A directory server is programmed to receive, from an access device, a first authentication request message comprising a credential or a token, and transmit, to an access control server, the first authentication request message. The access control server is programmed to transmit a one-time password to a user device. The directory server is further programmed to receive, from the access device, a second authentication request message with the credential or the token, and the one-time password, and transmit, to the access control server, the second authentication request message. The access control server is further programmed to validate the one-time password and generate an authentication response message including an authentication indicator in response to validating the one-time password. The directory server is further programmed to receive, from the access control server, the authentication response message including the authentication indicator and transmit the same to the access device.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
Information for a payment account of a user of a transit system may be received. A risk analysis may be performed using the information for the payment account based on one or more parameters to determine a risk score for the user. The risk score for the user may be provided to a transit payment system. Whether the user is a high risk based on the risk score may be determined. If the user is a high risk, payment or payment authorization from the user via the transit payment system may be required before the user exits the transit system.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 30/0283 - Estimation ou détermination de prix
G06Q 50/40 - Procédés d’affaires s’appliquant à l’industrie du transport
3.
Method, System, and Computer Program Product for Improving Machine Learning Models
Methods, systems, and computer program products are provided for improving machine learning models which include receiving a data set including data records; inputting the data set to a pre-trained first machine learning model to generate first embeddings; inputting the first embeddings to a second machine learning model to generate second embeddings in a user-specific embedding space; inputting the plurality of second embeddings to a third machine learning model to extract feature data associated with a feature; inputting an output from a machine learning system and the feature data to a fourth machine learning model to generate a relevance score for each entity; determining a subset of entities based on the relevance score; communicating a feedback request to a user; receiving feedback data from the user; and training at least one of the models based on the feedback data.
Provided is a computer-implemented method, system, and computer program product for leasing decoupled configurations and managing configuration lease persistence with application state management including receiving a configuration set lease request from a client application in response to the client application being launched. In response to receiving the configuration set lease request, the method, system, and computer program product includes determining a unique configuration set from a pool of different configuration sets. Further, the method, system, and computer program product includes communicating the unique configuration set to the client application and activating a lease of the unique configuration set by associating the client application with the unique configuration set in a lease database. In response to determining that the lease is valid, persisting the lease in the lease database. In response to determining that the lease is invalid, deactivating the lease of the unique configuration set in the lease database.
A method includes receiving, by a server computer, a thin client identifier from a thin client on a communication device. The server computer can then retrieve an encrypted first cryptographic key based on the thin client identifier. The encrypted first cryptographic key is a first cryptographic key that is encrypted with a second cryptographic key. The server computer can initiate the sending of the encrypted first cryptographic key to the thin client. The server computer then receives an encrypted secret from the thin client, the encrypted secret being a secret encrypted with the first cryptographic key.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
The present disclosure provides devices, systems, and methods for sharing transaction data across entities of a payment network based on a common transaction identifier (ID). For example, a transaction service provider system can process a first transaction based on first transaction data, receive second transaction data for a second transaction processed by an affiliate system, and generate a confidence score representing a likelihood that the first transaction and the second transaction are the same transaction. The transaction service provider system can generate a common transaction ID for the first transaction and the second transaction based on the first transaction data. The transaction service provider system can determine the confidence score satisfies a predetermined threshold and send a request for additional data related to the second transaction to the affiliate system based on the common transaction ID.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p. ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
7.
PRIVACY-PRESERVING BIOMETRICS FOR MULTI-FACTOR AUTHENTICATION
A method includes generating a second public key and a second private key of a second public-private key pair, and transmitting the second public key to a first user device, which stores an encrypted biometric template. The encrypted biometric template is a biometric template encrypted with a first public key of a first public-private key pair. The first user device encrypts the encrypted biometric template with the second public key to form a double encrypted biometric template. The method includes receiving the double encrypted biometric template from the first user device, decrypting the double encrypted biometric template using the second private key to obtain the encrypted biometric template, determining a test biometric template and encrypting the test biometric template, comparing the encrypt-test biometric template and the encrypted biometric template to obtain an encrypted biometric match score, and transmitting the encrypted biometric match score to a server computer.
H04L 9/00 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04W 12/33 - Sécurité des dispositifs mobilesSécurité des applications mobiles utilisant des dispositifs portables, p. ex. utilisant une montre intelligente ou des lunettes intelligentes
H04W 12/63 - Sécurité dépendant du contexte dépendant de la localisationSécurité dépendant du contexte dépendant de la proximité
8.
Method and System for Performing Transaction by Implementing a Token Provisioning Service
The present disclosure discloses a method and a system for performing transaction including when a user initiates a card transaction at an entity, the method comprises receiving card information of the user from the entity for performing transaction. In response to receiving the card information, the method comprises identifying whether an alternate identifier is present for the card information in a first server. If the alternate identifier is present in the first server, the method comprises transmitting the alternate identifier from the first server and a cryptogram value associated with the alternate identifier to the entity for performing the transaction. If the alternate identifier is not present in the first server, the method comprises transmitting the alternate identifier for the card information by obtaining the alternate identifier from a second server and the cryptogram value associated with the alternate identifier to the entity for performing the transaction.
G06Q 20/42 - Confirmation, p. ex. contrôle ou autorisation de paiement par le débiteur légal
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
9.
System, Method, and Computer Program Product for Secure Edge Computing of a Machine Learning Model
Described are a system, method, and computer program product for secure edge computing of a machine learning model. The method includes transmitting, with a server, a first portion of a machine learning model to a computing device remote from the server. The first portion includes at least one first layer of the machine learning model configured to process a first input of data collected by the computing device and generate an output. The method also includes receiving, with the server from the computing device, encoded model data including the output. The method further includes decoding, with the server, the encoded model data to produce decoded model data, and generating, with the server, a classification based on the first input of data by executing a second portion of the machine learning model.
Provided is a system, method, and computer program product for graph-based authorization. The system includes at least one processor programmed or configured to process a plurality of electronic payment transactions for a plurality of merchant systems arranged in an electronic payment processing network, generate a graph data structure including a plurality of nodes and a plurality of edges based on transaction data and external data, the transaction data including transaction parameters from each electronic payment transaction of the plurality of electronic payment transactions, generate a node embedding for each node of the graph data structure by: converting the transaction data associated with the node to first text, converting the external data associated with the node to second text, and generating the node embedding based on the first text and the second text.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
11.
System, Method, and Computer Program Product for Securing Authorization Cookies and Access Tokens
Systems, methods, and computer program products: determine, a network delay equal to a server system time stamp associated with a system time of a server at which a login request from a user device is received by the server minus a first server system time stamp received in the login request; initiate a session timer from a time equal to the first user system time stamp plus the network delay; transmit, to the user device, an authentication cookie or access token; receive, from the user device, a further request including the authentication cookie or access token and a user system time stamp associated with the system time of the user device; validate, the authentication cookie or access token; determine, a time difference between the user system time stamp plus the network delay and the session timer; and authorize or deny, based on the time difference, the further request.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
A method is disclosed and includes executing an integrated application comprising an SDK (software development kit) on a user device with a processor. The method includes determining, by the SDK and the processor on the user device, an checksum for the integrated application, validating, by the SDK in the user device, the integrated application using the determined checksum, and responsive to validating the determined checksum, performing, by the integrated application on the user device, an action.
G06F 21/64 - Protection de l’intégrité des données, p. ex. par sommes de contrôle, certificats ou signatures
G06F 21/51 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade du chargement de l’application, p. ex. en acceptant, en rejetant, en démarrant ou en inhibant un logiciel exécutable en fonction de l’intégrité ou de la fiabilité de la source
A method is disclosed. The method includes receiving, by a processing network computer from a transport computer, a first clearing file comprising data for a plurality of transactions, and then determining, by the processing network computer, an authorizing entity associated with one or more transactions from the first clearing file. The method includes transmitting, by the processing network computer to an authorizing entity computer operated by the authorizing entity, a second clearing file including data for the one or more transactions, determining, by the processing network computer, that the one or more transactions include one or more anomaly transactions, and initiating, by the processing network computer, one or more transaction reversals with respect to the one or more anomaly transactions.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
14.
Method, System, and Computer Program Product for Machine Learning Using Decoupled Knowledge Graphs
Described are a method, system, and computer program product for machine learning using decoupled knowledge graphs. The method includes generating a graph including nodes connected by edges based on data of entities in a network. Generating the graph includes generating entity nodes, determining a distribution of values for an attribute of the entities, generating a lower attribute node associated with a lower subset of values for the attribute, generating a higher attribute node associated with a higher subset of values for the attribute, and generating edges connecting the nodes. The method also includes initializing node embeddings, and generating representations of the nodes by repeating, until convergence, updating the embeddings of the entity nodes while holding other embeddings static, and updating the embeddings of the non-entity nodes while holding other embeddings static. The method further includes executing a machine learning model using the representations.
Methods, systems, and computer program products may obtain a machine learning model, a training dataset including a time range and a feature set including a number of features, and a number times to split the training dataset; for each feature in the feature set, determine, based on a difference between a first trained model including the machine learning model trained on the training dataset with that feature and a second trained model including the machine learning model trained on the training dataset without that feature, whether to update the training dataset to include an updated feature set by removing the feature from the feature set of the training dataset; train the machine learning model on the training dataset including the updated feature set to generate a trained machine learning model; and provide the trained machine learning model.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
A method includes receiving, by aggregator platform computer from a user device of first user, remittance message including at least a service amount for service rendered by second user to the first user; identifying, by the aggregator platform computer, that the remittance message includes an additional amount that accompanies the service amount; upon identifying that the remittance message includes the additional amount, forwarding, by the aggregator platform computer to a plug-in computer, the remittance message including the service amount and the additional amount; identifying, by the plug-in computer in the remittance message, the service amount and the additional amount; and separating, by the plug-in computer, the service amount from the additional amount. The plug-in computer facilitates transfer of the additional amount from an account of the first user to an account of the second user and sends, to the aggregator platform computer, a service remittance message including the service amount.
G06Q 20/10 - Architectures de paiement spécialement adaptées aux systèmes de transfert électronique de fondsArchitectures de paiement spécialement adaptées aux systèmes de banque à domicile
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
17.
System, Method, and Computer Program Product for Interpreting Black Box Models for Payment Authorization Decisions
A computer-implemented method includes: receiving an inquiry request message identifying a first payment transaction having a first plurality of transaction parameters and a first authorization decision; querying a database including transaction data associated with a plurality of historical payment transactions to identify a subset of historical payment transactions, the transaction data including, for each of the plurality of historical payment transactions, a plurality of transaction parameters and an authorization decision, the subset of historical payment transactions including payment transactions having an authorization decision different from the first authorization decision and having a similarity score that satisfies a threshold; determining an impact parameter of the first plurality of transaction parameters by comparing the first plurality of transaction parameters with the plurality of transaction parameters associated with the plurality of historical payment transactions in the subset; and generating an inquiry response message based on the impact parameter.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
Embodiments of the present invention are directed to methods and systems for managing a cryptocurrency payment network comprising one or more issuer nodes and one or more distributor nodes. Issuer nodes may be granted different rights from distributor nodes with respect to the issuance and distribution of digital currency within the cryptocurrency payment network. A management system server computer may generate unique node verification key pairs for each node in the cryptocurrency payment network, where the node verification key pairs may be used to identify and authenticate issuer nodes and distributor nodes.
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/06 - Circuits privés de paiement, p. ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
One or more surface features (e.g., capacitive buttons, fingerprint sensor) may be exposed on a surface of a card (e.g., chi payment card). The card may store multiple applications/accounts of a user. The card receives a selection of one of the accounts by the user placing a finger on or pressing on a surface feature associated with the selected account. The card provides credentials associated with the selected account to a terminal. The multi-application card may disable credentials associated with the remaining accounts thereby appearing as a single-application card to the terminal during a transaction.
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G06F 3/044 - Numériseurs, p. ex. pour des écrans ou des pavés tactiles, caractérisés par les moyens de transduction par des moyens capacitifs
G06K 19/07 - Supports d'enregistrement avec des marques conductrices, des circuits imprimés ou des éléments de circuit à semi-conducteurs, p. ex. cartes d'identité ou cartes de crédit avec des puces à circuit intégré
G06K 19/073 - Dispositions particulières pour les circuits, p. ex. pour protéger le code d'identification dans la mémoire
G06K 19/077 - Détails de structure, p. ex. montage de circuits dans le support
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
20.
System, Method, and Computer Program Product for Tuning Prediction Results of Machine Learning Models
Provided are systems for tuning prediction results of a machine learning model that include at least one processor to determine a plurality of values associated with a prediction matrix based on an output of a trained machine learning model, tune a set of reference measures to provide an adjustment to a predicted classification value of a prospective output of the trained machine learning model, apply the set of reference measures to determine a predicted classification value of a real-time output of the trained machine learning model, wherein the output of the trained machine learning model comprises a predicted classification value for a real-time event. Methods and computer program products are also provided.
This disclosure relates to a computer-implemented method for enabling a transaction bypass for a user-requested block on a merchant. The method involves receiving an authorization request message from a merchant, determining if the merchant is subject to an active block instruction, and verifying customer authentication information. If the authentication information is present and the merchant matches a block instruction, a transaction bypass message is generated and sent to the issuer. Based on the issuer's response, the active block may be removed or maintained. The method also allows for sending authentication data to the issuer for verification, and periodically receiving authorization requests from the merchant. Additional features include managing an authentication security threshold and sending status notifications to the merchant. The invention ensures secure transaction processing, providing flexible handling of user-requested merchant blocks based on customer authentication and issuer approval.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/42 - Confirmation, p. ex. contrôle ou autorisation de paiement par le débiteur légal
22.
Method, System, and Computer Program Product for Ensemble Learning With Rejection
Methods, systems, and computer program products are provided for ensemble learning. An example system includes at least one processor configured to: (i) generate a rejection region for each baseline model of a set of baseline models (ii) generate a global rejection region based on the rejection regions of each baseline model; (iii) train an ensemble machine learning model; (iv) update, based on a baseline model predictive performance metric for each baseline machine learning model, the set of baseline machine learning models; and (iv) repeat (i)-(iv) until there is a single baseline model in the set of baseline models or a predictive performance or global acceptance ratio of the ensemble model satisfies a threshold.
A method is disclosed. The method includes receiving, by a token gateway, a first request message from a token requestor computer. The token gateway determines at least one token service computer from a plurality of token service computers, each token service computer in the plurality of token service computers operating independently of each other. The token gateway transmits at least one second request message to the at least one token service computer and receives, at least one first response message comprising at least one token and/or supplemental data associated with the at least one token from the at least one token service computer. The token gateway transmits a second response message to the token requestor computer, the second response message comprising the at least one token and/or the supplemental data.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
24.
Method, System, and Computer Program Product for Processing a Group Payment Credential
A computer-implemented method may include issuing a group payment credential to a payment group including a plurality of users, each user having an individual payment credential associated with a payment device; receiving a group payment request initiated using the group payment credential, the group payment request associated with a payment transaction having a transaction amount; in response to receiving the group payment request, identifying payment device data associated with the individual payment credentials of each user in the payment group; determining a first individual payment credential from the individual payment credentials based on the payment device data associated with the individual payment credentials and transaction data associated with the payment transaction; generating a processing request including the first individual payment credential; and transmitting the processing request to an issuer system corresponding to the first individual payment credential to cause the issuer system to process the payment transaction.
Provided herein is a payment device including a data element containing account data and trigger data and a communication device in communication with the data element, the communication device configured to communicate the trigger data and the account data to a point-of-sale (POS) device, the trigger data configured to cause the POS device to automatically implement a modified authorization protocol. Systems and methods are also provided.
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
26.
System, Method, and Computer Program Product for Data Controller Platform
Provided are systems for controlling a data pipeline in a data pipeline ecosystem that include at least one processor to receive metadata parameters for a data pipeline, store the metadata parameters in a data repository, generate a logical representation of the data pipeline based on the metadata parameters, execute the data pipeline based on the metadata parameters of the data pipeline, and model the data pipeline using the directed acyclic graph (DAG) of the data pipeline. Methods and computer program products are also provided.
Methods for adversarial training and/or for analyzing the impact of fine-tuning on deep learning models may include receiving a deep learning model comprising a set of parameters and a dataset of samples. A respective noise vector for a respective sample may be generated based on a length of the sample and a radius hyperparameter. For a target number of steps, the following may be repeated: adjusting the noise vector based on a step size hyperparameter, and projecting the respective noise vector to be within a boundary. The parameters of the deep learning model may be adjusted based on a gradient of a loss based on the noise vector. This may be repeated for each sample of the plurality of samples. A system and computer program product are also disclosed.
Techniques for identifying a fraudulent interaction of a user device using time based risk features are described herein. In embodiments, time stamp information provided by an external clock and time units may be maintained by a user device. The user device may include an authentication component that is communicatively coupled to a clock component that generates the time units. In response to conducting an interaction with an access device and user device first time information may be received from the access device. Second time information may be determined based at least in part on the time units from the clock component and the time stamp information. The second time information may be compared to the first time information. An authentication plan for the interaction may be determined based at least in part on the comparison of the second time information to the first time information.
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
29.
System, Method, and Computer Program Product for System Machine Learning in Device Placement
Systems, methods, and computer program products that use unsupervised learning to learn relationships between operations of a machine learning model based on a model graph representation to group the operations into clusters and, given a set of clusters and labels for the clusters, use a reinforcement learning algorithm to generate a final device placement result for the machine learning model.
A computer-implemented system for streamlining encryption payload of a card transaction from a transaction code transaction via a merchant inside a restricted computer network firewall. A wallet application stores data of a payment device, and the wallet application retrieves information of a merchant and a transaction via a transaction code. In response to the retrieved information, the wallet application generates an encrypted payload. The wallet application transmits the encrypted payload to a payment facilitator within the restricted computer network firewall. After decryption of the encrypted payload, the payment facilitator transmits a decrypted payload in one payment packet to the payment processing server outside the restricted computer network firewall. The payment processing server transmits from outside the restricted computer network firewall to the merchant inside the restricted computer network firewall a notification of payment after the payment processing server validates the payment transaction.
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
Described are a system, method, and computer program product for dynamic node classification in temporal-based machine learning classification models. The method includes receiving graph data of a discrete time dynamic graph including graph snapshots, and node classifications associated with all nodes in the discrete time dynamic graph. The method includes converting the discrete time dynamic graph to a time-augmented spatio-temporal graph and generating an adjacency matrix based on a temporal walk of the time-augmented spatio-temporal graph. The method includes generating an adaptive information transition matrix based on the adjacency matrix and determining feature vectors based on the nodes and the node attribute matrix of each graph snapshot. The method includes generating and propagating initial node representations across information propagation layers using the adaptive information transition matrix and classifying a node of the discrete time dynamic graph subsequent to the first time period based on final node representations.
A method, system, and computer program product are provided for embedding an offer. The method includes receiving transaction data for a transaction between a user and a merchant, determining an offer based on the transaction data, the offer corresponding to offer data, generating machine-readable indicia comprising encoded data, the encoded data comprising at least a portion of the transaction data and the offer data, receiving a payment request from a user device of the user based on the encoded data and account data associated with a user account of the user, and in response to receiving the payment request, automatically applying the offer data to at least one of the transaction and the user account.
Described are a method, system, and computer program product for enhanced one-time password-based transaction authorization. The method includes receiving a transaction request initiated by a user, and generating and transmitting a one-time password (OTP) to a user communication device of the user. The method also includes receiving a response code from the user communication device of the user. The method further includes verifying that the first portion of the response code matches the OTP. The method further includes identifying a user code stored in association with the user and verifying that the second portion of the response code matches the user code. The method further includes, in response to verifying that the first portion of the response code matches the OTP and that the second portion of the response code matches the user code, automatically authorizing the transaction request to be processed in an electronic payment processing network.
A method and system for migrating a payment instrument portfolio. A payment network computer receives a payment instrument portfolio conversion request message from an issuer computer to convert a payment instrument portfolio from a prior payment instrument scheme to a new payment instrument portfolio based on a new payment instrument scheme. The request message includes information about existing payment instrument references from the prior payment instrument scheme. The payment network computer creates enrollments based on the information about the existing payment instrument references and sends a portfolio migration event notification message to a payment instrument requestor partner computer associated with a payment network payment instrument requestor identifier subscribed to a new event type for the payment instrument portfolio migration. The payment network computer receives a provision payment instrument from the payment instrument requestor partner computer and sends a new payment instrument provisioning approval request message to the issuer computer.
G06Q 40/06 - Gestion de biensPlanification ou analyse financières
G06Q 20/06 - Circuits privés de paiement, p. ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
A method includes a server computer receiving, from a first data provider computer, encrypted data derived from first identity data and a cryptographic key or derivative thereof stored at the first data provider computer. The server computer transmits, to a second data provider computer, the encrypted data and/or the cryptographic key or derivative thereof. The server computer receives, from the second data provider computer, intermediate data derived from second identity data stored at the second data provider computer. The server computer determines if the first identity data and the second identity data are duplicates while the first identity data and the second identity data are encrypted. The server computer removes one of encrypted first identity data, derived from the first identity data, and encrypted second identity data, derived from the second identity data, from a memory in the server computer.
G06F 16/215 - Amélioration de la qualité des donnéesNettoyage des données, p. ex. déduplication, suppression des entrées non valides ou correction des erreurs typographiques
H04L 9/30 - Clé publique, c.-à-d. l'algorithme de chiffrement étant impossible à inverser par ordinateur et les clés de chiffrement des utilisateurs n'exigeant pas le secret
36.
SECURE AND PRIVACY PRESERVING MESSAGE ROUTING SYSTEM
A method is disclosed. The method includes receiving, by a user device from the access device, a routing path list comprising a first set of network nodes. After receiving the routing path list, the user device determines a routing options list comprising a second set of network nodes based on the first set of network nodes in the routing path list. The method also includes obtaining an encrypted credential or token, and transmitting, by the user device to the access device, the routing options list, and the encrypted credential or token to the access device. The access device transmits an authorization request message comprising the encrypted credential or token, and the routing options list to a server computer via at least some of the network nodes in the second set of network nodes. The server computer may be an authorizing entity computer.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
37.
SECURE DATA EXCHANGE MATCHING ACROSS IDENTITY PROVIDERS
A method includes receiving a first encrypted first identity attribute. A first doubly encrypted first identity attribute is formed by encrypting the first encrypted first identity attribute. A second doubly encrypted first identity attribute is formed by encrypting the first encrypted first identity attribute. They are transmitted to a user device, which removes a user layer of encryption on each to form a second encrypted first identity attribute and a third encrypted first identity attribute. Layers of encryption are added to the second encrypted first identity attribute to form a third doubly encrypted first identity attribute and the third encrypted first identity attribute to form a fourth doubly encrypted first identity attribute. The server computer receives them and transmits, to the second identity provider computer, the fourth doubly encrypted first identity attribute. The second identity provider computer obtains a first identity attribute and compares it to a second identity attribute.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04L 9/14 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité utilisant plusieurs clés ou algorithmes
38.
Method, System, and Computer Program Product for Improving Matching Algorithms
Methods, systems, and computer program products are provided for improving matching algorithms. A method may include: receiving user privacy settings and interest preference data; storing the data in a database; inputting the interest preferences data into a machine learning algorithm to generate at least one match between the user and a merchant, wherein the merchant comprises a subset of a plurality of merchants; generating a data sharing message by: compiling first data associated with the user; filtering the first data based on interest preference data and/or privacy settings data to generate shareable data; and for each merchant associated with a subset of the data associated a merchant, generating a corresponding data sharing message containing a subset of interest preference data; and distributing the corresponding data sharing messages.
A method includes extracting, by an analysis computer, a plurality of first datasets from a plurality of graph snapshots using a structural self-attention module. The analysis computer can then extract at least a second dataset from the plurality of first datasets using a temporal self-attention module across the plurality of graph snapshots. The analysis computer can then perform graph context prediction with at least the second dataset.
Provided are computer-implemented methods that may include receiving, via a communication network, a request to perform an online action from a user device; retrieving data associated with a number of times the user device performed the online action within at least one time interval; determining whether a dataset associated with a number of times a plurality of user devices have performed the online action within the at least one time interval is normally distributed; and determining a standard deviation associated with the number of times the user device performed the online action within the at least one time interval in response to determining that the dataset is normally distributed, and performing a control operation associated with the request to conduct the online action based on a threshold of standard deviation. Systems and computer program products are also provided.
Systems, methods, and computer program products are provided for saving memory during training of knowledge graph neural networks. The method includes receiving a training dataset including a first set of knowledge graph embeddings associated with a plurality of entities for a first layer of a knowledge graph, inputting the training dataset into a knowledge graph neural network to generate at least one further set of knowledge graph embeddings associated with the plurality of entities for at least one further layer of the knowledge graph, quantizing the at least one further set of knowledge graph embeddings to provide at least one set of quantized knowledge graph embeddings, storing the at least one set of quantized knowledge graph embeddings in a memory, and dequantizing the at least one set of quantized knowledge graph embeddings to provide at least one set of dequantized knowledge graph embeddings.
Provided are systems for generating a machine learning model for classification tasks using unadversarial training that include a processor to perform an unadversarial training procedure to train a machine learning model to provide a trained machine learning model. When performing the unadversarial training procedure, the processor is programmed or configured to receive a training dataset including a plurality of training samples; generate a noise vector for the plurality of training samples based on a uniform distribution; perturb each training sample of the Generate a noise vector plurality of training samples; obtain a gradient; generate an updated noise vector based on the gradient; perturb each training sample of the plurality of training samples based on the updated noise vector; and update a model weight of the machine learning model based on the second plurality of Obtain a gradient perturbed training samples to provide the trained machine learning model. Methods and computer program products are also provided.
Method, System, and Computer Program Product for Coordinated Analysis of Output Scores and Input Features of Machine Learning Models in Different Environments
Methods, systems, and computer program products are provided for coordinated analysis of output scores and input features of machine learning models in different environments. An example method includes receiving a plurality of first data records and a plurality of second data records. A first plot is generated based on a first score generated by a machine learning model for each first data record and a second score generated by the machine learning model for each second data record. The first plot is displayed. A plurality of second plots associated with at least a subset of the plurality of features are generated. Each respective second plot is generated based on a respective first field associated with a respective feature from the first data records and a respective second field associated with the respective feature from the second data records. The second plots are displayed.
Methods and systems for using a mobile device as a point-of-sale (POS) terminal provisioned by a resource provider are provided. A server computer can transmit, to a resource provider computer, a set of platform-specific scripts to be incorporated into a resource provider application provisioned on a user device. The server computer can register each instance of the resource provider application provisioned on any user device as an access terminal associated with the resource provider computer. The server computer can receive, directly from an instance of the resource provider application on a user device, a processing request message to perform a transaction. The server computer can obtain an authorization decision on behalf of the resource provider computer and transmit the authorization decision to the user device and the resource provider computer.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
45.
SYSTEM AND METHOD FOR PAY-PER-VIEW USING A PAYMENT NETWORK
A pay-per-view system and method are disclosed. A token management server computer receives an account credential from a content creator and sends a content creator token reference to a content delivery network. A content license server computer receives a request for a content license key from a content player. The request includes the content creator token reference and a content player token reference. The content license server computer validates the content creator token reference, validates the content player token reference, receives a token validation response from the token management server computer, creates a time bound license for content created by the content creator, and sends the content license key to the content player.
G06Q 20/06 - Circuits privés de paiement, p. ex. impliquant de la monnaie électronique utilisée uniquement entre les participants à un programme commun de paiement
A computer-implemented method includes: storing first biometric data associated with a first user corresponding to a payment device issued by an issuer system; during a payment transaction initiated with the payment device by a second user different from the first user, receiving second biometric data associated with the second user; in response to receiving the second biometric data, automatically generating a similarity score by executing a biometric algorithm configured to compare the second biometric data to the first biometric data, the similarity score representing a similarity between the second biometric data and the first biometric data; and in response to the similarity score satisfying at least one threshold, automatically authenticating the payment transaction.
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
47.
Method, System, and Computer Program Product for Authenticating Digital Transactions
Methods for authenticating digital transactions include receiving a device registration request, a device attestation response including a first token, and a selection of an authentication mode from a device. In response to receiving the device registration request and determining that the selected authentication mode is a static personal identification number (PIN) authentication mode, a device registration response is provided to the device. A first payment transaction request and an enrolment request to authenticate a second payment transaction request using the static PIN authentication mode are subsequently received from the device. The device is communicated with to receive the static PIN from the device. The device is enrolled based on the static PIN. Systems and computer program products are also provided.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
48.
System, Method, and Computer Program Product for Energy Efficient Generation of Artificial Noise to Prevent Side-Channel Attacks
Methods, systems, and computer program products are provided for energy efficient generation of artificial noise to prevent side-channel attacks. An example method includes storing at least one secret value including secret value bits. At least one cryptographic operation is executed based on the at least one secret value. An artificial sequence generator stores at least one state indication based on a plurality of previous cryptographic operations executed on the device. A plurality of samples of artificial noise are generated, and a number of the plurality of samples is based on at least one power constraint parameter. Each sample of artificial noise of the plurality of samples of artificial noise is overlaid over a respective portion of a side channel signal based on the at least one state indication to mask leakage information associated with the at least one secret value on the side channel signal.
Methods, systems, and computer program products are provided for spatial-temporal prediction using trained spatial-temporal masked autoencoders. An example system includes a processor configured to determine a structural dependency graph associated with a networked system. The processor is also configured to receive multivariate time-series data from a first time period associated with the networked system. The processor is further configured to mask the plurality of edges of the structural dependency graph and mask the multivariate time-series data. The processor is further configured to train a spatial-temporal autoencoder based on the masked structural representation and the masked temporal representation. The processor is further configured to generate a prediction using a spatial-temporal machine learning model including the trained spatial-temporal autoencoder, the prediction associated with an attribute of the networked system in a second time period subsequent to the first time period.
The method includes receiving a broadcast signal from a beacon device, the broadcast signal encoding a first credential associated with a first entity. In response to receipt of the broadcast signal, the mobile communication device transmits the received first credential to an authentication system. The authentication system determines if the first entity associated with the broadcast signal is authentic and generates a confirmation message confirming the authenticity of the first entity. The mobile communication device then receives the confirmation message indicating that the first entity is authentic. The mobile communication thereafter receives and transmits a second credential for the mobile communication device to the beacon device, which transmits the second credential to the authentication system. The authentication system then confirms the authenticity of the mobile communication device. Then, the beacon device can initiate an interaction process with the user of the mobile communication device.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04W 12/64 - Sécurité dépendant du contexte dépendant de la localisationSécurité dépendant du contexte dépendant de la proximité utilisant des zones géorepérées
A method is configured to perform a continuous software testing. A processor receives, from a code developer computer, a request to commit a code portion for a microservice to a code repository including a source code for a plurality of microservices. The processor executes, using the source code into which the code portion is incorporated, a test transaction routine including tests respectively associated with the plurality of microservices. The processor determines if an error occurred in response to the executing the test transaction routine. If no error occurred, the code portion is committed to the code repository, and, if an error occurred, the code portion is not committed to the code repository.
Systems and methods for automated transaction control and verification for e-commerce platforms, the method comprising receiving, by a control server, data elements of an e-commerce transaction, wherein each data element of the data elements is of a data element-type of a plurality of data element-types; inputting, by the control server, the data elements in a multi-layer identity verification module; generating, by the multi-layer identity verification module, based on the data elements, a verification score for an identity variable of at least one layer of the multi-layer identity verification module, wherein the identity variable is comprised of at least one of the plurality of data element-types; and directing an e-commerce merchant system to apply a transaction outcome action based on implementation of transaction rules set by the e-commerce merchant system that are based on the verification score.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/12 - Architectures de paiement spécialement adaptées aux systèmes de commerce électronique
53.
METHOD TO OPTIMALLY USE AVAILABLE COMPUTER RESOURCES OF DATABASE SERVERS
The present disclosure provides various devices, systems, and methods that can improve and/or optimize the computing resource utilization of database servers. For example, according to one aspect, the present disclosure provides a method that includes intercepting queries submitted for execution by a database server and applying a set of object values for each of the queries to a prediction model to predict success or failure of the execution of each of the queries. The method can further include preventing the execution of the queries that are predicted to fail and forwarding the queries that are predicted to succeed to the database server for execution.
Disclosed are a method and system for generating a behavior profile for a new entity. The method is performed in response to and immediately after a new entity is added to a fraud detection system. The method includes generating a doppelganger behavior profile for the new entity based on feature data of the new entity and pre-existing entities. Generating the profile includes determining a similarity score for each pre-existing entity, ranking the plurality of pre-existing entities based on the score, selecting pre-existing entities based on the ranking, and combining behavior profiles of the preexisting entities to produce the profile. The method also includes assigning the profile to the new entity and monitoring the new entity. The method further includes detecting fraud, an anomaly, and/or malicious intent based on the profile, and automatically suspending an aspect of the new entity in response to the detection.
Systems and methods disclosed herein include a mobile solution to enable users to perform financial transaction over a network using a mobile device. These techniques allow users to maintain a single personal account identifier or number (“PAN”) on the user's mobile device and to utilize it to access a plurality of linked financial accounts and sub-accounts. Any one of the accounts can be selected by a user on the mobile device to remotely deposit funds to that account based on an image of a financial payment instrument. The image can be obtained using image capture technology on the user's mobile device. Users can perform a financial transaction using the verified images over a network in order to conduct a remote financial transaction such as applying a deposit, a payment, or cash load to a designated account which is linked to the user's mobile account in real-time or near real-time.
G06Q 20/10 - Architectures de paiement spécialement adaptées aux systèmes de transfert électronique de fondsArchitectures de paiement spécialement adaptées aux systèmes de banque à domicile
A method is disclosed. It includes receiving, by a clearing system comprising an artificial intelligence model, a clearing file comprising a plurality of clearing records. It also includes inputting the clearing records into the artificial intelligence model, and then determining, by the artificial intelligence model, predictions relating to the clearing records. It also includes providing the predictions to an authorizing entity computer. The authorizing entity computer performs actions based on the predictions.
Embodiments of the invention are directed to a method for reducing a computational burden of a blockchain provider. A data processing computer may facilitate an exchange of a data transfer message between respective applications of a first and second device. The data processing computer may maintain an electronic record according to the exchange. A net transfer value may be determined for the record and data comprising the net transfer value may be transmitted to a blockchain provider. Receipt of the data by the blockchain provider may cause the blockchain provider to update a ledger with the net transfer value.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
58.
ZERO-KNOWLEDGE INTERACTION PROCESSING SYSTEM AND METHOD
A user device generates an initiate interaction request message comprising a state commitment. The user device provides the initiate interaction request message to a first server computer, which creates a verify state request message comprising an interaction index, an interaction index commitment, and a first commitment signature formed from the state commitment and the interaction index commitment. The user device receives the verify state request message, then generates a modified verify state request message comprising a user device public key, the state commitment, the interaction index commitment, and the first commitment signature. The user device provides the modified verify state request message to a second server computer. The second server computer verifies the state commitment, verifies the first commitment signature, and creates a second commitment signature formed from the state commitment and the interaction index commitment. The user device receives a verify state response message comprising the second commitment signature.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
59.
Method, System, and Computer Program Product for Identifying Library Vulnerabilities
Methods, systems, and computer program products may obtain a library; obtain, from at least one external data source, information associated with at least one vulnerability associated with the library; generate, based on the information associated with the at least one vulnerability associated with the library, at least one rule associated with the at least one vulnerability; train at least one machine learning model with the at least one rule associated with the at least one vulnerability; scan, based on the at least one rule associated with the at least one vulnerability, at least one application that uses the library to identify whether the at least one application includes the at least one vulnerability; and provide an indication of whether the at least one application that uses the library includes the at least one vulnerability.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
G06F 16/951 - IndexationTechniques d’exploration du Web
60.
INTEGRATION OF VERIFICATION TOKENS WITH MOBILE COMMUNICATION DEVICES
A method is disclosed. The method includes receiving, by a computer from a portable device via an NFC interaction, a cryptogram, the cryptogram based at least upon a primary account number. The method includes generating, by the computer, a request for dynamic account information, the request comprising the cryptogram, and transmitting, by the computer to a validation entity computer over a communications network comprising the Internet or a cellular phone network. The request comprises the cryptogram. The validation entity computer validates the cryptogram. The method also includes responsive to the validation entity computer validating the cryptogram, receiving, by the computer from the validation entity computer, the dynamic account information over the communications network.
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes
G06Q 20/12 - Architectures de paiement spécialement adaptées aux systèmes de commerce électronique
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/42 - Confirmation, p. ex. contrôle ou autorisation de paiement par le débiteur légal
H04L 9/10 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité avec un boîtier, des caractéristiques physiques ou des commandes manuelles particuliers
H04L 9/14 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité utilisant plusieurs clés ou algorithmes
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
A method is disclosed. The method includes receiving, by a computer from a portable device via near field communications, a primary account number. The method includes transmitting, by the computer, to a validation entity computer over a communications network comprising the Internet or a cellular phone network, a request for dynamic account information associated with the primary account number. The validation entity computer obtains and sends the dynamic account information to the computer. The method also includes receiving, by the computer from the validation entity computer over the communications network comprising the Internet or the cellular phone network, the dynamic account information and populating a form on the computer with the dynamic account information.
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes
G06Q 20/12 - Architectures de paiement spécialement adaptées aux systèmes de commerce électronique
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/42 - Confirmation, p. ex. contrôle ou autorisation de paiement par le débiteur légal
H04L 9/10 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité avec un boîtier, des caractéristiques physiques ou des commandes manuelles particuliers
H04L 9/14 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité utilisant plusieurs clés ou algorithmes
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
The present disclosure generally relates to an anomaly detection solution using advanced mobile payments data and mobile transaction-level features to help banks detect potential anomalous behavior in their mobile banking platform. The solution disclosed in the present disclosure is embedded into a broader fraud and anomaly detection monitoring framework at client end to make real time decisions on transaction approval, hold, or decline. This leads to reduced fraud losses and exposures, and optimized transaction approval rates for the client. As opposed to typical models deployed by banks which are unique and targeted to a specific use, this solution concurrently caters to three distinct use cases: detection of potential fraudulent activity, facility abuse by client, and potential laundering activity.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
63.
METHOD FOR VERIFICATION OF HARDWARE-BASED AND SOFTWARE-BASED PAYMENT TERMINAL AUTHENTICITY DURING CARDHOLDER VERIFICATION
A computer-implemented method for authenticating a payment terminal during a payment transaction by a cardholder is disclosed. The computer-implemented method includes receiving payment information associated with a cardholder account of the cardholder. The method further includes transmitting a payment authorization request to an issuer server, receiving a response form the issuer server to the payment authorization request. The response includes a verification request of a personal identification number (PIN) associated with the cardholder account, and a cardholder-recognizable token previously associated with the cardholder account. The method further includes presenting the cardholder-recognizable token to the cardholder with the verification request of the PIN.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
64.
System and Computer Implemented Method for Generating and Transmitting Tokenized Card Information
The present disclosure relates to a method and a tokenization server for generating and transmitting tokenized card information to a token requestor. In some non-limiting embodiments or aspects, the method includes receiving, from the token requestor, a request for a token corresponding to a payment card. The token may include a plurality of characters. Further, the method includes generating a token key corresponding to the token based on location information associated with a plurality of files stored in a user device. Subsequently, the method includes transmitting the token key, including location information within the plurality of files in the user device, to the token requestor. Here, the location information may include a location embedded with a character of the plurality of characters of the token. Thus, the present disclosure provides a secure method of generating, storing, and transmitting the tokenized card information.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/10 - Architectures de paiement spécialement adaptées aux systèmes de transfert électronique de fondsArchitectures de paiement spécialement adaptées aux systèmes de banque à domicile
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
65.
System, Method, and Computer Program Product for Breach Detection Using Convolutional Neural Networks
Systems, methods, and computer program products are provided for breach detection using convolutional neural networks (CNNs). An example system includes a processor configured to generate a plurality of permuted images, each image comprising a field of points associated with suspected fraudulent transactions, an x-axis position of each point associated with a time, and a y-axis position of each point corresponding to a randomized index of a payment device. The processor is also configured to assign a breach likelihood score to each image using a CNN model. The processor is further configured to compare the breach likelihood score of each image to a threshold score. The processor is further configured to detect the breach event based on one or more breach likelihood scores satisfying the threshold score. The processor is further configured to, in response to detecting the breach event, decline transactions with the entity associated with the breach event.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
Provided is a system, method, and computer program product for determining a pseudo-identity score in a virtual environment based on a blockchain network. The system includes at least one processor programmed or configured to identify a pseudo-identity in a virtual environment based on a blockchain address on a blockchain network, the pseudo-identity corresponding to the blockchain address, determine an age of the pseudo-identity, determine a measure of activity of the pseudo-identity based on transactions conducted by the pseudo-identity in the virtual environment, determine a pseudo-identity score based at least partially on the age of the pseudo-identity and the measure of activity of the pseudo-identity, and process a request generated by the pseudo-identity in the virtual environment based on the pseudo-identity score.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
Methods and systems for performing federated private anomaly detection are disclosed. An anomaly detector computer can collaborate with an aggregator computer and an account management computer in order to train machine learning models, which can be used to classify events as not fraudulent or fraudulent. The anomaly detector computer can obliviously use private information (e.g., account flags and account flag values) held by the account management computer to train and use the machine learning models, such that the anomaly detector does not become aware of the account flags or account flags values. Such a system can be used, for example, for the detection and prevention of financial crime. The anomaly detector computer can use the account flag information possessed by the account management computer to identify fraudulent events performed by customers of the organization operating the account management computer.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
An access device is disclosed. The access device includes a non-transitory computer readable medium that includes code for performing a method that includes receiving, from a user device, a digital certificate and a seed, and then encrypting the seed, and a first access device key with a public key from the digital certificate to form encrypted data. The method also includes transmitting, to the user device, the encrypted data. The user device decrypts the encrypted data using a private key corresponding to the public key to obtain the seed, and the first access device key, verifies that the seed received from the access device matches the seed sent to the access device, and encrypts a secret or derivative thereof with the first access device key to form an encrypted secret or derivative thereof. The method also includes receiving the encrypted secret or derivative thereof.
H04L 9/30 - Clé publique, c.-à-d. l'algorithme de chiffrement étant impossible à inverser par ordinateur et les clés de chiffrement des utilisateurs n'exigeant pas le secret
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
69.
Method, System, and Computer Program Product for Dynamically Assigning an Inference Request to a CPU or GPU
A method for dynamically assigning an inference request is disclosed. A method for dynamically assigning an inference request may include determining at least one model to process an inference request on a plurality of computing platforms, the plurality of computing platforms including at least one Central Processing Unit (CPU) and at least one Graphics Processing Unit (GPU), obtaining, with at least one processor, profile information of the at least one model, the profile information including measured characteristics of the at least one model, dynamically determining a selected computing platform from between the at least one CPU and the at least one GPU for responding to the inference request based on an optimized objective associated with a status of the computing platform and the profile information, and routing, with at least one processor, the inference request to the selected computing platform. A system and computer program product are also disclosed.
Novel methods of performing statistically receiver private (SRP) string oblivious transfer (OT) are disclosed. Such methods can be used to transfer messages between senders and receivers subject to the conditions of oblivious transfer. These methods can be used as a “building block” to develop useful cryptographic systems, such as multiparty computation networks. A sender computer and a receiver computer can exchange a first and second oblivious transfer message. Data contained in these messages can be used, by the sender computer, to obfuscate a first message and a second message. The sender computer can transmit (in a third oblivious transfer message), both the first obfuscated message, the second obfuscated message and a group element to a receiver computer. Using the group element, the receiver computer can attempt to de-obfuscate one or both of the obfuscated messages, and can receive either a first message or a second message in the process.
Provided is a method including receiving, by a user device, a request from an identity service to approve communicating a user proof-of-identity to a relying party. A user of the user device is prompted to request a one-time transaction identifier based on the request. Based on a first input from the user, the user device requests the one one-time transaction identifier from the identity service. In response to the request for the one-time transaction identifier, the user device receives the one-time transaction identifier from the identity server and displays the one-time transaction identifier on a first user device screen. The user inputs the one-time transaction identifier on a second user device screen and the user device communicates the one-time transaction identifier to the identity service. In response to receiving the at least one inputted one-time transaction identifier, the relying party determines whether to approve or deny a transaction.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
72.
SYSTEMS AND METHODS FOR USING A TRANSACTION IDENTIFIER TO PROTECT SENSITIVE CREDENTIALS
In a method, account credentials can be securely transmitted. A user device and application can initially select an account, and then obtain a transaction identifier associated with the account. The user device can provide the transaction identifier to a resource provider, which can then directly exchange the transaction identifier for the account credentials.
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
73.
System, Method, and Computer Program Product for Third-Party Authorization
A method, system, and computer program product is provided for third-party authorization. The method includes generating an authorization code, encrypting the authorization code with a public key associated with a first system, resulting in an encrypted authorization code, transmitting the encrypted authorization code to the first system, receiving, from the first system, a digitally signed authorization code generated by the first system based on the authorization code and a private key corresponding to the public key associated with the first system, verifying the digitally signed authorization code based on the public key and the authorization code, and in response to verifying the digitally signed authorization code, transmitting an access token to the first system, wherein the access token is configured to authorize a user with the first system.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04L 9/00 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité
A computer-implemented method is provided. The method comprises rendering, by a portable electronic device, a digital good in an augmented reality experience of a physical retail store; enabling, by the portable electronic device, a collection of the digital good in the augmented reality experience; rendering, by the portable electronic device, a plurality of virtual environments available for transfer of the digital good; receiving, by the portable electronic device, a user selection of a virtual environment from the plurality of virtual environments; transmitting, by the portable electronic device, a communication for placement of the digital good in the virtual environment, wherein the communication is indicative of the user selection; and rendering, by the portable electronic device, the virtual environment associated with the user selection, to utilize the digital good within the virtual environment. A computer-implemented method for facilitating the use of a digital good with a virtual environment is also provided.
A63F 13/65 - Création ou modification du contenu du jeu avant ou pendant l’exécution du programme de jeu, p. ex. au moyen d’outils spécialement adaptés au développement du jeu ou d’un éditeur de niveau intégré au jeu automatiquement par des dispositifs ou des serveurs de jeu, à partir de données provenant du monde réel, p. ex. les mesures en direct dans les compétitions de course réelles
A63F 13/52 - Commande des signaux de sortie en fonction de la progression du jeu incluant des aspects de la scène de jeu affichée
Provided is a method for protocol parsing for network security. The method may include receiving, by a packet capture system, a plurality of packets, parsing lower layer data from each packet, and communicating a respective payload of each respective packet to at least one first queue. A routing system may route the respective payload of each respective packet to a respective second queue of a plurality of second queues based on a respective protocol of the respective packet. A respective protocol parser node of a parsing system may parse higher layer data from the respective payload of each respective packet from each respective second queue. The packet capture system may communicate the lower layer data for each packet to a third queue, and the parsing system may communicate the higher layer data for each packet to the third queue. A system and computer program product are also disclosed.
Systems and methods are disclosed for securely communicating sensitive data (e.g., interaction data) during a process for offline authentication. A data packet may be received by an access device from a user device in a one-way communication. The data packet may be converted to obtain interaction data comprising a digital certificate certified by the certificate authority and a digital signature value generated by the user device. A second public key associated with the user device may be obtained utilizing the digital certificate and the first public key associated with the certificate authority. The validity of the interaction data may be determined based at least in part on the digital signature value and the second public key associated with the user device. When the interaction data is determined to be valid, an identifier of the interaction data may be authorized and access may be provided based on this authorization.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 21/36 - Authentification de l’utilisateur par représentation graphique ou iconique
H04L 9/30 - Clé publique, c.-à-d. l'algorithme de chiffrement étant impossible à inverser par ordinateur et les clés de chiffrement des utilisateurs n'exigeant pas le secret
77.
System, Method, and Computer Program Product for Dynamically Processing Model Inference or Training Requests
Systems, methods, and computer program products are provided for dynamically processing model inference or training requests. A system may include at least one processor to receive a plurality of requests from a plurality of requesting systems, create a plurality of instantiations of at least one machine-learning model based on the plurality of requests and service data associated with each requesting system of the plurality of requesting systems, stream data associated with at least one request of the plurality of requests to each instantiation of the plurality of instantiations, adjust a rate limit for each instantiation of the plurality of instantiations based on the service data associated with at least one requesting system related to a respective instantiation, resulting in an adjusted rate limit, and process at least one request of the plurality of requests with an instantiation of the plurality of instantiations based on the adjusted rate limit.
G06F 9/50 - Allocation de ressources, p. ex. de l'unité centrale de traitement [UCT]
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
78.
METHOD OF PERFORMING TRANSACTIONS WITH CONTACTLESS PAYMENT DEVICES USING PRE-TAP AND TWO-TAP OPERATIONS
A system, apparatus, and method for processing payment transactions that are conducted using a mobile payment device that includes a contactless element, such as an integrated circuit chip. The invention enables one or more of the operations of activation of a payment application, transfer of transaction data, updating of account records, setting or re-setting of a payment application counter or register, or transfer or processing of a script, command, or instruction, with these functions being performed with minimal impact on a consumer. This is accomplished by introducing a pre-tap and/or two-tap operation prior to, or as part of, the transaction flow.
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/10 - Architectures de paiement spécialement adaptées aux systèmes de transfert électronique de fondsArchitectures de paiement spécialement adaptées aux systèmes de banque à domicile
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
A method, system, and computer program product is provided for graph-based fraud detection. The system includes at least one processor programmed or configured to generate a graph data structure based on a plurality of transactions between a plurality of accounts, wherein each account of the plurality of accounts is represented by a node in the graph data structure, and wherein each transaction of the plurality of transactions is represented by an edge in the graph data structure, determine a plurality of features of the graph data structure for each account of the plurality of accounts, generate a graph profile for at least one account of the plurality of accounts based on the plurality of features for the at least one account, and update the graph profile for the at least one account based on at least one new transaction engaged in by the at least one account.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
A hub computer receives, from a first computer, a sender message comprising a promise corresponding to a transaction comprising a promise type, an amount, a first verification key associated with the first computer, computer code, and a digital signature. The hub computer verifies the promise by at least verifying the digital signature using the first verification key, verifying that the amount is less than a first computer amount, and verifying that the hub computer is able to process the promise type. The hub computer executes the computer code to perform the transaction.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p. ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
81.
System, Method, Computer Program Product for Operating a Gated Multilayer Perceptron Machine Learning Model Architecture
Provided is a system that includes a processor to receive interaction data associated with a plurality of interactions, generate a first intermediate embedding, a second intermediate embedding, and a third intermediate embedding using at least one machine learning model, provide the first intermediate embedding as an input to a gating machine learning model to generate an intermediate classification of the first intermediate embedding, multiply the intermediate classification of the first intermediate embedding, the second intermediate embedding, and the third intermediate embedding to provide an intermediate product of outputs, combine the first intermediate embedding and the intermediate product of outputs to provide a combined final input, and generate an output classification label of the combined final input based on providing the combined final input to a head machine learning model. Methods and computer program products are also provided.
Systems and methods of preventing fraud and authenticating users while processing a token on a token provider computer, a token gateway computer, and a mobile device are disclosed.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
83.
Method, System, and Computer Program Product for Generating a Payment Device Using a Virtual Environment
A computer-implemented method includes: receiving user identifying data; launching a virtual environment including an interactive graphical user interface configured to receive user selection inputs; in the virtual environment: receiving a first user selection input selecting an avatar corresponding to a payment device reward; associating the avatar and the payment device reward with the user; displaying payment device design components; receiving a second user selection input selecting a payment device design component; and associating the payment device design component with the user; and redirecting the user to an issuer system by communicating a payment device issuance request to generate and issue a payment device to the user, where the payment device issuance request contains at least one of the following: the user data, the first user selection input, the second user selection input, and/or any combination thereof.
G06F 3/01 - Dispositions d'entrée ou dispositions d'entrée et de sortie combinées pour l'interaction entre l'utilisateur et le calculateur
G06F 3/04815 - Interaction s’effectuant dans un environnement basé sur des métaphores ou des objets avec un affichage tridimensionnel, p. ex. modification du point de vue de l’utilisateur par rapport à l’environnement ou l’objet
G06F 3/0482 - Interaction avec des listes d’éléments sélectionnables, p. ex. des menus
G06F 3/04845 - Techniques d’interaction fondées sur les interfaces utilisateur graphiques [GUI] pour la commande de fonctions ou d’opérations spécifiques, p. ex. sélection ou transformation d’un objet, d’une image ou d’un élément de texte affiché, détermination d’une valeur de paramètre ou sélection d’une plage de valeurs pour la transformation d’images, p. ex. glissement, rotation, agrandissement ou changement de couleur
G06Q 20/30 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques
A method is disclosed. The method comprises a directory server computer receiving an authentication request message comprising a token and transmitting a de-tokenization request message comprising the token to a token service computer. The token service computer determines a credential associated with the token. The method further comprises receiving the credential and determining that the token or the credential does not require additional user authentication processing. The method further comprises transmitting an authentication response message with an authentication indicator indicating the transaction is authenticated to an authentication server computer.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
85.
Method, System, and Computer Program Product for Detecting Group Activities in a Network
Provided is a method for detecting group activities in a network. The method may include receiving interaction data associated with a plurality of interactions. For each account identifier associated with at least one interaction, a value may be determined for each of a first set of categories, and a vector may be generated based on the value for each category. The length of each vector may be determined. At least one relational graph may be generated based on the interaction data. Each relational graph may be associated with a respective category of a second set of categories. At least one cluster of nodes may be determined based on the relational graph(s). A score for each cluster may be determined based on the length of the vector associated with the account identifier of each node of the cluster of nodes. A system and computer program product are also disclosed.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
86.
USE OF WEB AUTHENTICATION TO ENHANCE SECURITY OF SECURE REMOTE PLATFORM SYSTEMS
A method includes receiving, by a universal authentication application from a resource provider computer, a user credential verification request message comprising a user identifier, server computer data, and interaction data for an interaction. The universal authentication application transmits the user credential verification request message to a browser that invokes the authenticator to verify biometric information of a user. The universal authentication application receives a user credential verification response message from the authenticator. The user credential verification response message includes signed interaction data. The universal authentication application sends the user credential verification response message to the resource provider computer. The resource provider computer provides at least the signed interaction data to a plurality of server computers to retrieve a plurality of portable device credentials respectively associated with the plurality of server computers.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
87.
OBFUSCATION ON EXPOSED PUBLIC API FROM SOFTWARE LIBRARY
A method for creating a final application includes a computer obtaining an obfuscated SDK binary and an interface source code that comprises one or more functions that call obfuscated functions within the obfuscated SDK. The computer then creates application source code that calls functions in the interface source code. The computer builds an intermediate object comprising the interface source code and the application source code. The computer then creates the final application using the intermediate object and the obfuscated SDK binary.
Described are a system, method, and computer program product for real-time transactions. The method includes receiving a real-time payment identifier request, the real-time payment identifier request including at least one of a phone number associated with the user device and an account identifier. The real-time payment identifier request may be communicated to a real-time payment platform located remotely from the user device. A real-time payment identifier may be received and stored in a real-time payment identifier database stored on the user device. A first transaction identifier request may be received from a first merchant system. The real-time payment identifier may be communicated to the first merchant system. A second transaction identifier request may be received from a second merchant system and the real-time payment identifier may be communicated to the second merchant system.
A homomorphic encryption scheme, such as Paillier encryption in combination with a bit packing process allows biometric matching at a terminal without exposing a biometric template stored at a user's device. Because such encryption schemes are data intensive, the bit packing process allows reductions in data being sent and processed so that the biometric matching process can be accomplished in near real time. The high speed of this optimized process allows the technique to be applied to many real world processes such as access control and transaction processing.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
A server computer receives from a resource provider device transaction data, a first set of wireless communication signals available to the resource provider device, a second set of wireless communication signals available to the resource provider device, and a sound level detected by the resource provider device. The server computer retrieves from a user device a first set of wireless communication signals available to the user device, a second set of wireless communication signals available to the user device, and a sound level detected by the user device. The server computer computes a score based on the first sets of wireless communication signals, the second sets of wireless communication signals, and the detected sound levels. The server computer transmits to an authorization computer the transaction data and the score, thereby causing the transaction to be processed or terminated based on the transaction data and the score.
Methods, systems, and computer program products may formulate an iterative data mix up problem into a Markov decision process (MDP) with a tailored reward signal to guide a learning process. To solve the MDP, a deep deterministic actor-critic framework may be modified to adapt a discrete-continuous decision space for training a data augmentation policy.
G06F 18/2413 - Techniques de classification relatives au modèle de classification, p. ex. approches paramétriques ou non paramétriques basées sur les distances des motifs d'entraînement ou de référence
92.
AUTOMATIC MODEL ONBOARDING AND SEARCHING-BASED OPTIMIZATION
Embodiments of the present disclosure are directed to onboarding a model from a training platform to an inference platform and selecting parameters of the model to optimize performance of the model. For example, the onboarding of the model to the inference platform can be based on a series of interactions between a model onboarding systems at the training platform and at the inference platform. An optimization process can include a searching-based process to derive optimal settings for the model. The optimization process can simulate feature combinations of the model and identify an optimal combination of settings of the model for increased model performance.
A back-end server computer comprises a processor and computer-readable medium that comprises code executable by the processor for implementing the following method. The back-end server computer obtains a message comprising content to provide to an application installed on a user device. The back-end server computer encrypts the message with a master secret key or a key derived from the master secret key to obtain an encrypted message. The back-end server computer provides the encrypted message to the user device. The user device, using a secure element, signs the encrypted message, cryptographically recovers, using a whitebox in the application, a secure element public key from a certified key using a back-end server computer public key, cryptographically recovers, using the whitebox, the encrypted message from the signed encrypted message, and decrypts, using the whitebox, the encrypted message using the master secret key or the key derived therefrom to obtain the message.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
94.
INTERACTION ACCOUNT TOKENIZATION SYSTEM AND METHOD
A disclosed method includes a tokenization computer receiving, from a processing network computer, a tokenization request message during an interaction between a first user device and a second user device. The tokenization request message comprises first user account data and second user account data. The tokenization computer can select a tokenization option of a plurality of tokenization options in a tokenization matrix based on the first user account data and the second user account data. The tokenization computer can then determine alternate first user account data and alternate second user account data based on the tokenization option. The tokenization computer can generate a tokenization response message comprising the alternate first user account data and the alternate second user account data. The tokenization computer can then provide the tokenization response message to the processing network computer.
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p. ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
Method and system for initiating a settlement process for a merchant, based on accumulated customer transactions in a transaction period, are provided. The system provides a configurable interface for the merchant that allows for the merchant to manually settle customer debts for accumulated transaction over an agreed period of time or designate an automatic settlement date. A central payment server receives a request to initiate a settlement process between an acquirer system associated with the merchant and an issuer system associated with a customer. The central payment server establishes a payment system that guarantees the settlement of all transactions for the merchant, through an assured agreement between the customers and the issuer systems.
G06Q 20/10 - Architectures de paiement spécialement adaptées aux systèmes de transfert électronique de fondsArchitectures de paiement spécialement adaptées aux systèmes de banque à domicile
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
96.
SYSTEM AND METHOD FOR REDUCING CROSS-CURRENCY TRANSACTIONS
A system is configured to determine whether a first exchange rate at the time of authorization is eligible to be used as the exchange rate at the time of clearing. The system evaluates the transaction with a scoring model and stores eligible transactions in a rate matching database. The system further evaluates the transaction with a cross-currency transaction policy, according to the currency exchange rate between a foreign currency and the domestic currency of the cardholder. The system queries the rate matching database to retrieve the first exchange rate stored at the time of authorization.
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
97.
SYSTEM AND METHOD EMPLOYING REDUCED TIME DEVICE PROCESSING
Methods and systems for facilitating a transaction are provided. A transaction involving an integrated circuit user device in contact with an access device is processed in less time, such that the user device can be removed at an earlier time. In embodiments, an access device provides an estimated value to a user device such that a cryptogram can be generated without waiting for a final value. Additionally, the access device can store user device data and then complete the transaction with the user device before authorizing the transaction, such that the user device can be removed without waiting for an authorization response.
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes
G06F 21/35 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes communiquant sans fils
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
Unknown devices may be bound to an identity using a four step process that involves trusted relationships only between known partner entities and a known user attribute. The identity may be an account, such as a personal account number (PAN). The PAN may be abstracted using a token for use with the device. The unknown device may first be enrolled at a service to establish a cryptographically verifiable identity. A binding request for the enrolled device may be sent to an issuer of the PAN resulting in the issuer generating a challenge. After a successful authentication of the challenge at the token service provider, the binding of the token to the device is complete.
G06F 21/44 - Authentification de programme ou de dispositif
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
99.
Trusted Identification of Enrolling Users Based on Images and Unique Identifiers Associated With Sponsoring Users
Provided is a method for providing trusted identification of an enrolling user. The method may include communicating a unique identifier to a sponsor device of a sponsoring user. Image data associated with an image of an enrolling user may be received from the sponsor device, and the image data may include the unique identifier. The first image data may be recorded in a ledger. An edge may be generated in a tree based on the first image data and the first unique identifier, and the edge may connect a first node associated with the sponsoring user to a second node associated with the enrolling user. A trust score for the second node may be determined based on a respective trust score of each node (including the first node) connected to the second node by a respective edge. A system and computer program product are also disclosed.
Embodiments of the present disclosure enable users to efficiently verify digital data produced by queried databases, even when that data is differentially-private (e.g., satisfying the conditions of differential privacy in order to protect sensitive or private data). In addition to the query result, a database computer can provide the client with a non-interactive zero-knowledge proof (NIZK), data that the client can use to verify the digital data contained in the query result, without revealing any private data to the client. Various innovations, including vectorized proofs, enable the database computer to generate proofs that require less data (e.g., when measured in bytes) than most NIZK proof systems. Consequently, these proofs can be transmitted and verified more quickly and efficiently. Embodiments of the present disclosure can make use of partially or homomorphic commitments and efficient vector proof techniques to achieve these performance improvements.
brevets
