Abstract: A management apparatus transmits a registration message to a base station when executing a wireless parameter setting sequence. The base station registers the management apparatus upon the detection of the message. This makes it possible to decrease unwanted communication traffic, and to reduce the time taken to perform the wireless parameter setting processing.

Abstract: An acquirer communicates with an intermediary transaction processing service to handle financial transaction requests received from multiple points of purchase. The acquirer receives an initial authorization request generated based on a transaction initiated by a customer at a point of purchase. The initial authorization request includes unique identifying information associated with the customer. The acquirer determines that the unique identifying information is associated with the intermediary service and provides at least part of the initial authorization request to the intermediary service. In response, the intermediary service provides account information to the acquirer. The acquirer then generates a modified authorization request based on the initial authorization request and the received account information and transmits the modified authorization to an issuing institution to request approval of the transaction.

Abstract: An electronic transaction payment system is provided having a vendor terminal associated with a vendor who provides goods or services to a purchaser, a vendor smart-card and a vendor smart-card reader for transmitting data to and receiving data from the vendor smart-card. The system also includes a purchaser smart-card reader which is connected to the vendor terminal and which is operable for transmitting data to and receiving data from a purchaser smart-card. In operation, payment for goods purchased by the purchaser is made between the purchaser smart-card and the vendor smart-card. In a preferred embodiment, the payment data is encrypted using an encryption key specific to the transaction between the purchaser and the vendor. A third party registry terminal may also be provided for providing validation of the vendor and/or the purchaser.

Abstract: According to an exemplary embodiment of the invention, a method is discloses for facilitating a credit card transaction wirelessly via a mobile device. The method includes receiving registration information for a credit card and a mobile device, the registration information for the credit card including a primary account number (PAN) of the credit card; associating the registration information for the credit card with a unique token; generating a pseudo-PAN based on the PAN, the pseudo-PAN being different than the PAN; and providing the unique token and the pseudo-PAN to the mobile device for use in one or more credit card transactions.

Abstract: Embodiments of the present invention provide verification and/or authentication service engines that provide a customizable solution that can be “dialed” based on the risk level assigned to individual or grouped applications. The systems can also incorporate internal and external sources of data used to verify information provided by the user. It is dynamic and can pull information from a myriad of sources during the verification process, enabling credit reporting agencies (e.g., Equifax and others), FSPs, and other service providers to facilitate real-time approval and access to products and services.

Abstract: In some embodiments, a method comprises: sensing at least one of movement and position of an identification token; determining if a criteria is satisfied; and enabling operation of the identification token if the criteria is satisfied; wherein determining if the criteria is satisfied comprises determining if the at least one of movement and position satisfies a reference criteria; and wherein the sensor comprises a sensor to provide a signal indicative of at least one of movement and position of the identification token prior to presentation to a proximity coupling device.

Abstract: Systems, apparatuses and methods of using an acoustic communication mechanism to transmit data in the form of acoustic data from a mobile device to an electronic device are described. In one embodiment, a method of completing a purchase with a merchant using a mobile device starts with the mobile device sending a request message to a central server through a network interface. The mobile device then receives a token from the central server through the network interface that confirms that a payment in the purchase amount has been received at the merchant's account. This token is then translated into acoustic data and transmitted from the mobile device to an electronic device being associated with the identification of a merchant. Other embodiments are also described.

Abstract: In one embodiment, a user device is configured to allow a user to select any one of a plurality of accounts associated with the user to employ in a financial transaction. In one embodiment, the user device includes a biometric sensor configured to receive a biometric input provided by the user, a user interface configured to receive a user input including secret information known to the user and identifying information concerning an account selected by the user from the plurality of accounts. In a further embodiment, the user device includes a communication link configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, the user interface, and the communication link.

Abstract: A banknote acceptor for authenticating a banknote 2, has a sensing station S with detector 18 that produces image signals corresponding to a face the banknote. A processor 24 pre-processes the image signals and compares them with stored reference data corresponding to an acceptable banknote from memory 25 to determining the authenticity of the banknote and its denomination. A display device 29 displays an image 31 corresponding to the banknote under test based on the image signals from the detector 18, to allow the user to perform a visual check that the banknote detected at the sensing station corresponds to the banknote under test presented by the user. Also, the detected denomination of the banknote is displayed on device 32. The user can accept or reject the banknote using buttons 33 and 34, and retrieve images of previously accepted banknotes with button 35.

Abstract: Disclosed is a computer based method including receiving a request, by a virtual mobile transaction computer, from a user device or from an application running on the user device. The user and the user device are verified and authenticated based on one or more parameters. A transaction account is determined, where the transaction account is associated with the user. A barcode is sent to the user device and the barcode is used to initiate a payment for a purchase transaction associated with the request.

Abstract: A method and system for approving a transaction between a customer and a merchant including the steps of transmitting a transaction request from a customer to a merchant; transmitting a verification request from the merchant to a verification entity, the verification request comprising first data; the customer device transmitting second data to the verification entity; and the verification entity performing a verification step by using the first data and the second data to verify if the transaction should be approved.

Abstract: Methods and systems for metrics-based gaming operations are provided. Information concerning game play for each play may be received and stored. Such information may be used to generate certain metrics. The generated metrics, in turn, may be used to determine how to customize a game operation. Such game operations may include providing training to a player, matching a player up with another player or with a team, adjusting a game event, etc.

Abstract: Systems and methods are provided for data protection across connected, disconnected, attended, and unattended environments. Embodiments of the inventions may include differential encryption based on network connectivity, attended/unattended status, or a combination thereof. Additional embodiments of the invention incorporate “trust windows” that provide granular and flexible data access as function of the parameters under which sensitive data is accessed. Further embodiments refine the trust windows concept by incorporating dynamic intrusion detection techniques.

Abstract: In order to facilitate a user's ability to trust a computing environment, a trusted computing device (2) is arranged to challenge other devices in the computing environment and to record a log of the facilities available within the computing environment and an indication of whether those facilities are trustworthy. A new user (40) entering the computing environment can obtain the log from the trusted computing device in order to ascertain the status of the environment. Alternatively any device can hold data concerning platforms in its vicinity and its operation can be authenticated by the trusted device.

Abstract: There is provided a handy terminal in which inputting of an application program and of a PIN is executed and a keyboard and a display device are commonly used thus security is secured with a simple system. A card reader control program 23b in the keyboard unit memory 23 detects an insertion state of a credit card and notifies a detected key cord from the keyboard control program 23a to a payment program on the main board 2. A main CPU 12 calculates a program hash value provided to the payment program and a program hash value at the time of execution of a payment program 11b and encrypts and decrypts these hash values using a secret key, encrypted key, and public key so that these hash values are not stolen. The main CPU 12 compares the program hash value provided to the payment program 11b with the program hash value to be used at the time of the execution of the payment program 11b.

Abstract: A system and a method for providing a financial service. The system for providing a financial service can include: a first user terminal which signs financial transaction information with a pre-stored first private key, the financial transaction information including withdrawal account information, a PIN of the withdrawal account, deposit account information and amount information; a second user terminal which receives the signed financial transaction information by being connecting with the first user terminal through near field communication and which further signs the signed financial transaction information with a pre-stored second private key; and a financial server configured to transfer an amount corresponding to the amount information from an account of the withdrawal account information to an account of the deposit account information.

Abstract: A method for authenticating a financial transaction at a point of sale (POS) includes storing an application program in a first secure element of a mobile phone. The application is configured to generate instruction codes to effect the financial transaction upon verification of a user's identity. The user's credentials are stored in a second SE of the phone, which is operable to verify the user's identity from a biometric trait of the user input to the phone and to generate data authenticating the financial transaction in response to the verification of the user's identity. At the POS, the user invokes the application and then inputs a biometric trait to the phone. The second SE verifies the user's identity, and upon verification, generates data authenticating the transaction. The financial transaction data, including the instruction codes and the authenticating data, are then transmitted from the phone to the POS.

Abstract: A secure computing module (SCM) is configured for connection with a host device. The SCM includes a processor for performing secure processing operations, a host interface for coupling the processor to the host device, and a memory connected to the processor wherein the processor logically isolates at least some of the memory from access by the host device. The SCM also includes a proximate-field wireless communicator connected to the processor to communicate with another SCM associated with another host device. The SCM generates a secure digital signature for a financial transaction package and communicates the package and the signature to the other SCM using the proximate-field wireless communicator. Financial transactions are performed from person to person using the secure digital signature of each person's SCM and possibly message encryption.

Abstract: Systems and methods for regulating user access in the context of a biometric security system are disclosed. One method disclosed includes receiving a remotely transmitted data packet containing an encryption key, utilizing a decryption component to decrypt the data packet, and utilizing the encryption component to encrypt biometric data. Another method disclosed includes utilizing a processor, within a client computing device, to perform an encryption function within a biometric security system, wherein the encryption function is incorporated into an authentication process that involves a transfer of biometric information between the client computing device and a remotely implemented server.

Abstract: A method and system for identifying an authentication status of a first item. An RFID reader transmits zero and a random number to a first RFID tag associated with the first item. The first RFID tag uses a hashing function to compute a hash (H1) of a concatenation of an identifier (Id1) of the first RFID tag, the random number, and a first secret key and sends the hash H1 to the RFID reader which then transmits the identifier Id1 and the random number to a second RFID tag. The second RFID tag uses the hashing function to compute a hash (H2) of a concatenation of the identifier Id1, the random number, and a second secret key and sends the hash H2 to the RFID reader. The authentication status of authentic or counterfeit is determined for the first item based on whether or not H1 is equal to H2.

Abstract: A system and method for conducting electronic commerce are disclosed. In various embodiments, the electronic transaction is a purchase transaction. A user is provided with an intelligent token, such as a smartcard containing a digital certificate. The intelligent token suitably authenticates with a server on a network that conducts all or portions of the transaction on behalf of the user. In various embodiments a wallet server interacts with a security server to provide enhanced reliability and confidence in the transaction. In various embodiments, the wallet server includes a toolbar. In various embodiments, the digital wallet pre-fills forms. Forms may be pre-filled using an auto-remember component.

Abstract: In one embodiment of the present invention, a source point in a supply chain generates a secret and devises a secret sharing scheme that parcels the secret into a number of secret shares. The source point retains at least one secret share, and distributes the remaining secret shares to trusted, intermediate points in the supply chain. The source point then ships a shipment comprising are least one object, and frequently including at least one level of packaging, to a destination point in the supply chain, labeling the object or objects and/or packaging enclosing the object or objects with the retained secret share. Each intermediate point incorporates the secret share obtained by the intermediate point from the source point into the object, packaging enclosing the object, or a label on the object or packaging.

Abstract: An anonymous secure messaging method, system and computer program product for implementation over a wireless connection. The invention allows the securely exchange of information between a security token enabled computer system and an intelligent remote device having an operatively coupled security token thereto over the wireless connection. The invention establishes an anonymous secure messaging channel between the security token and the security token enabled computer system, which allows the intelligent remote device to emulate a locally connected security token peripheral device without requiring a physical connection. A dedicated wireless communications channel is incorporated to prevent several concurrent wireless connections from being established with the security token and potentially compromising the security of the information being sent on concurrent wireless connections.

Abstract: Banking transaction processing apparatus and methods are disclosed. In one general aspect, a banking transaction processing method includes accessing a first authorization code from a first device, such as a credit card, and a second authorization code from a second device, such as a portable phone, at a merchant location, These codes are provided to an authorization module at the merchant location, and a relationship between the first and second authorization codes is evaluated. A transaction authorization indication can then be provided from the authorization module for an in-person transaction with the merchant.

Abstract: A card to card transfer method used in the financial system is provided in the present invention, and comprises an initializing step, a transferring step and a transaction confirming step, wherein the initializing step includes the steps of calculating and obtaining the public key certificate and checking the amount of the transaction and so on, and the transferring step includes the steps of performing the transaction and so on. The present invention can achieve the function of transferring the electronic cash between two cards and can prevent the risk of repeatedly transferring the money into the card for transfer-in by using the card for transfer-out and so on.

Abstract: This invention relates to an expense reporting system for viewing and manipulating a user's financial transaction data and a method for associating financial transaction data with a user's project data. The system includes a user's financial transaction data hosted in a data storage unit, addressable on a network, and accessible by a remote user on a user interface unit having a user input means and a display; and an expense reporting module having a graphical user interface (GUI) that allows a user to define project category data and associate representations of the user's financial data with the user-defined project category data.

Abstract: A method, apparatus, and article of manufacture for processing data. The method, apparatus and article of manufacture preferably comprise the steps of: (a) receiving a record having a plurality of identifiers into a computer system, the record corresponding to an entity; (b) encrypting one or more of the identifiers in the record to form an encrypted record; (c) applying one or more encrypted variants to the encrypted record based on the encrypted identifiers and pre-computed encrypted synonyms; and (d) comparing the encrypted record to previously stored data using the encrypted identifiers and the encrypted variants in order to the match or associate the encrypted record with the previously stored data.

Abstract: Systems and methods for conducting financial transactions using non-standard magstripe payment cards are provided. One such system includes a magnetic stripe card storing information including a serial number on a magnetic medium of the magnetic stripe card, where the stored information does not include a Primary Account Number, a card reader configured to extract information from the magnetic medium, the extracted information including the stored serial number and a magnetic fingerprint including an intrinsic magnetic characteristic of the magnetic medium, and a computer coupled to the card reader and to a server, where the computer and the server are configured to execute a requested financial transaction using the extracted information.

Abstract: A system and associated method for authenticating an end user. The method comprises generating a first mask in response to an authentication request from an end user, the first mask comprising a set of root nodes, a set of server nodes, and a set of client nodes each being unique to the end user. Next, determining the authenticity of the end user based on comparing data received from the end user with nodes contained in the first mask. The data comprising a set of nodes selected by the end user and the end user having selected the data in response to the first mask.

Abstract: A method for verifying a software application to a user of a device such as a mobile phone. The device receives (102) the software application, for example a Java ME MIDIet, and checks (104) a signature associated with the software application. Where the signature is recognized, the phone indicates (108) this status to the user, for example by displaying the familiar padlock icon. The mobile phone then establishes (110) a secure code known only to the user and a trusted entity, the entity being for example the manager of the Java ME environment. The device identifies (114) the software application to the trusted entity which then checks (116) the status of the software application. If the status is verified, the entity sends (118) the status to the device; which in turn indicates (120) the secure code to the user, for example as an additional displayed number, pictogram or the like.

Abstract: Embodiments related to systems and methods comprising receiving payment data at an access device; receiving an identifier for a phone at the access device; and generating and sending an authorization request message to a payment processing network, wherein the payment processing network generates a verification token, which is then sent to the phone whereby the phone is thereafter used to conduct payment transactions.

Abstract: A computer-assisted method includes hardware, software and telecommunications components that cooperatively achieve the technical effect of an improved electronic purchasing transaction system. In various embodiments of the invention, at least one master account is established for a client. A pool of limited use account identifiers or secondary account identifiers, that are separate and distinct from the master account, is associated with the master account by a purchasing system or account management system. Each of the limited use account identifiers may be used by the client to purchase items from merchants.

Abstract: Embodiments of the invention include apparatuses, methods, and computer-program products that provide for a unique financial transaction security system. In one embodiment, the financial transaction security system receives a security protocol from a user. The security protocol includes instructions for allowing transactions without authentication and security features for the user if authentication is necessary. The system then determines that the user is conducting a transaction, compares the transaction to the instructions, and determines whether the transaction can occur without authentication. If the user is required to authenticate his identity, the system requests input from the user, compares the input to the security feature, and determines if the user is authenticated. The user is able to customize both the instructions and the security features to provide greater control over financial transaction security.

Abstract: In one embodiment, a user device is configured to allow a user to select any one of a plurality of accounts associated with the user to employ in a financial transaction. In one embodiment, the user device includes a biometric sensor configured to receive a biometric input provided by the user, a user interface configured to receive a user input including secret information known to the user and identifying information concerning an account selected by the user from the plurality of accounts. In a further embodiment, the user device includes a communication link configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, the user interface, and the communication link.

Abstract: This disclosure describes systems and methods for collecting and processing change of address data and providing change of address services to a customer using a computer network. The address data can include a physical address, an electronic address, or both. The systems and methods may also provide additional services to the customer to assist in changing addresses.

Abstract: Embodiments related to systems and methods comprising receiving payment data at an access device; receiving an identifier for a mobile device at the access device; and generating and sending an authorization request message to a payment processing network, wherein the payment processing network generates a verification token, which is then sent to the mobile device whereby the mobile device is thereafter used to conduct payment transactions.

Abstract: The present invention relates generally to a smart card device that is configured to facilitate wireless network access and credential verification. Specifically, the device is configured to meet the physical and electrical specification for commercially available mobile devices utilizing a standard Subscriber Identity Module (SIM) for network access. The device combines the features of the SIM with Common Access Card or Personal Identity Verification card features to allow a network subscriber to invoke secure payment transactions over a carrier's network. The system includes data storage for maintaining a plurality of network and transaction instrument profiles and a profile gateway for receiving transaction information from a payment gateway, sending an authorization request to a user's mobile device, receiving a transaction authorization from the mobile device, and sending transaction information to a payment gateway to finalize the payment transaction.

Abstract: Embodiments include a system, an apparatus, a device, and a method. An embodiment provides an apparatus that includes a marker circuit for saving a tripwire file in a protected set of files that includes at least one normal file. The apparatus also includes a monitor circuit for detecting an indicium of an activity related to the tripwire file. The apparatus further includes a notification circuit for generating a signal indicating an occurrence of an unauthorized activity related to the protected set of files in response to the detected indicium of an activity related to the tripwire file.

Abstract: Systems and methods for handling user interface field data. A system and method can be configured to receive input which indicates that the mobile device is to enter into a protected mode. Data associated with fields displayed on a user interface are stored in a secure form on the mobile device. After the mobile device leaves the protected mode, the stored user interface field data is accessed and used to populate one or more user interface fields with the accessed user interface field data for display to a user.

Abstract: The present invention relates generally to a smart card device that is configured to facilitate wireless network access and credential verification. Specifically, the device is configured to meet the physical and electrical specification for commercially available mobile devices utilizing a standard Subscriber Identity Module (SIM) for network access. The device combines the features of the SIM with Common Access Card or Personal Identity Verification card features to allow a network subscriber to invoke secure payment transactions over a carrier's network. The system includes data storage for maintaining a plurality of network and transaction instrument profiles and a profile gateway for receiving transaction information from a payment gateway, sending an authorization request to a user's mobile device, receiving a transaction authorization from the mobile device, and sending transaction information to a payment gateway to finalize the payment transaction.

Abstract: The present invention provides a method for customizing customer identifier. To resolve the problems in customizing the identifier in the electronic device by the manufacturer for its customers, such as high management cost, stock, and possibility of error, as well as the security problem in customizing the identifier by the customer itself, and the problem of counterfeiting by others, the method provided comprises generating an irreversible identifier from a seed data input by the customer using some one-way algorithm(s) and storing that identifier in the electronic device. For the manufacturer, both the management cost and the stock are reduced, and the error possibility of the product after leaving the factory as well. For the customer, the security of customizing the identifier is ensured, and its identifier cannot be counterfeited by other peers any more.

Abstract: Various embodiments of the present invention provide systems, methods, and apparatus for tagging a segment of media content. In various embodiments, a beginning location and an ending location indicating the segment are recorded and are used to retrieve the segment from the media content. Various embodiments provide systems and methods for communicating the segment with a user. In various embodiments, the user requests the segment and the position of the segment in the media content and the storage location of the media content are used to extract the segment from the media content. In addition, various embodiments provide systems and methods for providing a license to the user to observe the segment. In various embodiments, a request for the license includes a player identifier and a user identifier that are used to verified the player is associated with the user and the user has rights to observe the segment.

Abstract: A method for conducting a financial transaction can be used by a person using a mobile device to conduct the transaction. The mobile device receives information related to the person that can be used for authentication purposes, such as a PIN or biometric data. The mobile device then authenticates the person by verifying the information received. If the person is authenticated, the transaction is completed using the mobile device, and if the person is not authenticated, the transaction is prevented.

Abstract: Establishing trust according to historical usage of selected hardware involves providing a usage history for a selected client device; and extending trust to a selected user based on the user's usage history of the client device. The usage history is embodied as signed statements issued by a third party or an authentication server. The issued statement is stored either on the client device, or on an authentication server. The usage history is updated every time a user is authenticated from the selected client device. By combining the usage history with conventional user authentication, an enhanced trust level is readily established. The enhanced, hardware-based trust provided by logging on from a trusted client may eliminate the necessity of requiring secondary authentication for e-commerce and financial services transactions, and may also be used to facilitate password recovery and conflict resolution in the case of stolen passwords.

Abstract: A digital rights management method and device are provided. To implement the DRM method and device, there is provided a master device including a storage module which stores a plurality of rights objects (ROs) having an inheritance structure, a detection module which detects the storage module for an RO needed for playing back a predetermined content object, a message generation module which, if the detection module fails to discover the RO needed for playing back the predetermined content object from the storage module, generates an RO request message, a device interface module which transmits the RO request message to a slave device and receives the RO needed for playing back the predetermined content object from the slave device, and a playback module which plays back the predetermined content object using at least one of the RO detected from the storage module and the RO received from the slave device.

Abstract: Disclosed is an apparatus, method, and program product for performing ad hoc media delivery. Enhanced handheld devices are used in combination with the other components to route media and control its presentation. Enhanced media presentation stations detect the presence of one or more of the handheld devices. Information regarding the presence of a handheld device is then communicated from the media presentation stations to an enhanced server. The server uses this information to maintain a record of the location of each handheld device. The recorded location information is used to route the media to the media presentation station that is closest to the location of the handheld device. Control information, such as media selection and fidelity control (when appropriate), is forwarded from the handheld device to the server, so that the server can take appropriate action relative to transmission of the media to the media presentation station at issue.

Abstract: Apparatuses, methods, and systems pertaining to the verification of portable consumer devices for 3-D Secure Systems are disclosed. In one implementation, a verification token is coupled to a computer by a USB connection so as to use the computer's networking facilities. The verification token reads identification information from a user's portable consumer device (e.g., credit card) and sends the information to a validation entry over a communications network using the computer's networking facilities. The validation entity applies one or more validation tests to the information that it receives from the verification token. If a selected number of tests are passed, the validation entity sends a 3-D Secure datum to the verification token. The verification token may enter the 3-D Secure datum into a hidden field of a Purchase Authentication Page appearing on the computer's display.

Abstract: A game chip writer for writing at least identification information in a game chip used for a game includes an encryption unit for encrypting at least part of recording-information with use of a private key and a writing unit for writing the encrypted information. A game chip reader includes a reading unit for reading the encrypted information from the game chip and a decryption unit for decrypting the read information with use of a public key.

Abstract: A method for conducting transactions, includes: encoding concatenated transaction information at a cash point; sending the encoded concatenated transaction information from the cash point to a mobile device; receiving verification information from the mobile device formed in response to the encoded concatenated transaction information; confirming the received verification information; completing a transaction in the event of successfully confirming the received verification information.

Abstract: Methods and systems of preventing fraud in electronic transaction and verification are described herein. The method includes obtaining information from a recipient; splitting the information into multiple parts; encrypting one or more of the multiple parts and encoding said encrypted part on different locations of a token; and encrypting the remaining portions of the split information and storing the encrypted remaining portions in one or more information stores. At a subsequent time, when the recipient provides the token to complete a transaction or to establish identity, retrieving the multiple portions from the one or more information stores and the token and combining or re-mating the multiple portions retrieved from the token and the one or more information stores.