Abstract: The instant invention relates to a system and method for ensuring and verifying the identity of all parties involved in an online marketplace transaction involving buyers, sellers, and third parties, such as a marketplace. Anonymous transactions are supported by the present invention. Verification is provided and insurance may be purchased in accordance with the instant invention guaranteeing that the parties are who they represent themselves to be and are capable of entering into the transaction, thereby facilitating completion of the online transaction.

Abstract: The prevention of impersonation attacks based on hijacked common gateway interface (CGI) session IDs is disclosed. In accordance with one embodiment, a secured communication channel is formed between a server and a client using an initial transport layer security (TLS) key. Additionally, an authenticated CGI session is formed over the secured communication channel based on an initial CGI session identifier (ID). Further, the initial CGI session ID and the initial TLS key are combined into a pair. Next, incoming data that includes an incoming CGI session ID is received via a secured communication channel. An incoming TLS key of the secured communication channel that carries the incoming CGI session ID is then retrieved. Based on the retrieved incoming TLS key, the incoming data is permitted to execute on the server when the incoming TLS key matches the initial TLS key of the pair.

Abstract: Virtual account based digital cash protocols employ two pairs of private and public keys. Each public key is certified separately and the protocols do not use any blind signature schemes. As a result, the virtual account based digital cash protocols provide strong protection of the user privacy by using two certified public keys instead of a blind signature. One pair of certified keys consists of one master user private key and one master user public key. A second pair of certified keys consists of one pseudonym user private key and one pseudonym user public key. The use of a master key pair and a pseudonym key pair circumvents the need for blind signatures. As a result, the proposed protocols do not require blind signatures and do not add additional overhead and security requirements necessitated by conventional blind signature schemes.

Abstract: The invention relates to a method for securing an on-line transaction, comprising a proximity test which permits the proximity of the physical presence of the client to the on-line processing station (PT) with the authentication authority (AA) to be verified, an authentication test for the holder of the chipcard (CP) and a non-repudiation test for the transaction.

Abstract: A method for digitally signing of electronic documents which are to be kept secure for a very long time, thereby taking into account future cryptographic developments which could render currently cryptographic key-lengths insufficient. A double signature is issued for each document. A first digital signature ensures the long term security, while a second digital signature ensures the involvement of an individual user. Thereby, the second digital signature is less computationally intensive in its generation than the first digital signature.

Abstract: An electronic commerce system managing sale and distribution of products over the Internet or other type of network. In order to prevent attempts by users to fraudulently obtain the products, system analyzes the information submitted by the users in connection with stored and associated information in an order to determine that likelihood that the order is an attempt at fraud. Based upon the determination, system accepts or declines the order. The system also saves the user-entered information for use in determining whether to accept to decline future orders.

Abstract: The present invention provides a system and method for facilitating a transaction between two or more parties. One or more electronic documents are received at a server computer from a client communications device of a first party to the transaction. All of the one or more electronic documents are locked against future changes. The identity validation of the first party indicates that the first party has agreed to the one or more electronic documents. Registration information is received from the client communications device of a second party to the transaction. The registration information includes the identity validation of the second party. The second party is provided with access to the received electronic documents. Whenever an acceptance of the electronic documents is received from the client communications devices of the second party, the identity validation from the first party and the second party to the agreed to electronic document.

Abstract: A method for conducting a secure transaction over a network includes the steps of receiving a price and a transaction identifier from a merchant, the transaction identifier identifying a purchase selection made by a user, receiving a user identifier from a user, receiving a financial institution selection from the user, initiating a communication session with the selected financial institution, receiving a financial-institution user-identifier from the user, communicating the financial-institution user-identifier to the selected financial institution, communicating to the selected financial institution a request to transfer funds, receiving the funds from the selected financial institution, and sending the funds to the merchant.

Abstract: Exemplary embodiment of the present invention would provide systems, including Internet-based systems, and computer-implemented methods, for providing online Buyers and Sellers who physically transact an exchange of an item at a local meeting place, indicia of confirmation of the exchange on which to base a background online payment. In particular, exemplary embodiments of the present invention would provide a way for Buyers and/or Sellers to input an identifier for online authentication to confirm that a physical exchange of an item sold had been transacted and that would accordingly provide an online system with a basis to charge the relevant Buyer's account for a sale amount and pay the Seller for the item sold.

Abstract: Systems and methods for personal financial management using a financial card having a primary account with a plurality of subaccounts within the primary account, the systems and methods includes the financial management, transaction processing systems such as point of sales system, financial account management system and support systems are configured for processing transactions from user selected subaccounts within the primary account in real time at the time of processing each payment transaction and including processing each transaction from user selected subaccounts by indicating at the time of each transaction a particular transaction identifier indicating the particular subaccount within the primary account.

Abstract: A random number generating algorithm is seeded with an unpredictable number. The seed value is computed by subjecting variable data to a Secure Hashing Algorithm, and truncating the right most, or left most, 16 bytes from the message digest generated. The algorithm generates the unpredictable number by using the seed value as a counter value in the random number generator, and performing a data encryption standard operation. In one exemplary embodiment, the unpredictable number is modified to a predetermined maximum unpredictable number value as determined by the sender and receiver of the unpredictable number.

Abstract: Techniques are described for managing distributed execution of programs, including by dynamically scaling a cluster of multiple computing nodes used to perform ongoing distributed execution of a program, such as to increase and/or decrease the quantity of computing nodes in the cluster at various times and for various reasons. An architecture may be used that facilitates the dynamic scaling of a cluster, including by having at least some of the computing nodes act as core nodes that each participate in a distributed storage system for the distributed program execution, and having one or more other computing nodes that act as auxiliary nodes that do not participate in the distributed storage system. If computing nodes are selected to be removed from the cluster during ongoing distributed execution of a program, one or more nodes of the auxiliary computing node type may be selected for the removal.

Abstract: Herein is described a tokenless biometric method for processing electronic transmissions, using at least one user biometric sample, an electronic identicator and an electronic rule module clearinghouse. The steps for processing of the electronic transmissions comprise of a user registration step, wherein a user registers with an electronic identicator at least one registration biometric sample taken directly from the person of the user. A formation of a rule module customized to the user in a rule module clearinghouse, wherein at least one pattern data of a user is associated with at least one execution command of the user. A user identification step, wherein the electronic identicator compares a bid biometric sample taken directly from the person of the user with at least one previously registered biometric sample for producing either a successful or failed identification of the user.

Abstract: Methods and systems are provided for use with digital data processing systems to control or otherwise limit access to networked resources based, at least in part, on transactional artifacts and/or derived artifacts.

Abstract: Systems and methods for token authentication analyze token data over one or more read operations to compute a characteristic master signature for the token. This can be accomplished, for example by analyzing the token data statistically to compute a characteristic signature for the token. Similar techniques can be used to generate a subsequent signature that can be verified against the original characteristic signature to authenticate the token. For example, a signature can be generated on a per use basis and that signature verified against the characteristic signature to validate the token upon use.

Abstract: A method for providing curriculum enhancement using a computer-based media access system according to one embodiment is described. The method comprises accessing a playlist assembly component and creating a playlist indicating at least one instance of media. The playlist is then accessed and the instance of media is selected. A usage compliance mechanism then accesses the instance of media in accordance with a usage restriction.

Abstract: A personal information generation apparatus 1 encapsulates personal information together with a transmission policy to generate a personal information capsule which is transmitted to personal information utilization apparatus 2. Personal information utilization apparatus 2 receives and holds the personal information capsule for utilization. In this event, personal information generation apparatus 1 transmits a transmission policy defined by the personal information producer. Personal information utilization apparatus 2 in turn transmits a reception policy defined by a personal information user. Then, personal information generation apparatus 1 and personal information utilization apparatus 2 determine a contractual coverage in regard to personal information to be distributed, and generate contract information. Eventually, the personal information is distributed from personal information generation apparatus 1 to personal information utilization apparatus 2 based on the generated contract information.

Abstract: A system receives account access information from a user. The account is then accessed using the received access information. Data is harvested from a web page associated with the account or received from another financial data source. The user's ability to access the account is authenticated based on the obtained information.

Abstract: The FLEXIBLE MONETIZATION SERVICE APPARATUSES, METHODS AND SYSTEMS (“FMS”) transform requests for on-demand and flexible monetization and related services via FMS components into currency transfers, purchase receipt notifications, social networking communications and transaction analytics reports. In some embodiments, the FMS obtains a request from a computing device of a merchant to process a user purchase checkout by a user from a point of sale device. In some embodiments, the request may include a merchant identifier. The FMS may determine that the merchant is authorized to obtain servicing of the request to process the user purchase checkout, by querying a database using the merchant identifier. The FMS may generating a user interface customized to the merchant and the point of sale device, upon determining that the merchant is authorized to obtain the service of the request, and provide the customized user interface to process the user purchase checkout by the user.

Abstract: A reputation server is coupled to multiple clients via a network. Each client has a security module that detects malware at the client. The security module computes a hygiene score based on detected malware. The security module provides the hygiene score and an identifier of a visited web site to a reputation server. The security module also provides identifiers of files encountered at specified web sites to the reputation server. The reputation server computes secondary hygiene scores for web sites based on the hygiene scores of the clients that visit the web sites. The reputation server further computes reputation scores for files based on the secondary hygiene scores of sites that host the files. The reputation server provides the reputation scores to the clients. A reputation score represents an assessment of whether the associated file is malicious.

Abstract: Systems and methods for performing financial transactions are provided. In one embodiment, the invention provides a method for processing token data for a bank card transaction, the method includes: receiving a string of first token data from a token at a token reader; modifying the first token data and generating second token data, the second token data including modified token data; performing a modulo arithmetic operation on the second token data and determining a mod 10 check digit that will cause a modulo arithmetic check of the second token data to yield the same result as the modulo arithmetic check would yield on the first token data; and inserting the mod 10 check digit in the second data string and forwarding the second data string for the transaction.

Abstract: Mediation systems and methods for restricted access item distribution are disclosed. In an embodiment, a method for facilitating payment from a user device for a restricted access item hosted by a host system is disclosed. In another embodiment, a system for facilitating payment from a user device to for a restricted access item hosted by a host system is disclosed. In another embodiment, a method for providing a mediated marketplace service is disclosed.

Abstract: A method of operating a plurality of computer systems includes translating inputs generated by the operation of an input device associated with a first computer into control signals for operating at least one other computer system to operate the at least one other computer system in a corresponding manner.

Abstract: A method of managing the digital rights of a remote device is disclosed. The method includes receiving a warrant including information that the use of content is allowed, issued from a main device having the replay right for the content, transmitting the warrant to a service-providing device, and receiving the content provided by the service-providing device.

Abstract: The present invention is intended to allow distribution of personal information to be managed on the basis of not only a personal information management policy defined by a personal information producer but also management policies of all apparatuses which handle personal information when the distribution of personal information is managed between apparatuses. In its configuration, personal information generation apparatus 1 encapsulates personal information together with a transmission policy to generate a personal information capsule which is transmitted to personal information utilization apparatus 2. Personal information utilization apparatus 2 receives and holds the personal information capsule for utilization. In this event, personal information generation apparatus 1 transmits a transmission policy defined by the personal information producer. Personal information utilization apparatus 2 in turn transmits a reception policy defined by a personal information user.

Abstract: A transaction processing and authorization service. If a source entity does not respond to an authorization attempt via a communications channel, the service may generate a transaction phrase corresponding to the transaction and communicate the transaction phrase to the source entity. The transaction phrase may also be stored by the service and associated with the source entity's account and the particular transaction as initiated, and may be used to identify the transaction. After receiving the transaction phrase, the source entity may then, if desired, return the transaction phrase to the service. Upon receiving the transaction phrase from the source entity, the service may then contact the source entity via the communications channel to authorize the transaction. As an alternative, a source entity may submit a replay command to the service to replay any pending transactions.

Abstract: A method and system to verify the identity of a user are described. The system may include a communications module to receive a billing telephone number and a private data segment associated with a user; an address detector to obtain a street address associated with the user; a private data processor to obtain one or more identification records, utilizing the obtained street address and the private data segment; and a matching module to compare the one or more identification records with the private data segment associated with the user to generate a match result.

Abstract: An automated payment system and clearinghouse for effecting payment on online transactions without having to divulge sensitive financial information to a merchant. The payment system and clearinghouse provides a secure and safe vehicle to perform e-commerce transactions worldwide independently of the customer and merchant locations. This allows banks to offer their clients a new and alternative way to pay for internet purchases without the need to use a credit card or to divulge credit-card information or bank account information.

Abstract: This invention relates to an electronic means by which people can select the exact seat or seats they want for any type of event or reserve an appointment for any activity. More specifically, a customer or a ticket re-seller or a venue operator can go, for example, to the internet and select the event or activity for which he wants a ticket or tickets or reserve a time and reserve and order the exact seat or seats or the time of his choosing directly online. The seat or seats or reserved time he selects is then paid for using payment information that is verified with a payment verification server.

Abstract: A method of authorizing a commercial transaction between a customer and a provider of goods or services over a network, wherein the provider of goods or services requests that the customer provide authentication by activating a fingerprint identification device, and the provider of goods or services receives at least an authentication code of the customer over the network from the fingerprint identification device, the method comprising the steps of: providing the customer with the fingerprint identification device which produces the authentication code when a fingerprint of the customer matches a stored fingerprint within the fingerprint identification device; receiving at least the authentication code from the provider of goods or services over the network; and authorizing the transaction if at least the authentication code is valid.

Abstract: A change management system coordinates information of a transaction tool managed by a transaction tool management system. The system includes a receiver that receives, over a communications network, activity information and/or lifecycle event information for the transaction tool. The system also includes a storage that stores the received information. Additionally, the system includes a processor that manages a change in a status of the transaction tool based on the received information.

Abstract: An interrupt payment system (100) comprising means (100) for detecting an interrupt signal generated by a party to a call; means (102) for obtaining details of a payment to be made on detection of an interrupt signal; a payment processor (104) operable to process the payment in accordance with the obtained details (104); and means (100) for resuming the call between all parties concerned on processing of a payment by the payment processor (104).

Abstract: A system and method for engaging in a credit or debit transaction do not transmit an individual's account number to a vendor or merchant. The individual provides the account number to a transaction acquiring device (TAD). The TAD requires the individual to provide one or more pseudo-random numbers that identify the individual. These numbers are only obtainable from an authentication device that can be unlocked only by passing an authentication challenge. The TAD then provides transaction data to a credit or debit issuer and the vendor, but does not provide or store the account number. The issuer provides the merchant with an identifier other than the account number that is nevertheless unique to the individual. This identifier may be used to track the individual's purchase history or perform other business functions.

Abstract: Disclosed is a payment system and method for supporting user verification in VoIP configuration by receiving secret number or VoIP phone number of a user as payment information on Internet and completing the payment by user verification and occupancy verification. The payment system includes a user terminal for inputting secret number or VoIP phone number as payment information, a payment gateway server for receiving the payment information from the user terminal to intermediate user verification and approving payment by occupancy verification, and a central communication company server for receiving the payment information from the payment gateway server to verify the user and receiving a final payment approval to add a payment amount to communication charges of the user terminal and bill the charges. The payment system prevents illegal payment by fraudulent use of the user information.

Abstract: A method and system for approving a transaction between a customer and a merchant including the steps of transmitting a transaction request from a customer to a merchant; transmitting a verification request from the merchant to a verification entity, the verification request comprising first data; the customer device transmitting second data to the verification entity; and the verification entity performing a verification step by using the first data and the second data to verify if the transaction should be approved.

Abstract: A transaction processing system uses a mobile phone to make payments at point of sale (POS), over the internet, and over the phone, and also to make money transfers. Transaction security is provided by using various combinations of authentication using the mobile phone. Account numbers linked to payment cards, and public/private keys that encrypt/decrypt customer data, dynamically change on mobile phone and a server, based on a specified number of transactions or time interval. No credit/debit account information is shown on mobile phones. GPS location and time stamps facilitate identification of unusual shopping patterns during internet and over-the-phone transactions. Customers can remotely delete data on mobile phone in case of loss. Three-level security used at POS combines industry-standard encryption; dynamically-changing account numbers and keys; and visual identification of customer, followed by software signature recognition.

Abstract: Methods and systems for metrics-based gaming operations are provided. Information concerning game play for each play may be received and stored. Such information may be used to generate certain metrics. The generated metrics, in turn, may be used to determine how to customize a game operation. Such game operations may include providing training to a player, matching a player up with another player or with a team, adjusting a game event, etc.

Abstract: A system for verifying the identity of a user includes an identification score assignment module configured to receive at least one source of identification of the user and to assign an identification score to each of the at least one source of identification. The system includes a total identification score generation module, in communication with the identification score assignment module, configured to generate a total identification score of the user from the identification scores of each of the at least one source of identification and a predetermined function. The total identification score of the user is associated with a level of verification of the identity of the user, and compared to a minimum identification score associated with a transaction. The transaction is performed when the total identification score of the user is greater than or equal to the minimum identification score.

Abstract: A method of automatically controlling fraud in an electronic transaction system. When a user initiates a session in the electronic transaction system, an element is generated and stored in a database in association with information identifying the user. Each time during the session the user commands the execution of an operation, an equation is determined that is satisfied by the element stored in the database. When a sufficient given number of operations has been effected, the system of equations consisting of the equations determined as above is solved to deduce the element. By consulting the database, the corresponding information identifying the user is deduced from the element obtained in this way.

Abstract: A system and method for identifying incoming ACH transactions involving subscriber accounts at a financial institution, comparing the ACH transaction details with preset notification criteria, suspending any ACH transaction that satisfy the preset criteria so that the transaction does not post to the account, notifying the subscriber of the incoming ACH transaction, providing the subscriber with the option to either authorize or dispute the ACH transaction, and facilitating the dispute process according to applicable banking rules by requesting further information from the subscriber and forwarding the dispute information to the ACH operator.

Abstract: A method of subsidizing the presentation of media content by including informative messages as part of the presentation. The presentation of the media content is paused while the informative message is presented. The cost of the media content is credited to the owner and the payment associated with the informative message is debited from the sponsor of the informative message. Some content is segmented into sections and the informative messages are presented before or after each section. Other content is not segmented, but informative messages are presented at intervals determined by an e-PVR.

Abstract: A system and method for conducting electronic commerce are disclosed. In various embodiments, the electronic transaction is a purchase transaction. A user is provided with an intelligent token, such as a smartcard containing a digital certificate. The intelligent token suitably authenticates with a server on a network that conducts all or portions of the transaction on behalf of the user. In various embodiments a wallet server interacts with a security server to provide enhanced reliability and confidence in the transaction. In various embodiments, the wallet server includes a toolbar. In various embodiments, the digital wallet pre-fills forms. Forms may be pre-filled using an auto-remember component.

Abstract: A secure wireless payment system and method thereof allow a consumer to acquire transaction information generated by a payment requesting unit of a seller with a handheld payment responding unit. The payment responding unit has a storage unit embedded with payment authentication data. After the consumer confirms that the transaction information is correct, a payment request is generated and transmitted to a banking unit releasing the payment authentication data through a secure wireless voice channel so that the banking unit can directly approve to pay. Accordingly, consumers need not present credit cards for sellers to charge and fully eliminate the risk of credit card piracy. Additionally, the payment responding unit of the present invention can be automatically connected with the banking unit releasing the payment authentication data for payment of a transaction.

Abstract: In a message authentication system in which a message is transmitted from a message transmission apparatus 100 to individual message reception apparatuses 120 through wireless communication connecting the message transmission apparatus 100 with the message reception apparatuses 120 via intermediary message reception apparatuses and the message is authenticated at each message reception apparatus, the message transmission apparatus first transmits an electronic signature to each message reception apparatus as a message transmission notification and then transmits the message and an authentication key to the message reception apparatus after allowing a predetermined time lag. Thus, the message reception apparatus does not need to hold the message before the authentication key is published (FIG. 7).

Abstract: Banking transaction processing apparatus and methods are disclosed. In one general aspect, a banking transaction processing method includes accessing a first authorization code from a first device, such as a credit card, and a second authorization code from a second device, such as a portable phone, at a merchant location, These codes are provided to an authorization module at the merchant location, and a relationship between the first and second authorization codes is evaluated. A transaction authorization indication can then be provided from the authorization module for an in-person transaction with the merchant.

Abstract: Presented is a system and methods for allowing a user, through their end user device, to online purchase a service from a service provider and provide online payment for the service from the operator network associated with the end user device. The service provider and the operator network can authenticate each other through encrypted data appended to HTTP communications associated with interacting on the internet.

Abstract: A method for generating a data transaction ID for an interaction between first and second units, the method comprising: the first data unit generating a first data item as a function of a first time data element, the first time data element being representative of a first time value, and transmitting the first data item to the second data unit; the second data unit generating a second data item as a function of the received first data item and transmitting the second data item to the first data unit; and the first data unit generating a third data item as a function of the second data item and a second time data element, the second time data element being representative of a second time value, wherein the third data item comprises a transaction ID unique to the interaction between the first and second data units.

Abstract: A method, apparatus, and article of manufacture for processing data. The method, apparatus and article of manufacture preferably comprise the steps of: (a) receiving a record having a plurality of identifiers into a computer system, the record corresponding to an entity; (b) encrypting one or more of the identifiers in the record to form an encrypted record; (c) applying one or more encrypted variants to the encrypted record based on the encrypted identifiers and pre-computed encrypted synonyms; and (d) comparing the encrypted record to previously stored data using the encrypted identifiers and the encrypted variants in order to the match or associate the encrypted record with the previously stored data.

Abstract: A mobile payment system password restriction system is provided. The system comprises a portable electronic device, an electronic wallet application, and an access restriction application that, when executed on the portable electronic device, monitors the network connection status of the portable electronic device. The system also disables password access to the electronic wallet application after a first predetermined number of consecutive failed password access attempts to the electronic wallet application when the network connection status is not connected. The system also re-enables password access to the electronic wallet application in response to receiving a key code entered into portable electronic device, wherein the key code is different from the password.

Abstract: Methods and systems for enabling and performing secured, single action payments from a mobile device are disclosed. One method includes transmitting user credentials from an application installed on a mobile device to a server alongside a device identifier. The method includes receiving data at least partially defining encrypted personal payment information and saving the encrypted personal payment information in a memory of the mobile device in association with the application. At least prior to receiving a user request to make a payment via the application, the mobile device lacks a decryption key capable of decrypting the encrypted personal payment information.