Patent application number | Description | Published |
20100198728 | OVER THE AIR MANAGEMENT OF PAYMENT APPLICATION INSTALLED IN MOBILE DEVICE - Systems, apparatus, and methods for managing a payment application installed on a mobile device, such as a mobile phone are provided. An Issuer of a payment device can remotely control the payment application by instructing a wireless network carrier or operator to transmit a message to the mobile phone, where the message contains an instruction to perform an operation related to the payment application. The Issuer can remotely reset a counter or a password associated with the payment application, lock or unlock a payment application, and set the access control data to a predetermined value, to prevent unauthorized use of the payment application in the situation in which the mobile phone is lost or stolen, or the Issuer desires to limit access to the payment application for other reasons, such as limiting its exposure to unauthorized uses of the payment device. | 08-05-2010 |
20100250956 | METHOD AND SYSTEM FOR FACILITATING DATA ACCESS AND MANAGEMENT ON A SECURE TOKEN - A system for facilitating data access and management on a smart card is provided. According to one exemplary aspect of the system, a storage architecture is provided in the smart card which allows data stored thereon to be shared by multiple parties. Access to data stored on the smart card is controlled by various access methods depending on the actions to be taken with respect to the data to be accessed. | 09-30-2010 |
20100252623 | METHOD AND SYSTEM FOR GENERATING A DYNAMIC VERIFICATION VALUE - A method is disclosed. The method includes generating a verification value in response to a transaction involving a portable consumer device, where the verification value is generated using a first dynamic data element and a second dynamic data element. The verification value is sent to a service provider associated with the portable consumer device so that the service provider can verify the transaction. | 10-07-2010 |
20100262546 | PAYMENT SERVICE AUTHENTICATION FOR A TRANSACTION USING A GENERATED DYNAMIC VERIFICATION VALUE - Methods and systems for dynamically generating a verification value for a transaction and for utilizing such value to verify the authenticity of the payment service application. The dynamically created verification value may be generated on a payment device, such as an integrated circuit credit card or smart card, embedded into the payment data, and transmitted to a point of sale terminal. Alternatively, payment data is sent by a payment device to a point of sale terminal, which generates a verification value and embeds it into the payment data. The embedded verification value is used by a service provider to verify the authenticity of the transaction. The methods and systems may be used in a contactless (wireless) environment or a non-wireless environment. | 10-14-2010 |
20110016054 | SIGNATURE BASED NEGATIVE LIST FOR OFF LINE PAYMENT DEVICE VALIDATION - At each of a plurality of transit readers of a transit system, for each of a plurality of riders, where each rider seeks to conduct an access transaction with the transit system for access into the transit facility by using a payment device issued by an issuer in a payment system, data is read from the payment device. The data includes an encryption code that uniquely corresponds to the payment device and was created by the issuer using one or more encryption keys and a predetermined algorithm. A check will be performed, remotely and/or locally, of one or more lists of other encryption codes to determine if the encryption code is on the list. On the basis of whether the encryption code is on the list, the rider is permitted access to the facility of the transit system. The payment device need not be changed for the rider's fare. Decryption of the encryption code read from the payment device is not required to complete the access transaction. | 01-20-2011 |
20110247063 | Mutual Mobile Authentication Using a Key Management Center - A system, method, and server computer configured to authenticate a consumer device. The consumer device is authenticated via a mobile gateway using challenge-response authentication. If the consumer device is successfully authenticated, a secure channel is established between the consumer device and a first entity. The secure channel allows for secure communication between the consumer device and the first entity. | 10-06-2011 |
20110258280 | GENERAL PURPOSE MESSAGING - Embodiments of the present invention relate to systems and methods for enabling entities, such as issuers, merchants, payment processing networks, and mobile-network operators, to send account-related messages and marketing messages to a user's mobile device in response to a message request sent from the user's mobile device. According to some embodiments, the account-related messages and the marketing messages are sent to the user's mobile device in accordance with message parameters that are defined by the user and that are embedded in the message request. | 10-20-2011 |
20120022973 | TRUSTED INTERNAL INTERFACE - An interface and device architecture for a payment device. An interface between a payment application installed in a payment device and one or more value-add applications (such as loyalty programs, transit applications, etc.) that are also installed in the payment device. The API or interface design permits communications and data transfer between the payment application and one or more value-add applications. This reduces (and in some cases may prevent) the need for back-end server processing of data that may be relevant to both a payment transaction and to a function of the value-add application. Similarly, the same or another API or interface may enable communications and data transfer between a value-add application and the payment application. | 01-26-2012 |
20120136735 | METHOD AND SYSTEM FOR GENERATING A DYNAMIC VERIFICATION VALUE - A method is disclosed. The method includes generating a verification value in response to a transaction involving a portable consumer device, where the verification value is generated using a first dynamic data element and a second dynamic data element. The verification value is sent to a service provider associated with the portable consumer device so that the service provider can verify the transaction. | 05-31-2012 |
20120246079 | AUTHENTICATION USING APPLICATION AUTHENTICATION ELEMENT - Embodiments of the present invention can be directed to systems, apparatuses, and methods for performing transactions through mobile communication devices using telecommunications networks, systems, or proximity near-field communications systems. Embodiments may be directed to a mobile communication device displaying an application authentication element including a pre-selected authentication element. The application authentication element may include transaction data associated with a transaction conducted by a mobile communication device. The mobile communication device may obtain the pre-selected authentication element by either transmitting a request to a server computer or retrieving the pre-selected authentication element from a secure memory in the mobile communication device. A user authentication token may then be received by the mobile communication device from the user. The mobile communication device may then generate a secret token derived from the user authentication token, and if the secret token is correlated to a secret reference token, a transaction may be conducted. | 09-27-2012 |
20130046588 | TRUSTED INTERNAL INTERFACE - An interface and device architecture for a payment device. An interface between a payment application installed in a payment device and one or more value-add applications (such as loyalty programs, transit applications, etc.) that are also installed in the payment device. The API or interface design permits communications and data transfer between the payment application and one or more value-add applications. This reduces (and in some cases may prevent) the need for back-end server processing of data that may be relevant to both a payment transaction and to a function of the value-add application. Similarly, the same or another API or interface may enable communications and data transfer between a value-add application and the payment application. | 02-21-2013 |
20130060647 | OVER THE AIR UPDATE OF PAYMENT TRANSACTION DATA STORED IN SECURE MEMORY - A system, apparatus, and method for processing payment transactions that are conducted using a mobile device that includes a contactless element, such as an integrated circuit chip. The invention enables the updating, correction or synchronization of transaction data maintained by an Issuer with that stored on the device. This is accomplished by using a wireless (cellular) network as a data communication channel for data provided by an Issuer to the mobile device, and is particularly advantageous in circumstances in which the contactless element is not presently capable of communication with a device reader or point of sale terminal that uses a near field communications mechanism. Data transferred between the mobile device and Issuer may be encrypted and decrypted to provide additional security and protect the data from being accessed by other users or applications. If encryption keys are used for the encryption and decryption processes, they may be distributed by a key distribution server or other suitable entity to a mobile gateway which participates in the data encryption and decryption operations. | 03-07-2013 |
20130060706 | OVER THE AIR UPDATE OF PAYMENT TRANSACTION DATA STORED IN SECURE MEMORY - A system, apparatus, and method for processing payment transactions that are conducted using a mobile device that includes a contactless element, such as an integrated circuit chip. The invention enables the updating, correction or synchronization of transaction data maintained by an Issuer with that stored on the device. This is accomplished by using a wireless (cellular) network as a data communication channel for data provided by an Issuer to the mobile device, and is particularly advantageous in circumstances in which the contactless element is not presently capable of communication with a device reader or point of sale terminal that uses a near field communications mechanism. Data transferred between the mobile device and Issuer may be encrypted and decrypted to provide additional security and protect the data from being accessed by other users or applications. If encryption keys are used for the encryption and decryption processes, they may be distributed by a key distribution server or other suitable entity to a mobile gateway which participates in the data encryption and decryption operations. | 03-07-2013 |
20140025567 | PAYMENT SYSTEM PRE-SELECTION ENVIRONMENT PROCESSING - Systems and methods for payment system pre-selection environment processing are provided. One such method comprises receiving payment information from a payment device from a consumer. The method further comprises executing a pre-selection phase to determine a preferred application identifier (AID) and routing option based on the payment information. The method also comprises completing a transaction using the preferred AID and routing option. | 01-23-2014 |
20140059706 | METHOD AND SYSTEM FOR FACILITATING DATA ACCESS AND MANAGEMENT ON A SECURE TOKEN - A system for facilitating data access and management on a smart card is provided. According to one exemplary aspect of the system, a storage architecture is provided in the smart card which allows data stored thereon to be shared by multiple parties. Access to data stored on the smart card is controlled by various access methods depending on the actions to be taken with respect to the data to be accessed. | 02-27-2014 |
20140122339 | MUTUAL MOBILE AUTHENTICATION USING A KEY MANAGEMENT CENTER - A system, method, and server computer configured to authenticate a consumer device. The consumer device is authenticated via a mobile gateway using challenge-response authentication. If the consumer device is successfully authenticated, a secure channel is established between the consumer device and a first entity. The secure channel allows for secure communication between the consumer device and the first entity. | 05-01-2014 |
20140164243 | Dynamic Account Identifier With Return Real Account Identifier - Embodiments of the invention are directed to systems, apparatus, and methods for receiving an account token for a transaction, and returning an associated real account identifier if the transaction is approved. In one embodiment, an authorization request message for a transaction is received by a server computer, the authorization request message including an account token associated with a real account identifier. The server computer determines the real account identifier associated with the account token. If the transaction is approved, an authorization response message including the real account identifier is transmitted. | 06-12-2014 |
20150012434 | ONLINE AUTHENTICATION IN ACCESS TRANSACTIONS - Embodiments of the invention are directed to access transactions. A gate access device may interact with a payment card such as a credit card. The gate access device may generate and transmit a first authorization request message to a payment processing network computer. The first authorization request message does not include an amount for the transaction, but only contains identification information. A first authorization response message is transmitted back to the gate access device. At a later point in time, a second authorization request message containing the transaction amount is transmitted from the gate access device to the issuer, and a response is received from the issuer. | 01-08-2015 |
20150019443 | SECURE REMOTE PAYMENT TRANSACTION PROCESSING - Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device comprising a server computer receiving a payment request including encrypted payment information. The encrypted payment information being generated by a mobile payment application of the mobile device and being encrypted using a third party key. The method further comprises decrypting the encrypted payment information using the third party key, determining a transaction processor public key associated with the payment information, and re-encrypting the payment information using the transaction processor public key. The method further comprises sending a payment response including the re-encrypted payment information to a transaction processor. The transaction processor decrypts the re-encrypted payment information using a transaction processor private key and initiates a payment transaction. | 01-15-2015 |
20150073996 | Mobile Payment Application Provisioning And Personalization on a Mobile Device - Embodiments of the present invention are directed to systems and methods for providing a central entity that can provision mobile payment applications on mobile communication devices and personalize the mobile payment applications with consumer and account information. The personalization of the mobile payment application on the mobile communication device may include provisioning a payment account on the mobile payment application. The central entity may provision the account on the mobile payment application without interacting with the issuer during the provisioning of the account. The central entity may provision the account on the mobile communication device by decrypting, using a secure element key, encrypted payment account information received from the mobile communication device. The payment account information may be encrypted by a secure element of the mobile communication device using the same secure element key. | 03-12-2015 |
20150081554 | Systems and Methods for Managing Mobile Account Holder Verification Methods - Embodiments of the invention are directed to methods, apparatuses, computer readable media and systems for coordinating account holder verification methods among secure entity applications and wallet applications from different issuers, wallet providers, etc. on mobile devices. A common payment management application may be provided in a trusted execution environment associated with a mobile device to support secure entity applications (e.g., provisioned payment application instances in the trusted execution environment) and mobile wallet applications (e.g., provisioned on a memory of the mobile device) to coordinate account holder verification methods. The common payment management application may be accessible by both mobile applications and the secure entity applications. | 03-19-2015 |