Abstract: In order to make it more difficult to obtain numbers that can be used to conduct fraudulent transactions, a portion of a real account number is encrypted. The encrypted portion of the account number is used to generate a new account number, a new expiration date, and a new verification value. This information can be determined using processor that may reside in a point of sale terminal, a smart card, or a computer operated by a user. The new account number, the new expiration date, and the new verification value can be used in a payment transaction. A server computer in a central payment processing network may determine that the new account information is not the real account information, and may subsequently generate a modified authorization request message using the real account information and may send it to an issuer for approval. The transmission of data is more secure, since real account information is not sent from the merchant to the payment processing network.

Abstract: An identity monitoring system notifies legal guardians of potentially fraudulent activity associated with their children's identities. The monitoring system may determine if credit files for respective enrolled minors exist and monitor any credit files of the enrolled minors, such as via periodic requests for credit data and comparison of certain returned credit data, in order to determine if potentially fraudulent activity associated with the minor has occurred. The monitoring system provides periodic notifications, such as via email and/or Internet-accessible user interfaces, regarding potentially fraudulent use of their children's identities. In one embodiment, the monitoring system also provides legal guardians with useful information and resources for how they can further protect the identity of their children.

Abstract: An animation data sales mediation method, an animation data sales mediation system and so on are capable of providing large capacity data such as animation data by a large capacity storage medium in advance, rendering the time required for transfer of the data via the network extremely short by passing a key code for viewing the animation data via the network, rendering the labor and costs required for sales of the animation data extremely low, and providing the latest unauthorized copy technology to the animation data. The animation data sales mediation system has the steps of having a user terminal send to a large capacity data sales server an online access code corresponding to the large capacity data one to one, having the large capacity data sales server send the key code to the user terminal, having the user terminal encrypt and store the key code, and having the animation data used by using the key code.

Abstract: Apparatus and method for authentication is disclosed. In one embodiment, an apparatus for performing authentication using removeably coupled external authentication module comprises a module configured to receive the authentication module. The authentication module is configured to generate authentication information. The module may comprises an input unit configured to receive and couple the authentication module, and an output unit configured to receive the authentication information from the authentication module and to transmit the authentication information.

Abstract: Determining reputation information is disclosed. A honey token is included in an online identity data. The honey token is to monitor for misuse of all or part of the online identity data. Optionally, information associated with at least one use of the honey token is aggregated with other reputation information.

Abstract: The present invention discloses a hallmark verification process for verifying a hallmark of a web site, the process comprising the step of a user activating a hallmark verification process on a device with access to the web site in which the web site does not have access to the activation of the verification request.

Abstract: A method of avoiding a second login of user information in an encrypted disk computer system includes a communications path for transferring user login information. The login information is acquired and used by a first software module which authenticates the user to decrypt a disk with an encrypted operating system. The same login information is transferred using the communications channel to a second use which logs the user into the decrypted operating system. The method also supports multiple users through maintenance of multiple users credentials.

Abstract: Digital receipts for electronic data and computer-implemented methods and systems for creating such digital receipts involve, for example, generating a visual representation of the electronic data in a pre-defined format that visually represents the data without requiring that the represented data be embedded in the format, computing a mathematical representation of the electronic data and associating the mathematical representation of the electronic data with the visual representation of the electronic data, and receiving a user's digital signature on the associated visual and mathematical representations of the electronic data to evidence the user's approval of the represented electronic data.

Abstract: A method for using a secondary PAN is disclosed. The method includes providing a secondary PAN associated with a primary PAN, where the secondary PAN has at least one end portion that is the same as the primary PAN, but has a middle portion of that is different than the primary PAN.

Abstract: A system, method and computer program product are provided for carrying out a transaction. Initially, a transaction pattern reflecting a transaction is stored in memory. Thereafter, the transaction pattern is executed to carry out the transaction in an automated manner.

Abstract: At each of a plurality of transit readers of a transit system, for each of a plurality of riders, where each rider seeks to conduct an access transaction with the transit system for access into the transit facility by using a payment device issued by an issuer in a payment system, data is read from the payment device. The data includes an encryption code that uniquely corresponds to the payment device and was created by the issuer using one or more encryption keys and a predetermined algorithm. A check will be performed, remotely and/or locally, of one or more lists of other encryption codes to determine if the encryption code is on the list. On the basis of whether the encryption code is on the list, the rider is permitted access to the facility of the transit system. The payment device need not be changed for the rider's fare. Decryption of the encryption code read from the payment device is not required to complete the access transaction.

Abstract: An approach is provided for making and handling online payments. An indication that information identifying a bill is available is received. A user credential associated with the bill is retrieved. A request for the bill is generated, wherein the bill includes the user credential and the information. A bill authorization message is then generated.

Abstract: The invention is a system and method for cardless secure on-line purchasing using a credit/debit card. There is provided an on-line purchaser executing an on-line purchase with an on-line vendor having a credit/debit card payment screen. There is also at least one on-line credit/debit card service provider having an interface with the on-line purchaser the said on-line vendor. An e-authentication and credential service provider has an interface with the on-line purchaser and said at least one on-line credit/debit card service provider and provides means for secure on-line purchasing on a subscription basis by providing anonymity to the on-line purchase by hiding credit/debit card data during the on-line purchase making the purchase invisible to identity thieves and hackers.

Abstract: A system and method are disclosed for conducting electronic commerce such as a virtual purchase transaction with an on-line merchant. A user is provided with an intelligent token, such as a smart card containing a digital certificate. The intelligent token suitably authenticates with a wallet server on a network that conducts all or portions of the transaction on behalf of the user with out requiring changes to the merchant's server. The wallet server interacts with a security server of a selected financial service to provide authentication of the transaction. Upon authentication, the digital wallet pre-fills forms which are transmitted to the merchant who contacts the security server for validation of the forms and upon validation, completes the transaction with the user.

Abstract: A method and system of detecting identity theft is disclosed. The method and system includes receiving identity data, the identity data including at least an address. Then, the address is compared to an external address database to determine whether the address is potentially fraudulent. The address is checked against a known fraud address table database to determine whether the address is fraudulent. The address may also be checked against a known good address table database to determine whether the address is potentially fraudulent. At least one database is queried for available incidental data associated with the address. And, a user is asked a question based upon the incidental data retrieved from the database, whereby the identity of the user is verified.

Abstract: A formatted data structure is provided for conveying the results of ecommerce authentication programs that are used to authenticate a cardholder's on-line transactions. The data structure, which has at most a 20-byte length, is designed to be compatible with 3-D Secure message protocols used in e-commerce. The data structure includes designated fields that include a hash of the merchant's name, identify an authentication service provider, identify the authentication method used, and include a merchant authentication code which ties cardholder information to the transaction. Secure payment algorithms are provided for use by the e-commerce authentication programs to generate authentication results in the desired format. In one secure payment algorithm, a secret key is used to encrypt a concatenation of a cardholder account number with information from designated fields of the data structure.

Abstract: A system and method are provided for managing financial market information. According to certain embodiments, the system includes a computer having a memory, processor, and display. The processor is capable of generating a graphical depiction of the financial market information on the display. The graphical depiction includes a multidimensional representation of a broad range of market information for at least two financial instruments. The graphical depiction resides in a single window on the display.

Abstract: A method and system for generating tokens in a transaction handling system comprising creating at least one token on at least one server in the transaction handling system, the at least one token having a user-defined value and a plurality of data fields, each of the data fields representing data stored on the at least one server, acquiring the at least one token from the at least one server over a first communication network, and transmitting from a sending device the acquired at least one token to at least one receiving device over a second communication network.

Abstract: The computer of a relay agency holds the money which a buyer pays for a commodity in a relay account. Then, the computer of the relay agency makes a payment transfer card and a notification card, and sends the notification card together with the request of purchase of the commodity to a seller. The relay agency sends the payment transfer card to the buyer. The buyer, after receiving the commodity, inserts the payment transfer card and the notification card into an automated teller machine of a bank, and gives instructions on the payment transaction to the computer of the relay agency. The computer of the relay agency transfers the money for the commodity from the relay account to the seller's account.

Abstract: A method and apparatus for obtaining access to services of service providers. In one embodiment, the method comprises requesting a desired service through a foreign service provider, generating a hash tree and generating a digital signature on a root value of the hash tree, sending the digital signature and the root value to the foreign service provider, providing one or more tokens to the foreign service provider with the next packet if the foreign service provider accepts the signature and continuing to use the service while the foreign service provider accepts tokens.

Abstract: A buyer (110) wishes to use a payment instrument as part of an online commerce transaction with a seller (120) and it is desired to authenticate that the buyer (110) has authority to use the payment instrument. A separate authentication service (130) determines whether the buyer (110) has access to certain secret information without revealing the secret information to the seller (120). Access to the secret information would verify that the buyer (110) has authority to use the payment instrument. The authentication service (130) informs the seller (120) whether the buyer (110) is authorized to use the payment instrument.

Abstract: A routing method and system. The method includes receiving by a computing system data associated with a business. The data includes a first list of authorization roles and a second list including locations. The computing system associates at least one authorization role of the authorization roles with each location of the locations. The computing system receives transaction documents associated with the business. The computing system receives a selection for a location of the locations. The computing system receives a selection for a transaction document of the transaction documents. The transaction document is associated with a specified authorization role of the authorization roles. The computing system determines if the specified authorization role is associated with the location.

Abstract: The present method and system relates to processor-based valuations of an entity, such as a business, comprising a best value mode for iteratively generating optimized input elements and calculating an output data set from the optimized input elements that meet the conditions of the parties interested in the valuation, an interactive mode enabling a user to modify the input elements to determine how the modified elements affect the financial output of the valuation, and a module enabling the user to switch between the best value and interactive modes.

Abstract: A client receives encrypted content from content server. The header of the content includes license-identifying information for identifying a license required to utilize the content. The client requests a license server to transmit the license identified by the license-identifying information. When receiving the request for a license, the license server carries out a charging process before transmitting the license to the client. The client stores the license received from the license server. The stored license serves as a condition for encrypting and playing back the content. As a result, content can be distributed with a high degree of freedom and only an authorized user is capable of utilizing the content.

Abstract: A self-authenticating check authorization system and method includes a check that has standard bank and account information printed on the MICR line, as well as a one-way hash value that is computed based on the standard bank and account information as well as a personal identification code of a customer and a key. The scanned MICR line data is provided to a check verifier, which also receives the personal identification code from the customer. The check verifier performs a hashing algorithm on the received data, and compares the computed hash value to a hash value obtained from the scanned MICR line data. If there is a match, the check is verified; if not, the check is not verified.

Abstract: A device is provided that includes a monetary instrument having a surface, and a magnetic ink character recognition (MICR) line coupled to that surface. The MICR line includes an ABA number, a customer account number, and a one-way hash value. The one-way hash value is output from a hashing process using input including the ABA number, the customer account number, together with a personal identification code and a key that are not included on the MICR line. A method is also provided that authenticates a monetary instrument by comparing a computed one-way hash value with a one-way hash value that is located in the MICR line of the monetary instrument. At the point-of-sale, the MICR line data is scanned and the personal identification code obtained from the customer. The scanned data and the personal identification code are transmitted to a check verifier that provides a check verification status.

Abstract: A memory card 110 extracts a session key Ks from the data applied onto a data bus BS3 by carrying out a decryption process. An encryption processing unit 1406 encrypts a public encryption key KPcard(1) of memory card 110 based on session key Ks, and applies the encrypted key to a server via data bus BS3. A memory 1412 receives from a server data such as license key Kc, license ID data License-ID and user ID data User-ID encrypted with a public encryption key KPcard(1) differing for each memory card for storage, and receives encrypted content data [Dc]Kc encrypted with license key Kc from data bus BS3 for storage.

Abstract: A transaction card processing and activation system comprising the identification of a unique identifier corresponding to an aggregate of transaction cards of affiliated or non-affiliated card issuers and the activation of each transaction card corresponding to the unique identifier of the aggregate irrespective of the number, types, or card issuers of the transaction cards. Additionally, the present invention allows a point of sale entity to initiate the activation of each of the multiple, disparate transaction cards in the aggregate by merely processing the unique identifier associated with the aggregate.

Abstract: An identification token such as a proximity payment device may be integrated with a wristwatch. For security purposes, the identification token may be disabled when removed from the user's wrist. The identification token may be re-enabled by interaction with a docking station or personal computer at the user's residence.

Abstract: A reward program directed to registering computer devices and their consumable parts via a computer network generates a unique key code value for each computer device. The key code is generated by a remote server in the computer network and may include appending a sequential counter to the serial number of the device being registered. The key code is then encrypted using a standard hash algorithm. The encrypted key code is saved in a device information database together with other device information and consumable part information related to the computer device. The encrypted key code is also returned to the computer device and saved in the device memory. The device information database is updated with the usage of consumable part information for each registered computer device. Customers also register with the reward program and are assigned to one or more registered computer devices.

Abstract: Generally speaking, methods and media for authorizing a guest to use an electronic financial transaction card, such as a credit card or debit card, are disclosed. Embodiments may include receiving information about a desired guest transaction (which may be limited in size, timeframe, nature, etc.) from a customer associated with an EFT card, generating a guest PIN number and artifact information for the guest transaction, and transmitting them to the customer. Embodiments may also include receiving from a financial terminal a PIN number and an indication of a supplied artifact associated with a proposed transaction utilizing the EFT card. Embodiments may include determining whether the proposed transaction should be authorized based on the received PIN number and the supplied artifact and, in response to determining that the proposed transaction should be authorized, transmitting approval of the proposed transaction to the financial terminal.

Abstract: The invention relates to a system and a method for authenticating a user. A removable storage medium (12) has at least one storage area in which identification data for identifying the removable storage medium (12) are stored, in this storage area or in a further storage area of the removable storage medium (12) data of a digital certificate (14) being stored. Further, a data processing system (18) is provided to which the removable storage medium (12) is connected via a data transfer connection. The identification data and the data of the digital certificate (14) are transferred from the removable storage medium to the data processing system (18). The data processing system (18) processes the identification data and the data of the digital certificate (14) and authenticates the user.

Abstract: A server computer system comprises a memory and a processing circuit. The memory is configured to store supplier identifiers for a plurality of product suppliers. The processing circuit is configured to receive a request to make a payment from a mobile computing device via a wireless communication, to select a supplier identifier from the memory based on the request, to generate a message comprising the supplier identifier, transaction amount, and a user identifier identifying a user of the mobile computing device, and to transmit the transaction message to a server associated with an entity which processes a transaction based on the transaction message.

Abstract: The invention includes systems and methods for identifying and verifying the identity of a user of a kiosk using an external verification system. The kiosk receives customer input data that indicates the identity of the user of the kiosk. The kiosk generates an identification query that includes at least some customer input data. The kiosk transmits the identification query to an external verification system. The kiosk receives a verification response from the external verification system. The kiosk then processes the verification response to verify the identity of the user of the kiosk. These systems and methods advantageously provide identification and verification of the identity of a user of a kiosk. With sufficient identification and verification, financial institutions can comply with government regulations designed to reduce the opportunity for money laundering, terrorism, fraud, and identity theft while offering users of kiosks a wider range of financial services.

Abstract: A technique for accessing an electronic commerce service is provided in which information associated with a subscriber's account with an electronic commerce service is stored along with first subscriber credentials for that subscriber to access the services. An account is created during enrollment. The enrollment is associated with a first electronic commerce participant, i.e., a biller or a payee. A request for the subscriber to access an electronic commerce service in association with a second electronic commerce participant is received. Without the subscriber, or any other entity providing the credentials, the subscriber is granted access to the requested service utilizing the account established in association with the first participant. This access is granted based upon the subscriber providing information other than credentials, the provided information being information stored by the service provider in association with the enrollment.

Abstract: Methods and systems for performing electronic commerce using mutating identifiers. One method can include encrypting buyer transaction data with a first mutating identifier, transmitting the buyer transaction data to an authenticator device, decrypting the buyer transaction data, generating a payment request, encrypting the payment request with a third mutating identifier, and transmitting the payment request to a payment authenticator device.

Abstract: Methods and systems for handling on an electronic device a secure message to be sent to a recipient. Data is accessed about a security key associated with the recipient. The received data is used to perform a validity check related to sending a secure message to the recipient. The validity check may uncover an issue that exists with sending a secure message to the recipient. A reason is determined for the validity check issue and is provided to the mobile device's user.

Abstract: A system and method for verifying a digital signature on a certificate, which may be used in the processing of encoded messages. In one embodiment, when a digital signature is successfully verified in a signature verification operation, the public key used to verify that digital signature is cached. When a subsequent attempt to verify the digital signature is made, the public key to be used to verify the digital signature is compared to the cached key. If the keys match, the digital signature can be successfully verified without requiring that a signature verification operation in which some data is decoded using the public key be performed.

Abstract: A method and apparatus for a message targeting and filtering database system are provided to deliver bulk messages to demographically selected audiences of willing recipients while preserving each recipient's anonymity and control over his private personal data, accomplished by means of a radically distributed database technique in which all operations requiring unencrypted data access are distributed to individual client devices.

Abstract: The present invention describes a method and system for creating and exposing order status within a supply chain of trading partners having disparate systems. A trading partner exchange (TPE) interfaces with each of the disparate systems and gathers information pertaining to a particular transaction. The information can be made available to an access platform through an access platform interface. Initially, a transaction is reported to the TPE where it is assigned a unique identifier. Subsequent activities pertaining to the transaction which are reported to the TPE by the trading partners can be linked to the unique identifier. By using the access platform, a customer or any trading partner can acquire the status of a particular order from the TPE.

Abstract: Credit card transaction authorization is performed using ad-hoc, short-range wireless links to obtain item identification information from items that include ad-hoc short range wireless link transmitters and that are carried by a user who is associated with a prospective credit card transaction. Authorization information for the prospective credit card transaction is generated based on the item identification information that was obtained. Location information for a wireless terminal that is associated with the user and/or Internet Protocol (IP) address information for a transaction terminal that is associated with the transaction may also be used. Related systems, devices and computer program products are also described.

Abstract: In certain embodiments, a method for generating fees using a receiving device, involves distributing censored video from a distributor video to a receiving device; and uncensoring the censored video using the receiving device upon payment of a fee. The receiving device uses overlay data received from the distributor to uncensor the censored video by overlaying the overlay data over the censored video using a video overlay frame to overlay a video frame containing the censored video data in accordance with boundaries determined by an alpha plane within the receiving device. This abstract should not be considered limiting since embodiments consistent with the present invention may involve more, different or fewer elements.

Abstract: According to one embodiment of the invention, a method for managing security for an organization is provided. The method includes receiving a plurality of requests from a plurality of parties. Each request is a request for permission to implement a deviation from a security rule. Each request includes a statement describing a benefit associated with the deviation. The method also includes determining a risk associated with the deviation. The method also includes deciding whether to approve each request based on the determined risk and the statement. The method also includes storing the requests and a status of each request. The status indicates whether the request is approved. The stored requests includes at least one approved request. The method also includes deciding, after a predetermined time period, whether to continue an approval of the approved request.

Abstract: Physical products can be delivered to a recipient who does not have physical identification documents. The recipient (a) provides a password, a contact number and readily recallable information and (b) receives a first code and a telephone number. When the recipient wants to retrieve the physical product, the recipient calls an agent using the telephone number. The agent asks for the first code and authenticates the caller by asking questions related to the readily recallable information. If the agent is satisfied that the caller is the intended recipient, the agent sends a second code to the recipient using the contact number. The recipient can use the password and the second code to retrieve the physical product.

Abstract: An electronic transaction payment system is provided having a vendor terminal associated with a vendor who provides goods or services to a purchaser, a vendor smart-card and a vendor smart-card reader for transmitting data to and receiving data from the vendor smart-card. The system also includes a purchaser smart-card reader which is connected to the vendor terminal and which is operable for transmitting data to and receiving data from a purchaser smart-card. In operation, payment for goods purchased by the purchaser is made between the purchaser smart-card and the vendor smart-card. In a preferred embodiment, the payment data is encrypted using an encryption key specific to the transaction between the purchaser and the vendor. A third party registry terminal may also be provided for providing validation of the vendor and/or the purchaser.

Abstract: Techniques are disclosed for issuing inoperative credentials, and making the inoperative credential operative at a subsequent point in time. For example, an inoperative credential is made valid when a triggering event occurs qualifying or entitling the inoperative credential holder to the operative credential. Using methods and apparatus of the invention enables issuing inoperative credentials, as well as any operative credential, at the time that an electronic identity card is issued. Operative and inoperative credentials are issued only once. Therefore, electronic identity cards do not need to be reissued at a later time to add, remove or change credentials, thus eliminating costs associated with electronic identity card reissue. An embodiment of the invention is a method of forming a credential. The method comprises the step of forming, at a first point in time, an inoperative credential. The inoperative credential is adapted to become operative, at a second point in time, to form an operative credential.

Abstract: An eVault system securely stores personal data and documents for citizens and allows controlled access by citizens and optionally by service providers. The eVault may be adapted to allow processes involving the documents to be carried out in a secure and paperless fashion. Documents are certified, and biometric matching is used for security. On effecting a match with a biometric identifier presented by a user, the user is allowed access to his personal eVault and to access a personal cryptographic key stored therein. One or more of these personal keys may be securely applied within the eVault to generate an electronic signature, amongst other functions.

Abstract: A computer based method, system and apparatus of authentication which compares a first number associated with a user with a second number, wherein the second number is a mathematical function of at least two predetermined digits within the user's identification number, preferably a Social Security Number. A computer based method, system and apparatus for authenticating a user's identification number, which compares a first code associated with a user with a second code, wherein said second code is an alphabetic translation of at least two predetermined digits within the user's identification number.

Abstract: Embodiments of the disclosure generally relate to systems and methods for processing electronic payments for retail services and goods delivered by a retail establishment. In embodiments, a mobile wallet application is installed in the automobile. The automobile wallet application can receive and/or send transaction and payment information over a near field communication system to a retailer and on to an authorizing authority. The authorizing authority receives the payment and transaction information, authorizes or declines the payment of the transaction, and forwards the authorization or declination to the automobile wallet application. If authorized, the retailer provides the retail good or service.

Abstract: The invention relates to digital data processing to be used in commercial application.