Abstract: Systems, methods, and apparatus for handling and/or authorizing payment requests by a consumer for a transaction are provided. Challenge questions may be presented from the non-merchant to the consumer after receiving the payment information, thereby allowing a judicious determination of when to ask such challenge questions and allowing complex and probative questions. The time limit for such challenge questions may advantageously be unconstrained, while still preserving security. Also, a risk analysis may be started prior to the consumer submitting payment information, thus allowing an efficient and complex risk analysis. Information about an access device used by the consumer may be obtained at the non-merchant from the access device with code sent to the access device from the merchant, and the device information may be used in the risk analysis.

Abstract: An approach to managing stored-value data objects, such as electronic tickets, comprises secure systems and procedures for ticket issuing, storage, and redemption. With these systems and procedures in place, stored-value data objects may be securely transferred to remote systems, such as a user's personal electronic device, for subsequent secure redemption, thus allowing the user to gain access to the desired goods or service upon redeeming the data object. Techniques provide secure delivery of the requested data object to the requesting device, and provide secure redemption and disposal of the data object. Ticket issuing systems may be Internet-accessible systems, and users may purchase and redeem tickets using mobile terminals or other devices adapted for wireless communication. Standardized WPKI and Internet access procedures may be employed in ticket issuance and redemption.

Abstract: Systems, apparatuses, and methods for providing an account token to an external entity during the lifecycle of a payment transaction. In some embodiments, an external entity may be a merchant computer requesting authorization of a payment message. In other embodiments, the external entity may be a support computer providing a payment processing network or a merchant support functions.

Abstract: The object of the present invention is to provide an authentication system capable of achieving suitable authentication processing while guaranteeing the maximum convenience for the customer. A first communication terminal PD1 is built into a television TV that can be connected to the Internet, and communications with an authentication control company BS are possible via the first communication terminal PD1. The authentication control company BS is, for example, a telecommunications company, and performs authentication control for a plurality of product supplier companies SP1 to SP3 according to the product purchase status on the television TV. Furthermore, the present invention simplifies the appropriate procedures by setting authentication levels for authentication control.

Abstract: Systems and methods are provided to control online transactions via mobile communications. In one aspect, a system includes a data storage facility to store data associating a first telephone number with a second telephone number; and an interchange coupled with the data storage facility. The interchange includes a common format processor and a plurality of converters to interface with a plurality of controllers. The converters are configured to communicate with the controllers in different formats and to communicate with the common format processor in a common format. The common format processor is to receive a payment request including the first telephone number, identify the second telephone number based on the data, and communicate with a mobile phone at the second telephone number for approval of the payment request.

Abstract: The present invention discloses a method for self-service recharging and a system for the same, relating to the security communications of online banking. The system comprises a client and a server.

Abstract: In one embodiment, a method for promoting the sale of a substitute product at the point of sale (POS). Upon the presentation of an original product for purchase by a consumer at a POS terminal, various manufacturers may decide to offer a substitute product to the consumer, prior to completing the purchase of the original product. If the customer accepts the offer, the point of sale terminal completes the sale of the substitute product.

Abstract: A secure system and method are disclosed to effectuate financial transactions over a secure internet backbone establishing and using a secure financial proxy account and a pre-registered personal handheld mobile device where all funds within the account remain in an “inactive” non-usable state until activated and allocated only by the registered mobile handheld device.

Abstract: The invention relates to a portable token equipped with non-volatile memory, the token comprising authentication means to authenticate a holder of the token, authorization means to define the rights of the holder, and payment means to trigger a payment transaction. The authorization means are set to store the rights in non-volatile memory after the authentication means are invoked, and the payment means have the capacity to retrieve the rights from non-volatile memory, and to subject the execution of the payment transaction to the verification of the rights. The invention also relates to a related portable device, to a system comprising a portable token and a portable token, and to a method for carrying out a payment transaction with a portable token.

Abstract: Systems and techniques to provide transparent authentication integration. In general, in one implementation, the technique includes: receiving a request from a client to take an action with respect to an electronic document, in response to the request, obtaining an authentication process, and sending the authentication process to the client for use in identifying a current user and controlling the action with respect to the electronic document based on the current user and document-permissions information associated with the electronic document. Obtaining the authentication process can involve requesting and receiving the authentication process from a second server. The authentication process can use an existing interface provided by the client to communicate authentication information to the server.

Abstract: A method and system are described for protecting a manufactured item from counterfeiting. The manufactured item, which is marked with an identifier, such as a serial number, is associated with a code generator that has secret functions and data for generating verification codes. The manufactured item is then supplied along with the corresponding code generator. Thereafter, the identifier from the manufactured item and the verification code generated by the code generator are used to verify authenticity of the manufactured item.

Abstract: A client device comprises a first secure element and a second secure element. The first secure element comprises a first computer-readable medium having a payment application comprising instructions for causing the client device to initiate a financial transaction. The second secure element comprises a second computer-readable medium having a security key, a payment instrument, stored authentication data and instructions for generating a secure payment information message responsive to the payment application. The secure payment information message comprises the payment instrument and is encrypted in accordance with the security key.

Abstract: A system and method are disclosed. The method includes receiving, at a server computer, a transaction clearing request for a transaction, and then determining, using the server computer, if the transaction satisfies a stored blocking parameter. The method further includes allowing, using the server computer, the transaction clearing request if the transaction does not satisfy the stored blocking parameter, and denying, using the server computer, the transaction clearing request if the transaction satisfies the stored blocking parameter.

Abstract: A method for setting communication parameters in a plurality of communication devices includes setting communication parameters without an authentication process being performed for a second communication device in a case where a first communication device has received a request for setting communication parameters from the second communication device within a predetermined period of time from the start of setting communication parameters. The method further includes setting communication parameters after the authentication process has been performed for the second communication device in a case where the first communication device has received a request for setting communication parameters from the second communication device after the expiration of the predetermined period of time from the start of setting communication parameters.

Abstract: A transaction processing service operates as an intermediary between acquirers of financial transaction requests and issuing institutions that process the financial transaction requests. The intermediary service utilizes a customer's mobile device as an out-of-band communication channel to notify a customer of a received financial transaction request. To send the notification, the intermediary service retrieves stored customer information, including an address of the customer's mobile device and a list of payment instruments that can be used to pay for the transaction. Before continuing to process the received financial transaction request, the service may first require the customer to confirm the transaction via the mobile device. The intermediary service retrieves financial account information associated with the customer from issuing institutions, and, if the transaction is confirmed, provides the account information to acquirers in order to allow transactions to be processed.

Abstract: A method in one embodiment is performed at least in part at a server in a network file system that includes said server and a plurality of clients connected by a network, the method comprising: receiving a data write request from one client; selecting a client as a write object of said data from the other clients according to a condition of said one client stored in advance and/or conditions of said other clients; and transmitting said data write request to the client selected as a write object. Additional systems, methods and computer program products are also presented.

Abstract: A method, system and apparatus for detecting and preventing content distribution site impersonation. In this regard, a method for detecting and preventing content distribution site spoofing can include the steps of loading a markup language document and a corresponding digital signature for processing and ensuring that the digital signature originates from a pre-specified source of the markup language document incorporated within the markup language document. The method further can include the steps of dynamically computing a hash value for the markup language document and comparing the dynamically computed hash value to a hash value encrypted within the digital signature. Finally, the method can include the step of detecting content distribution site spoofing either if the digital signature does not originate from the pre-specified source, or if the dynamically computed hash value does not match the hash value encrypted within the digital signature.

Abstract: A system for recording a transaction relating to a security document, the security document having disposed thereon or therein coded data including a number of coded data portions. Each coded data portion is indicative of at least an identity of the security document. The system includes a computer system that receives indicating data from a sensing device, in response to sensing of the coded data. The computer system determines the identity of the security document and the transaction and uses this to update transaction data indicative of the identity of the security document and the transaction.

Abstract: A method and apparatus for assuring delivery of paid advertising to a user may involve asking a question about an advertisement or requiring data about the advertisement to be entered. In one embodiment, a human presence indicator, such as stylized letters, may be displayed during or after the presentation of an advertisement to be copied by a user to indicate presence during the advertisement. When the challenge relating to ad viewing is correctly answered, a value associated with viewing the ad may be credited to a user account, either locally or at a clearinghouse or other repository.

Abstract: A cost-effective system that provides for the efficient protection of transmitted non-public attribute information may be used, for example, to control access to a secure area. Encryption of the attribute information may be performed using symmetric encryption techniques, such as XOR and/or stream cipher encryption. A centralized database that stores and transmits the encrypted attribute information may generate the encryption/decryption key based on selected information bytes, for example, as taken from a card inserted into a handheld device used at the secure area. The selected information to generate the encryption key stream may be varied on a periodic basis by the centralized database. Information as to which selected bytes are to be used for a particular access authorization request may be transmitted to the handheld unit or may be input through action of a user of the handheld unit, for example by entry of a PIN code.

Abstract: A financial transaction card is provided according to various embodiments described herein. The financial transaction card includes a card body with at least a front surface and a back surface. The financial transaction card may also include a near field communications transponder and/or a magnetic stripe, as well as a digital display configured to display alphanumeric characters on the front surface of the card body. The financial transaction card may also include a processor that is communicatively coupled with the near field communications transponder or magnetic stripe and the digital display. The processor may be configured to calculate one-time passwords and communicate the one-time passwords to both the near filed communications transponder or magnetic stripe and the digital display.

Abstract: A method and system for automated processing of insurance information. A universal electronic insurance application form is automatically created and sent and received electronically. The universal electronic insurance information form includes a set of common insurance census information required by health insurance carriers to provide health insurance quotes. The universal electronic insurance information form is used to obtain group health insurance rate quotes automatically from multiple health insurance carriers.

Abstract: A secure payment method, system or computer readable medium for a merchant's interactive voice response system are disclosed. The merchant's interactive voice response system receives customer calls and requests a payment from the customer. The customer responds to the request by providing over a data network authentication information and payment amounts for a payment service. The payment service provides the customer with a token which is communicated to the merchant's interactive voice response system, and the merchant's interactive voice response system transmits the token back to the payment service. Upon validating the token, the payment service issues an electronic payment or payment information to the merchant. The merchant's interactive voice response system announces a successful payment to the customer.

Abstract: Provided is a resynchronization method of a mobile communication terminal. The resynchronization method for a mobile communication terminal connected to a home location register and a mobile communication network, includes: extracting a communication network serial number corresponding to a terminal authentication request instruction received from a mobile communication network; comparing the communication network serial number with a terminal serial number stored in a predetermined memory; generating nth terminal synchronization failure information if the communication network serial number is smaller than the terminal serial number, where n is a nature number; and transmitting the generated nth terminal synchronization failure information to the home location register. The home location register ends a resynchronization procedure if the nth terminal synchronization failure information is smaller than previously stored (n?1)th communication network synchronization failure information.

Abstract: A method of processing a transaction involving at least two parties includes establishing rules that define transaction processing between combinations of a plurality of origination entities and a plurality of destination entities and storing the rules at a storage arrangement associated with a host computer system. The method also includes receiving at the host computer system transaction information relating to the transaction between the two parties. One of the parties is a particular one of the origination entities and one of the parties is a particular one of the destination entities. The transaction information contains at least an identifier from which at least one of the parties may be identified. The method also includes using the transaction information at the host computer system to identify at least one of the parties and consulting the storage arrangement to determine the rules that define transaction processing for the at least one party.

Abstract: The control of access to content via a player system accessible by a plurality of users is described. A default profile is provided including filtering criteria, the filtering criteria describing at least one of characteristic of content permitted for all of the plurality of users and a characteristic of content prohibited for all of the plurality of users. Metadata associated with a selected content and the filtering criteria are compared, and access to the content is permitted or denied based on the comparison. Also, content is selected, the selected content having metadata linked thereto via a pointer. The metadata is obtained using the pointer. The metadata and filtering criteria are compared, the filtering criteria describing characteristics of at least one of permitted or prohibited content. Access to the content is permitted or denied based on the comparison.

Abstract: Various embodiments of the present invention provide strong authentication of users on behalf of commercial entities and other parties to electronic transactions. In these embodiments of the present invention, a user interacts with an authentication service provider to establish policies for subsequent authentication of the user. Thus, in these embodiments of the present invention, a user controls the level and complexity of authentication processes carried out by the authentication service provider on behalf of both the user and commercial entities and other entities seeking to authenticate the user in the course of conducting electronic transactions, electronic dialogues, and other interactions for which user authentication is needed. The policies specified by a user may include specification of variable-factor authentication, in which the user, during the course of an authentication, provides both secret information as well as evidence of control of a tangible object.

Abstract: A method and system for a fully distributed on-line selling environment is presented. Any webpage can contain a program module that for each customer that view any webpage with the module embedded in it, automatically associates that customer with their corresponding shopping cart stored at a central server. The module can initiate a sale transaction for a product presented on the webpage and cause the central server to complete the purchase and fulfillment. The website hosting the webpages with the module do not operate any back end transaction processing or order fulfillment. Instead the central server can retrieve a pending sales data associated with the customer and then initiate a payment process for the pending sale items as well as generate revenue share credits for the webpages associated with the sales.

Abstract: Described herein are methods and systems for processing a consumer payment based on a mobile phone number of a mobile device of a consumer. In one embodiment, a method includes initiating a payment between the consumer and a merchant. A payment system receives the mobile phone number associated with the mobile device of the consumer. The payment system generates and sends to the mobile device a one time passcode (OTP) in response to receiving the mobile phone number from the consumer. The payment system authenticates the consumer based on receiving the OTP from the consumer. The payment system completes the payment transaction by granting micro-credit to the consumer with no pre-registration.

Abstract: The present invention provides a system and method for facilitating a transaction between two or more parties. Electronic documents are received from a party and are posted to the secured account such that each party can retrieve and modify the electronic documents. Upon agreement, the electronically signed documents are provided to the parties. The present invention also provides a method for facilitating a proposed transaction between an originating party and a potential buying party using various levels of unrestricted and restricted descriptions of the proposed transaction tied to conditions of release. The requested restricted description is provided to the potential buying party whenever the potential buying party agrees to the one or more conditions of release for the requested restricted description.

Abstract: Digital cash token protocols employ two pairs of private and public keys. Each public key is certified separately and the protocols do not use any blind signature schemes. As a result, the digital cash token protocols provide strong protection of user privacy by using two certified public keys instead of a blind signature. One pair of certified keys consists of one master user private key and one master user public key. A second pair of certified keys consists of one pseudonym user private key and one pseudonym user public key. The use of a master key pair and a pseudonym key pair circumvents the need for blind signatures. As a result, the proposed protocols do not require blind signatures and do not add additional overhead and security requirements necessitated by conventional blind signature schemes. The protocols use public key protocols and digital signatures and symmetric key protocols, which may be readily implemented in standard information security based systems based on cryptographic constructs.

Abstract: Tokenless biometric authorization of transaction between a consumer and a merchant uses an identicator and an access device. A consumer registers with the identicator a biometric sample taken from the consumer. The consumer and merchant establish communications via the access device. The merchant proposes a transaction to the consumer via the access device. The access device communicates to the merchant associated with the access device. After the consumer and merchant have agreed on the transaction, the consumer and the identicator use the access device to establish communications. The access device communicates to the identicator the code associated with the access device. The identicator compares biometric sample from the consumer with registered biometric sample. Upon successful identification, the identicator forwards information regarding the consumer to the merchant.

Abstract: A method and device for franking mailpieces. An operating unit, which is separated from a franking unit, transmits a transaction request to an authorization unit. The authorization unit ascertains an authorization of a user of the operating unit on the basis of an authorization profile. The transmitted transaction request is authenticated by the authorization unit according to the ascertained authorization. The authorization unit converts the authenticated transaction request into a transaction job. The transaction job is transmitted to the franking unit. The authorization unit is authenticated in the area of the franking unit. The transaction job is processed in the franking unit and the result of the execution of the transaction job is sent out by the franking unit.

Abstract: A computer-assisted method includes hardware, software and telecommunications components that cooperatively achieve the technical effect of an improved electronic purchasing transaction system. In various embodiments of the invention, at least one master account is established for a client. A pool of limited use account identifiers or secondary account identifiers, that are separate and distinct from the master account, is associated with the master account by a purchasing system or account management system. Each of the limited use account identifiers may be used by the client to purchase items from merchants.

Abstract: A method for processing a value-added electronic transmission, which includes obtaining user identification information (110), conveying software (120) to the user, where the software enables the user to selectively send electronic transmissions to intended recipients via a mediation site, and associating with the mediation site at least one value-added processing service, including carrier indication, sender indication, transmission identification, guaranteed delivery, address verification, address correction, archiving, and transmission security. The method further includes billing the user (140) for service rendered through the mediation site.

Abstract: The present invention relates to a method and a system for initiating and/or conducting a transaction that is associated with at least two corresponding declarations of intent, in particular a payment transaction, between at least two transaction parties via a processing unit (3), in which payment transaction at least one of the transaction parties uses a land line telephone or mobile telephone (1, 2) or a mobile communications device for transmitting data. The method is characterized by the transmission of data to the processing unit by at least two transaction parties within a limited time frame, and by the fact that the initiation of the data transmission of these transaction parties is effected actively by the transaction parties and not by the processing unit (3), while the data transmitted during initiation contain features that enable correlating the declarations of intent with one another.

Abstract: This invention provides a system, method and computer program product to allow a user to access administrative security features associated with the use of a security token. The administrative security features provide the user the ability to unlock a locked security token, diagnose a security token, activate and deactivate a security token, request a replacement security token or temporary password or report the loss of a security token. The invention comprises a client application which integrates into the standard user login dialog associated with an operating system. A portion of the user dialog is linked to a remote server to access the administrative services.

Abstract: A system for verifying intent in a card not present transaction is provided. The system includes a late binding token that is distributable to consumers without necessarily being bound to an account. The system also includes a client software that locates a token server configured to facilitate managing and communicating with the late binding token. The system also includes a protocol concerning how to build a verifiably secure structured proposal that carries an offer to the consumer through the client software.

Abstract: In a method and a device for transferring an e-mail by a public key cryptography between an e-mail transmission device and an e-mail reception device, a trigger message to which user authentication data and a public key are added is received from a transmitting side client, and trust is assigned to the public key within the trigger message to be transmitted to a receiving side client when the user authentication data within the trigger message are authenticated. In response thereto, a response message to which user authentication data and a public key are added is received from the receiving side client, and trust is assigned to the public key within the response message to be transmitted to the transmitting side client when the user authentication data within the response message are authenticated.

Abstract: Transaction management is facilitated using an approach involving the use of transaction characteristics to authenticate transaction information. According to an example embodiment, a computer processing system is programmed to process a shipment transaction involving a shipper and a carrier. The system is particularly suited to efficiently automate the payment of a shipment transaction and to efficiently provide access to relevant shipment information. The system includes a shipper processor that receives transaction document information such as purchase order information and assists in generating a bill of lading for the transaction. A shipper access terminal interfaces between the shipper processor and a central processor arrangement to control the quantity, quality, and timeliness of information transferred to the central processor arrangement.

Abstract: Provided are a method and system for providing services based on authentication of college students. According to the present invention, a verification code is transmitted to an email account that is provided by a college, a college student who inputs the same verification code is authenticated, and the authenticated college student provides the services including an essay providing service or an essay review service, based on the verified identity of the college student.

Abstract: A secure, closed virtual payment system comprising registered buyers and sellers for ordering and paying for goods, services, and content over an internetwork is disclosed. A buyer becomes registered by applying for a virtual payment account. A seller becomes registered by applying for a seller account. A credit processing component (53) immediately evaluates the buyer's application and assigns a credit limit to the account. Once an account is established, a digital certificate is stored on the registered participant's computer. The buyer can then order goods, services, or content from a seller and charge it to the virtual payment account. When the product is shipped, the seller notifies a commerce gateway component (52), which, in turn, notifies the credit processing server, which applies the charges to the buyer's virtual payment account.

Abstract: Methods for self-sufficient healthcare coverage are described. Some embodiments may include receiving requests to pay healthcare claims. The money to pay these claims may be allocated from one or more healthcare-related financial account associated with employers and employees. Some healthcare-related financial accounts may be associated with investment accounts. By investing funds from a healthcare-related financial account into an investment account, at least a portion of the income from the investment account may be reallocated back to the originating healthcare-related financial account to allow it to grow. Other embodiments are described and claimed.

Abstract: A method, system and computer program product relating to automatically validating a transaction between an issuer having a signing key, an emitter having an emitter key, an acceptor having a unique identity and a limit on transactions and a validator.

Abstract: Methods and systems are disclosed for personalization and identity management. In one embodiment, the method comprises receiving, from an access provider, a message for a service provider, the message associated with a first identifier of a user of the access provider. A second identifier is obtained, the first identifier is disassociated from the message, and the second identifier is associated with the message. The message associated with the second identifier is then sent to the service provider.

Abstract: A system for multipath contactless transaction processing, comprising a point-of-sale system comprising a processing unit and a video screen, the video screen at least sometimes viewable by a purchaser interacting with the point-of-sale processing system, wherein, during a transaction, a graphical indicia is displayed on the video screen in a form suitable for photographing or scanning by a device held by the purchaser, and wherein, upon receipt by the point-of-sale processing unit of at least one non-graphical indicia the content of which is determined at least in part by the contents of the graphical indicia that was displayed to the purchaser, the point-of-sale completes the transaction.

Abstract: An approach is provided for conducting transactions via an audio token base payment system. An audio payment manager receives a request, at a device, for payment to a merchant, the request including a password. In response, the audio payment manager retrieves a personal identification number from a user of the device, an identifier associated with the user, a session code, or a combination thereof. The audio payment manager then generates an audio token at the device based, at least in part, on the password, the personal identification number, the identifier associated with the user, the session code, or the combination thereof, and causes, at least in part, conveyance of the audio token to the merchant to initiate the payment.

Abstract: Disclosed herein are systems and method for facilitating transactions between a merchant-partner and a customer. In general, the systems and methods include: (a) staging a transaction between the merchant-partner and the customer; (b) tokenizing the transaction by linking one or more transaction instructions to a token ID; (c) providing the customer with the token ID, wherein the customer can then present the token ID and a payment to a point-of-sale terminal; (d) receiving confirmation that the customer has presented, to a point-of-sale terminal, the token ID and a payment in accordance with the one or more transaction instructions; (e) notifying the merchant-partner that the customer provided the payment to the point-of-sale terminal; and (f) settling the transaction between the point-of-sale terminal and the merchant-partner.

Abstract: A system and method for verifying the existence of a deposit account, such as a checking account, are provided. The system and method may also be used to determine whether the deposit account is configured to receive automatic transactions for withdrawal. For example, a lender may extend an offer of credit to a borrower where payments of principal and interest are to be made by automatic withdrawals. Prior to transferring the principal, the lender verifies the existence and configuration of the borrower's deposit account by charging a fee to establish the line of credit and retrieving the fee by automatic withdrawal. Once the transaction clears and the lender receives the fee, the lender is assured that the account does exist and is configured to receive automatic transactions. Two exemplary methods of retrieving the fee are electronic funds transfer and remote creation of a paper negotiable instrument.

Abstract: Whitelists are automatically shared between users and/or domains without compromising user/domain privacy. Potential trust partners with whom to share whitelist data are automatically identified. A handshaking procedure is carried out to confirm the trust relationship and verify the partner's identity. Once a trust partner is confirmed, the parties can exchange acceptance criteria specifying the types of whitelist data they want to receive. Each party can provide the other with the appropriate entries from its own whitelist. The parties keep each other updated, as their own whitelists change.