Abstract: A self-authenticating credit card includes an input device for entering a PIN. The PIN is accepted by a micro-controller that uses the entered PIN as an encryption key for decrypting stored account information. A portion of the account information includes data, that when decrypted, contains an image that is rendered on an integral display, with account information sent to a transaction terminal. A timer is used to limit access to account data while in the unlocked state.

Abstract: A method of and system for making purchases over a computer network using an ATM card or the like is provided. In accordance with the invention, a consumer transmits his ATM card number over the network to an on-line merchant. The on-line merchant then forwards the ATM card number to a third party contractor, such as a bank, that will oversee and authorize the transaction. Simultaneously or thereafter, the consumer transmits his PIN over the network to the third party contractor, who verifies that the ATM card number and PIN are valid.

Abstract: Embodiments of the present invention provide a method for voice approval, where the method includes: receiving voice approval request information sent by an enterprise application server; establishing a voice communication connection with the terminal according to the contact information of the approver terminal; sending approval content audio information corresponding to the voice approval request information to the approver terminal; receiving feedback information, and obtaining approval result information according to the feedback information; and sending the approval result information to the enterprise application server. Embodiments of the present invention also provide a device and system for voice approval. In the embodiments of the present invention, the enterprise application server and the enterprise gateway are combined and improved to enable an approver to approve, in voice mode, an approval request raised by an applicant, thereby increasing the approval efficiency.

Abstract: Disclosed is a method and system for controlling allocation and transfer of funds among multiple recipients. The method includes receiving registration information from a user, storing the registration information, assigning to the user a primary account, and multiple sub-accounts linked to the primary account in a waterfall hierarchy, receiving recipient account information to be linked to the sub-accounts, receiving a set of selectively repeating predefined rules corresponding to the sub-accounts. The rules include a funds allocation rule for allocating a portion of funds deposited in the primary account into the sub-accounts, and determining if allocated funds in the sub-accounts has hit the allocated target, a payment transfer rule for transferring the allocated target funds in the sub-accounts to the recipient account, and an authentication verification rule for verifying authentication of the user for updating the rules corresponding to the sub-accounts.

Abstract: A method and a system for processing an online financial transaction executed at least partially by a computing device coupled to a communications network, comprising a rule-module nexus for processing an online financial transaction, an on-line verification platform, an online user account registry, wherein the on-line financial transaction comprises a payor-payee transaction, wherein the user is the payor and a merchant is the payee, and comprising at least one of the following: (a) the user and the payee are each directly and independently connected to the rule-module nexus during simultaneous logon sessions via a communication network, and wherein upon the user clicking on a website widget of the payee, the rule-module nexus transmits secure socket layer data directly to the user interface apparatus for display to the user via a pop-up window, without requiring application programming interface integration with a website of the payee and without requiring a form re-direct of the user away from the website

Abstract: A system for facilitating a financial transaction between a prospective transactor and a transactee has an identity and account verifying facility for verifying the identity of the prospective transactor and an account that the prospective transactor has with a financial institution, the identity and account verifying facility being operated by an independent verifier. The identity and account verifying facility includes a storage means for storing an identifier of the prospective transactor and details of at least one account held by the transactor at the financial institution. An identifier input means is provided whereby the transactor enters his identifier when he subscribes to the service.

Abstract: A system and method for authenticating a personal identification number (PIN) associated with a payment card of a cardholder, the PIN being a code having a sequence of digits, the method comprising the steps of: presenting a PIN entry request including identifying a digit subset of the code, such that the digits in the digit subset is at least one digit less than the digits of the code; receiving the digit subset in response to the PIN entry request; sending an authentication request based on the digit subset; receiving an authentication response including response data; and presenting a response to the cardholder based on the response data, the response including information representative of whether the PIN was successfully authenticated or not using the digit subset.

Abstract: A simple, non-intrusive, fraud free payment method for customers to make Internet purchases without using credit cards or revealing personal information. Customers can purchase any specific dollar amount of pay codes via on-line purchase by logging into their financial institution and purchasing the codes, via phone banking (using mobile phone or fixed telephone line) or via Automated Teller Machine (ATM). There is no need for the customer to first open an account with the payment service. The easy and fast set-up of a secure payment gateway for website merchants to receive payments for their goods purchased at their websites, eliminates the need of setting up a merchant account, chargeback and being penalized by banks for chargeback on sales. The amount due to the web merchant from the Internet transaction is credited directly into the merchant's bank account when the transaction and payment is approved by the customer's bank.

Abstract: A gaming system is provided. The gaming system allows users to access applications via gaming communication devices coupled to a communication network. At least a portion of the network may be wireless. The gaming applications include gambling, financial, entertainment service, and other types of transactions. The system may include a user location determination feature to prevent users from conducting transactions from unauthorized areas. The gaming system may incorporate a user profile feature according to which certain information regarding users of the system may be maintained. Such information can include, without limitation, information relating to preferences, finances, activities participated in by the users, and trends and habits of the users.

Abstract: A device for storing and transmitting information stored data cards preferably includes a case, a central processing unit (CPU), an operating system, a keypad, a screen display, a secure memory device and a transmission element. A PIN must be entered through the keyboard to operate the electronic card device. The PIN is stored in the secure memory device, Data cards may be entered through a card swipe, a global platform smart card device, a NUMI Key system and manual entry. The transmission element includes a programmable magnetic stripe. The programmable magnetic stripe is programmed to replicate the data on a magnetic stripe of a card. A programmable magnetic stripe is readable by a card transaction device. The operating system displays the cards retained in the memory device through the screen display. The electronic card device preferably includes a global platform smart card device for reading and writing NFC data. Inputs and presentments are performed primarily by end user self-provisioning.

Abstract: A first storage device provides a host device with access to a private memory area by communicating a password between the first storage device and a second storage device via the host device using a double-encryption scheme. In one embodiment, a host device receives a twice-encrypted password from a first storage device, sends the twice-encrypted password to a second storage device, receives a once-encrypted password from the second storage device, decrypts the once-encrypted password to obtain the password, and sends the password to the first storage device. In another embodiment, a first storage device sends a twice-encrypted password to a host device, receives the password from the host device after the twice-encrypted password is decrypted by a second storage device and the host device, and provides the host device with access to the private memory area only if the password matches one that is stored in the first storage device.

Abstract: A system and method for using a Personal Identification Number (“PIN”) to authenticate payment transactions via a mobile device coupled to a reader device is described. The reader device may be modified to not only read and encrypt first identification information from a payment medium such as a magnetic strip of a payment card, but also receive a PIN from the mobile device and encrypt the PIN. The mobile device may be configured to prompt for and receive the PIN. The PIN may be communicated to the reader device for encryption. The mobile device may receive the encrypted first identification information and encrypted PIN and communicate the encrypted data to an adaptive payment server that decrypts the encrypted data for processing the payment transaction. The system may be used to securely process PIN-based payment transactions using a mobile device that is communicably coupled to a reader device.

Abstract: A banking system operates responsive to data read from data bearing records. The system includes an automated banking machine comprising a card reader. The card reader includes a movable read head that can read card data along a magnetic stripe of a card that was inserted long-edge first. The card reader includes a card entry gate. The gate is opened for a card that is determined to be properly oriented for data reading. The card reader can encrypt card data, including account data. The machine also includes a PIN keypad. The card reader can send encrypted card data to the keypad. The keypad can decipher the encrypted card data. The keypad can encrypt both deciphered card data and a received user PIN. The card data and the PIN are usable by the machine to authorize a user to carry out a financial transfer involving the account.

Abstract: A mobile device includes a housing and an antenna mounted in or on the housing. The antenna is for transmitting and receiving transaction signals to and from a point of sale (POS) terminal. The device also includes at least one user interface element mounted on the housing and a transceiver mounted in the housing and coupled to the antenna. Still further, the device includes a secure element mounted in the housing. The secure element is coupled to the transceiver and stores a payment application program. The payment application program is for handling exchanging of the transaction signals with the POS terminal. A tick counter is operated within the secure element. The tick counter is for enforcing at least one time-out period with respect to transactions handled by the payment application program.

Abstract: The present invention provides a financial transaction facilitating device for facilitating a financial transaction at an ATM, point of sale station, via the Internet or to login to a financial account by generating a PIN in response to a correct biometric identifier being supplied. Also provided are a financial transaction processing facility, a method of facilitating a financial transaction and a method of processing a financial transaction.

Abstract: Facilitating transactions using non-traditional devices and biometric data to activate a transaction device is disclosed. A transaction request is formed at a non-traditional device, and communicated to a reader, wherein the non-traditional device may be configured with an RFID device. The RFID device is not operable until a biometric voice analysis has been executed to verify that the carrier of the RFID equipped non-traditional device is the true owner of account information stored thereon. The non-traditional device provides a conduit between a user and a verification system to perform biometric voice analysis of the user. When the verification system has determined that the user is the true owner of one or more accounts stored at the verification system, a purchase transaction is facilitated between the verification system. Transactions may further be carried out through a non-RF device such as a cellular telephone in direct communication with an acquirer/issuer or payment processor.

Abstract: A method for verifying permission to use a payment system such as an electronic credit card, using a hand held communication device such as a smart phone, where the customer presents the communication device to a merchant who extracts account information from the hand held device, and the hand held device generates a transaction code that is shared with the merchant and sent by both to a financial institution. The financial institution sends a new random code to the user and the merchant, which can be compared to verify the user's account and the financial institution's approval of the transaction.

Abstract: Computer implemented methods and systems for fulfilling a customer request for a requested item purchased from a merchant is provided. The method may be performed by a tangibly embodied processing machine disposed in a customer device. The method may include (1) observing, through the input of information, an observed event that is associated with a customer; (2) associating the observed event with a corresponding order record; (3) retrieving order information from the corresponding order record, the order information including at least customer financial entity account information; (4) generating a merchant request based at least in part on the order information in the corresponding order record, the merchant request including at least customer identification information and customer financial entity account information; and (5) outputting the merchant request to the designated merchant, so as to provide the designated merchant with information to fulfill the customer request.

Abstract: The present disclosure is related to a method for securing financial transaction. The method includes encrypting transaction information on a server 102 upon receipt of said information from a computing device 101. Encoding the encrypted transaction information into a predefined image pattern and transmitting the encoded image to the computing device 101. The method further includes scanning the image displayed on the computing device 101 from user's mobile device 103 to decode the scanned image and to decrypt the transaction information. The method also includes prompting the user upon successful decryption to enter Personal Identification Number (PIN) into the mobile device 103 to generate a unique signature. Finally, the user enters the signature on the computing device 101 for validation of said signature by the server 102 to secure the financial transaction.

Abstract: Particular embodiments provide a method for orchestrating an order fulfillment business process that includes a sub-process. In one embodiment, abstraction of business processes from an underlying information technology (IT) infrastructure is provided. An orchestration process can be designed using sub-processes such that the sub-process is assembled at run-time into an executable process. The sub-process may be defined in an interface as a single step. A plurality of services as then assembled as steps in the executable process at run-time.

Abstract: A wagering game system and its operations are described herein. In embodiments, the operations can include managing multiple instances of gaming applications associated with a wagering game client device and determining event data from the multiple instances of gaming applications. The operations can further include aggregating the event data into an event repository and determining that a requesting application requests some portion of the event data. The operations can further include opening a communication channel between the event data repository and the requesting application, formatting the requested portion of the event data in a format understandable to the requesting application, and communicating the requested portion of the event data to the requesting application via the communication channel.

Abstract: Embodiments for providing differentiated access based on authentication input attributes are disclosed. In accordance with one embodiment, a method includes receiving an authentication input at an authentication authority using an authentication protocol. The authentication input being associated with a client. The method also includes providing one or more representations for the authentication input, wherein each of the representations represents an attribute of the authentication input.

Abstract: A method and system of encrypting a Personal Identification Number (PIN) using a portable payment device includes a portable payment device in communication with a network and a payment processor, and may be configured to receive a first encryption key from the payment processor, to receive a PIN, to encrypt the PIN using the first key, and to provide the encrypted PIN to the payment processor in a form useable to process a payment authorization message or transaction request. The first key may be protected by cryptographic camouflaging using a password. The password may be received by the device and used to decamouflage the first key, and the decamouflaged first key may be used to encrypt the PIN. In one configuration, the first key may be a symmetric key, such that a PIN encrypted by the first key may be of a standard format usable in existing payment systems.

Abstract: A server is operable to receive a media device identifying number (ID) and to create an established association between the media device with a payment account and to support at least one of payment authorization and payment clearing based at least in part on the media device ID and the payment account. The server is further operable to produce the payment account information to a smart card personalization service server to facilitate creation of a smart card with the payment account information that is associated with the media device. The server is also operable to produce the media device ID to the smart card personalization service server to facilitate creation of a smart card with the payment account information based in part on the media device ID.

Abstract: Disclosed are systems and methods for establishing a personal identification number (PIN). The systems and methods provide techniques to begin a remote session with a customer, prompt the customer to select a PIN to associate with a financial account card during the remote session, and receive the PIN from the customer during the remote session.

Abstract: A first information handling system (“IHS”) receives identification information of a first user of a second IHS. The first IHS initiates a network session in response to authenticating the identification information of the first user. Within the network session, the first IHS receives identification information of a second user of the second IHS. The first IHS authenticates the identification information of the second user.

Abstract: An artist or a music company creates multimedia music contents using interactive media creating tools on their computer and upload to a fans club server. The fans club server maintains all fans registration information and client uploaded multimedia music/songs contents. An interactive media description module on the fans club server generates the interactive media using the multimedia contents provided by the client or the artist as its input. The generated interactive media will be distributed among the fans of the respective artist for playing on their mobile phones and review their contents online for a feedback before the songs being released in the market. The interactive media also prompts mobile phone user for purchasing the songs online. The mobile phone user can also purchase trial songs, and download on their mobile phone and make the online payment.

Abstract: A device is configured to allow a user to select any of a plurality of accounts to employ in a financial transaction. The user device includes a biometric sensor configured to receive a biometric input, a user interface configured to receive a user input including secret information known to the user and identifying information concerning an account selected by the user from the plurality of accounts. The user device includes a communication link configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, the user interface, and the communication link. The processor is configured to generate a non-predictable value and encrypted authentication information from the non-predictable value, the identifying information, and at least one of the information concerning the biometric input and the secret information, and communicate the authentication information via the communication link to the secure registry.

Abstract: A portable handheld device for wireless order entry and real time payment authorization may include a portable housing, a display carried by the housing, an order entry input device carried by the housing, a transaction card input device carried by the housing for reading user sensitive information from a transaction card, a wireless transceiver carried by the housing, and a processor carried by the housing and connected to the display, order entry input device, transaction card input device and wireless transceiver. The processor may be for wirelessly sending input order information, and encrypting and wirelessly sending the user sensitive information from the transaction card without storing and without displaying. The processor may also be for wirelessly receiving and displaying payment authorization information based upon real time authorization from a transaction card issuing entity.

Abstract: Aspects of the invention are directed to a two phase payment link and authorization method and system for mobile devices. A method for payment and authorization according to an embodiment includes: requesting and receiving, at a mobile device, a transaction identifier from a payment service; displaying the transaction identifier on a display of the mobile device, wherein the transaction identifier is in a machine readable format; scanning the transaction identifier at a point of sale system; sending the transaction identifier and transaction information associated with items to be purchased from the point of sale system to the payment service; creating, at the payment service, a logical link between the mobile device and the point of sale system, based on the transaction identifier; and sending the transaction information from the payment system to the mobile device.

Abstract: A system and method may allow for flexible transaction processing based on for example the risk assessment of a transaction and/or a user or party to a transaction. Based on a risk level, for example, a level of authentication for the transaction may be set or altered.

Abstract: A first server device is configured to receive an authentication request from a second server device; add the authentication request to a queue associated with a user; and provide a representation of the queue to a mobile device of the user. The representation of the queue includes an entry for the authentication request. The first server device is further configured to receive, from the mobile device, authentication information, provided by the user, for the authentication request; determine that authentication, of the user, for the authentication request is successful based on the authentication information; generate an authentication response that indicates that the authentication, of the user, for the authentication request is successful; and transmit, by the first server device, the authentication response to the second server device.

Abstract: Provided are exemplary embodiments including a method for creating and using a personal encounter history using a communication device. The method involves the communication device receiving the transmission of a pseudo identifier from a proximal communication device where the pseudo identifier is associated with the user of the proximal communication device. Once received, the method continues with the wireless communication device requesting and receiving the actual identification of the user of the proximal communication device that is correlated with the pseudo identifier. The communication device includes a transceiver capable of communicating wirelessly with a mobile telecommunications network, a memory device and a processor. To ensure privacy, the processor is capable of receiving a pseudo identifier from a proximate communication device and then requesting an actual identification correlated with the pseudo identifier of the proximate communication device.

Abstract: An embodiment defines access control allowing the expression of access control rules using ontology based semantics and references an ontology subset using XPath as the ontological expression. The access control rules or access criteria are defined by an access control statement and may be expressed using classification criteria and ontology classes. The access control statement comprises a structural description that is used to define an asset and a logical expression that may be used to express the classification criteria. The access control statement defines access policy for various assets.

Abstract: A permission level associated with an associate's web access is identified. A relationship ticket is obtained from an authentication server and a request is generated to set the identified permission level. The request and the relationship ticket are sent to a Web server and a success code is received from the Web server if the requested permission level is established.

Abstract: An apparatus includes a processor configured to initiate an on-line transaction during a transaction session. The apparatus can identify an attempt to terminate the transaction session prior to completion of the on-line transaction. The apparatus can provide a notification in response to the identified attempt. The notification can include an indication of at least one selection made during the transaction session prior to the completion of the on-line transaction.

Abstract: A method for generating and provisioning payment credentials to a mobile device lacking a secure element includes: generating a card profile associated with a payment account, wherein the card profile includes at least payment credentials corresponding to the associated payment account and a profile identifier; provisioning, to a mobile device lacking a secure element, the generated card profile; receiving, from the mobile device, a key request, wherein the key request includes at least a mobile identification number (PIN) and the profile identifier; using the mobile PIN; generating a single use key, wherein the single use key includes at least the profile identifier, an application transaction counter, and a generating key for use in generating a payment cryptogram valid for a single financial transaction; and transmitting the generated single use key to the mobile device.

Abstract: Systems and methods for authenticating a user of a service are disclosed. A Personal Identification Number (PIN) is generated using a plurality of variables, and a user is authenticated by comparing the PIN generated at the user's mobile device with a PIN generated on an authentication server. The authentication enables the user to access a service or resource hosted on a host server. When requesting access to the resource, the user generates a device PIN and transmits the device PIN along with their unique key into the host server. The host server forwards the device PIN and the key to the authentication server. The authentication server generates a server PIN and compares the server PIN to the device PIN. If the two PINS match, the authentication server transmits a successful authentication response to the host server.

Abstract: A system for mobile devices that facilitates the creation and dissemination of interactive media to a plurality of mobile devices and PCs/laptops that comprise a client component. The interactive media may comprise of a list of products and services that are for sale and the user can select one or more for purchase. It may also comprise a list of real estate entries with associated user interest solicitation and the user can indicate his interest in one or more of the entries. The server can help the user make an appointment to view the corresponding real estate properties.

Abstract: A computer implemented method, apparatus, and computer usable program product is provided for managing network based preferences associated with charging transactions for electric vehicles. The network based energy preference service receives an identification of a principal associated with a first computing device using a network connection. The network based energy preference service receives a selection of preferences from the principal associated with the first computing device over the network connection to form a set of preferences for the principal. In response to receiving a request for a subset of preferences from the set of preferences for the principal from a preference requesting service, the network based energy preference service retrieves the subset of preferences from the set of preferences by the network based energy preference service and sends the subset of preferences to the preference requesting service.

Abstract: A method and apparatus for conducting a transaction involving transmission of a dynamic authentication code in place of a static PIN block using currently existing messaging standards or PIN acceptance devices. Minimal changes to existing processes an equipment are made while greatly improving security and fraud minimization.

Abstract: A system for multipath contactless transaction processing, comprising a networked server comprising a processing unit, a billing entity based on a first networked computing device comprising a processing unit and a video feed, the feed interloping a television broadcast video signal, the signal made available to potential purchasers to watch, wherein, during said viewing, a cue is provided whenever a transaction or interaction is available for scanning by a mobile device, and wherein, the user is prompted accordingly to act upon using the device.

Abstract: Technologies are generally described for security algorithm methods in authorizing and using digital certificates to perform banking transactions. A customer can register and associate a personal identification number with a digital certificate. The personal identification number can be used by a client device to generate a certificate request. A request to perform a banking transaction along with a certificate request can be sent to a bank server, where, upon authorization of a valid certificate request, the banking operation can be performed. Using the digital certificate as one authentication factor and a customer login and password as a second authentication factor, banking transactions can be performed more reliably and securely.

Abstract: There is provided a computer-implemented method for authentication, the method comprising: defining a demanded level of security in an authorization service of a server; providing at least one authentication mechanism comprising at least one instance for at least one client; providing a policy comprising a security level for the at least one instance; receiving at least one request from the client to the server; authenticating the request based on the policy and the demanded level of security by the authentication service; and permitting the request if the demanded level of security is reached.

Abstract: A system and method for facilitating electronic transactions using an intelligent instrument is disclosed. An authorization server enables users to obtain authorization credentials through the use of the intelligent instrument by issuing a challenge to an intelligent token of the intelligent instrument. The intelligent token generates a challenge response and transmits the challenge response to the authorization server, which assembles credentials including a key for the electronic transaction upon validating the response. The authorization server sends the assembled credentials to the intelligent instrument and the intelligent instrument transmits the assembled credentials to the authorization server during a subsequent transaction. The authorization server validates the assembled credentials and provides authorization for the transaction in response to the validating the assembled credentials.

Abstract: Methods and systems are provided for secure electronic payment for merchandise at a point of sale. The secure verification of a personal identification number (PIN) via a mobile payment system is facilitated. A memory stores account information for a plurality of users, the account information includes a personal identification number (PIN) for at least some of the users. A processor receives a communication including an indication of a desire of a user to purchase an item from a merchant. The processor accesses an account of the user and provides a random keypad to the merchant. The user uses the random keypad to enter the PIN. The processor receives touch screen information from a mobile device of the user and makes a reconstructed PIN from the random keypad and the touch screen information. The processor authorizes the purchase if the reconstructed PIN is the PIN of the user.

Abstract: The present invention discloses methods, media, and systems for handling hard-coded credentials, the system including: an interception module configured for: intercepting credential usage upon receiving an application request for application credentials in order to provide access to a host application; a configuration/settings module configured for reading system configurations and settings for handling the application credentials; a credential-mapping module configured for: applying appropriate credential-mapping logic based on the system configurations and settings; and upon determining that the application credentials need to be replaced, obtaining appropriate credentials from a secured storage.

Abstract: A computer-based method includes receiving, at a computer-based authorization system, a request to authorize payment to a first party at an electronic payment device from an account with funds that have been paid by a second party. The request includes an encrypted indication of an account number that corresponds to the account and a cash card number entered by the first party at the electronic payment device. The method further includes deriving an unencrypted version of the account number from the encrypted indication; comparing the unencrypted version of the account number to one or more identification codes in an electronic database, where one of the identification codes corresponds to the account; and authorizing payment from the account at the payment device based, at least in part, on whether the comparing yields a match between the unencrypted version of the account number and the identification code that corresponds to the account.

Abstract: Systems and methods for providing secure application support for NFC devices in both battery on and battery off modes are provided. A first application that requires available host battery supply and a second application that does not require available host battery supply are loaded onto a mobile device. When the second application is enabled, the reader requests user input on a POS device. The first application is enabled when host battery supply is available, and the second application is enabled when no host battery supply is available.

Abstract: When purchasing an item or service, a user enters a PIN enter their mobile communication device and send the PIN, e.g., via text message to a payment authority. The payment authority authenticates the user using at least the PIN and the mobile communication device identifier associated with the user's mobile communication device. If the user is authenticated, then the payment authority will send a transaction code back to the user, which will be displayed on the user's mobile communication device. The user can then provide the transaction code to the merchant. The merchant can enter the transaction code into the Merchant's point of sale system and complete the transaction.