Inventors list

Assignees list

Classification tree browser

Top 100 Inventors

Top 100 Assignees


Including key management

Subclass of:

705 - Data processing: financial, business practice, management, or cost/price determination

705050000 - BUSINESS PROCESSING USING CRYPTOGRAPHY

705064000 - Secure transaction (e.g., EFT/POS)

Patent class list (only not empty are listed)

Deeper subclasses:

Entries
DocumentTitleDate
20080281759System and Method for Registration Control - The invention concerns a control unit (11-13-2008
20100153274METHOD AND APPARATUS FOR MUTUAL AUTHENTICATION USING SMALL PAYMENTS - One embodiment provides a system for mutual authentication. During operation, a first entity receives an access request from a second entity. In response, the first entity requests information about the second entity's account with a financial service provider (FSP) and transfers a fund to the account. The first entity sends first and second messages through the FSP to the second entity with the fund. Subsequently, the first entity receives from the second entity a first input corresponding to the first message and determines that a first condition is met based on the received first input and the first message. The first entity sends a second input to the second entity based on the second message, thereby allowing the second entity to verify that a second condition is met based on the second input and the second message. The system then produces a result indicating that both the first and second entities are mutually authenticated.06-17-2010
20110196797WIRELESS PAYMENT AND BARTER PLATFORM - The present invention is directed to a wireless payment platform that may offer a payment, negotiation and or barter mechanism for users with a mobile device. The wireless payment platform may utilize the convenience and adaptability of the mobile device of the users. Such a payment, barter and negotiation mechanism may offer more security to transactions by adding a transaction confirmation facility using conventional communications technologies, such as the Short Message Service or SMS, Interactive Voice Response (IVR) technology, and the like. Financial transactions may be conducted on a person-to-person basis where each user may be identified by a unique identifier such as a telephone number, caller ID, and the like. The wireless payment platform may also include a negotiating and barter module capable of allowing users to exchange offers of settlement until one offer is accepted.08-11-2011
20130080331System and Method for Instantaneous Retail Payment - A system for performing a retail payment between a customer and a merchant is provided. The system includes a signed scrip having a public key, a credit value, a signed scrip validation stamp, a credit value, and a validation stamp; a signed invoice comprising a transaction list and an invoice validation stamp; and a private key complementary to the public key, wherein the public key is used to decode the signed scrip; the private key is stored in a server coupled to a network; and the private key is used by the server to validate the authenticity of the signed invoice. Also provided is a method for performing a financial transaction using a system as above; and a non-transitory machine-readable medium including a plurality of machine-readable instructions to cause a server to perform a method as above, is provided.03-28-2013
20130080332EFFICIENT AUTHENTICATION OF A USER FOR CONDUCT OF A TRANSACTION INITIATED VIA MOBILE TELEPHONE - A method and system for authenticating a user for conduct of a transaction initiated by the user via a data-enabled telephone is presented. Efficient use is made of keystrokes on the data-enabled telephone. The data-enabled telephone is capable of initiating telephone calls over a telephone network and of engaging in two-way data communication with a data server in a network and the server enables conduct of the transaction. Caller identification information is received at the server. The information is associated with a telephone call request initiated by the user via the data-enabled telephone to a service number. The caller identification provides basis for authentication of the user and the caller identification information received at the service number is used to address a message to the user. Included in such a message is a logon key for use by the user in accomplishing the transaction. Thus the user can use the logon key to enter into data communication with the server for conduct of the transaction.03-28-2013
20100145860UNIFIED IDENTITY VERIFICATION - In some example embodiments, a system and method is shown that includes receiving a purchase request through an Electronic Payment Financial Network (EPFN), the purchase request including a token to identify a merchant server. The system and method further includes comparing the token against a merchant identifier value to determine that that token is assigned to the merchant server. Additionally, the system and method includes transmitting a purchase request authorization authorizing an online transaction, where the token and merchant identifier value are equivalent.06-10-2010
20130138571Systems and Protocols for Anonymous Mobile Payments with Personal Secure Devices - Disclosed is a multi-purpose secure and anonymous payment system based on a variety of cryptographic confidentiality, authentication, and privacy methods. Users pay anonymously over the Internet using their mobile phones supported by the secure SIM card. The SIM cards do not reveal any personal payment information that is not directly necessary for the transaction to either the merchant or the bank. The system allows configuration of different cryptographic methods or hardware components to allow proper balancing of any specific implementation while maintaining strong security and privacy. It is resilient to connection breakdowns and allows users and merchants to recover from such disruptions without maintaining complex transaction states on the SIM card and without financial losses to any of the parties. The system and protocols can also be configured for electronic cash payments with smart cards or software agents on the Internet or at conventional merchant sale terminals.05-30-2013
20130036059ELECTRONIC PRICE-PROPOSING SYSTEM, ELECTRONIC PRICE-PROPOSING DEVICE, AND ELECTRONIC PRICE-PROPOSING METHOD - An electronic price-proposing server is provided with: a secret-key recording means for recording identification codes assigned individually to multiple user terminals and calculation values thereof, in association with each of the users as secret keys thereof, an encrypting means for generating encryption data with the chaotic encryption method, a price-data recording means for recording the encryption data in association with the corresponding item and user, a searching means for searching for and reading encryption data corresponding to requests from user terminals, and a transmitting means for transmitting the result thereof to the user terminals. Meanwhile, the user terminals are provided with: a decrypting means for decrypting the received encrypted data, using an identification-code value read out from an identification-code value reading means, and generating the original price data, and a displaying means for displaying the decrypted price data.02-07-2013
20100161493METHODS, APPARATUS AND COMPUTER PROGRAM PRODUCTS FOR SECURELY ACCESSING ACCOUNT DATA - Customer data is securely downloaded to a browser toolbar by performing a check to determine whether a request for customer data includes a request for personal identifiable information requiring encryption by a public encryption key generated by the browser toolbar. The customer is authenticated based on a set of a user credential and an account specific access credential. The account specific access credential is associated with the account of the customer. Requested personal identifiable information is encrypted using the public encryption key generated by the browser toolbar. Encrypted personal identifiable information is transmitted to the browser toolbar.06-24-2010
20130046698SYSTEM AND METHOD OF CREATING AND AUTHENTICATING A SECURE FINANCIAL INSTRUMENT - A system and method for creating secure financial paper documents (such as checks and money orders) by issuing agents that can be readily verified by redeeming agents in real time using existing computer and network technology.02-21-2013
20130091062Secure Mobile-Based Financial Transactions - Devices, systems and methods are disclosed which relate to securing payments from a mobile communications device. In exemplary embodiments, a mobile communications device communicates with a payment server via a point-of-sale device to conduct a transaction. The mobile communications device uses a client payment logic to send payment information to the point-of-sale device. The point-of-sale device uses a vendor payment logic to forward the payment information to the payment server. The payment server verifies the payment information and sends confirmation to the point-of-sale device.04-11-2013
20090307140MOBILE DEVICE OVER-THE-AIR (OTA) REGISTRATION AND POINT-OF-SALE (POS) PAYMENT - A method for enabling secure registration of a mobile device OTA and for conducting a financial transaction at a point-of-sale (POS) has been described herein. In one embodiment, a method of mobile device registration over-the-air (OTA) comprises enabling a pre-loaded payment application having payment account information; enabling a certificate request; receiving payment credentials; associating the payment credentials with the payment account information; transmitting the payment account information and the certificate request OTA; and receiving a certificate of registration of the mobile device OTA.12-10-2009
20120191614SYSTEM FOR LOCATION BASED TRANSACTION SECURITY - A system for improving transaction security based on location information. The system includes a transaction processing center in communication with a first transaction device and a second transaction device. The transaction processing center includes a receiver that receives respective identification and location from at least one of the first and second transaction devices. The transaction processing center also includes a transaction processor that validates the identifications, validates the locations, and executes a transaction between the first and second transaction devices when the identifications and locations are validated.07-26-2012
20130073467METHOD AND SYSTEM FOR CONDUCTING FINANCIAL TRANSACTIONS USING MOBILE DEVICES - An approach for conducting financial transactions using mobile devices is described. Authentication transaction information for a financial transaction event is received from a mobile device. A determination is made as to whether the mobile device is registered with a financial service. A message that includes an access code for completing the financial transaction event at a banking device associated with the financial service is generated if the mobile device is registered with the financial service.03-21-2013
20130060707INTER-NETWORK FINANCIAL SERVICE - Systems and methods for making a payment on behalf of a payer to a payee are provided. A request to make a payment on behalf of a payer to a payee is received at a first payment service provider. The first payment service provider supports a first payment network within a plurality of payment networks that each include a respective plurality of payers and payees. The payer is one of the plurality of payers and payees associated with the first payment network, and the payor is not one of the plurality of payers and payees associated with the first payment network. A second payment network within the plurality of payment networks with which the payee is associated is identified by the first payment service provider. A payment instruction to make the payment to the payee is transmitted by the first payment service provider to a second payment service provider associated with the second payment network.03-07-2013
20130060706OVER THE AIR UPDATE OF PAYMENT TRANSACTION DATA STORED IN SECURE MEMORY - A system, apparatus, and method for processing payment transactions that are conducted using a mobile device that includes a contactless element, such as an integrated circuit chip. The invention enables the updating, correction or synchronization of transaction data maintained by an Issuer with that stored on the device. This is accomplished by using a wireless (cellular) network as a data communication channel for data provided by an Issuer to the mobile device, and is particularly advantageous in circumstances in which the contactless element is not presently capable of communication with a device reader or point of sale terminal that uses a near field communications mechanism. Data transferred between the mobile device and Issuer may be encrypted and decrypted to provide additional security and protect the data from being accessed by other users or applications. If encryption keys are used for the encryption and decryption processes, they may be distributed by a key distribution server or other suitable entity to a mobile gateway which participates in the data encryption and decryption operations.03-07-2013
20130060705METHOD AND SYSTEM TO SECURELY STORE CUSTOMER DATA IN A NETWORK-BASED COMMERCE SYSTEM - A system and method for securely storing customer data in a network-based commerce system. Customer data is received via a network connection through an application interface. A symmetric key is generated and the customer data is encoded with the symmetric key. The symmetric key is encoded with an asymmetric key to generate an encoded symmetric key. The encoded customer data and the encoded symmetric key are stored.03-07-2013
20090271321Method and system for verification of personal information - In one form, there is disclosed a system (10-29-2009
20090030845SYSTEM AND METHOD FOR ACCOUNT IDENTIFIER OBFUSCATION - A method is disclosed. The method includes generating an obfuscated portion using a dynamic cryptogram unique to a transaction, where the dynamic cryptogram is determined using a uniquely derived key. The method also includes replacing a middle portion of the account identifier with the obfuscated portion to form an obfuscated account identifier.01-29-2009
20130066787SYSTEM AND TREATMENT PROCESS OF A FINANCIAL TRANSACTION - The invention relates to a system and treatment process of a bank reimbursement transaction of a user of the system having made a first bank expense transaction for a company (03-14-2013
20130066786METHOD AND SYSTEM FOR PROVIDING AN INTERNET BASED TRANSACTION - A method of providing an Internet based transaction for goods or services offered via a website, the method comprising requesting from the website a secure financial transaction from a merchant associated with the website for said goods or services using an Internet access device, activating an encryption device in data communication with the Internet access device, receiving from the encryption device encrypted user financial card details for the secure financial transaction, the Internet access device transmitting the received encrypted user financial card details over the Internet to a transaction server, decrypting the received encrypted user financial card details at the transaction server, and forwarding the decrypted card details to a financial institution in data communication with the transaction server and thereafter using the decrypted card details to complete the secure financial transaction for the Internet based transaction for said goods or services.03-14-2013
20120116977METHODS AND APPARATUS FOR PREVENTING FRAUD IN PAYMENT PROCESSING TRANSACTIONS - A method includes receiving an authorization request for a purchase transaction, and determining whether the authorization request arose from proximity-reading a proximity payment device. The method further includes mapping a first account number included in the authorization request into a second account number associated with the first account number if it is determined that the authorization request arose from proximity-reading a proximity payment device and if the first account number is qualified for mapping. In addition, the method includes transmitting the authorization request to an issuer financial institution with the second account number substituted for the first account number in the authorization request.05-10-2012
20120101951Method and System for Secure Financial Transactions Using Mobile Communications Devices - The present invention employs public key infrastructure to electronically sign and encrypt important personal information on a mobile communications device (MCD), without disclosing private, personal information to the transaction counterparts and middleman, thus preserving highly elevated and enhanced security and fraud protection. In one embodiment, the present invention can use a mobile device identifier, such as a cell phone number or email address, for example, as an index/reference during the entire transaction, so that only the account holder and the account issuer know the underlying account number and other private information.04-26-2012
20130024384HAND GEOMETRY BIOMETRICS ON A PAYMENT DEVICE - The present invention discloses a system and methods for biometric security using multiple biometrics in a transponder-reader system. The biometric security system also includes a biometric sensor that detects biometric samples and a device for verifying biometric samples. In one embodiment, the biometric security system includes a transponder configured with a biometric sensor. In another embodiment, the system includes a reader configured with a biometric sensor. In yet another embodiment, the present invention discloses methods for proffering and processing multiple biometric samples to facilitate authorization of transactions.01-24-2013
20120290484Method and System for Sending Surveys and Receipts Electronically to Customers Purchasing with Credit Cards - A system and method provide customers making purchases with a credit card with electronically delivered receipts and surveys from the merchant. A user subscribes to the system and provides credit card information and an electronic message address (e.g. and email address or mobile phone number). The system does not store the entire credit card information. Upon a purchase, a credit card processor forwards credit card information to the system. A related message address is identified. A survey previously created by the merchant is transmitted to the address. The customer receives the receipt and survey. The customer completes the survey and submits it to the system. The system forwards the survey results to the merchant.11-15-2012
20120290483METHODS, SYSTEMS AND NODES FOR AUTHORIZING A SECURIZED EXCHANGE BETWEEN A USER AND A PROVIDER SITE - Methods, systems and nodes for authorizing a securized exchange between a user and a provider site are described herein. User credentials are stored in a personal security module and in an authentication server. The personal security module is a user terminal or otherwise connects to a user terminal. The user terminal accesses the provider site, which in turn provides a unique transaction number to the authentication center and to the personal security module. The authentication center provides user authorization information to the provider site. When the personal security module sends the same unique transaction number to the authentication center, the authentication center provides the user authorization information to the personal security module. The user terminal uses the user authorization information for having the securized exchange with the provider site.11-15-2012
20080228654NETWORK INDEPENDENT LOCATION SERVICES - Techniques for supporting network independent location services (LCS) are described. In one design, a location center may communicate with a terminal to establish an account for the terminal with the location center for location services. The location center may establish the account for the terminal independent of a home network or a serving network for the terminal. During signup to establish the account, the location center may (i) provide address information for the location center, security information, and/or other information for the location center and (ii) receive public identity information and/or other information for the terminal. The location center may thereafter provide location services to the terminal based on the established account and without interacting with the home or serving network for the terminal. Techniques for supporting delivery of assistance data are also described.09-18-2008
20110106710ENCRYPTION SWITCH PROCESSING - Techniques for eliminating the need for merchants and acquirers to conduct Payment Card Industry (“PCI”) security audit procedures are provided. Merchants and acquirers can eliminate the operating expenses associated with conducting audits to ensure compliance with PCI Data Security Standards (“DSS”), while at the same time ensuring that cardholders' data remains secure, thus protecting the cardholders from fraudulent transactions. System security is further enhanced through the use of per transaction audits, with the scope of the audit being directly between the Point of Sale (POS) terminal and the payment processing network. PCI DSS compliance can thus be assured on a per transaction basis, as opposed to only ensuring compliance generally for a merchant or acquirer on a periodic basis. Per transaction PCI DSS compliance is assured, while at the same time eliminating the need for merchants or acquirers to conduct compliance audits.05-05-2011
20100076893METHOD FOR PROCESSING AND ROUTING FINANCIAL TRANSACTIONS FROM CAPTURE POINTS AND AUTHORIZED BY FINANCIAL INSTITUTIONS, IMPLEMENTED THROUGH SOFTWARE - A method for the routing of messages coming from capture points directly, or indirectly, connected to the Tecban network, and authorized by the Financing Institutions, which are also connected to the Tecban network, remarkably conceived to consolidate the ATM network of Tecban, as well as the proprietary networks of the Financing institutions administered by Tecban, through a number of encoded instructions, contained in a software used in computer networks to exchange messages among the several elements involved.03-25-2010
20080306875METHOD AND SYSTEM FOR SECURE NETWORK CONNECTION - Methods and systems for secure payment via a network are disclosed. In an example embodiment, a system includes components to receive a globally unique identifier (GUID) and a client-hello message from a client, generate a tag and sending the tag and a server hello message to the client, receive the tag, a client-key-exchange message, a change-c-spec message, an encrypted-finished message, and secured payload from the client, and send an encrypted-finished message and secured response payload to the client.12-11-2008
20100082493System and Method for Utility Sampling for Trust Metrics in PKI - A method for measuring trust in a transaction over a public key certificate network includes associating each edge K04-01-2010
20110173126CONTENT SECURITY FOR REAL-TIME BIDDING - A real-time-bidding process that includes security mechanisms that limits access to various aspects of the bidding process including communications between bidders, the user browser, and the auctioneer, and the content of bids received and utilized by the user browser.07-14-2011
20110173125Information processing device, method thereof, information processing system, and method thereof - An information processing device includes: an exchange unit configured to exchange information concerning a communication state with, respect to a server using a first communication with another information processing device which becomes the other party of communication in a second communication; and a method selection unit configured to select a transmission/reception method of content data with respect to another information processing device using the second communication based on the information exchanged by the exchange unit in accordance with the communication state of each device with respect to the server using the first communication.07-14-2011
20110173124AUTHENTICATION OF TRANSACTIONS IN A NETWORK - A technique for conducting a transaction via a network is described. In this technique, in response to receiving transaction information associated with the transaction via the network from a network browser in a computer, a computer system provides an encrypted version of the received transaction information via the network to an application that executes in the computer, which facilitates a comparison of the received transaction information with original transaction information provided by a user to the computer. Note that this application is separate from the network browser, and the communication with the application via the network is independent of the network browser. Moreover, if the received transaction information matches the original transaction information, the computer system receives approval for the transaction from the computer via the network.07-14-2011
20120143770PURCHASE TRANSACTION SYSTEM WITH ENCRYPTED PAYMENT CARD DATA - Online ordering systems allow a user to submit sensitive information such as payment card information to a merchant in encrypted form. A payment card processor server may be used to provide the user's web browser with code for an encryption function, a cryptographic key, and a key identifier. The web browser may encrypt the payment card information by executing the encryption function and using the key. The encrypted payment card information may be supplied to the merchant over the internet. A key identifier that identifies which cryptographic key was used in encrypting the payment card information may be provided to the merchant without providing the merchant with access to the key. The merchant can forward the encrypted payment card information to the credit card processor server with the key identifier. The processor server can use the key identifier to obtain the key and decrypt the payment card information for authorization.06-07-2012
20090144204MODULE ID BASED TARGETED MARKETING - A server is operable to receive a media device identifying number (ID) and establish an association between a media device and a payment account and, in one embodiment, supports at least one of payment authorization and payment clearing based at least in part on the media device ID and the payment account. A network and system includes a payment card processor server that is operable to receive a payment authorization request and to determine if an authorized media device generated a purchase selection message and to determine to approve a received payment authorization request based, in part, if the media device was authorized for the purchase selection based upon a received media device ID. The system is further operable to perform a key rotation to protect payment account information.06-04-2009
20090313172METHOD AND SYSTEM FOR LINKING AN ANONYMOUS ELECTRONIC TRADE ORDER TO AN IDENTITY OF A TRADER - A method for automatically linking an anonymous electronic trade order having an order quantity (q) to an identity of a trader by providing an identity marker (s) of the trader; embedding the identity marker (s) by splitting the anonymous trade order into a number (n) of trade orders each having a corresponding order quantity x (i) to generate a trade order set; and placing the generated trade order set in an electronic order book.12-17-2009
20100153275METHOD AND APPARATUS FOR THROTTLING ACCESS USING SMALL PAYMENTS - One embodiment of the present invention provides a system for controlling access to resources using small payments. The system receives a request from an entity to access a resource. In response, the system requests the entity to submit information about the entity's account with a financial service provider (FSP). The system then transfers a fund to the entity's account and sends a message through the FSP to the entity with the fund transfer. The system receives from the entity an input corresponding to the message and determines that a first condition is met based on the received input and the message. As a result, the system grants the entity access to the resource.06-17-2010
20120296830METHOD AND MOBILE TERMINAL FOR REALIZING NETWORK PAYMENT - For solving the problem that multiple Universal Serial Bus (USB) Keys are required to be taken to realize multiple network payments in the conventional art, the provides a method and a mobile terminal for realizing network payment. The method includes: a mobile terminal selects a network payment system which is needed to implement current network payment from a plurality of network payment systems according to an instruction input by a user; when the user is confirmed to be a legal user according to the digital certificate, the mobile terminal logs on the selected network payment system and implements the network payment. The selects a network payment system which is needed to implement the current network payment from a plurality of network payment systems, thus it is not needed to take multiple USB Keys.11-22-2012
20090265279SYSTEM AND METHOD FOR MANAGING AND DISTRIBUTING HEDGE FUND DATA - A system for managing hedge funds includes a storage unit operable to store hedge fund information. The hedge fund information comprises at least one of a fund name, a fund share class, and denominated currency of a fund share class for a hedge fund. The system further includes a determination unit operable to determine, upon receiving hedge fund information, if the hedge fund information corresponds to a known hedge fund based on the received hedge fund information. The determination unit is operable to compare hedge fund information from a plurality of information sources so as to confirm whether the received hedge fund information relates to the same hedge fund.10-22-2009
20110270763METHODS AND APPARATUS FOR A FINANCIAL DOCUMENT CLEARINGHOUSE AND SECURE DELIVERY NETWORK - An electronic clearinghouse system (ECS) for securely delivering, retrieving, authenticating, storing, generating and distributing messages, such as financial documents and/or records are described. For message providers, the ECS can provide a secure and trusted venue for delivering messages, such as messages including financial data to their clients that reduces their delivery costs. For users of the ECS, the ECS can provide a central location where each user can receive and consolidate their messages, such as financial documents and associated financial data from a number of different financial data providers. To facilitate these functions, the ECS can include an automated system for recording delivery status as well as evidence of delivery of messages, including whether a message has been viewed by a particular user. Further, the ECS can include components for scheduling events, such as monetary transfers and bill payments, and providing reminders for such events. Also, the ECS can provide utilities that allow a user to package and securely deliver messages to other users.11-03-2011
20100268650METHOD AND SYSTEM FOR THE SUPPLY OF DATA, TRANSACTIONS AND ELECTRONIC VOTING - A method and system for supply of data, including generating a first digital certificate referred (empowerment certificate) signed with a first signing entity's electronic signature. The empowerment certificate includes attributes of the described entity, information identifying the first signing entity, indication of data relating to the described entity, indication of a source of the data, and identification of a relying entity to which the data can be supplied. The relying entity forwards the empowerment certificate to a source supplying the data indicated in the empowerment certificate. The data may be supplied to the relying entity by a second digital certificate (custom certificate), signed with a second signing entity's electronic signature. Custom certificates may appear in custom certificate revocation lists. A system and method for transfer of ownership of electronic property from a first entity to a second entity, and a method and system for electronic voting are also provided.10-21-2010
20090327140System and Method for Secure Online Transaction - Methods and systems for secure electronic commerce (eCommerce) transactions having one or more trusted payment hosts where consumers/buyers can register credit card information and/or any payment card information and the corresponding secret keys for the credit card or payment card with the one or more payment hosts are provided. Embodiments of the invention include a method of engaging a purchase order in an online electronic transaction on the spot, where a seller posts and advertises at least one online electronic link embedded in a web-page or in an e-mail provided by a server.12-31-2009
20090327139Loosely coupled hosted application system - Technologies are described herein for loosely coupling a hosted application system with other computing systems that provide related functionality. A hosted application system is provided in one embodiment that is loosely coupled to a marketing system, a sign-up system, a billing system, and a support system. The loose coupling of the systems allows the hosted application system to be easily configured to restrict the software to which a particular customer can subscribe based upon the capacity of the hosted application system, the qualifications of a customer, or other factors. The computing systems may be configured to communicate via idempotent network APIs, thereby permitting multiple retries to ensure successful completion of requests.12-31-2009
20090198619AGGREGATED HASH-CHAIN MICROPAYMENT SYSTEM - Disclosed are a system and method for aggregating micropayment hash chains. An end user (the “payer”) cryptographically signs “commitments” and transmits then to a vendor. The commitments include an “accumulated count” field which tracks the total number of micropayments made thus far in the payment transaction between the payer and the vendor. The payer can also transmit payment tokens to the vendor. These payment tokens include micropayments verified by a hash chain. When the vendor seeks reimbursement from a broker, the vendor tells the broker the total number of micropayments in the payment transaction and sends verification information to the broker. The broker checks this information against a verification system established with the payer. If the information is verified to be correct, then the broker reimburses the vendor for the services provided and charges the payer. The verification information ensures that the payer and vendor cannot cheat each other.08-06-2009
20090248582System to enable a telecom operator provide financial transactions services and methodsfor implementing such transactions - The invention relates to a system, enabling subscribers of a wireless Telecom Operator to execute financial transactions with a mobile phone, or an electronic device which can be connected to the wireless communication network, wherein a subscriber has one or several Financial Transaction Accounts open and managed by the Telecom Operator, which can receive monetary deposits, and on which debit and credit operations can be executed. The system is composed of a Transaction Processing Platform, which is installed on the computers of the Telecom Operator, is connected to the wireless communication network, is interfaced with other elements of the Telecom Operator, manages the Financial Transactions Accounts, verifies/executes financial transactions sent by the subscribers, and executes other tasks like confirmations of transactions, account statement preparation, reporting, etc. The system is also composed of a client software that runs on the Mobile Phone of the subscriber or his connectable electronic device or on the Subscriber Identify Module which is inserted in the mobile phone or connectable electronic device. Such client software enables the subscriber to prepare, validate and send through the wireless communication network, transactions orders to the Transaction Processing Platform.10-01-2009
20090083190System and Method for Electronic Bidding - In an electronic bidding system and method, it is unnecessary to disclose to bidders a list of public keys matched to bid prices, and in which price secrecy may be proved. In a function of encryption of a bidding device 03-26-2009
20110231319Method to Make Payment or Charge Safe Transactions Using Programmable Mobile Telephones - A system, method and mobile application for conducting financial transactions wherein a mobile device operated by a user is operably coupled to a server over a mobile communication network. Both the server and the user's mobile device store a user encryption key (UEK) and a user access key (UAK). A software application stored on the user's mobile device and the server are configured to conduct a transaction wherein a session key (SK) specific to the transaction is exchanged in an encrypted form based upon the UEK. The software application is further configured to i) generate transaction data, ii) access the UAK stored on the mobile device, iii) encrypt the UAK and transaction data into an encrypted form based upon the SK, and iv) send the UAK and transaction data in encrypted form from the mobile device to the server over the mobile communication network in order to conduct the transaction.09-22-2011
20090254485METHOD AND SYSTEM FOR ANONYMOUS ELECTRONIC TRANSACTIONS USING A MOBILE DEVICE - A method for conducting transactions, includes: encoding concatenated transaction information at a cash point; sending the encoded concatenated transaction information from the cash point to a mobile device; receiving verification information from the mobile device formed in response to the encoded concatenated transaction information; confirming the received verification information; completing a transaction in the event of successfully confirming the received verification information.10-08-2009
20090222383Secure Financial Reader Architecture - Methods and systems are provided for secure transaction processing. A secure processor may include an integrated wireless card reader and optionally a secure memory. When a request for payment information associated with an on-line transaction is received, the integrated wireless card reader reads data from the payment card. The secure processor may retrieve a set of transaction identifiers from the payment card issuer or optionally a trusted third party. The secure processor transmits one of the retrieve transaction identifiers to the on-line merchant instead of payment card data. The on-line merchant communicates the transaction identifier to the payment card issuer or the trusted third party for validation. Alternatively, the secure processor may encrypt the read payment card data utilizing the payment card number as the shared secret required by the cryptographic algorithm. The secure processor then forwards the encrypted payment card data to the on-line merchant.09-03-2009
20090150295VALIDATION SERVICE FOR PAYMENT CARDS WITH PRELOADED DYNAMIC CARD VERIFICATION VALUES - QSecure Validation Service (QVS™) is part of the QSecure Suite and includes a CVQ Table Generator (QTG) for use with a QBox™ card personalizer. In general, the QVS/QVM compares dynamic CVQ token data fetched by an issuer authorization host from a transaction then occurring in the field. An array of acceptable CVQ values computed in real-time from the original keys and algorithms used by the QTG and QBox to personalize the particular card are applied in the comparison. There is an order to the CVQ values in such array, and the dynamic CVQ token data will step through these over time. Small deviations in the order actually received can normally occur for reasons other than fraud, so a moving window of acceptance is needed to cope with normal deviations. A running account of which CVQ values have already been used is maintained for, or by, the QVS, and these help predict where the acceptance window should next be positioned in the array of acceptable CVQ values.06-11-2009
20100169224PROTECTING PRIVACY OF PERSONALLY IDENTIFYING INFORMATION WHEN DELIVERING TARGETED ASSETS - Techniques are disclosed herein for protecting personally identifying information (PII) and behavioral data while delivering targeted assets. In one aspect, a profile is created based on a template and desired characteristics of users to receive one or more targeted assets. The template provides a framework for the user characteristics. One or more clients are provided the template. A manifest that identifies the targeted assets is encrypted based on the profile. The encrypted manifest is sent to the one or more clients. A user profile is generated at a client based on a template. The client attempts to decrypt the encrypted manifest based on the profile created at the client. The client sends a request for any targeted assets that were identified through the attempt to decrypt the encrypted manifest.07-01-2010
20120197807SECURE ONLINE TRANSACTION PROCESSING - Various methods for securely processing an online transaction between a customer and a merchant are disclosed. In one method, an authentication credentials request that includes a transaction identifier is received from a merchant system. In response, an encryption key is transmitted to the merchant system. From a customer system, the personal account data associated with the customer is received, which is encrypted with the encryption key. A transaction processing request from the merchant system prompts the generating of a transaction processing response based upon its execution.08-02-2012
20100228675Issuing machine and issuing system - An issuing system for issuing unmodifiable and/or unforgeable hardcopy documents or securities includes a server and a plurality of issuing machines connected to the server via a network. Each of the issuing machines receives an ID recording medium provided by a potential purchaser, retrieves an identification recoded in the received ID recording medium, requests the potential purchaser to input request for a transaction of the security or fixed rate financing instrument, processes the requested transaction by retrieving information via a network from the server, and prints out on demand a hardcopy of the security or fixed rate financing instrument as purchased by the potential purchaser and a checksum thereon. A method for forming a new market with the issuing system.09-09-2010
20100217710ELECTRONIC MONEY SYSTEM AND ELECTRONIC MONEY TRANSACTION METHOD - An electronic money system is directed to avoid unauthorized use of certificate-type electronic money. The electronic money system is provided with a management server, a verification sever, a remittance terminal, and a receptor terminal. In response to a request from the remittance terminal, the management server issues an inactive electronic certificate including a certificate ID and notifies the verification server of the certificate ID. The remittance terminal gives a group signature to the inactive electronic certificate to generate an active electronic certificate. The reception terminal verifies the active electronic certificate obtained from the remittance terminal on the basis of the group signature. The verification server matches the certificate ID notified from the management server with the certificate ID included in the active electronic certificate verified by the reception terminal to verify availability of the active electronic certificate.08-26-2010
20100223186Method and System for Conducting Secure Payments - A proximity device transmits a first dynamic authentication value contactlessly to a terminal. The first authentication value is included in a discretionary data field of message data arranged in an ISO Track 1 and/or ISO Track 2 format. Message data is sent from the terminal to an issuer. The issuer separately derives a second authentication value and compares it with the first authentication value.09-02-2010
20100211507OVER THE AIR UPDATE OF PAYMENT TRANSACTION DATA STORED IN SECURE MEMORY - A system, apparatus, and method for processing payment transactions that are conducted using a mobile device that includes a contactless element, such as an integrated circuit chip. The invention enables the updating, correction or synchronization of transaction data maintained by an Issuer with that stored on the device. This is accomplished by using a wireless (cellular) network as a data communication channel for data provided by an Issuer to the mobile device, and is particularly advantageous in circumstances in which the contactless element is not presently capable of communication with a device reader or point of sale terminal that uses a near field communications mechanism. Data transferred between the mobile device and Issuer may be encrypted and decrypted to provide additional security and protect the data from being accessed by other users or applications. If encryption keys are used for the encryption and decryption processes, they may be distributed by a key distribution server or other suitable entity to a mobile gateway which participates in the data encryption and decryption operations.08-19-2010
20120143769COMMERCE CARD - Commerce card techniques are described. In one or more implementations, one or more credentials are received at a commerce card, the credentials encrypted using a public key. The one or more credentials are decrypted using a private key that corresponds to the public key, the decrypting performed by a secure element implemented in tamper-resistant hardware of the commerce card without exposing the private key outside of the secure element. The decrypted one or more credentials are stored within the secure element of the commerce card such that the decrypted one or more credentials are not exposed outside of the secure element, the one or more credentials usable by the commerce card as part of a transaction to purchase a good or service.06-07-2012
20090319432SECURE TRANSACTION PERSONAL COMPUTER - A secure computer for secure transactions that includes an operating system, a processor, an identity security module, and a loss protection device. The operating system has built-in security features. The processor is manufactured with security features and configured to execute software in a virtualized state outside of the operating system. The computer may include or be able to create at least one virtualized software module configurable to operate outside of the operating system.12-24-2009
20110071947AUCTION VERIFICATION - An auction verification subsystem provides verification, without revealing actual bid values, that bid values remained sealed prior to a closing time for the auction and that an announced winning bidder for the auction provided a highest bid. The verification subsystem receives encrypted bids from bidders and generates commitment data based on the bids and provides the commitment data to each of the bidders. In response to receiving the commitment data, the bidders provide decryption keys for the encrypted bids. In turn, the bids are decrypted and an auction is performed using the decrypted bids. The results of the auction can be verified based on bid representations that do not reveal the actual values of bids, thereby maintaining the secrecy of bids. Providing access to an exchange between bidders and the verification subsystem facilitates verification that the auction is performed as a sealed bid auction.03-24-2011
20100299266Digital Incentives Issuance, Redemption, and Reimbursement - A system and method for issuance, redemption, and reimbursement of digital incentives. A central database connected to the internet: enables customers to register unique customer registration information; is able to store this information and assign unique identifiers to it; and is accessible to incentives providers to make available digital incentives. Existing point-of-sale terminals: are authenticated to have access to the central database; have payment devices; are connected to the internet; and are provided with a message broker that facilitates communication with the central database. The customer redeems digital incentives at one of the existing point-of-sale terminals at the time of purchase by first presenting their unique identifier. The message broker routes the unique identifier to the central database which authenticates and validates the existing point-of-sale terminal, the customer's unique identifier, and the payment device. The central database then returns validated applicable digital incentives to the message broker which forwards the validated digital incentives for redemption.11-25-2010
20100332399SYSTEM AND METHOD FOR PARTNER KEY MANAGEMENT - A system and method for implementing an interoperable credential management protocol for processing online transactions. The protocol, referred to as the Partner Key Management (PKM) protocol provides an improved alternative to traditional public key, infrastructure (PKI), particularly for use in high-value commercial transactions which require additional controls on the use of credentials for authentication and authorization. According to the PKM protocol, a user may take advantage of credential interoperability by using the same credential at a plurality of different financial institutions for authentication or digital signatures. Additionally, the credential interoperability achieved according to the PKM protocol allows the user to employ the same credential at a plurality of financial institutions for the purpose of digital or electronic signatures.12-30-2010
20110213711METHOD, SYSTEM AND APPARATUS FOR PROVIDING TRANSACTION VERIFICATION - A system and method provides electronic transaction verification using multiple different units. A first unit initiates an electronic transaction in response to user authentication affirmation by, for example, a server (such as a web server). After the user has been authenticated, another unit, such as a mobile device, receives a transaction confirmation request for the electronic transaction that is ongoing via the first unit. In addition, the second unit also receives from, for example, the server, transaction information based on the electronic transaction. The second device through a user interface and without requiring a user to enter transaction information, provides the received transaction information from the server for evaluation by a user of the second unit. The second unit requests from the user, in response to the transaction confirmation request, confirmation of the transaction. The second unit generates a transaction confirmation code based on the received transaction information if the transaction is confirmed by the user of the second unit and sends it to the server for verification by the server.09-01-2011
20120246080METHOD AND SYSTEM FOR REAL TIME ONLINE DEBIT TRANSACTIONS - An online payment method is disclosed which permits users to make realtime debit card payments over the Internet. The payor and payee pre-register with the system by sending their PAN, encrypted PIN and encryption key to the system database using a debit card reader, and then enter user names and secret IDs to be associated with the PAN and PIN numbers. When an online transaction is made the payor enters its user name and ID which is sent to the system along with the transaction amount and the payee user name. The system sends out a standard POS transaction using the stored PAN, encrypted PIN and encryption key. If approved it sends out a credit POS transaction to the payee in the same way.09-27-2012
20090216679METHOD AND SYSTEM FOR VALIDATING A DEVICE THAT USES A DYNAMIC IDENTIFIER - A method that comprises obtaining a currently received signature from a device; obtaining a candidate identifier associated with the device; consulting a database to obtain a set of previously received signatures associated with the candidate identifier; and validating the currently received signature based on a comparison of the currently received signature to the set of previously received signatures associated with the candidate identifier. Also, a method that comprises obtaining a currently received signature from a device; decrypting the currently received signature to obtain a candidate identifier; and a candidate scrambling code; consulting a database to obtain a set of previously received scrambling codes associated with the candidate identifier; and validating the currently received signature based on a comparison of the candidate scrambling code to the set of previously received scrambling codes associated with the candidate identifier.08-27-2009
20110178933DYNAMICALLY REACTING POLICIES AND PROTECTIONS FOR SECURING MOBILE FINANCIAL TRANSACTION DATA IN TRANSIT - A secure mobile financial transaction is provided by receiving, over a communication network, a list of protection mechanisms available for implementation by an external terminal. Security-related data is received from one or more sensors and an attack signature is computed based on the security-related data. An appropriate security policy is selected from multiple security policies stored in a database based on the list of protection mechanisms and the attack signature. A secure communication session is established between the external terminal and an internal network component according to the selected security policy. A data message associated with a mobile financial transaction is communicated over the communication network during the communication session.07-21-2011
20100057622Distributed Quantum Encrypted Pattern Generation And Scoring - Transaction scoring is performed in a distributed manner across a client-server computing system. A computing system for processing a transaction includes a server system and a client system. The server system is arranged to process information associated with the transaction, while the client system communicates with the server system and includes a key engine which is arranged to generate keys. The client system and the server system are arranged to cooperate to make probabilistic determinations associated with the transaction. The client is arranged to send the keys generated by the key engine as a transaction to the server system.03-04-2010
20100057620Mobile personal point-of-sale terminal - A customer mobile personal point-of-sale terminal (CMPPT) includes a Point-Of-Sale (POS) sleeve portion that slidingly engages, and couples to, a cellular telephone. The cellular telephone is used to communicate encrypted information between a financial transaction verification entity (FTVE) and the POS sleeve portion. The sleeve portion includes a mechanism for reading in a merchant account number at the point-of-sale, and for communicating in a secure encrypted fashion with the FTVE via the cellular telephone portion. Rather than a customer entering sensitive financial information into a merchant's POS terminal (MPT) and trusting the merchant with such information, merchant information is entered into the CMPPT. The CMPPT initiates a transaction by sending the customer's account information and the merchant information to the FTVE. The FTVE receives information about the transaction directly from the MPT. The FTVE verifies the transaction, and after authorization, the FTVE forwards approval codes to the CMPPT and MPT.03-04-2010
20100057621PAYMENT PROCESSING SYSTEM SECURE HEALTHCARE DATA TRAFFICKING - Healthcare purchase data from a transaction upon a patient's account may be required to be transported and stored for safeguarding patient confidentiality if sufficient to identify the patient and the purchase. To avoid non-compliance, a transaction hander (TH) receives the data from a merchant's acquirer as encrypted by a key known to both the acquirer and TH. After decrypting the data with that key, the TH re-encrypts it with a key known only to the TH, and then stored. After receiving an issuer's request for the data, the TH decrypts the data using its own key, re-encrypts it using a key known only to the TH and the issuer, and then sends it to the issuer who will decrypt the data using that key. The unencrypted data may be used by the issuer to demonstrate the issuer's regulatory compliance to a governmental entity.03-04-2010
20100070419SYSTEM AND METHOD TO INITIATE A FUNCTION WITH AN EMAIL MESSAGE - This document discusses, among other things, initiating a function with an email message. Various example embodiments relate to a machine that is to receive an email message. The machine may determine, based on an email address of the sender, whether the sender is a valid sender. In some example embodiments, based on the machine determining that the sender is valid, the machine may execute a command included within the email message.03-18-2010
20120136798SECURING MOBILE TRANSACTIONS - Systems and methods for securing mobile transactions are provided. An order including a credit card number and a user is sent from the user's mobile device over a communication network to a gateway server, which may be coupled to a point-of-sale terminal. The gateway server generates an encryption key that is based on the user key and a server key stored at the server. The encryption key is used to encrypt the credit card number, and the encrypted credit card number is sent to the mobile device for use in subsequent orders.05-31-2012
20110251961PROCESS AND SYSTEM FOR DATA TRANSMISSION - The present invention relates to a process and a system for data transmission. Authentication data and an electronic key are generated, whereby the electronic key is stored as assigned to the authentication data. At least part of the electronic key is transmitted by means of an authentication module of the central module to a communications terminal. Asynchronously to that, data are encrypted into encrypted data by means of an encryption module and by means of at least part of the electronic key. The encrypted data are transmitted between a central module and a communications terminal. The encrypted data are decrypted by means of a decryption module and by means of at least part of the electronic key.10-13-2011
20110161233SECURE TRANSACTION MANAGEMENT - Methods, systems, and devices for secure transaction management are provided. Embodiments include a method for providing secure transactions that include receiving an identifier of a financial account at a payment processor system. A token may be generated that is linked with the identifier of the financial account at the payment processor system. The identifier of the financial account and the token may be stored securely at the payment processor system. The token may be transmitted without the identifier of the financial account to at least a recipient system or a recipient device where the token replaces the identifier of the financial account.06-30-2011
20120203701SYSTEMS AND METHODS FOR ESTABLISHING A COMMUNICATION SESSION BETWEEN COMMUNICATION DEVICES - Embodiments of the invention include systems and methods for establishing a communication session between an inviter communication device and an invitee communication device. Data messages to be exchanged between inviter communication device and the invitee communication device without any other entity or communication device being able to analyze, access or understand the data messages. To exchange data messages, a bucket for storing the data messages is set up on a server or other database. A bucket uniform resource identifier is generated by the server and provided to the inviter and invitee communication devices. The inviter and invitee communication devices send each other data messages via the bucket uniform resource identifier.08-09-2012
20120150749METHOD AND SYSTEM FOR SECURING PIN ENTRY ON A MOBILE PAYMENT DEVICE UTILIZING A LOCKED BUFFER - A mobile communication device 06-14-2012
20110082798SYSTEM AND METHOD FOR SECURELY TRANSMITTING DATA ACROSS A SYSTEM LANDSCAPE - A system and method for securely transferring sensitive payment data across a system landscape. The system and method may utilize machine-readable media including program code stored therein executable by one or more processors to perform the transferring of payment data. The transferring of data includes generating and encrypting a data container to combine all sensitive payment data. The encryption logic is configured to automatically transfer keys between systems.04-07-2011
20090292642Method and system for automatically issuing digital merchant based online payment card - An online payment card is a digital form card derived from a credit/debit card or bank account of a customer. A central service provider issues the online payment card electronically to a registered merchant system under the authorization of the owner of the ordinary credhVdebit or bank account. The central service provider maintains the association of the online payment card with the ordinary credit/debit card or bank account of the customer, and the identity of the merchant that the payment is issued to. The merchant handles the online payment card in the same manner as ordinary card. When the merchant submits a request for authorization, the central service provider verifies if the online payment card is associated with the merchant who submits the authorization request. If the verification successes, the central service provider process the authorization request using the ordinary credit/debit which is associated with the online payment card.11-26-2009
20110191253USE OF MOBILE DEVICES FOR COMMUNICATING SOUND-BASED VIRTUAL TRANSACTION DATA - The present application relates to the use of mobile devices for viewing and publishing location-based user information. One example allows a user of a mobile device to access content associated with a virtual version of an entity that exists at a physical location regardless of a location of the mobile device. This example enables the user to submit content to the virtual version when the mobile device is proximate the physical location.08-04-2011
20110191252Secured Point-Of-Sale Transaction System - The present invention relates to a secured transaction system. In one embodiment, a point-of-sale (POS) system includes an input module configured to receive a transaction description from a mobile client device, an encryption engine configured to generate an encrypted transaction description using the transaction description from the mobile client device, and a communication module configured to transmit the encrypted transaction description for processing.08-04-2011
20100030696BIOMETRIC ELECTRONIC PAYMENT TERMINAL AND TRANSACTION METHOD - An electronic payment terminal includes a device for acquiring biometric data and a program capable of: acquiring biometric data during a transaction by a biometric data acquisition device; and storing the biometric data in the payment terminal. A corresponding transaction method is also provided.02-04-2010
20100017335METHOD AND APPARATUS FOR ORDERING GOODS, SERVICES AND CONTENT OVER AN INTERNETWORK - A billing system that allows a consumer to order products from computers connected to the Internet, wherein the consumer is automatically billed for the ordered product by its telephone service provider. When a product is ordered over the Internet, a plug-in component of the consumer's computer establishes an Internet connection to a billing server. A billing server component transfers an encrypted version of the product to the plug-in component. The plug-in component then disconnects from the Internet and establishes a point-to-point (PPP) connection with the billing server. During the PPP connection, the billing server component transfers an access key assigned to the order to the plug-in component so that the plug-in component may decrypt the product. The consumer is charged a unit rate or “drop-charge” for the product by the telephone service provider using a premium telephone number assigned and administered by the telephone service provider.01-21-2010
20100017334AUTHENTICATION SYSTEM AND AUTHENTICATION METHOD - In order appropriately to prevent leakage of an authentication symbol string such as a credit card number, and for it to be possible for a user to be authenticated as a legitimate user: an ID issuance server 01-21-2010
20090171850TRANSACTION AUTHENTICATION PLATFORM USING VIDEO - A transaction authentication platform using video is provided. In an illustrative implementation, a computing environment comprises a video transaction authentication engine and an instruction set comprising at least one instruction to the video transaction authentication to process, store, manage, and monitor data representative of video transaction authentication requests to generate a trust capsule representative of video authentication trust for a consumer. Consumers, merchants, and transaction processors can illustratively cooperate with the video transaction authentication engine as part of transaction fulfillment and reconciliation. Illustratively, a merchant can request generated trust capsule data for a consumer and compare the received data with the consumer at the point of sale to determine whether to fulfill a transaction. Additionally, the video data about a consumer can be captured at the point of sale and stored as part of a transaction dispute resolution process.07-02-2009
20120150748SYSTEM AND METHOD FOR AUTHENTICATING TRANSACTIONS THROUGH A MOBILE DEVICE - A user may claim to have not made or allowed a transaction and that the transaction was made in error. Where it appears the user has not authorized the transaction, the funds of the transaction are returned to the user, or are charged back. Systems and methods provide a way to confirm whether or not a transaction was actually authorized by the user, thereby settling a chargeback dispute for a previously executed transaction. The method comprises receiving the dispute regarding the transaction including associated transaction data, and retrieving a digital signature associated with the transaction data, the digital signature computed by signing the transaction data. The digital signature is then verified using a public key, wherein the public key corresponds to a private key stored on a mobile device. It is then determined whether or not the transaction is fraudulent based on a verification result of the digital signature.06-14-2012
20120047075METHOD AND APPARATUS FOR GLOBAL REPLACEMENT CARD SERVICES - A prompt-response card issuing system providing temporary financial transaction cards includes a communications module, a personal account number (PAN) mapping module, and a security measure determination module. The communications module communicates with a plurality of financial card issuers, each having different profile standards for generating security measures, and also receives, from an issuer, an authorization for a new PAN associated with a financial account of a cardholder. The PAN module maps the new PAN to a temporary personal account number (TPAN) for the cardholder. The security measure determination module determines at least one security measure requirement according to a system profile standard of said prompt-response card issuing system rather than the system profile standard of the authorizing issuer. The TPAN, the security measure requirement, and personal information regarding the cardholder are communicated to a physical card producer so that a physical card bearing the TPAN, the security measure, and at least one item of personal information about the cardholder, can be produced and delivered to the cardholder.02-23-2012
20110071948AUCTION VERIFICATION - An auction verification subsystem provides verification, without revealing actual bid values, that bid values remained sealed prior to a closing time for the auction and that an announced winning bidder for the auction provided a highest bid. The verification subsystem receives encrypted bids from bidders and generates commitment data based on the bids and provides the commitment data to each of the bidders. In response to receiving the commitment data, the bidders provide decryption keys for the encrypted bids. In turn, the bids are decrypted and an auction is performed using the decrypted bids. The results of the auction can be verified based on bid representations that do not reveal the actual values of bids, thereby maintaining the secrecy of bids. Providing access to an exchange between bidders and the verification subsystem facilitates verification that the auction is performed as a sealed bid auction.03-24-2011
20100094760TRANSACTION METHOD BETWEEN TWO ENTITIES PROVIDING ANONYMITY REVOCATION FOR TREE-BASED SCHEMES WITHOUT TRUSTED PARTY - The invention proposes an off-line divisible e-cash scheme where a user can withdraw a divisible coin of monetary value n04-15-2010
20120317035PROCESSING TRANSACTIONS WITH AN EXTENDED APPLICATION ID AND DYNAMIC CRYPTOGRAMS - Methods, systems, and machine-readable media are disclosed for handling information related to a transaction conducted with a presentation instrument at a POS device. Extended application IDs and dynamic cryptograms are use for the transaction. According to one embodiment, a method of processing a financial transaction for an account having a primary account number (PAN) can comprise detecting initiation of the transaction with the presentation instrument, and providing from the presentation instrument to the POS device a list of one or more applications IDs. Each application ID identifies an application that can be used to communicate data concerning the transaction between the presentation instrument and the POS device. The POS device selects one of the application IDs and returns it to the presentation instrument. Under the control of the selected application, the presentation instrument generates a Dynamic Transaction Cryptogram (DTC) and a dynamic PAN that are each valid for only a single transaction.12-13-2012
20120130903BACK END OF PAYMENT SYSTEM ASSOCIATED WITH FINANCIAL TRANSACTIONS USING CARD READERS COUPLED TO MOBILE DEVICES - A method of reconstructing a packet that includes financial card information from a mobile device uses a card reader. The card reader has a read head, a slot for swiping a magnetic stripe of a card and device electronics that includes a microcontroller with logic resources with code. The card reader has a unique identifier and associated cryptographic key. The same code is used to produce an encrypted and signed signal. The encrypted and signed signal, that includes the card reader identifier, is sent to the mobile device. The mobile device sends an encrypted and signed packet to a back end of a payment system. A cryptographic key is sued to decrypt and verify the contents of the packet at the back end. Non-encrypted financial card information is sent to a payment gateway.05-24-2012
20120130902WIRELESS ESTABLISHMENT OF IDENTITY VIA BI-DIRECTIONAL RFID - A method, a system, and a computer program product are provided for wireless establishment of identity via bi-directional radio-frequency identification (RFID). The method is implemented in a computer infrastructure having computer executable code tangibly embodied on a computer readable storage medium having programming instructions operable for sending device data including at least a username and a password to a transceiver. The method also includes receiving an identifier of an access point in a wireless network from the transceiver, the transceiver sending the device data to the access point via a security server. The device data is sent to the access point based on the identifier of the access point, the access point establishing a secure connection to the computer infrastructure based on the device data received from the transceiver and the computer infrastructure.05-24-2012
20100174653Secure method and device of financial transaction - A secure method and device thereof is provided for financial transaction without being access of any personal and confidential transaction information by any unwanted party, which includes the following steps. Receive transaction information and personal information of a user in a secure financial transaction device. Encrypt the transaction information, the personal information and a secure PIN of the user in the device and transfer the encrypted transaction information, personal information and the secure PIN to a designate financial entity through the Internet. Verify a payment amount to a designated financial account with the financial entity. Receive a confirmation in the device for the transaction of the payment amount to the designated financial account, after the payment amount is transferred to the designated financial account from the financial entity, by the financial entity through the Internet.07-08-2010
20130173476Computer system and method for initiating payments based on cheques - A system and method for initiating electronic payments based on paper cheques, including a paying party chip-and-PIN terminal arranged to input cleartext data including a cheque number and an amount from a cheque issued by a first bank, at which the paying party has an account, and generating from it encoded data using a key, for the user to write on the cheque; and a computer associated with the first bank, arranged to accept, from a paid party via the internet, data defining a second bank and an account at the second bank, associated with the paid party; accepting, from the paid party, the cleartext data and the encoded data from the cheque, and validating the cleartext data from the cheque using the encoded data and the key; and initiating an electronic funds transfer from the first bank to the second bank of the amount specified on the cheque.07-04-2013
20100010933TRACEABILITY VERIFICATION SYSTEM, METHOD AND PROGRAM FOR THE SAME - A system for enabling verification in traceability of a supply chain while maintaining confidentiality of private suppliers. A group signature is applied to an undisclosed supplier. The undisclosed supplier previously receives registration to the certificate authority device, and performs a group signature based on the certificate issued by the certificate authority device. A disclosed supplier and the undisclosed supplier sign and generate a signature chain when they ship parts. A verifier device receives a signature chain with products shipped from the supplier manager device, divides a signature of the disclosed supplier from a signature chain, and verifies the undisclosed supplier from the group signature. Identification of the undisclosed supplier is performed by a third-party auditor system requested to do so by the verifier device by using a group private key.01-14-2010
20120185397VARIABLE FRACTIONS OF MULTIPLE BIOMETRICS WITH MULTI-LAYER AUTHENTICATION OF MOBILE TRANSACTIONS - Virtually fraud-proof authentication for wireless mobile financial transactions. A mobile telephone, genius card or dongle may capture multiple biometrics, such as fingerprint, voiceprint, retinal recognition data, facial biometric data, ear biometric data and bio print, iris scanning data, pupil movement recognition data, and send segments of each of them to a server computer that re-constitutes them and stores them for matching during an attempted financial transaction. A purchasing individual has multiple biometrics read by separate readers integrated into a single hand-held device. An automatic process of the server computer has previously sent a command packet to the hand-held device defining percentage and portion of each biometric to select and the sequence and channel of transmission for matching along with other out of band security data. During the charging phase, the hand-held device may utilize a slidable antenna for swiping a magnetic strip of a charge card reader or may display credit card data for a limited amount of time.07-19-2012
20080301057Online Commercial Transaction System and Method of Operation Thereof - A system for conducting commercial transactions comprises an application server that hosts a software application that can be accessed by users to conduct commercial transactions thereon, an application user database of authorised users capable of accessing the application server, each authorised user in the application user database being uniquely identifiable by means of corresponding login name and password, and a proxy server communicable with the application server and accessible by a plurality of registered users from respective mobile phones The proxy server provides each one of the plurality of registered users with access to the application server from that user's respective mobile phone. A proxy database is associated with the proxy server, the proxy database containing details of authorised users in the application user database who are also registered to access the application server through the proxy server from their respective mobile phones. Each registered user in the proxy database is uniquely identifiable by means of a corresponding user identification code, the proxy database also providing, for each registered user, a mapping of that user's user identification code and the user's corresponding user information contained in the application user database. The proxy database stores each registered user's corresponding user information in encrypted format, and the system includes a encryption engine capable of encrypting any data passed between the proxy server and the mobile phone of each registered user. The proxy database also stores an active encryption key for each registered user, the active encryption key being used by the encryption engine to encrypt and decrypt data passed between the proxy server and the user's mobile access terminal. The encryption engine is dynamic, using a different encryption key during each session in which the user accesses the application server from his respective mobile phone, the encryption engine generating, during each session, a further encryption key for the user and transferring the further encryption key to the user's mobile phone for storage therein.12-04-2008
20110131138COLLECTIVE SUSPENSION/SETTLEMENT REPRESENTATION PROCESSING SERVER DEVICE AND PROGRAM - Provided is a collective suspension processing server device, collective suspension representation processing server device, settlement representation processing server device, method, and program, wherein there is no chance that the encryption key leaks. Also provided is the implementation of preventing the leakage of any piece of information under management. The collective suspension processing server device, collective suspension representation processing server device, settlement representation processing server device, method, and program does not hold the encryption key and the decryption key which are used to encrypt users' card information in a management database, but instead, dynamically generates the encryption key and the decryption key. Regarding the common key which is used in encryption, the common key is generated and encrypted for each authentication information table without destructing the rank order of strings of characters and numbers which constitute the authentication information, and encrypted strings of characters and numbers are searched using the common key generated and encrypted for each authentication information table. The decryption key which is used to decrypt the encrypted card information is unique to each user.06-02-2011
20120239578Mobile Secure Transactions Using Human Intelligible Handshake Key - A software library could be called by an ecommerce application on a mobile phone to improve security of the transaction. When a human user wishes to purchase a product through the ecommerce application, the software library could present a passkey, such as a unique word, phrase, image, sound, or song, which is only recognizable by the human user. The human user authenticates the passkey by recognizing the passkey as the one he/she designated, and then authorizes the payment for the product, preferably through a passkey of his or her own, such as a password that the system recognizes.09-20-2012
20120265688Secure and Mobile Financial Transaction - A portable device is configured to transmit a first encrypted message to an account database server. The first encrypted message may comprise a request to get information about a financial account. The portable device receives a second encrypted message comprising the financial account information. The portable device wirelessly receives a signal from a merchant machine and wirelessly transmits a response message to the merchant machine. The response message comprises account related information for the merchant machine to trigger a financial transaction.10-18-2012
20120265689Methods for Customizing Secured Transactions that are Verified by a Money Source - Methods for providing secure transactions in which a customization parameter and an encrypted transaction validation code are received from a user to positively identify a transaction for a user who has a first entity identifier. The validation code and first entity identifier are used by a money source which electronically verifies that the transaction is valid by use of the first entity identifier and the validation code while the first transaction is customized through use of the customization parameter.10-18-2012
20110161232VIRTUALIZATION OF AUTHENTICATION TOKEN FOR SECURE APPLICATIONS - Data and financial transactions are secured on a mobile electronics device, with three downloadable modules. A first module provides for the mobile electronics device and a network server to interactively register a cryptographic abstract of an object usually carried by the user. These objects represent physical passwords from which processing can derive characterizing information. A second module is invoked by a transaction and signals the mobile electronics device to collect a new sample of the physical password. A cryptographic abstract of it is distilled and compared to preregistered cryptographic abstracts. A third module is a key recovery process for use when the preregistered physical password sound or object is no longer available to the user.06-30-2011
20120089520TRUSTED SERVICE MANAGER (TSM) ARCHITECTURES AND METHODS - A client device comprises a first secure element and a second secure element. The first secure element comprises a first computer-readable medium having a payment application comprising instructions for causing the client device to initiate a financial transaction. The second secure element comprises a second computer-readable medium having a security key, a payment instrument, stored authentication data and instructions for generating a secure payment information message responsive to the payment application. The secure payment information message comprises the payment instrument and is encrypted in accordance with the security key.04-12-2012
20120089519SYSTEM AND METHOD FOR SINGLE USE TRANSACTION SIGNATURES - A system and method for providing transaction-level security, such as authentication, authorization, or non-repudiation of business-related and other transactions, using shared keys and single use transaction signatures (SUTS). In accordance with an embodiment, to utilize the system, a user registers a client device with an identity service provider (IdP). The client device can be a computing device such as a mobile phone, personal digital assistant (PDA), netbook, or other specialized computer or computing device, each of which are hereinafter generally referred to as a “client device”. The registration process typically involves setting-up a shared secret key and personal identification number (pin). Once registered, all communication between the client device and the IdP is encrypted using a key generated with some combination of the secret key, pin, and/or timestamp, over a secured channel (e.g. https). For a particular transaction, users can generate digital transaction signatures using the client device, and third-party applications or parties can verify the transaction signature by providing a transaction identifier (id) and the signature to the IdP. In accordance with various embodiments, the transaction signature comprises encoding some combination of a transaction id, shared secret key (or manipulation thereof), secret pin, timestamp, and/or transaction type, which in accordance with some embodiments can be based on message authentication code (MAC). In accordance with an embodiment, a third-party, such as a bank, can validate a transaction themselves through a special arrangement with the IdP. In these scenarios, the bank can act as a delegated IdP between the user and a merchant, protecting the user and the merchant from malicious transactions.04-12-2012
20110276495ONE-TIME USE PASSWORD SYSTEMS AND METHODS - According to the invention, a method of using a one-time password for a transaction between a user and a merchant is disclosed. The method may include generating the one-time password. The method may also include authenticating the user by the authentication server in response to a request from the user to use the one-time password. The method may further include authorizing the use of the one-time password for the transaction in response to authenticating the user by the authentication server. The method may moreover include using the one-time password in combination with an account number to settle the transaction between the user and the merchant. The method may additionally include sending a message to the authentication server originating from the merchant, wherein the message comprises the one-time password, and wherein the message requests a determination whether the one-time password is authorized for use in the transaction. The method may also include sending a message to the merchant originating from the authentication server, wherein the message includes a determination whether the transaction should be approved in response to the authentication server determining whether the one-time password is authorized for use in the transaction.11-10-2011
20120330845ANIMATED TWO-DIMENSIONAL BARCODE CHECKS - Systems and methods are disclosed to provide an animated 2D barcode check that is used to securely and efficiently transmit financial information between mobile devices. The financial information includes a check written by a payer and transmitted to a merchant. The check includes account information of the payer and of the merchant with a payment service provider, a payment amount, and a cryptographic signature that has been certified by the payment service provider. The payer's mobile device encodes the check into a sequence of 2D barcodes and displays the sequence of 2D barcodes in a loop that is scanned by a camera on the merchant's mobile device. The merchant uses the cryptographic signature to verify the validity of the signature on the check without having Internet connectivity to the payment service provider. The merchant may later present the check to the payment service provider to receive payment.12-27-2012
20110320359 SECURE COMMUNICATION METHOD AND DEVICE BASED ON APPLICATION LAYER FOR MOBILE FINANCIAL SERVICE - A secure communication method and device based on application layer for mobile financial service. According to the invention, the exchanged messages in the financial transaction are few, and the requirement for the processing capability of the mobile terminal is low. The invention uses the digital signature technology for information abstract based on asymmetric secret keys, and the integrity of the transaction information is guaranteed and non-repudiation requirement is met. The invention also uses digital envelop technology based on asymmetric secret keys, and the secrecy of the transaction information. The strand space theory proves that the security of the preferred embodiment of the invention can be guaranteed.12-29-2011
20120150747MOBILE COMMUNICATION DEVICES - A mobile communication device, the device comprising: a memory; an encryption module for encrypting data using an encryption key; a first communication channel configured to transfer the encryption key from the mobile communication device to a separate terminal; and a second communication channel for transferring payment details stored in the memory from the mobile communication device to the separate terminal, which payment details are encrypted using the encryption key; and wherein the first communication channel is different to the second communication channel.06-14-2012
20130024383Mobile Device With Secure Element - Embodiments of the present invention are directed to methods, systems, and apparatuses for securely communicating issuer updates, upgrades, and allowing configuration of payment-related applications on a mobile communication device using a mobile security application. One embodiment is directed to a method of using a mobile communication device comprising a mobile security application, a key associated with the mobile security application, a first mobile payment application in communication with the mobile security application and a second mobile payment application in communication with the mobile security application. The method includes communicating, by the first mobile payment application in the mobile communication device with a mobile gateway, in a first communication, wherein the first communication is encrypted using the key and communicating, by the second mobile payment application in the mobile communication device with a mobile gateway, in a second communication, wherein the second communication is encrypted using the key.01-24-2013
20080288413Method for the Automatic Generation and Processing of an Invoice Document - The invention relates to a method for automated invoice generation and settlement from a payer (11-20-2008
20130124422SYSTEMS AND METHODS FOR AUTHORIZING TRANSACTIONS VIA A DIGITAL DEVICE - In various embodiments, transactions initiated by or on behalf of users between client systems and transaction systems are sent to authorization systems for approval. An authorization system contacts one or more registered devices for approval from a user of the registered devices for the transactions initiated by or on behalf of the users that are being handled by the transaction systems. A registered device sends an approval or denial based on user input. The authorization server then sends the approval or denial to a transaction system to complete a transaction.05-16-2013
20130124421SECURE AUTHENTICATION METHOD AND SYSTEM FOR ONLINE TRANSACTIONS - Embodiments of the invention relate to a secure authentication method for online transactions, an online transaction secure authentication system, an online transaction secure authentication client, and a computer program product for secure authentication of online transactions thereof. The secure authentication method includes: generating, using one or more computer processors, a random session key to encrypt communications between a client and a server; verifying a user identity of a user using the client based on the generated random session key; in the event that the verification of the user identity is successful, generating transaction image information, encrypting the transaction image information based on the random session key, and transmitting the encrypted transaction image information to the client; receiving a confirmation of the transaction image information, the confirmation comprising a transaction signature; and verifying the transaction signature based on the random session key.05-16-2013
20130179352SECURE WIRELESS TRANSACTIONS WHEN A WIRELESS NETWORK IS UNAVAILABLE - Methods, systems, and devices are disclosed for conducting offline transactions using mobile devices at a point of sale device while the point of sale device is disconnected from a network. The point of sale device may receive a request from a user for a transaction code associated with a transaction between the mobile device and a point of sale device; generate an offline transaction code based on a current offline transaction code key stored at the mobile device and a time code associated with the transaction in response to a determination that the mobile device is disconnected from a payment authority server; provide the generated offline transaction code from the mobile device to the point of sale device; and receive an indication from the point of sale device that the payment authority server has approved the transaction based on the generated offline transaction code.07-11-2013
20130179351SYSTEM AND METHOD FOR AN AUTHENTICATING AND ENCRYPTING CARD READER - A system for encrypting and authenticating a payment transaction includes a card reader, a computing device, a card swipe application and a checkout application. The card reader includes a reader head, a secure microcontroller, and an interface. The reader head reads payment card data from a payment card. The secure microcontroller stores a unique reader identification (reader ID), and at least a first encryption key, and includes a payment card decoder application and an encryption application. The encryption application encrypts the payment card data and produces encrypted payment card data. The encryption application further encrypts the transaction data with the first encryption key and produces encrypted transaction data. The checkout application receives the encrypted payment card data and the encrypted transaction data and forwards them to a payment server for processing of the payment transaction.07-11-2013
20120284196METHOD FOR INITIATING AND PERFORMING A CNP BUSINESS TRANSACTION, SOFTWARE FOR THE SAME AND A COMMUNICATION DEVICE COMPRISING SUCH SOFTWARE - The invention relates to a method for performing authenticated bank card payment transaction, comprising registering a user (11-08-2012
20120284195METHOD AND SYSTEM FOR SECURE USER REGISTRATION - A method and system are described for registering an online account associated with a mobile device configured for contactless payment operations in a mobile payment account system. The method includes generating, by a mobile device, a passcode based at least on an encryption key stored securely in the mobile device. In a computing device, a registration process is initiated to register the online account. The computing device receives user input data identifying a passcode generated by the mobile device. An online account server stores online account data defining a user account associated the mobile device, the online account data including a data defining an encryption key. The online account server receives user input data identifying the passcode generated by the mobile device, generates a passcode based at least on the encryption key stored in the online account server, compares the received generated passcode to the passcode generated by the online account server, and verifies the user account associated the mobile device when the generated passcodes match.11-08-2012
20130159195AUTHENTICATION OF DEVICES - Disclosed are systems and techniques that authenticate and authorize a mobile device to conduct transactions over a network with a banking server. Once a mobile device is authenticated, the server generates a client device identifier and a secret key, which is then stored on the mobile device. In response to a transaction request sent by the mobile device, the server authorizes a session by generating a random code and communicates the random code to the mobile device. By using a combination of the secret key and the random code, the mobile device generates two keys, a hash code and a symmetrical key. The server receives the hash code and the unique client device identifier, and based upon a determination, authorizes the transaction on the banking server.06-20-2013
20110289004METHOD AND DEVICE FOR CONDUCTING TRUSTED REMOTE PAYMENT TRANSACTIONS - A method, device, and system for conducting trusted payment transactions including establishing a trust relationship between a first mobile computing device and a second mobile computing device. The first mobile computing device may initiate a payment transaction with a point-of-sale device, communicate with the second mobile communication device to retrieve payment information from the second mobile communication device, and complete the payment transaction with the point-of-sale device using the payment information. The second mobile computing device is configured to verify the user and identity of the first mobile computing device prior to providing the payment information. Communications between the mobile computing devices may be encrypted using pre-determined encryption techniques.11-24-2011
20130191290METHOD, DEVICE AND SYSTEM FOR SECURING PAYMENT DATA FOR TRANSMISSION OVER OPEN COMMUNICATION NETWORKS - A method for securing payment data for transmission over open communication networks is disclosed. The method comprises establishing a data connection between a first and a second transceiver device, the first transceiver device configured as a merchant device and the second transceiver device configured as a customer transceiver device. The merchant device transmits a first data package which comprises a unique merchant identifier and transaction request data, to the customer transceiver device over the data connection. The merchant device receives a cryptogram from the customer transceiver device. The cryptogram having been generated from using a secret key and a counter value together with the received unique merchant identifier and the transaction request data. The method comprises forming an authorisation request comprising the received cryptogram, merchant identifier and the transaction request data and submitting said authorisation request to at least one of an issuer and an acquirer to facilitate authorisation and processing of said transaction request data.07-25-2013
20130198086TRUSTED SERVICE MANAGER (TSM) ARCHITECTURES AND METHODS - A client device comprises a first secure element and a second secure element. The first secure element comprises a first computer-readable medium having a payment application comprising instructions for causing the client device to initiate a financial transaction. The second secure element comprises a second computer-readable medium having a security key, a payment instrument, stored authentication data and instructions for generating a secure payment information message responsive to the payment application. The secure payment information message comprises the payment instrument and is encrypted in accordance with the security key.08-01-2013
20130204795Wireless Payment with a Portable Device - A portable device transmits a payment card number to a merchant machine. The portable device generates an encrypted first message comprising a request to get information about a financial transaction. A packet filter maps the encrypted first message to a pre-established non-GBR bearer. The portable device generates a fourth message by encrypting the encrypted first message and transmits the fourth message. The portable device receives and decrypts a second encrypted message. The portable device decrypts the decrypted second message and sends financial transaction information to a display.08-08-2013
20130212026DATA PROTECTION WITH TRANSLATION - Systems and methods are disclosed in which data associated with a transaction are protected with encryption. At an access device, a PIN associated with a payment account may be encrypted with a first key derived from an initial key of the access device and sensitive data associated with the payment account may be encrypted with a second key derived from the initial key. At a secure module associated with a host server encrypted sensitive data of an authorization request message may be decrypted. The secure module associated with the host server can re-encrypt the sensitive data using a zone encryption key associated with a payment processing network. A translated authorization request message including the re-encrypted sensitive data can be transmitted by the merchant server to the payment processing network.08-15-2013
20130212027SYSTEMS, METHOD AND COMPUTER-ACCESSIBLE MEDIUMS FOR PROVIDING SECURE PAPER TRANSACTIONS USING PAPER FIBER IDENTIFIERS - Exemplary systems, methods and computer-accessible mediums can receive information comprising a first speckle pattern(s) associated with a portion(s) of the paper. The information can be generated by an optical arrangement, and the first speckle pattern(s) can be compared with a second speckle pattern(s) to determine if a similarity, measure based on local or global descriptors is of equal to a predetermined amount or within a predetermined range.08-15-2013
20130212025MECHANISM TO ALLOW THE USE OF DISPOSABLE CARDS ON A SYSTEM DESIGNED TO ACCEPT CARDS CONFORMING TO THE STANDARDS OF THE GLOBAL PAYMENTS INDUSTRY - At a terminal assembly associated with a physical access point, payment device data is obtained from a reduced-functionality payment device, and the data is identified as emanating from such a device. In response, the payment device data emanating from the reduced-functionality payment device is converted into an authorization request or an access request, of a format consistent with full-functionality payment devices. The authorization request or access request is dispatched into a payment infrastructure which is configured to handle same, but is not configured to handle the reduced-functionality payment device.08-15-2013

Patent applications in class Including key management