Abstract: A process is disclosed for notarizing a document, by a client in the presence of a notary, comprising the steps of registering the notary, the client and the document, from a local workstation coupled to a central office, to provide for assigning at least one respective encryption key for identifying each of the notary, the client and the document to be notarized; associating in the central office, the respective encryption keys of the client with the notary and with the; generating a transaction code, based on the step of associating the respective encryption keys, for authorizing execution of the to provide the notarizing; executing the; and embedding selected ones of the respective encryption keys together with a notary seal in the document.

Abstract: In an electronic transaction, the invention provides a process and system for blocking a user's account until a verifier verifies the identity of the user. The process comprises pre-enrolling the user and the user's personal communication device. Optionally, one or more of the user's accounts are enrolled. At the time a transaction is initiated, the verifier sends an identification verification request to the portable communication device of the person initiating the electronic-transaction. The person then verifies his/her identity as the user. Optionally, the user authorizes the amount of the transaction. Optionally, the verifier issues to the user a proxy transaction card which the user uses to initiate electronic transactions that will be billed to one of the user's pre-enrolled accounts. Using information obtained from the user's proxy transaction card, the retailer/merchant's bank opens a communications link to the verifier, and the verifier then verifies the user's identity.

Abstract: A central transaction server in electronic commerce card authorization system enables the electronic commerce card association to manage and monitor the authentication system. The central transaction server acts as an intermediary for all communications between the access control server used for authentication. If any portion of the authentication system fails, the central transaction server compensates by providing appropriate responses to other portions of the system. The centralized transaction server translates all incoming traffic into a format compatible with the intended recipient, enabling portions of the system to be upgraded without breaking compatibility with the non-upgraded portions. The centralized transaction server also enables the integration of formally separate portions of the authentication system into a single unit.

Abstract: A system may include reading of information from a government-issued identification device and determination of a commercial account number based on the information. A payment may be processed using the commercial account number. In some aspects, the information identifies a holder of the government-issued identification device and the commercial account number is a temporary account number associated with the holder. Determination of the commercial account number may include determination of a plurality of commercial account numbers based on the information, and determination of the commercial account number from the plurality of commercial account numbers.

Abstract: Methods are disclosed of processing financial transactions. A connection is established over a public network between a customer client and a merchant server. A file is received over the connection from the merchant server at the customer client. An application is launched at the merchant server in response to receiving the file. Financial transaction data are received with the launched application. The received financial transaction data are transmitted with the launched application over the connection from the customer client to the merchant server to initiate processing of the financial transaction with the received financial transaction data.

Abstract: A system for enabling verification in traceability of a supply chain while maintaining confidentiality of private suppliers. A group signature is applied to an undisclosed supplier. The undisclosed supplier previously receives registration to the certificate authority device, and performs a group signature based on the certificate issued by the certificate authority device. A disclosed supplier and the undisclosed supplier sign and generate a signature chain when they ship parts. A verifier device receives a signature chain with products shipped from the supplier manager device, divides a signature of the disclosed supplier from a signature chain, and verifies the undisclosed supplier from the group signature. Identification of the undisclosed supplier is performed by a third-party auditor system requested to do so by the verifier device by using a group private key.

Abstract: A system, method, and computer-readable storage medium configured to import fraud prevention rules from an issuer and implement them in real-time at a payment processor. Usually, a card issuing bank either approves or declines financial transaction; however, in embodiments of the present invention, the issuing bank creates fraud prevention rules, and the payment processor implements the created rules. A payment processor apparatus comprises a network interface, and a verification engine. The verification engine includes a transaction driver, and a real time decisioning processor. The network interface is configured to receive a fraud prevention rule from a payment card issuing bank, and to receive a proposed financial transaction from an acquiring bank. The transaction driver receives the fraud prevention rule.

Abstract: The present invention comprises an apparatus and method for generating and storing an electronic portrait of a buyer within a personal device such as a mobile telephone. An electronic portrait enables the generation of a physical identifier for comparison to the buyer by a seller during a transaction. Using the physical identifier transmitted to the seller via a wireless communications link, the seller can establish whether or not the buyer is authorized to make the transaction.

Abstract: A method and system for establishing and managing digital cash. This method is to emit and circulate secure electronic cash that allows to use non-homomorphic signature schemes, and avoids having to use blind signature techniques. With one specific embodiment, the method provides anonymous digital cash, and comprises the steps of providing an entity with a secure coprocessor, a user establishing a secure channel to a program running on said coprocessor, and the user sending a coin to be digitally signed to the coprocessor.

Abstract: A personal computer is provided comprising a network communication interface configured to communicate with the Internet. The computer further includes a memory device configured to store information and computer-executable program code. The computer further includes a processor operatively coupled to the network communication interface and the memory device. The processor and the computer-executable program code are both configured to provide enhanced security features for safeguarding financial transactions conducted over the Internet and for safeguarding non-public information stored in the memory from being retrieved over the Internet by an unauthorized entity. The computer further includes indicia attached to the computer. The indicia is visible to a potential user of the computer and is configured to portray to the potential user of the computer that the computer is specifically designed and built to provide increased security for financial transactions handled over the Internet.

Abstract: In a communications system supporting the exchange of messages, a method for authenticating messages, comprising: having a message sender send a message to be authenticated to a signature generator entity in the communications system; having the signature generator entity generate a signature with respect to the received message, the signature being dependent on the message sender; having the signature generator entity send back to the message sender an authenticated message, the authenticated message including the generated signature; having the message sender forward the authenticated message to a message recipient; having the message recipient send the received message to a signature verifier entity in the communications system; having the signature verifier entity verify the validity of the signature, and notifying the message recipient of an outcome of the validity verification.

Abstract: The present application discloses a system and method of critical web-based service architecture at a high level for color management systems in which services can be rendered remotely at very low cost to the end user using a cloud computing based computer network architecture. Service supported include Remote RIPPing, remote profiling, remote IQ analysis for diagnosing color problems, Remote System Problem Action Requests (SPAR) evaluation and patch distribution, remote copy match solutions; multi-machine matching; remote Half-tone downloads; other remote file processing; and image or photo indexing and retrieval.

Abstract: A method is disclosed for transacting, purchasing and publishing copyrighted digital content that solves problems of the digital copyright that could not protect by methods of the prior art. The present invention allows various sales methods and licensing methods by using a copyrighted digital content description file, and effectively controls the user's use of the copyrighted digital content.

Abstract: In one embodiment, a user device is configured to allow a user to select any one of a plurality of accounts associated with the user to employ in a financial transaction. In one embodiment, the user device includes a biometric sensor configured to receive a biometric input provided by the user, a user interface configured to receive a user input including secret information known to the user and identifying information concerning an account selected by the user from the plurality of accounts. In a further embodiment, the user device includes a communication link configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, the user interface, and the communication link.

Abstract: A method and apparatus for obtaining access to services of service providers. In one embodiment, the method comprises requesting a desired service through a foreign service provider. (101), generating a hash tree and generating a digital signature on a root value of the hash tree (102), sending the digital signature and the root value to the foreign service provider (103), providing one or more tokens to the foreign service provider with the next packet if the foreign service provider accepts the signature (105) and continuing to use the service while the foreign service provider accepts token (107).

Abstract: In one form, there is disclosed a system (100) for storing, validating and disseminating credential information about an entity. The system (100) generates data representing at least part of the credential information and a data representation of at least part of a document supporting that information and stores the credential information and data representation in a database (120) in an encrypted form.

Abstract: A retail payment, advertising, and content switching system and method are disclosed. According to one embodiment, a secure content source or a non-secure content source is allowed to drive a customer user interface, respectively, without compromising security requirements. The content may be video, audio, prompts, or any other type of content. A secure controller is provided to control one or more user input devices and a user interface access module to control whether a secure source or a non-secure source drives the user interface, depending on the security mode of the system. The secure controller, the user interface access module, and the customer input devices are provided in an anti-tampering module. The secure controller prevents the non-secure source from providing unauthorized prompts on the customer user interface to “fake out” the customer so that sensitive customer information is not passed “in the clear.

Abstract: In order to prevent without fail the abuse of certificate information which are exchanged on a network, an orderer inputs the certificate information to a certificate terminal when placing an order for a commodity, the certificate terminal encrypts the certificate information to send it to an order receiver and holds the certificate information and a decryption key. A deliveryman, at the time of commodity delivery, inputs the encrypted certificate information to the certificate terminal, and the orderer inputs data of terminal certification to the certificate terminal.

Abstract: A method and system for displaying the trusted status of a website by displaying a trust symbol that is displayed as part of the website so that they trust symbol does not scroll when the website is scrolled, preventing the trust symbol from ever being hidden from the user. Specifically, displaying the trust symbol in the comer or bottom of the web page works well. The trust symbol can include information about the website that may be displayed when the computer user interacts with the trust symbol. Both the trust symbol and the information displayed about the website can be generated dynamically by the third party validator for display on website. However the location of the display of the trust symbol remains under the control of the website operator so as not to interfere with the aesthetics of the site.

Abstract: A network-based payment service provides various features for facilitating online, user-to-user payments and item purchases. One feature involves methods for validating transaction requests initiated during browsing of third party web sites, including web sites of associates.

Abstract: A device, system, and method for providing an Internet webpage using a primary operating system for conducting an online transaction and for providing an interface associated with the Internet webpage using a secondary operating system. The data entered by a user into the interface may be inaccessible to the primary operating system. The secondary operating system may verify the data entered by the user, for example, by comparing the entered data with secret data. The secret data may correspond to an account. The secret data may be stored in a hardware location of a computing device. When the data entered by the user is verified, a request may be transmitted to a server associated with the account. In response to the transmitting, a transaction specific code may be received for completing the online transaction. Other embodiments are described and claimed.

Abstract: Compliance with data security requirements is determined for an agent that processes transactions for merchants. An authorization request received from the agent for a transaction on an account that includes a bank identification number (BIN) licensed to an acquirer and an agent unique account result (AUAR) for the agent. The AUAR is valid when a primary account number (PAN) corresponding to the account and an agent identifier can be derived from the AUAR. The AUAR is invalid when the PAN lacks such correspondence or when the agent identifier lacks uniqueness among other agent identifiers. The acquirer receives the identify of the agent and the BIN when the AUAR is invalid, when the agent isn't registered to use the BIN, and when the agent identifier is invalid. When the agent is not registered to use the BIN, the acquirer will be informed.

Abstract: Payment systems are provided that utilize a portable device, and in particular, payment systems that utilize a first portable device that belongs to a seller and a second portable device that belongs to a buyer, but do not utilize a point of sale (POS) device.

Abstract: A transaction server for performing a transaction over a network using a virtual smart card the server comprising, a virtual smart card database having a plurality of records each record including a virtual card identification and a value corresponding to a single virtual smart card; a security module; an emulator for emulating a smart card, the emulator for receiving smart card commands and processing the commands in conjunction with the virtual smart card database and the security module; and a virtual card reader module for receiving the smart card commands and relaying the commands to the smart card emulator whereby transactions are performed over the network using one or more the records and the virtual smart card database.

Abstract: A method for performing electronic transactions, comprising receiving a long-term certificate, authenticating a user associated with the long-term certificate, and then sending a short-term certificate to the authenticated user. In addition, risk associated with the user can be evaluated, and this risk information, as well as other information, can be included in the short-term certificate.

Abstract: A one step method for transferring money from a sender to a recipient includes entering information relating to the transfer into a near field communication (NFC) enabled data communication device of the sender and then placing the sender's device in close proximity to a NFC enabled data communication device of the recipient. The sender's device is operable when placed in contact with or close proximity to the recipient's device to 1) establish an NFC link between the two devices, 2) gather information relating to the recipient from the recipient's device via the NFC link, and 3) transmit the information relating to the transfer and the recipient to a third party service provider via another network, such as the Internet, and thereby cause the service provider to transfer the money from a funding account of the sender to a receiving account of the recipient.

Abstract: Systems and methods provide for communicating with a user device via a network, receiving a first numeric identifier from the user device, associating the first numeric identifier with a user account, and processing a financial transaction requested by the user device. The user device includes a mobile phone, and the first numeric identifier includes a mobile phone number associated with the user device.

Abstract: Disclosed is a method and system for providing secure processing of electronic transactions for customers. Each customer maintains at least one payment account for use in the electronic transactions. The method includes processing a first electronic transaction. The first electronic transaction is processed using a payment account of the at least one payment account. Further, the method includes generating a transaction code for the first electronic transaction that is capable of identifying the payment account used for processing the first electronic transaction. Furthermore, the method includes processing a second electronic transaction for the customer using the transaction code on selection of the payment account. A transaction code is generated for each electronic transaction subsequent to the first electronic transaction.

Abstract: An authorized sample receiver configured to verify an RF device in response to proffered biometric sample data is disclosed. The authorized sample receiver may be configured to receive data from the RF device and decrypt an encrypted authentication code using a unique device identification code. The RF device is authenticated in response to verifying proffered biometric sample data and the authentication code.

Abstract: A method that uses a computer network to provide a single point of access between a plurality of video & audio devices and a plurality of video & audio content provider systems. The present invention is a method for providing a searchable, aggregated directory view of available video & audio content from multiple content providers as well as additional services such as content renting. The present invention includes a method for identifying users as subscribers of content providers' memberships.

Abstract: A method of conducting a communication over a communication network. It comprises registering a user as a member user of a securing entity, the securing entity authenticating personal data of the member user via a trusted third party entity; sorting the personal data of the member user according to categories comprising identifying, non-identifying and semi-identifying data, non-identifying and semi-identifying data being correlated to identifying data by a sworn person, only non-identifying and/or semi-identifying data being requestable by any client entity during a transaction and/or a communication; archiving identifying data in a trusted third party entity; and electronically storing at least a part of semi-identifying data in a trusted third party entity database, and non-identifying data in a securing entity database.

Abstract: By performing initial user registration via an SSL-compliant browser in an information home electric appliance 100, user's private key, digital certificate, and member information are downloaded (b2) into the storage device in the information home electric appliance. At card use time, when the user selects products on a merchant's SSL-compliant server and issues a purchase instruction (c1), the user is identified locally in the information home electric appliance based on a personal identification number. Subsequently, the information home electric appliance accesses an SSL-compliant settlement server 220 (C4) and sends a digital certificate and member information stored in the appliance. Then, mutual authentication is performed between the user and the settlement server and, based on the member information, an authorization gateway 241 authorizes the account settlement (c5).

Abstract: QSecure Validation Service (QVS™) is part of the QSecure Suite and includes a CVQ Table Generator (QTG) for use with a QBox™ card personalizer. In general, the QVS/QVM compares dynamic CVQ token data fetched by an issuer authorization host from a transaction then occurring in the field. An array of acceptable CVQ values computed in real-time from the original keys and algorithms used by the QTG and QBox to personalize the particular card are applied in the comparison. There is an order to the CVQ values in such array, and the dynamic CVQ token data will step through these over time. Small deviations in the order actually received can normally occur for reasons other than fraud, so a moving window of acceptance is needed to cope with normal deviations. A running account of which CVQ values have already been used is maintained for, or by, the QVS, and these help predict where the acceptance window should next be positioned in the array of acceptable CVQ values.

Abstract: A financial transaction card having a front side and a back side is provided and further includes a magnetic strip configured to retain data associated with a financial transaction card account, where the account is associated with the card, and a character grid printed on one of the front side and the back side. A method for securing transactions that are not made in person utilizing a financial transaction card are also provided.

Abstract: Association of personal, financial, and/or business-related identification information with a mobile communication device (MCD) is provided for herein. For example, an MCD can be associated with a financial account and can further include an identification component that verifies an identity of a user of the MCD. Identity can be verified by biometric analysis (e.g., finger/thumb print scan), username and password, optical feature scan, or a combination thereof or of like mechanisms, for instance. Accordingly, the claimed subject matter provides a mechanism to verify identification of a user of an MCD and incorporate user ID into remote data exchange, including remote financial transactions, with one or more networked devices.

Abstract: A Tradesman's Card system issues a Tradesman's Card to qualifying tradesman selected from the group consisting of plumbers, electricians, carpenters, masons, mechanics, repair shop professionals, contractors, or related construction or trade companies and professions upon payment of an initiation fee and payment of periodic maintenance fees. The card is issued by a bank or a credit card issuing authority that has contracted with pre-selected wholesalers, jobbers and businesses to provide pre-negotiated discount levels for tradesmen within the group. The tradesman's Card has unique identification features, which identify the card holder as a professional tradesman that is entitled to pre-negotiated discounts. A number visible on the Tradesman's card serves as the system identification number and a credit card number. Professional purchases by the tradesman are tracked by the system, analyzed and reported to sponsoring manufacturers of goods, jobbers or wholesalers for a fee.

Abstract: A server certificate verification method in a terminal during. Extensible Authentication Protocol authentication for Internet access is provided, the method including (a) receiving a server certificate from a wireless LAN authentication server, and transmitting a server certificate verification request message of the server certificate to a wireless LAN authentication server via a wireless LAN access server; (b) transmitting by the wireless LAN authentication server an On-line Certificate Status Protocol request message to an On-line Certificate Status Protocol server to verify the server certificate; (c) receiving a result of the server certificate verification performed by the OCSP server using an Extensible Authentication Protocol packet from the wireless LAN authentication server; and (d) determining whether the result of the server certificate verification is valid.

Abstract: The present invention is a system and method of conducting refund transactions via electronic transaction records. System user transaction information entered into the system is stored in association with user biometric information. Transaction information is retrieved via user biometric recognition/verification for conducting refund transactions.

Abstract: The invention relates to a method and arrangement for making electronic purchases. In the method according to the invention, a creditor (11) grants to a customer (10) a certificate provided with an electronic signature, and the customer stores said certificate in an electronic device (13). In connection with a purchase transaction, the customer produces the certificate to an automatic service or goods vending machine (14), which checks the certificate information. If the information is accepted, the desired purchase can be made, and the purchase information is saved in the memory of the vending machine (14). The separate purchase information stored in the vending machine memory is transferred in one batch to the data system (12) of the creditor organization (11), when a predetermined criterion is fulfilled.

Abstract: A system and method for merchant invoked electronic commerce allowing consumers to purchase items over a network and merchants to receive payment information relating to the purchases. The system includes a server having software which gathers the purchasing information from a consumer to complete a purchasing transaction over a network. The system has a consumer data structure that stores purchasing information for registered consumers. The software is able to access the consumer data structure and enter the consumer's purchasing information during subsequent purchases. Having the software obtain and enter the consumer's purchasing information, the consumer does not have to enter the same information every time they purchase an item over the network. In alternate embodiments, the same technology can be applied to other arenas where a user may have to enter the same repetitive information. In addition, consumers can register with the consumer information server prior to making purchase.

Abstract: Utilization of the E-Metro Community and Personal Information Agents assure an effective and comprehensive agent-rule based command and control of informational assets in a networked computer environment. The concerns of informational privacy and informational self-determination are addressed squarely by the invention affording persons and entities a trusted means to author, secure, search, process, and exchange personal and/or confidential information in a networked computer environment. The formation of trusted electronic communities wherein members command and control their digital persona, exchanging or brokering for value the trusted utility of their informational assets is made possible by the invention. The present invention provides for the trusted utilization of personal data in electronic markets, providing both communities and individuals aggregate and individual rule-based control of the processing of their personal data.

Abstract: This disclosure provides various embodiments of systems and methods for secure communications. In one aspect, the system for secure communications in a retail environment comprises a first display for presenting content to a customer, a first secure payment module comprising a first data entry device and a first secure processor, and a first controller. In some instances, the first controller is communicably coupled to the first display and the first secure payment module. Additionally, the first controller may be adapted to authenticate the first secure payment module, establish a secure communications link between the first controller and the first secure payment module, receive a first source of content, provide a portion of the content to the first display, and selectively enable or disable the first data entry device.

Abstract: A network publishing authorization protocol, for use in a network connected to a printer, a server and a publisher of network publications. The protocol authorizes the printing of a publication at the printer. It includes the steps of: addressing the publication to a user; signing the publication using a private key; sending the publication to the printer; and confirming that the publication may be printed at the printer, by verifying the private key signature. Confirmation may take place at the printer or at the server.

Abstract: In accordance with the present invention, ingredients for a particular electronic recipe accessible at a particular web site are encrypted, wherein the encrypted ingredients may be decrypted by a food retailer that intends to pre-package the encrypted ingredients. Instructions for preparing the electronic recipe and the encrypted ingredients are transmitted to a computer system associated with a particular user. The particular user may select the food retailer at which the encrypted ingredients are to be pre-packaged and transmit the encrypted ingredients to the food retailer. The selected food retailer may decrypt the encrypted ingredients utilizing a decryption key provided by the particular web site and pre-package the encrypted ingredients for the particular user.

Abstract: Apparatus and methods are described for providing employee cards to employees, such as PIV cards to federal employees, including provisioning the employees to a more than one agency (and more than one card) without requiring multiple instances of enrolling and adjudicating the employee. Representatively, a sponsor enters information about the employee into a computer-displayed form (e.g., web-based). Biometric identity information is collected for the employee, but if such has already begun or is complete for at least a first agency, the collected information is used for a second agency without redundant collection. In the event an adjudication level of the first agency is at least as stringent as it is for the second agency, the employee is eligible to receive an employee card for the second agency, in addition to an employee card for the first agency.

Abstract: A method for combating website spoofing can be used in connection with a website for a financial institution accessible by a plurality of users. Registration information is stored for a user having a financial account with the financial institution, including user login information and customization information for a website associated with the financial institution. A marker is issued, to be stored on a computer used by the user to access the website. At some point, a request is received from the user to display a webpage of the website on the computer, and the user is recognized based on the marker. A webpage is then provided to the computer, having an interface with an attribute customized according to the customization information. The user login information is entered via the website. Upon receiving the user login information, the user is provided access to the financial account.

Abstract: The present invention discloses a system for the anonymous purchase of goods. A Customer requests to purchase some physical goods, the Vendor determines the cost of the goods, and asks the Customer to select a Carrier. The Vendor requests a Customer Token and redirects the Customer's browser to the Carrier, with the Customer Token, a Vendor Token and a description of the package. The Carrier validates the Vendor's Token and uses the Customer's token to request information about the Customer, including shipping instructions. The Carrier assigns a shipping identifier and shipping cost and redirects the Customer's browser back to the Vendor along with the identifier and shipping cost. The Vendor adjusts the cost to include shipping, packages the goods, and labels the packages with the shipping identifier. The Carrier picks up the packages, prints a complete label using the Customer information associated with the shipping identifier and delivers the goods.

Abstract: An apparatus, method, and computer readable storage medium for dynamically maintaining data structures and executing business rules in an electronic procurement system. The method includes (a) dynamically maintaining a plurality of organizational profiles containing data structures, a plurality of users each being associated with a particular organizational profile; and (b) implementing a user requested transaction on a hosted e-procurement system with an application system by using information from the data structures stored in an organizational profile associated with the user.

Abstract: When a user wants to set a print density “4”, for example, only to a printer A and not a printer B, the user inputs an input command having a printer specifying command and the print density “4” as a corresponding operating condition, and sends the input command to the printer A via a network to which the printers A and B are connected. When the printer A receives the input command, a discriminating program compares its model number “8” stored in a ROM of the printer A with a model number “8” set in the printer specifying command. If the model numbers match, a setting program sets the print density “4” operation condition.

Abstract: A document is recorded with authenticity certification information by receiving an indication that a client is prepared to indicate acceptance and/or receipt of a proposed set of documentary content elements. A visual display of the documentary content elements is presented. An actuatable acknowledgment mechanism and a field for receipt of account information is presented. The actuation of said actuatable acknowledgment mechanism is detected and the account information is transmitted to an account provider. Asymmetric key pairs from one or more items associated with the account are generated. A digital certificate derived from one or more items associated with the account is generated.