metadata associated with the data object. The metadata may comprise at least one of access permission data for the data object and access usage data for the data object. The method may further include calculating a risk score for the data object based on the severity level and the metadata associated with the data object.

Abstract: An IC chip, an information processing apparatus, system, method, and program are provided. An IC chip includes an authentication control unit configured to authenticate a request using authentication information. The request and/or the authentication information is received from outside the IC chip.

Abstract: A network component comprising at least one processor configured to implement a method comprising deriving a Master Session Key (MSK) using a secret key and at least one parameter obtained from an Extensible Authentication Protocol (EAP) sequence, deriving a first Pairwise Master Key (PMK) and a second PMK from the MSK, authenticating with a home gateway (HG) using the first PMK, and authenticating with an end point using the second PMK. Included is an apparatus comprising a node comprising an access controller (AC) and a protocol for carrying authentication for network access (PANA) Authentication Agent (PAA), wherein the AC is configured to manage authentication for a UE, and wherein the PAA is configured to implement a PANA to forward authentication information related to the UE.

Abstract: Apparatus and methods for providing customer benefit offer program enrollment are provided. A system for enrolling a purchasing instrument in an electronic customer benefit offer program an electromagnetic receiver module. The receiver module may be configured to receive data from the purchasing instrument and receive from a customer a customer selection of a notification channel, the channel to be used for notifying the customer about a customer benefit. The system may also include a processor module configured to associate the purchasing instrument data with an account on an electronic platform so that a customer benefit offer that is stored on the platform may be associated with the purchasing instrument.

Abstract: A card to card transfer method used in the financial system is provided in the present invention, and comprises an initializing step, a transferring step and a transaction confirming step, wherein the initializing step includes the steps of calculating and obtaining the public key certificate and checking the amount of the transaction and so on, and the transferring step includes the steps of performing the transaction and so on. The present invention can achieve the function of transferring the electronic cash between two cards and can prevent the risk of repeatedly transferring the money into the card for transfer-in by using the card for transfer-out and so on.

Abstract: Systems, apparatuses, and methods enabling secure payment transactions, and methods for sharing secure documents, via a mobile device, for example a mobile telephone, smartphone, cellular telephone, other wireless device, a Near Field Communications (NFC) device, or the like. Actual user account information is substituted with temporary account information such that the temporary account information may be manipulated in a manner similar to actual user account information, with the result that actual account information is masked thereby greatly reducing the likelihood of misuse.

Abstract: Methods and systems for dynamically generating a verification value for a transaction and for utilizing such value to verify the authenticity of the payment service application. The dynamically created verification value may be generated on a payment device, such as an integrated circuit credit card or smart card, embedded into the payment data, and transmitted to a point of sale terminal. Alternatively, payment data is sent by a payment device to a point of sale terminal, which generates a verification value and embeds it into the payment data. The embedded verification value is used by a service provider to verify the authenticity of the transaction. The methods and systems may be used in a contactless (wireless) environment or a non-wireless environment.

Abstract: A system that incorporates teachings of the present disclosure may include, for example, a non-transitory computer-readable storage medium, which operates in a mobile device server and which has computer instructions to obtain a software application, store a first pairing key in a memory of the mobile device server where the first pairing key is generated by a device of a service provider in response to a review of the software application for compliance with at least one policy of the service provider, and execute a web server application at the mobile device server that is operable to detect a media resource center operably coupled with at least one media device, establish communications with the media resource center and transmit the first pairing key to the media resource center to enable at least a portion of services that are associated with the software application and that utilize the at least one media device. Other embodiments are disclosed.

Abstract: Erroneous deletion of data due to a collision of digest information during data de-duplication using digest information is prevented. When backup data is stored on a backup server 1100, digest information of the backup data is generated and stored in a digest information management table 4200. In addition, when a backup data storage request is made to the backup server 1100, a digest information verification control sub-program 1127 generates digest information of data to be backed up, and performs verification against the digest information of the backed up data already stored on the backup server 1100. If, by this verification, it is found that backed up data having the same digest information is already stored, de-duplication is realized by reusing the existing backed up data without newly storing the data to be backed up.

Abstract: One embodiment of the present disclosure provides a system and associated processes for sharing cardholder data (CHD) between a merchant that utilizes tokenization and a second merchant that may or may not utilize tokenization. In one embodiment, the merchant, or an employee of the merchant, can use the system and associated processes to reacquire CHD from a tokenization provider system. In one embodiment, the merchant identifies to the tokenization provider system a desire to share CHD, which is associated with a token, with a second merchant. The merchant and/or the tokenization provider system can then invite the second merchant to register with the tokenization provider system. Once registered with the tokenization provider system, the second merchant can access any CHD that the merchant associated with the second merchant.

Abstract: This invention discloses a novel system and method for distributing electronic ticketing such that the ticket is verified at the entrance to venues by means of an animation or other human perceptible verifying visual object that is selected by the venue for the specific event. This removes the need to use a bar-code scanner on an LCD display of a cell phone or other device and speeds up the rate at which human ticket takers can verify ticket holders. The system providing the service also can maintain a persistent communication channel with the user device in order to control the ticket verification process.

Abstract: An audible based electronic challenge system is used to control access to a computing resource by using a test to identify an origin of a voice. The test is based on analyzing a spoken utterance using optimized challenge items selected for their discrimination capability to determine if it was articulated by an unauthorized human or a text to speech (TTS) system.

Abstract: An audible based electronic challenge system is used to control access to a computing resource by using a test to identify an origin of a voice. The test is based on analyzing a spoken utterance to determine if it was articulated by an unauthorized human or a text to speech (TTS) system.

Abstract: In embodiments of the present invention improved capabilities are described for identifying a classification scheme associated with product attributes of a grouping of products of an entity, receiving a record of data relating to an item of a competitor to the entity, the classification of which is uncertain, receiving a dictionary of attributes associated with products, and assigning a product code to the item, based on probabilistic matching among the attributes in the classification scheme, the attributes in the dictionary of attributes and at least one known attribute of the item.

Abstract: A system and method for facilitating electronic transactions using an intelligent instrument is disclosed. An authorization server enables users to obtain authorization credentials through the use of the intelligent instrument by issuing a challenge to an intelligent token of the intelligent instrument. The intelligent token generates a challenge response and transmits the challenge response to the authorization server, which assembles credentials including a key for the electronic transaction upon validating the response. The authorization server sends the assembled credentials to the intelligent instrument and the intelligent instrument transmits the assembled credentials to the authorization server during a subsequent transaction. The authorization server validates the assembled credentials and provides authorization for the transaction in response to the validating the assembled credentials.

Abstract: A system and method facilitates the audit process involving a business client, an auditor, and a third-party by providing confirmations for the client upon the auditor's request. An auditor or requestor receives an audit number from the audited client as evidence of authorization for requesting confirmation from a third-party, such as a legal professional. The confirmation request submitted by the requestor will be stored in a network-based computer confirmation system and transmitted to the relevant third-party responder. The third-party then provides necessary confirmation data (i.e., response data) to the confirmation system which forwards a completed confirmation to the auditor. The involved third-party can be a bank or financial institution, another entity in business relationship with the client, or any other entity that has access to the requested data associated with the client, such as a legal professional.

Abstract: An online card-present transaction system facilitates card-present type transactions with a merchant over a public network. A host system is configured to accept authentication data from a user via an authentication device. The host system, after authenticating a user is configured to retrieve the user's account information from a user database system and translate a user account number into a temporary transaction number. The temporary transaction number is then transmitted directly from the host system to the merchant, thereby eliminating the need for the user to send to the merchant over the internet, the user's transaction account number.

Abstract: A method for granting secure network access comprising requesting, by a mobile device, access to a network via an access point; receiving a passcode from the access point; sending a message including the passcode and an indicia back to the access point; and generating, by the access point, a secure key based on the indicia, the secure key providing network access to the mobile device.

Abstract: A method of conducting secure electronic credit payments to a payment acquirer using a credit payment unit, comprising of a smart card, a portable card reader device and a mobile phone, and a payment server. The method is based on using a unique reader key in the card reader device to encrypt all the sensitive smart card information communicated to the payment server, and thus being able to use an unsecure mobile phone to communicate with the payment server. The payment server then completes the transaction with the payment acquirer over a secure line.

Abstract: A method for performing vending transactions includes generating a token upon request by a wireless appliance is provided. The method includes placing the token in a remote server; placing the token in the wireless appliance; providing the token from the wireless appliance to a point-of-sale (POS) terminal; authenticating the token with the remote server; validating the token to perform the vending transaction; and deleting the token from the remote server when the vending transaction is complete. A method for using a wireless appliance in vending transactions is provided. A method for using a remote server configured to connect to a wireless appliance and a POS terminal in vending transactions is provided. A system to perform vending transactions using an internet connection as above is provided. The system may include a remote server including a private account; the remote server configured to communicate with a POS terminal and a wireless appliance.