Abstract: Virtually fraud-proof authentication for wireless mobile financial transactions. A mobile telephone, genius card or dongle may capture multiple biometrics, such as fingerprint, voiceprint, retinal recognition data, facial biometric data, ear biometric data and bio print, iris scanning data, pupil movement recognition data, and send segments of each of them to a server computer that re-constitutes them and stores them for matching during an attempted financial transaction. A purchasing individual has multiple biometrics read by separate readers integrated into a single hand-held device. An automatic process of the server computer has previously sent a command packet to the hand-held device defining percentage and portion of each biometric to select and the sequence and channel of transmission for matching along with other out of band security data.

Abstract: A method and apparatus are provided for validating a transaction on a transactional terminal, the transaction being associated with a user. The method includes a step of decoding a validation code preliminarily generated and displayed by the transactional terminal, entered by the user in a validation message, and transmitted by a mobile device of the user to an entity of a telecommunications network to which the mobile device and said transactional terminal are connected.

Abstract: Systems, methods, and apparatus are provided for authenticating a consumer using challenge questions. A response to a challenge question is verified via seeding the challenge question, receiving response, and deductively determining the answer. The verified response and challenge question may then be used to authenticate a consumer as part of an authorization process.

Abstract: Embodiments of the invention provide a portable consumer device configured to store dynamic authentication data in memory. The portable consumer device also includes an interface for transmitting data to and receiving power from an external device. The dynamic authentication data is read from the memory by a read-write device located on the portable consumer device. The authentication data is updated and the updated data may be written into memory using the read-write device. In some embodiments, an authentication value read from the memory may be used to generate another authentication value based on an algorithm. The portable consumer device is further configured to transmit authentication data to an external device. The process of reading, updating, generating, transmitting, and rewriting the authentication data may occur each time external power is provided to the portable consumer device via the interface.

Abstract: Devices, systems and methods are disclosed which relate to securing payments from a mobile communications device. In exemplary embodiments, a mobile communications device communicates with a payment server via a point-of-sale device to conduct a transaction. The mobile communications device uses a client payment logic to send payment information to the point-of-sale device. The point-of-sale device uses a vendor payment logic to forward the payment information to the payment server. The payment server verifies the payment information and sends confirmation to the point-of-sale device.

Abstract: This disclosure includes a system, method, and article of manufacture for securely processing a transaction. The method may comprise performing a three factor authentication, communicating and/or generating, to a web client, a token in response to a transaction request and based upon the three factor authentication, comparing the token to a received token, and authorizing the transaction request based upon the comparing. Three factor authentication may comprise authenticating a web client to a transaction account associated with an individual, authenticating a web client to a payment network associated with the transaction account, and authenticating an individual to the transaction account based upon a biometric sample.

Abstract: A printer system includes a printer and a printing consumable detachably mounted on the printer. The printer has a first integrated circuit which generates a random number, reference information using the random number and a secret key. The printing consumable has a second integrated circuit which generates validation information using the random number and the secret key received from the first integrated circuit. The printer also has processing circuitry configured for receiving the reference information from the first integrated circuit; receiving the validation information from the second integrated circuit; and comparing the reference information and validation information so as to validate the printing consumable device for use with the printer.

Abstract: A method of generating authentication seeds for a plurality of users, the method involving: based on a single master seed, generating a plurality of derivative seeds, each one for a corresponding different one of a plurality of users; and distributing the plurality of derivative seeds to a verifier for use in individually authenticating each of the plurality of users to that verifier, wherein generating each one of the plurality of derivative seeds involves mathematically combining the master seed and a unique identifier identifying the corresponding user.

Abstract: A transaction processing service operates as an intermediary between acquirers of financial transaction requests and issuing institutions that process the financial transaction requests. The intermediary service enables a customer to selectively change the status of an account's associated with a payment instrument by activating or deactivating the account. The intermediary service may manage account status locally using a rules module. Alternatively, the issuing institution may manage account status, while the intermediary service provides an interface for customers. A customer communicates with the intermediary service to direct the service to change the account status. The intermediary service determines the account's issuing institution and provides an indication to the issuing institution of the current status of the account (or of the change in status).

Abstract: A method and system for authenticating an Internet user identity by cross-referencing and comparing at least two independent sources of information. A first geographical location of computer signature of an internet user is identified and the geographical location of a communication voice device of said internet user is identified to determine a second location. The first and second locations are compared for geographical proximity to confirm the identity of the internet user. Based upon geographical proximity of said locations, a score is assigned to the internet user, and access to a website is allowed or limited based upon said score. Alternatively, additional authentication information can be required or access can be terminated.

Abstract: A system is provided for confirming certification of combinations of secure elements and mobile devices. The system includes secure element data and a secure element component on a removable secure element. The secure element component detects insertion of the removable secure element in a mobile device, retrieves the secure element data, and retrieves mobile device data from the mobile device. The secure element component determines whether a combination of the removable secure element and the mobile device is certified based on a comparison of the secure element data and the mobile device data. The secure element component provides a certification alert via a user interface on the mobile device in response to a determination that the combination of the removable secure element and the mobile device is not certified.

Abstract: An authentication-authorization system for a mobile communication terminal and a method therefor are provided. When a mobile communication terminal is in a connect state, code data randomly generated by a remote encoding terminal is continuously provided to the terminal and data management terminal. When an application service program on the mobile communication terminal or an application service terminal connected to the mobile communication terminal need to execute an authentication-authorization, identification data of the mobile communication terminal and its card and code data can be offered to the data management terminal to carry out a bidirectional dynamic authentication-authorization, to determine whether allow the application service program or the application service terminal to keep providing an application service or not.

Abstract: A method for casino operators and/or players to instantly “create” new games without requiring recertification by a gaming laboratory. New games are created on the fly by making combinations of game attributes including but not limited to theme, denomination, volatility, RTP. Game attributes are associated to pre-certified software components that are then dynamically linked to instantly offer a new game. Having players dynamically create games according to their preference totally removes the game operator's risk to compose menus of available games that players will not play.

Abstract: Described herein are processes and devices that integrate social contact identifiers into wagering games. One of the devices described is a social contact identifier integrator. The social contact identifier integrator can display one or more elements of a wagering game, such as graphics that are part of, or connected to, the wagering game. A player of the wagering game can have a social network account that has one or more related social network accounts, such as friends or acquaintances. The social contact identifier integrator selects a social contact identifier from one of the related social network accounts and integrates the social contact identifier into the wagering game. The social contact identifier integrator can also determine and assign rewards to the player or to the related social network account whose social contact identifier appeared in the wagering game.

Abstract: In one aspect, a computing apparatus is configured to generate trigger records for a transaction handler to identify authorization requests that satisfy the conditions specified in the trigger records, identify communication preferences of the users associated with the identified authorization requests, and use the communication preferences to target real-time messages at the users in parallel with the transaction handler providing responses to the respective authorization requests.

Abstract: A method for accessing a service on a network, via a user terminal (30), includes a subscription phase wherein: a container is generated, including a first set of authentication data for accessing the service and a second set of useful data relating to access rights to the service the first and second sets of data being encrypted, the container is transmitted securely from the user terminal, and an access phase wherein: the container is transmitted securely from the terminal to a management server connected to the network, during a request for access, after decryption of the constituent data of the container, the server verifies the validity of the first set of data and, in the event that verification is successful, authorizes access to the service for its execution, based on the access rights.

Abstract: A method and system for authenticating an end user. A first pattern of colored quadrilaterals is generated. A second pattern of multiple colored nodes that include a first subset of nodes is generated. The first and second patterns are sent to the end user. If a transparent credit card is overlaid by the end user on top of the second pattern, then a second subset of nodes in the credit card would match in color and location the first subset of nodes. The authenticity status of the end user is determined by determining whether each node of a third subset of nodes within the second subset of nodes (i) corresponds to a unique node of the multiple colored nodes and (ii) has a color that matches a specific color in one quadrilateral of the colored quadrilaterals. The determined authenticity status is sent to the end user via an output device.

Abstract: A method and system for conducting an online payment transaction through a point of sale device. The method includes receiving input from a user selecting an item for purchase through the point of sale device; calculating a total purchase amount for the item in response to a request from the user to purchase the item; and sending payment authorization for the total purchase amount from the point of sale device to a payment entity, in which the payment authorization is sent to the payment entity via a mobile communication device of the user. The method further includes receiving a result of the payment authorization from the payment entity through the mobile communication device; and completing the payment transaction based on the result of the payment authorization.

Abstract: A system for point-to-point encryption is provided. A card reader system reads unencrypted card data stored on a magnetic stripe of a card and encrypts the card data, the card reader system being contained in a first housing. A point of sale device coupled to the card reader system and contained in a second housing separate from the first housing has a user interface for obtaining a transaction amount. A transaction request system transmits the transaction amount and the encrypted card data to an authorization gateway, wherein the unencrypted card data is prevented from being processed by the point of sale device.

Abstract: An electronic money system is directed to avoid unauthorized use of certificate-type electronic money. The electronic money system is provided with a management server, a verification sever, a remittance terminal, and a receptor terminal. In response to a request from the remittance terminal, the management server issues an inactive electronic certificate including a certificate ID and notifies the verification server of the certificate ID. The remittance terminal gives a group signature to the inactive electronic certificate to generate an active electronic certificate. The reception terminal verifies the active electronic certificate obtained from the remittance terminal on the basis of the group signature. The verification server matches the certificate ID notified from the management server with the certificate ID included in the active electronic certificate verified by the reception terminal to verify availability of the active electronic certificate.

Abstract: A system for managing electronic receipts is provided. According to one aspect, the system includes a portable device, a base device, a user device and an electronic receipts administration system. The electronic receipts administration system provides the base device with the appropriate data to allow the base device to generate, store and manage electronic receipts accordingly. A user uses the portable device to conduct a transaction with the base device. The base device uses a variety of information to generate an electronic receipt for the transaction. Such information includes, for example, information stored on the portable device, information stored locally on the base device and information stored on another device such as an electronic cash register. The electronic receipt is then stored on the portable device. The user device allows the user to subsequently retrieve the electronic receipt for management purposes.

Abstract: A device having a processor, the processor executing program instructions causing the processor to: storing credit card information of an individual in an encrypted format only readable by the processor; function as a credit card terminal by receiving an invoice for payment, wherein the invoice has a merchant key to direct payment to a specified gateway; and transferring funds from the individual to the specified gateway.

Abstract: Disclosed herein is a method and system for registering and verifying a smart card certificate for users moving between public key infrastructure domains, which allows a user moving between domains to have a smart card certified in a terminal located in an external domain other than a home domain. According to the present invention, when a user wants his/her own smart card to be certified in a terminal of an external domain, a certification authority of the external domain can certify the smart card using a certificate stored in the smart card and signed electronically by a certification authority of a home domain. Additionally, a new certificate issued by the certification authority of the external domain is stored in the certified smart card, so that a certificate of the moving user can be verified regardless of domains and a new certificate of a moved domain can be easily obtained.

Abstract: Systems and methods for implementing a secure processor stick are described. In one aspect, the system for implementing a secure processor stick with a computer, the system comprising: a secure processor stick, including: a processor; a memory coupled to said processor; a smart chip coupled to said processor, said smart chip storing data for implementing a secure environment; and an operating system adapted to run on said memory and said processor, wherein said operating system is adapted to provide a secure environment for display on a computer using said data.

Abstract: A communication method intended to ensure the receipt of digital data by at least one remote entity, and an associated system, in particular in the context of data transfer with an aircraft, includes receiving of numerical data by at least one remote entity, digital signing of the data received by the remote entity so as to generate a digital signature, and transmitting the digital signature to a local entity. The digital signature is transmitted with at least one identification information item for the received and signed data. The identification information item is smaller size than the received data.

Abstract: A security token includes (a) a personal data memory configured to store digital identity credentials related to personal data of a user; (b) an input appliance configured to check said personal data; (c) a key record data memory configured to store at least one identity credential of an authentication server or of an application operator; (d) a transmitter and receiver unit configured to create a secure channel directly or indirectly to said authentication server or application operator to handle said key record relating to said authentication server or application operator, respectively; (e) a control unit configured to control the transmitter and receiver unit and the key record data memory in view of said handling, wherein the control unit is configured to perform one of: interpreting, deciphering, creating, checking, renewing, withdrawing and further key record handling actions. A method for authentication of a user using the security token is also disclosed.

Abstract: Methods and systems for performing micropayment transactions over communication networks is provided. These methods and systems enable ubiquitous micropayments by providing a seamless payment solution in which micropayment is one of a plurality of payments facilitated. In an embodiment, the transaction value may be compared to a predefined threshold, and processed as a micropayment if said value is less than said threshold, and otherwise processed using a second processing system. In another embodiment, the transaction may be processed as a micropayment if the payee has previously been verified by the micropayment processing system. In a third embodiment, the transaction takes place using the payee's website.

Abstract: The invention describes how a consumer can hold their NFC enabled device in proximity to an NFC enabled point-of-sale terminal and with a single “wave” or “tap” to automatically redeem coupons, pay for a purchase using a default payment card or a selected card, view receipts view reward point balances, and receive relevant coupons and other digital artifacts both before and after the purchase. The NFC enabled device includes a secure element with a payment application, payment credentials, and other digital artifacts such as coupons. The secure element can be internal to the mobile device, externally affixed to the mobile device, or inserted into a slot within the body of the mobile device.

Abstract: A system and method enables trusted sources to easily approve requests for money transfers by simply typing in a yes or equivalent.

Abstract: The disclosure discloses a method for implementing account transfer using a mobile terminal, which includes: an uplink processing module receives a transfer-out transaction request from a transferor and a transfer-in transaction request from a transferee or an agent; an encryption and decryption module performs format verification and decryption of the transfer-out transaction request and transfer-in transaction request, randomly generates a withdrawal password according to the transfer-out transaction request, and provides the withdrawal password to a transaction processing module and a transferee; the transaction processing module authenticates a user accessing to the mobile terminal wallet transaction, performs the transfer-out operation according to the transfer-out transaction request, and performs the transfer-in operation according to the transfer-in transaction request and the withdrawal password provided by the encryption and decryption module; and a downlink processing module returns a response mess

Abstract: Embodiments of a portable wagering game machine and a stationary wagering game machine are described herein. In one embodiment, a plurality of portable wagering game machines are associated with a stationary wagering game machine. Group wagering game data is displayed on the stationary wagering game machine. The group wagering game data includes wagering content for viewing by multiple players. At each of the plurality of portable wagering game machines, individual wagering game data is displayed. The individual wagering game data and the group wagering game data relate to a wagering game.

Abstract: A method and system for mutually authenticating a client and a server is provided in accordance with an aspect of the present invention. The method commences with transmitting a token from the server to the client. Thereafter, the method continues with establishing a secure data transfer link between the server and the client. A server certificate is transmitted to the client during the establishment of the secure data transfer link. The method continues with transmitting a response packet to the server, which is validated thereby upon receipt. The system includes a client authentication module that initiates the secure data transfer link and transmits the response packet, and a server authentication module that transmits the token and validates the response packet.

Abstract: A validation module provides for the upgrading of a physical access control system (PACS) to full HSPD-12 compliance without requiring modification or replacement of the existing PACS. The validation module may contain all of the validation functionality required by federal specifications and technical requirements. The validation module may be installed between an existing PACS panel and a supported card/biometric reader. Readers may be selected based on assurance level requirements, e.g., contactless or contact readers for low and medium assurance level areas and full biometric readers for high assurance areas. The validation module may validate a card according to the assurance level setting, extract ID information from data on the card and then pass the ID information to the PACS panel for an access decision. Cardholder data captured by one validation module may be distributed to other validation modules of the PACS using a management station.

Abstract: The invention relates to an authentication and/or rights containing retrievable token such as an IC card comprising at least one physical channel of communication to at least one apparatus and at least two logical channels of communication with said at least one apparatus wherein each logical channel of communication is associated with a different execution environment.

Abstract: A protocol that allows customers to buy database records while remaining fully anonymous, i.e. the database server does not learn who purchases a record, and cannot link purchases by the same customer; the database server does not learn which record is being purchased, nor the price of the record that is being purchased; the customer can only obtain a single record per purchase, and cannot spend more than his account balance; the database server does not learn the customer's remaining balance. In the protocol customers keep track of their own balances, rather than leaving this to the database server. The protocol allows customers to anonymously recharge their balances.

Abstract: A device for facilitating financial account transactions is described which includes a processing unit including a cryptographic processor. The device also includes an input unit, a display unit and a memory device connected to the processing unit. The memory device contains a private cryptographic key, a first data element and a second data element. The processing unit encrypts the first data element using the private cryptographic key and the second data element, modifies the second data element, combines the encrypted first data element and the second data element to generate a single-use financial account identifier, and displays the single-use financial account identifier. This identifier is then transmitted to a central processor for authorization of the transaction.

Abstract: A method and apparatus are provided for providing authentication of an e-commerce server to a user engaging in e-commerce transactions. When the user begins an e-commerce session, the e-commerce server requests an authentication token from an authentication proxy with which it has registered. If the authentication proxy recognizes the e-commerce server, the authentication proxy generates an authentication token in the form of a simple image, and sends the authentication token to the e-commerce server over a trusted path. The e-commerce server sends the authentication token to the user. The authentication proxy also sends a copy of the authentication token to the user over a second trusted path to a second device or application accessible by the user. The user can then see that the authentication token presented by the e-commerce server matches the authentication token presented by the authentication proxy.

Abstract: Computer-implemented system and methods for authenticating the identity of a person, for example a customer (1) of an E-Commerce web site (15). The web site or other verification “client” (110) contacts a verification engine (10, 100) (“Authentex”), which may be implemented as a web server (604). The verification engine (10), in turn, has limited access to a plurality of independent, third-party secure databases (21, 112) which are maintained by Trusted Validators (3, 610, 620, etc), which are entities such as banks that have a pre-existing relationship with customer (FIG. 4), and due to that relationship, acquire and maintain “out-of-wallet” data (4) that may be useful to authenticate the identity of the customer. That confidential customer data—held by the third-party “Trusted Validators”—is not disclosed.

Abstract: Methods and systems are described for transferring funds from a sender to a recipient. Source funds are received from a sender. An amount of recipient funds is determined from a value of the source funds. A transfer identifier associated with the recipient funds is generated and provided to the sender. The transfer identifier is received from the recipient, prompting a transfer in control of the recipient funds to the recipient. At least one of the source funds and the recipient funds are in the form of one or more electronic tokens. Each such electronic token has a currency amount and a digital signature identifying a financial institution that backs the electronic token for the currency amount.

Abstract: Methods and devices for evaluating risk profiles for potential participants in e-commerce transactions, such as online wager gaming, are described. Player attributes such as identity, age, location, and/or residence may be profiled using data service providers (“DSPs”). The best available DSP(s) may be selected, e.g., according to the jurisdiction. Players may be evaluated according to DSP scores and assigned to levels or “tiers” with predefined attributes, e.g., predefined transaction limits. For example, relatively lower-risk players may be assigned to tiers with relatively higher deposit and withdrawal limits, and vice versa. Efficiencies may be created by differentiating verification steps that are performed during the registration process from those that are performed when a player attempts to make a transaction.

Abstract: The Gaming System With End User Feedback enables a reverse path feedback architecture wherein the forward path multicasted gaming content transmitted by a gaming site can be dynamically modified as a result of end user interaction or feedback, wherein each end user has a private bidirectional link to the gaming site to enter their moves, optionally receive private data from the gaming site to enable the end user's device to display private data that is hidden from the other players, and to communicate privately with another member or members of a sub-group.

Abstract: A method and system for providing a pay-for-visit billing model for advertisements is provided. The advertisement system provides advertisements that have associated physical visit locations. The advertisement system provides advertisements to a mobile device or fixed of a user when the user is in the vicinity of or examining locations in the vicinity of the visit location. If the user subsequently visits the visit location of the advertisement by physically going to the location, the advertisement system then bills the advertiser for the advertisement. The advertisement system bills the advertiser under the assumption that but for the advertisement, the user would not have visited the visit location.

Abstract: An anonymous secure messaging method and system for securely exchanging information between a host computer system and a functionally connected cryptographic module. The invention comprises a Host Security Manager application in processing communications with a security executive program installed inside the cryptographic module. An SSL-like communications pathway is established between the host computer system and the cryptographic module. The initial session keys are generated by the host and securely exchanged using a PKI key pair associated with the cryptographic module. The secure communications pathway allows presentation of critical security parameter (CSP) without clear text disclosure of the CSP and further allows use of the generated session keys as temporary substitutes of the CSP for the session in which the session keys were created.

Abstract: The present invention is directed to a method and system for authenticating software license. The method for authenticating software license according to an embodiment of the present invention transmits a usage authorization request to an authentication information management server through a communication network, and receives and stores authentication information from the authentication information management server. Subsequently, the method for authenticating software license according to an embodiment of the present invention transmits a terminal identifier to a personal computer, and calculates run-time of software using a launch signal, a termination signal, or combinations thereof, received from the personal computer, corresponding to the running of software, and charges in accordance with the calculated run-time of software. The present invention enables users to authenticate software license using a mobile communication terminal.

Abstract: Data and financial transactions are secured on a mobile electronics device for traceability and non-repudiation. A mobile personal trusted device (PTD) is needed to communicate over a network to a transaction server. Characteristic abstracts of objects carried by users have distinctive features that can be associated with and registered to a particular user and are recorded. An abstract contemporaneously obtained during a secure transaction is sent to a server for use as an authenticator for comparison to an abstract previously obtained and registered to said user. A traceable transaction record is rendered that is highly identifiable and substantially indisputable.

Abstract: A presence state inquiry unit refers to a use permission table stored in a data storage unit to extract a user permitted to use a target image forming apparatus, and inquires from an entry control server for a presence state of the extracted user in a particular area where the target image forming apparatus is placed. A mode transition unit transmits a transition command to a lower power consumption mode to the target image forming apparatus when all the users permitted to use the target image forming apparatus exist outside the particular area.

Abstract: Example embodiments of methods and apparatus for challenging an online user. In an example embodiment, a method includes receiving, at an online service provider, a request from a user to access one or more features of an online service running on a host server and also receiving an indication of a geography associated with the user. The example method further includes sending, to the user, information associated with the indicated geography in combination with information not associated with the indicated geography and a request that the user select the information associated with the indicated geography from the combined information or select the information not associated with the indicated geography from the combined information. The example method still further includes receiving, at the online service provider, a selection from the user and, in the event the selection correctly corresponds with the request, allowing the user access to the one or more features.

Abstract: Electronic documents corresponding to executed paper documents are certified. A certifying agent receives an electronic document and a corresponding paper document that had been executed pursuant to some transaction. The certifying agent compares the information contained in the paper to that in the electronic mortgage document. If the paper adequately corresponds to the electronic document and is otherwise sufficient, then the certifying agent certifies the electronic document so that other parties can reliably engage in transactions involving the electronic document without having to possess or otherwise inspect the executed paper document. Certification involves application of some form of indicia of certification to the electronic document, such as updating the value of a field corresponding to certification in the electronic document and/or applying a digital or electronic signature corresponding to the certifying agent to the electronic document.

Abstract: A method for the use of electronic transactional tokens includes: generating transactional tokens including a first token; associating each of the transactional tokens with one of a group of users; monitoring usage of the transactional tokens in a multitude of transactions by the users; and responsive to the monitoring, updating the first token from a first state to a second state. The tokens may be generated and monitored using a token processing system, which uses transaction data received by a transaction handler that is handling transaction processing for the transactions.

Abstract: A system and method for conducting electronic commerce are disclosed. In various embodiments, the electronic transaction is a purchase transaction. A user is provided with an intelligent token, such as a smartcard containing a digital certificate. The intelligent token suitably authenticates with a server on a network that conducts all or portions of the transaction on behalf of the user. In various embodiments a wallet server interacts with a security server to provide enhanced reliability and confidence in the transaction. In various embodiments, the wallet server includes a toolbar. In various embodiments, the digital wallet pre-fills forms. Forms may be pre-filled using an auto-remember component.