CN107087432B - 远程服务器加密的数据的储备系统和方法 - Google Patents

远程服务器加密的数据的储备系统和方法 Download PDF

Info

Publication number
CN107087432B
CN107087432B CN201580051326.XA CN201580051326A CN107087432B CN 107087432 B CN107087432 B CN 107087432B CN 201580051326 A CN201580051326 A CN 201580051326A CN 107087432 B CN107087432 B CN 107087432B
Authority
CN
China
Prior art keywords
token
mobile device
server computer
mobile application
user data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201580051326.XA
Other languages
English (en)
Other versions
CN107087432A (zh
Inventor
A·古格拉尼
S·沙尔马
J·吉塔丽亚
G·德斯彻木普斯
U·玛蒂卡
徐明华
J·L·R·特维诺
B·辛格
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Visa International Service Association
Original Assignee
Visa International Service Association
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Visa International Service Association filed Critical Visa International Service Association
Priority to CN202010703728.6A priority Critical patent/CN111866873B/zh
Publication of CN107087432A publication Critical patent/CN107087432A/zh
Application granted granted Critical
Publication of CN107087432B publication Critical patent/CN107087432B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • G06F21/335User authentication using certificates for accessing specific resources, e.g. using Kerberos tickets
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/102Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)

Abstract

本发明的实施例涉及使用加密密钥向移动装置提供敏感用户数据的方法、系统和装置。例如,移动装置上的移动应用可以从移动应用服务器接收加密的敏感用户数据,其中,用户敏感数据是使用来自令牌服务器计算机的密钥加密的。移动应用然后可以请求向令牌服务器发送加密的支付信息。移动装置然后可以从令牌服务器接收与支付信息关联的支付令牌。

Description

远程服务器加密的数据的储备系统和方法
相关申请交叉引用
本申请要求于2015年1月26日提交的美国临时申请号62/107,966和于2014年9月26日提交的美国临时申请号62/056,401的优先权和权益,出于所有目的其全部内容通过引用被并入本文中。
背景技术
为了使用移动装置(诸如移动电话)执行资源访问交易,用户可能需要向移动装置提供敏感用户数据(例如口令、账号、标记化信息等)。例如,用户可以把敏感用户数据键入到移动装置中,并且这些数据可以存储在移动装置上。
与使用移动装置用于资源访问交易关联的问题是敏感用户数据在存储于移动装置上时可能由未授权个人获得。例如,如果真正的用户丢失其移动装置或者如果未授权个人试图通过数据或通信网络攻击进入用户的移动装置,未授权个人可能试图访问用户敏感数据。
需要改进的数据安全方法、系统和装置。本发明的实施例分开地并且共同地解决了这些和其它问题。
发明内容
本发明的实施例涉及在移动装置上生成、传递和存储安全的用户数据中涉及的实体之间的通信的安全和高效的方法。根据本发明的实施例的移动装置能够以加密格式向服务提供者计算机(例如令牌提供者计算机)提供敏感用户数据(例如支付信息、账号、社会保障号、标识号等),使得移动装置并不访问敏感用户数据。服务提供者计算机然后能够生成令牌(即用户数据的标记化版本),并且然后能够向移动装置传送令牌。令牌可以存储在移动装置上,并且之后可以用来执行资源访问交易(例如支付交易、访问地点的交易等)。
本发明的一个实施例包括由移动装置从远程移动应用服务器接收与所述移动装置的用户关联的加密的用户数据。所述加密的用户数据是使用与令牌服务器计算机关联的加密密钥生成的。在一些实施例中,所述加密密钥和与所述移动装置的用户关联的用户数据由远程移动应用服务器存储。所述移动装置生成包括所述加密的用户数据的令牌请求消息,并向所述令牌服务器计算机发送所述令牌请求消息。所述令牌服务器计算机使用所述加密密钥解密所述加密的用户数据,标识与解密的用户数据关联的账户,生成与所述账户关联的令牌,存储所述令牌,并向所述移动装置发送所述令牌。所述方法还包括由所述移动装置从所述令牌服务器计算机接收与所述加密的用户数据关联的令牌。所述移动装置在令牌存储器中存储所述令牌。在一些实施例中,所述令牌存储器由所述移动装置上提供的令牌模块(例如令牌软件开发套件(SDK))管理。所述令牌模块能够与令牌服务器计算机关联,并且能够促进所述移动装置和所述令牌服务器计算机之间的交互。所述令牌模块可以与所述令牌服务器计算机的应用编程接口(API)对接。
本发明的实施例提供许多技术优点。即便移动装置上的令牌被未授权用户盗取,偷窃的影响和/或对用户的破坏是最小的,原因是令牌能够被容易地更换和/或能够被周期地更新(例如每几次交易,或者至少预定的时间间隔,诸如每三到四天)。在上面提到的示例中,移动装置从不直接访问敏感用户数据。通过阻止移动装置访问敏感用户数据(即未加密格式的),用户数据可以被保护不被偷盗、不被篡改或不以其它形式泄密。
在一些实施例中,在令牌存储器中存储所述令牌可以包括在所述移动装置的安全存储器中存储令牌,确定与存储的令牌关联的令牌密钥,并向所述移动装置上的移动应用提供所述令牌密钥,以用作针对所述令牌的令牌参考标识符。
在一些实施例中,所述方法还可以包括由所述移动装置请求所述令牌的状态。所述方法可以包括由所述移动装置从所述令牌服务器计算机接收令牌状态响应。所述移动装置可以在所述令牌存储器中存储与所述令牌关联的状态。
根据各个实施例,所述令牌请求消息可以经由所述移动装置上提供的令牌模块发送给所述令牌服务器计算机,并且由所述令牌模块从所述令牌服务器计算机接收与所述加密的用户数据关联的令牌。
在一些实施例中,所述方法还包括与访问装置交互,以使用所述移动装置上提供的移动应用发起交易。所述方法还包括向所述访问装置提供所述令牌。所述令牌由绕过所述移动应用的令牌模块提供给所述访问装置。所述令牌模块存储在所述移动装置上。
在一些实施例中,所述令牌请求消息可以经由所述远程移动应用服务器向所述令牌服务器计算机发送,并且与所述加密的用户数据关联的令牌可以经由所述远程移动应用服务器从所述令牌服务器计算机接收。
这些和其它实施例在下文更加详细地描述。
附图说明
图1示出根据本发明的实施例的示例性令牌处理系统。
图2示出根据本发明实施例用于向移动装置提供加密的用户数据以在移动装置上储备令牌并使用该令牌执行交易的方法的流程图。
图3示出根据本发明的实施例使用被配置成用于令牌处理系统的移动应用的一系列截屏,这些截屏示出消费者的配置和支付体验。
图4示出根据本发明实施例的第一示例性集成,其中,令牌SDK使用令牌服务器计算机API直接与令牌服务器计算机通信。
图5示出针对具有与图4中图示的SDK-令牌服务器计算机集成配置对应的第一示例性集成配置的系统的示例性认证过程的流程图。
图6示出针对具有与图4中图示的SDK-令牌服务器计算机集成配置对应的第一示例性集成配置的系统的示例性储备过程的流程图。
图7示出针对具有与图4中图示的SDK-令牌服务器计算机集成配置对应的第一示例性集成配置的系统的示例性动态参数补充过程的流程图。
图8示出针对具有与图4中图示的SDK-令牌服务器计算机集成配置对应的第一示例性集成配置的系统的示例性挂起过程的流程图。
图9示出根据本发明的示例性实施例的第二示例性集成配置,其中,移动应用提供者(MAP)计算机使用令牌服务器计算机API直接与令牌服务器计算机通信。
图10示出针对具有与图9中图示的MAP计算机-令牌服务器计算机集成配置对应的第二示例性集成配置的系统的示例性认证过程的流程图。
图11示出针对具有与图9中图示的MAP计算机-令牌服务器计算机集成配置对应的第二示例性集成配置的系统的示例性储备过程的流程图。
图12示出针对具有与图9中图示的MAP计算机-令牌服务器计算机集成配置对应的第二示例性集成配置的系统的示例性动态参数补充过程的流程图。
图13示出针对具有与图9中图示的MAP计算机-令牌服务器计算机集成配置对应的第二示例性集成配置的系统的示例性挂起过程的流程图。
图14示出一框图,其示出计算机系统中的部件。
具体实施方式
为了执行访问资源的交易,敏感用户数据(例如,用户的账号、社会保障号、标识号等)可以向资源提供实体提供。如果使用移动装置访问由资源提供实体提供的资源,则这些敏感用户数据可以存在于该移动装置上。例如,移动装置的用户可能希望使用移动装置执行交易。移动装置应当能够访问敏感用户数据以执行交易。如果敏感用户数据在移动装置上,则其易于被未授权的个人获得。
本发明的实施例涉及获得并在移动装置上存储敏感用户数据的安全方法,以及在使用移动装置保护用于交易的用户数据中涉及的与实体来回传送用户数据的高效方法。实施例阻止移动装置访问和/或存储未加密格式的敏感用户数据。因此,即便在移动装置丢失、被盗、被攻击或以其它形式泄密时,用户数据也被保护以免被未授权个人获得。
实施例向移动装置提供加密的用户数据。移动装置上提供的令牌模块(即令牌软件开发套件(SDK))可以获得代表用户数据的令牌。令牌SDK可以通过与生成令牌的令牌服务器计算机直接交互获得令牌。替代性地,令牌SDK可以与移动应用提供者(MAP)计算机交互,并请求MAP计算机从令牌服务器计算机获得令牌。
MAP计算机可以在移动装置上创建移动应用(例如具有支付能力的软件应用)。在一些实施例中,移动应用可以在销售点(POS)通过令牌SDK执行基于主机卡模拟(HCE)的支付。例如,实施例可以用来使用由令牌服务器计算机(也称作令牌服务和/或令牌系统)生成的令牌在访问装置(诸如商家的POS)处执行近场通信(NFC)支付交易。令牌一旦生成,就能够向移动装置传递。
令牌可以是敏感用户数据的替代品。例如,令牌可以包括代表用户或与用户关联的任何数据,诸如由发行银行发行的支付账户标识符、用户的社会保障号、允许用户访问安全文档库、安全建筑等的用户的标识号。具体地,由令牌服务器计算机提供的令牌可以代表针对用户的移动装置上提供的特定的移动应用的用户账户。根据一些实施例,多个令牌可以与单个账户关联。令牌降低用户敏感数据被用于欺诈目的的风险。
在讨论本发明的实施例之前,一些术语的描述可能有助于理解本发明的实施例。
如本文中使用的“移动装置”可以包括具有一个或多个电子部件(例如集成芯片)的任何装置,其能够与另一装置通信。“便携式通信装置”可以是能够由用户携带和操作的移动装置。便携式通信装置可以提供针对网络的远程通信能力。便携式通信装置能够被配置成向和从其它装置传送和接收数据或通信。便携式通信装置可以是移动装置的形式,诸如移动电话(例如智能电话、蜂窝电话等)、平板电脑、移动车辆(诸如轿车)、便携式媒体播放器、个人数字助理装置(PDA)、可穿戴计算装置(例如智能手表、健身手环、脚链、戒指、耳环等)、电子阅读器装置等,或者是卡(例如智能卡)或挂坠等的形式。便携式通信装置的示例还可以包括便携式计算装置(例如膝上型计算机、笔记本电脑、超级笔记本等)。
“支付装置”可以包括可以用来执行金融交易诸如向商家提供支付账户信息的任何装置。支付装置可以是任何适当形式。例如,适当的支付装置可以是手持的紧凑的,使得其能够适合消费者的钱包和/或口袋(例如口袋大小的)。支付装置可以包括智能卡、磁条卡、钥匙链装置(诸如从Exxon-Mobil公司可商业获得的SpeedpassTM)等。支付装置的其它示例包括蜂窝电话、个人数字助理(PDA)、寻呼机、支付卡、保障卡、访问卡、智能媒介、应答器、2-D条形码、电子或数字钱包等等。如果支付装置为借记、信用或智能卡的形式,则支付装置还可以可选地具有诸如磁条这样的特征。这些装置能够以接触或非接触模式操作。根据各个实施例,移动装置可以用作支付装置。
“支付账户”或“账户”(其可以与一个或多个支付装置关联)可以包括任何适当的支付账户,包括信用卡账户、支票账户或预付费账户。
“账户信息”可以包括与账户(例如支付账户和/或与账户关联的支付装置)关联的任何适当信息。这些信息可以直接与账户相关或者可以从与账户有关的信息中导出。支付账户信息的示例可以包括主账号(PAN)或“账号”、用户名、期满日期、CVV(卡验证值)、dCVV(动态卡验证值)、CVV2(卡验证值2)、CVC3卡验证值等等。CVV2通常理解为与支付装置关联的静态验证值。CVV2值通常对用户(例如消费者)可见,而CVV和dCVV值通常嵌入存储器或授权请求消息中,并且不容易为用户所知(不过其为发行方和支付处理器所知)。支付账户信息还可以用作认证数据。
“令牌”可以包括用于支付账户的任何标识符,其是其它数据的替代品。令牌可以包括例如一系列字母数字字符,其可以用作原始账户标识符的替代品。例如,令牌可以代替主账户标识符或主账号(PAN)使用。在一些实施例中,令牌可以是“保留格式的”;其可以具有与现有的支付处理网络中使用的账户标识符一致的数字格式。在一些实施例中,令牌可以包括与PAN相同顺序的相同元素。在其它实施例中,令牌可以是与PAN相同的大小,但可以包括不同的元素或不同大小的元素。在一些实施例中,令牌可以代替PAN使用以发起、授权、结算或解析支付交易,或者在通常会使用原始账户标识符(例如PAN)的其它系统中代表原始账户标识符。
在一些实施例中,令牌值可以被生成,使得原始PAN或与令牌值关联的其它账户标识符不能只由令牌计算导出。例如,令牌可以包括与查询表中的原始PAN关联的随机生成的值,使得令牌不能被解密、重新格式化或另外被反向工程,以确定原始PAN。而是,在一些实施例中,查询表的直接或间接知识可能是确定与令牌对应的原始PAN的唯一方式。在一些实施例中,维护前述的查询表的实体可以被称作“令牌库”。
在一些实施例中,令牌可以是装置特定的,使得与账户关联的每个装置可以储备有特定令牌。因此,如果交易使用由与令牌曾储备到其上的装置不同的装置发起的令牌,则交易可能是欺诈性的。因此,装置信息可以存储在令牌库中,并用来确保交易中使用的装置与该交易中正被使用的令牌关联。此外,因为每个令牌可以与单个装置关联,一个PAN或账户可以具有与之关联的多个令牌,其中,每个PAN可以具有针对不同装置的不同令牌,其可以用来使用特定令牌发起与PAN关联的交易。这为交易提供附加安全性,原因是网络令牌系统具有要验证的附加信息,以便控制敏感信息在交易处理系统中的使用。
令牌可以具有防止误使用的许多令牌特性。这些特性可以包括限制使用密钥(LUK)的使用,其可以用来创建在交易发生时对用户认证的凭证。另外,令牌的使用可以被可以在其上使用令牌的用户装置所限制。而且,令牌的使用可以被可以使用LUK的次数所限制。因此,交易计数限制降低了令牌可能被重复误使用的机会。而且,令牌可以被持续时间所限制。例如,令牌可以局限于LUK的寿命,其防止令牌用于比指定的持续时间更长的时间。这可以防止令牌在延长的时间段上被误使用。
而且,令牌的使用可以局限于特定的通信信道。例如,令牌服务器计算机可以例如通过把令牌的使用局限于基于NFC或基于POS的交易来限制令牌能够被传输的方式。这可以防止令牌在其预期的通信信道或域之外使用。附加限制包括金额限制,其中,令牌服务器计算机限制能够使用令牌的价值的金额。因此,通过防止局限于低值交易的令牌用于更大的购买,金额限制降低了风险。而且,令牌服务器计算机可以把令牌局限于令牌能够被接受的特定商家,这防止令牌在其它商家处误使用。
对令牌的操作可以分成几类:(1)储备,其包括获得令牌并激活移动装置上的令牌;(2)活动密钥管理,其包括管理针对未中断消费者支付体验的限制使用密钥(LUK);和(3)生命周期管理,其包括确定令牌的状态,并挂起、恢复或删除令牌。
储备包括在移动装置上令牌的生成、传递和存储。例如,令牌可以代表账号(PAN)。令牌服务器计算机可以提供用于移动装置上的移动应用的每个账户的令牌。移动应用如果要使用令牌,则令牌可以针对移动装置上的移动应用储备。支付手段的发行方可以授权移动应用提供者请求并管理与发行方账户关联的令牌。令牌服务器计算机可以包括账户注册(加载(onboarding))过程,这涉及采集关于移动应用提供者组织的信息并允许进行符合性验证。移动应用提供者可以被分配提供者ID、令牌请求者标识符和在注册过程中与令牌服务器计算机操作关联的其它唯一标识符。
活动密钥管理包括与令牌关联的限制使用密钥(LUK)的管理和刷新。例如,一旦已经储备用于装置的令牌,则LUK可以被保持最新,以允许使用该令牌处理交易。在一些情况下,LUK可以在延长的时间段中是有效的,类似于卡发行一年或更多时间。在一些实施例中,LUK持续时间可以很短,并且可能要求有规则的补充。如果储备的令牌仍储备在装置上,则其动态数据可以被周期性补充,意味着与令牌关联的LUK被更新以延长其持续时间。
生命周期管理可以包括更新令牌的状态和/或配置的任何动作。例如,可能需要改变令牌的状态。例如,移动应用可能赋予账户持有人消除账户的能力,在这种情况下,移动应用可以删除代表账户的令牌。以后要增加账户会要求重新储备令牌。
“令牌储备请求消息”可以是被发送以请求在移动装置上储备令牌的电子消息。令牌储备请求消息可以向令牌服务器计算机发送。令牌储备请求消息可以包括可以用来标识账户的信息。令牌储备请求消息还可以包括附加数据元素,诸如一个或多个服务代码、期满日期等。
“令牌储备响应消息”可以是针对令牌储备请求消息的电子消息应答。令牌储备响应消息可以由令牌服务器计算机生成。令牌储备响应消息可以包括响应于令牌储备请求消息而发行的令牌。
术语“交易”可以包括在两个实体之间的交换或交互。在一些实施例中,交易可以指在两个用户(例如个人或实体)之间价值的转移。交易可以涉及在两方之间货币资金的交换、用于货币资金的商品或服务的交换或数据的交换(例如访问数据)。在其它实施例中,交易可以涉及个人或实体从商家或其它实体有货币资金交换购买商品或服务。在其它实施例中,交易可以是非金融相关的请求,诸如在两个实体之间数据或信息的交换,诸如数据的传输。
术语“交易数据”可以包括关于交易的信息。信息可以包括针对金融交易的数据(例如支付数据、交易总额、消费者数据)。交易数据可以用于处理金融交易。交易数据可以包括针对特定交易的数据,包括购买的物品、物品价格、总费用、消费者数据(例如送货地址、电子邮件地址)、支付方法、认证数据、商家数据(例如商家名称、商家位置/地址)等。在一些实施例中,交易数据可以在用户或消费者尝试提交交易时生成以用于处理。在其它实施例中,交易数据可以由商家系统基于添加到消费者的购物车中的物品生成和发送。在一些实施例中,交易数据可以包括针对非金融交易的信息(例如报警数据、激励数据、产品数据等)。交易数据可以是任何适当格式,并且可以包括取决于交易的目的的任何适当信息。
交易数据可以包括在交易授权消息和/或交易清算和结算消息中。在一些实施例中,交易数据可以在交易被执行时实时地发送。在一些实施例中,交易数据可以在交易已经完成或已经被执行之后发送。在一些实施例中,交易数据可以向支付处理网络发送。
如本文中使用的“服务器计算机”通常是功能强大的计算机或计算机集群。例如,服务器计算机可以是大型主机、微型计算机集群或象一个单元一样工作的一组服务器。在一个示例中,服务器计算机可以是耦连至网络服务器的数据库服务器。
“发行方”通常可以指企业实体(例如银行),其维护与便携式通信装置关联的用户的账户。
“商家”通常可以是参与交易并且能够出售商品和服务或者提供对商品或服务的访问的实体。
“收单方”通常可以是企业实体(例如商业银行),其与特定商家或其它实体有商业关系。一些实体能够执行发行方和收单方的功能。一些实施例可以包括这样的单实体发行方-收单方。
系统概述
实施例可以使用如图1中图示的令牌处理系统100实现。根据本发明的示例性实施例,令牌处理系统向移动装置提供加密的用户数据(例如,支付信息、社会保障号、标识号等)。系统100可以包括移动装置110、移动应用提供者(MAP)计算机140和令牌服务器计算机160。如图1中图示,令牌服务器计算机160可以是支付处理网络170的一部分。在一些实施例中,令牌服务器计算机160可以是来自支付处理网络170并与支付处理网络170电子通信的单独的计算机。
移动装置110可以包括移动应用111。移动应用111可以由MAP计算机140向移动装置110提供。移动装置110还可以包括令牌系统软件开发套件(令牌SDK)112,其可以获得并安全地存储令牌和/或其它安全信息。在一些实施例中,令牌可以存储在令牌存储器113中。
MAP计算机140可以为移动装置的用户提供服务。例如,MAP计算机140可以是移动钱夹提供者、发行方、商家或向移动/蜂窝装置用户提供数字内容、应用或服务的任何其它适当实体。例如,MAP计算机140可以开发、构建和/或提供针对移动装置110的移动应用111。例如,移动应用111可以包括可以被下载、安装并用在移动装置110上的移动钱夹应用、发行方应用、商家应用等。移动应用111可以提供用于各种功能的用户界面,诸如移动支付、账户服务(例如余额查询、客户服务等)、点对点(P2P)转账或与服务提供者和/或MAP计算机140关联的任何其它相关功能或能力。
MAP计算机140还可以存储与移动装置110的用户关联的敏感用户数据(例如支付信息、社会保障号、标识号等)。MAP计算机140还可以存储与令牌服务器计算机160关联(和/或由其提供)的加密密钥。MAP计算机140可以使用加密密钥加密用户数据,并向移动装置110提供加密的用户数据。
移动装置110可以向令牌服务器计算机160提供加密的用户数据,以接收代表加密的用户数据的令牌。例如,当加密的用户数据包括支付信息(例如支付账号)时,令牌可以是支付令牌,其充当支付信息的代理。即,可以提供用于交易的令牌,来代替实际的支付信息。
根据本发明的实施例,(若干)令牌可以以两种方式在移动装置110上储备:令牌SDK 112可以与令牌服务器计算机160(通过令牌服务器计算机应用编程接口(API)180)直接通信182,以从令牌服务器计算机160请求并接收(若干)令牌。替代性地,令牌SDK 112可以请求MAP计算机140,以从令牌服务器计算机160检索(若干)令牌。在后一种情况下,MAP计算机140可以与令牌服务器计算机160(通过令牌服务器计算机API 180)直接通信184,以从令牌服务器计算机160请求并接收(若干)令牌。
令牌服务器计算机160可以是服务器,其被配置成接收令牌请求(也称作令牌储备请求或令牌请求消息),解密令牌请求中包括的加密的用户数据,标识与用户数据关联的账户(例如支付账户),生成与账户关联的令牌,存储令牌和/或向移动装置110提供令牌。令牌服务器计算机160可以与支付处理网络170(例如,VisaNetTM、MasterCardTM等)或任何其它适当实体关联。令牌服务器计算机160可以生成和/或接收用于加密并解密令牌储备请求中包括的用户数据的密码密钥。令牌服务器计算机160还可以向MAP计算机140提供一个或多个密码密钥,使得MAP计算机140能够使用由令牌服务器计算机160提供的密码密钥加密用户数据。
令牌服务器计算机160还可以包括令牌库162或与其通信,令牌库162存储由令牌服务器计算机160管理的令牌状态数据库中的各个令牌的令牌状态。令牌状态可以包括活动、挂起、过时、删除和/或未找到中的任何一个。令牌状态数据库可以存储与令牌关联的记录,诸如与令牌关联的用户数据和/或账户信息,令牌服务信息和/或某个令牌是否是活动的、挂起的、审查中、撤销的等。由令牌服务器计算机160生成的令牌可以向移动装置110上提供的令牌SDK 112提供。令牌SDK 112可以在令牌存储器113处存储令牌。
令牌服务器计算机160可以使用一系列保护控件,以针对攻击和反向工程强化并使令牌SDK 112防篡改。保护之一是使用白盒密码术(WBC)来保护密钥和敏感的令牌数据。WBC是必需的原因是移动装置110在可能被第三方观察到的不可信的开放环境中运行。通过使用附加的密码技术转换密钥和相关的操作使得敏感数据不能在此环境中被发现,WBC通过数据和代码模糊化,来保护令牌SDK 112的资产。
令牌SDK 112可以包括适合与移动应用111和/或令牌服务器计算机160通信的任何应用编程接口(API)、服务、应用、小应用程序或其它可执行代码。令牌SDK 112可以与令牌服务器计算机160、支付处理网络170或任何其它适当实体关联。令牌SDK 112可以被配置成使移动应用111与令牌服务器计算机160对接。因此,令牌SDK 112可以从移动应用111接收与令牌服务器计算机160关联的命令,并且可以被配置成通过移动应用111从MAP计算机140接收加密的用户数据(例如加密的支付信息)。令牌SDK 112可以通过令牌服务器计算机API 180与令牌服务器计算机160对接,以处理并在令牌存储器113中存储令牌。令牌存储器113可以是移动装置110上的存储器,以用于存储加密的用户数据、令牌(例如支付令牌)和任何其它适当信息。令牌存储器113对于存储支付信息可能是安全的。
令牌SDK 112可以与令牌服务器计算机160(通过令牌服务器计算机API 180)直接通信182,并从令牌服务器计算机160请求支付令牌。而且,令牌SDK 112能够响应于来自移动应用111的请求提供针对移动支付交易的支付信息,以便使用访问装置120完成支付交易。
根据各个实施例,实际的令牌可以安全地存储在令牌存储器113处,并且可以不暴露于移动应用111。而是,令牌SDK 112可以生成用于每个令牌的令牌密钥。令牌密钥可以是标识令牌存储器113中的令牌的唯一的号码、符号、字符串或其组合。不过,令牌密钥可以不代替令牌使用。例如,如果生成用于支付令牌的令牌密钥,则令牌密钥不能够用来执行支付交易。令牌密钥可以向移动应用111提供。移动应用111可以在交易过程中向令牌SDK 112提供令牌密钥,并请求(或自动地使)令牌SDK 112从令牌存储器113检索支付令牌。相应地,移动应用可以不具有针对解密格式的用户数据或代表用户数据的令牌的访问。这可以防止在移动装置丢失、被盗或泄密时针对安全数据的未授权访问。令牌SDK 112可以管理令牌数据,以例如(1)基于由移动应用111的请求标识特定令牌,(2)代表移动应用111使用令牌执行交易,(3)向令牌服务器计算机160发送请求,和/或(4)管理令牌的生命周期,包括限制使用密钥(LUK)的使用。
在一些实施例中,令牌SDK 112可以具有各种能力。例如,令牌SDK112可以(1)使用令牌服务器计算机API 180提供满足移动装置110的需求的编排服务;(2)能够使用移动应用(例如VisaTMpayWaveTM)标准实现移动装置110和访问装置120之间的通信;(3)提供装置标识信息,以确保令牌被绑定到特定的移动装置;和(4)管理存储的令牌和关联的账户参数(例如使用令牌密钥)、用户数据和API授权和信道加密。总之,令牌SDK 112可以确保敏感的令牌数据的安全。令牌SDK 112可以组合在令牌SDK 112内部实现这些前述能力的多个功能部件,或者可以提供能力的分割,以使其是独立使用的,使得每个部件可以实现为插件,例如来自第三方的存储插件。
根据各个实施例,令牌SDK 112的能力可以允许移动装置的用户:(1)向移动装置增加支付账户(例如信用或借记卡);(2)使用支付账户在访问装置处(例如使用NFC能力)执行交易;(3)撤销支付交易(例如当归还之前购买的物品时);以及(4)删除之前储备到移动装置的令牌,无需取消和重新发行支付装置。令牌SDK 112可以使用令牌服务器计算机API180处理与应用和令牌操作相关的这些前述操作。
在一些实施例中,可以执行状态检查方法以检查令牌的状态。状态数据可以被取回并返回令牌SDK 112,使得令牌状态能够被本地存储。令牌状态可以包括活动、挂起、过时、删除和/或未找到中的任何一个。令牌状态可以存储在令牌状态数据库处,令牌状态数据库可以存储在令牌存储器113处。令牌状态数据库可以用令牌状态信息周期性或持续地更新。例如,如果令牌被报告为泄密的,则令牌状态数据库可以更新该令牌的记录。
令牌SDK 112可以从令牌服务器计算机160周期性请求令牌状态信息。令牌SDK112可以发送包括存储在令牌存储器113处的一个或多个令牌或令牌密钥的令牌状态请求消息。令牌服务器计算机160可以标识令牌状态数据库中的一个或多个令牌的状态,并且可以向令牌SDK 112提供令牌状态信息。令牌SDK 112然后可以在令牌存储器113处存储令牌状态信息。因此,移动装置110可以维护关于任何存储的令牌的状态的更新信息。
在一些实施例中,令牌SDK 112可以在某个预定的时间段(例如1周或2个月)之后请求令牌状态更新。在一些实施例中,令牌SDK 112可以在令牌期满之后或者在某个使用次数之后,请求令牌状态更新。在一些实施例中,如果令牌状态指示令牌被挂起并在审查中,则令牌SDK 112可以更频繁地从令牌服务器计算机160检查状态更新。在一些实施例中,令牌服务器计算机160可以向移动装置110推送令牌状态更新。
在一些实施例中,令牌可能在某个时段或某个使用次数之后期满,令牌SDK 112可以从令牌服务器计算机160检索替换令牌。
用于在移动装置上储备(若干)令牌的方法
如上文提供的,图1中图示的系统可以用来在移动装置110上储备(若干)令牌。根据各个实施例,MAP计算机140可以向移动装置110提供加密的用户数据。移动装置110可以从令牌服务器计算机160请求代表加密的用户数据的令牌。移动装置110可以从令牌服务器计算机160经由令牌SDK 112或MAP计算机140请求令牌。使用移动装置110,令牌然后可以用来执行交易。相应地,敏感用户数据从不以未加密格式向移动装置110提供和/或存储于移动装置110上。因此,当移动装置110丢失或被盗时,用户数据被保护不受到安全攻击。
图2示出根据本发明的示例性实施例用于向移动装置提供加密的用户数据以用于在移动装置上储备令牌并使用令牌执行交易的方法的流程图。图2中图示的流程图可以分成三个阶段:用户认证阶段250、令牌储备阶段252和执行交易阶段254。
用户认证阶段250可以在步骤202开始,移动装置110的用户在移动应用111登录。例如,用户可以向移动应用111提供凭证(例如用户名和口令)。移动应用111可以向MAP计算机140发送用户的凭证以用于认证。MAP计算机140可以相对存储的用户凭证集合认证凭证,存储的用户凭证集合可以在用户之前在MAP计算机140上注册时创建。
用户认证阶段250可以在步骤204继续,MAP计算机140向移动应用111发送响应,确认用户曾被认证。例如,MAP计算机140可以向移动应用111发送声明用户101的身份的密码(例如编码的字符串,用户身份令牌或JSON网络令牌(JWT))。MAP计算机140可以向移动应用111提供多个密码。每个密码可以与一条敏感用户数据(诸如账号、社会保障号和标识号等)关联。
在步骤206,移动应用111可以请求令牌SDK 112以用密码认证用户。令牌SDK 112然后可以向令牌服务器计算机160发送密码。
用户认证阶段250可以在步骤208结束,在步骤208,在令牌服务器计算机160成功认证密码之后,令牌服务器计算机160用访问令牌对令牌SDK 112进行响应。访问令牌可以与支付令牌不同。访问令牌可以不用于执行支付交易。而是,访问令牌可以由令牌SDK 112管理,并且可以使移动应用111在某个时间量(也称作存活时间(TTL))内访问令牌服务器计算机160。访问令牌可以盲化由MAP计算机140向移动应用111提供的请求令牌系统交互的密码(例如JWT)。此盲化过程可以使MAP计算机140能够增强并控制用户体验。MAP计算机140还可以选择何时认证消费者(当访问令牌的TTL期满时)以继续使用令牌服务器计算机160。
图3示出关于图2讨论的许多步骤移动应用111的截屏。具体地,图3示出根据本发明的示例性实施例使用被配置成用于令牌处理系统的移动应用的一系列截屏,这些截屏示出用户配置和支付体验。
图3中示出的第一个截屏图解说明屏幕302内的符号,其对应于图2的步骤202。在屏幕302中的符号中,用户可以输入其凭证,诸如用户名和口令以访问/登录到移动应用111。一旦用户在屏幕302中的符号上提供其凭证,上文讨论的认证阶段步骤204-208可以在后台出现,即移动装置的屏幕可以不显示这些步骤。
在认证之后,访问令牌可以由移动装置110上的令牌SDK 112创建,以通过令牌SDK112标识其它调用中的用户。访问令牌的使用可以对移动应用111是透明的。不过,移动应用111可以通过在访问令牌期满之前重新认证用户保持访问令牌是活动的。
接下来讨论图2的令牌储备阶段252。
令牌储备阶段252可以在步骤210开始,用户101从通过移动应用111显示的可用用户数据的列表中选择要储备(若干)令牌的用户数据。例如,用户可能希望在移动装置110上储备一个或多个账号。移动应用111可以显示可用账号的列表以用于储备。
支付账户选择304和支付账户选择确认306的示例性截屏图示于图3中。支付账户选择截屏304显示可用用户数据的列表以储备在移动装置110中。在图3中图示的示例性实施例中,用户可以选择屏幕上显示的最后一张信用卡用于储备。支付账户选择确认截屏306显示选择的用户数据(例如选择的信用卡),并询问用户其是否希望设置交易中使用的账户,或者用该账户执行其它动作(例如支付余额、查看交易等)。设置截屏308可以给用户提供可以与选择的用户数据一起储备的其它用户数据(例如其它支付账户)。用户可以仅选择超过一个显示的用户数据以用于同时储备。在一些实施例中,无需用户请求要被储备的每个特定账户,可以为与支持令牌储备的发行方关联的支付账户预先储备令牌。因此,(若干)支付账户的用户选择可以仅仅激活预先储备的令牌。替代性地,当预先储备的令牌存在时,为了储备账户信息,可以不需要任何选择。
令牌储备阶段252可以在步骤212继续,在步骤212,移动应用111请求MAP计算机140发送用户数据(例如账号、标识号等)用于选择的(若干)账户。在一些实施例中,步骤212可以是可选的,MAP计算机140可以向移动应用111发送加密的用户数据,而不用移动应用111提示。
在步骤214,MAP计算机140可以使用与令牌服务器计算机160关联的加密密钥(例如由令牌服务器计算机160之前向MAP计算机140提供的加密密钥),以加密用户数据。MAP计算机140可以安全地存储加密密钥和用户数据。例如,MAP计算机140可以加密主账号(PAN)、期满日期、CVV、姓名、地址、社会保障号、标识号或与用户关联的任何其它适当信息。在一些实施例中,MAP计算机140可以针对被配置成和/或具有被标记的能力的每个支付账户加密和发送加密的支付信息。MAP计算机140可以向移动应用111发送加密的用户数据。移动装置110从MAP计算机140接收加密的用户数据。
例如,一些实施例可以使用JSON网络加密来加密敏感信息。相应地,MAP计算机140可以针对每条敏感用户数据在JSON网络加密的(JWE)对象中包裹该用户数据,并向移动装置110发送JSON网络加密的(JWE)对象。通常,加密的输入参数可以在MAP计算机140上构建,并向移动应用111发送。涉及加密的敏感数据可以不存储在移动应用111本身中。例如,在一些实施例中,API密钥、共享秘密、用户信息和/或支付信息(例如PAN)不加密的话不可以向移动装置110传送。根据各个实施例,用户数据可以使用JSON网络令牌(JWT)工具加密。
作为令牌储备阶段252的一部分,在步骤216,移动应用111可以请求令牌SDK 112针对选择的用户数据(例如选择的(若干)账号)生成令牌储备请求消息。令牌储备请求消息可以包括从MAP计算机140接收的加密的用户数据。例如,移动应用111可以请求令牌SDK112以获得或检索与由发行方计算机150发行的并由支付处理网络170管理的一个或多个账户关联的接收的加密用户数据的令牌。令牌SDK 112然后可以生成包括加密的用户数据的储备请求消息。
令牌SDK 112可以使用令牌服务器计算机API 180向令牌服务器计算机160发送储备请求消息。例如,令牌SDK 112可以经由安全的通信信道向令牌服务器计算机160传送储备请求消息。在一些实施例中,令牌SDK112可以通过把令牌SDK 112和令牌服务器计算机160连接的表现状态转移(REST)-ful应用编程接口(API)向令牌服务器计算机160发送储备请求消息。
令牌服务器计算机160可以使用加密密钥解密用户数据,标识与解密的用户数据关联的账户,生成与账户关联的令牌,存储令牌并向令牌SDK112发送令牌。此外,在一些实施例中,令牌服务器计算机160可以确定与解密的用户数据关联的之前生成的令牌,获得与令牌关联的信息(例如标识该令牌的令牌密钥),并响应于来自移动应用111的请求使用令牌SDK112向移动装置110返回令牌信息。
在步骤218,令牌SDK 112可以从令牌服务器计算机160接收与加密的用户数据关联的令牌。令牌SDK可以在不能容易地由其它应用和/或各方访问的令牌存储器113存储令牌。在一些实施例中,令牌SDK 112可以把令牌与令牌密钥或其它令牌参考标识符关联以在移动装置110上本地存储令牌。
令牌储备阶段252可以在步骤219结束,在步骤219,向移动应用111提供令牌密钥。令牌密钥可以由令牌SDK 112和/或移动应用111使用,以标识令牌,并存储在令牌存储器113中。令牌密钥可以不由第三方使用来发起交易,即令牌密钥可以不代替或充当令牌。而是,令牌密钥可以用作标识令牌的令牌参考标识符。相应地,令牌密钥提供附加安全性,并且可以与移动应用111共享,原因是令牌密钥不是账户替代品,不能用来处理在移动装置110上的移动应用111或令牌SDK 112之外的交易。在一些实施例中,令牌SDK 112可以生成令牌密钥,而在其它实施例中,令牌服务器计算机160可以向令牌SDK 112或移动应用111提供令牌密钥。例如,令牌密钥可以包括随机生成的数字,其与实际的令牌关联,以标识为初始令牌储备请求的主体的令牌和/或相应账户。
可以用图3中图示的确认截屏310通知用户令牌储备阶段252的成功完成。
接着,令牌储备方法可以被调用以创建令牌储备请求。请求可以由令牌服务器计算机160处理,令牌服务器计算机160创建令牌并向令牌SDK112返回关于令牌的信息。此信息由令牌SDK 112安全地存储在移动装置110上的令牌存储器113中。针对令牌的令牌密钥可以对移动应用111可用。令牌密钥可以在针对令牌SDK 112的其它调用中由移动应用111使用以标识令牌。
接下来讨论图2的执行交易阶段254。
图2中图示的步骤220-226可以归入执行交易阶段254。具体地,当用户经由移动应用111选择发起交易的账户时,执行交易阶段254在步骤220开始。例如,用户可以选择支付账户以用在移动应用交易中。可以将此账户选择通知令牌SDK 112。
在步骤222,为了使用移动应用111发起交易,用户可以使移动装置110接近支持短距离通信的访问装置120(例如支持NFC的商家POS终端)以与访问装置120交互。
在步骤224,访问装置120可以向移动应用111发送应用协议数据单元(APDU)消息,开始一连串的APDU消息在访问装置120和移动应用111之间的传送。
在步骤226,令牌SDK 112处理由移动应用111使用被配置成执行非接触通信协议交换和/或NFC交易的移动支付应用(例如VisaTMPayWaveTM等)接收的APDU消息。SDK 112可以用其自己的APDU消息对访问装置120进行响应。移动应用111可以把从访问装置120接收的请求向令牌SDK112传送。类似地,移动应用111可以从令牌SDK 112接收响应,并把响应向访问装置120传送。例如,移动应用111可以向令牌SDK 112发送与选择的账户关联的令牌密钥,令牌SDK 112可以从令牌存储器113检索与令牌密钥关联的令牌。然后,令牌SDK 112可以命令移动装置110上的短距离通信部件(例如NFC发射器)向访问装置120提供令牌以用于交易。因此,令牌可以从令牌SDK 112绕过移动应用111向访问装置120提供。
在执行交易阶段254的过程中,卡选择方法可以被调用,指定令牌密钥,以选择卡(例如支付账户)用于NFC点击-支付(tap-and-pay)交易。
在完成令牌SDK集成之后,移动应用111可以准备好在交易中对访问装置进行响应。
令牌系统集成配置
根据各个实施例,移动装置110和令牌服务器计算机160之间的发送令牌储备请求和接收储备的令牌的通信可以由两种不同的令牌服务器计算机集成配置实现:在图4-8图示的第一种集成中,令牌服务器计算机SDK112与令牌服务器计算机160直接通信;在图9-13图示的第二种集成选项中,令牌服务器计算机SDK 112与令牌服务器计算机160通过MAP计算机140通信。接下来讨论这些选项中的每一个。
I.令牌SDK-令牌服务器计算机集成选项
图4图解说明令牌SDK-令牌服务器计算机集成,其中,移动应用111通过令牌SDK112与令牌服务器计算机160交互。
如上文讨论的,移动应用111可以从移动应用提供者(MAP)计算机140接收加密的用户数据(例如加密的支付数据,诸如加密的支付账号)。移动应用111可以把加密的用户数据向令牌SDK 112传送,以获得代表与加密的用户数据关联的账户的令牌。移动应用111可以请求令牌SDK 112以从令牌服务器计算机160获得令牌。
在此第一示例性集成配置中,令牌SDK 112使用令牌服务器计算机API 180直接与令牌服务器计算机160通信。在令牌SDK-令牌服务器计算机集成中,令牌SDK 112隐藏与令牌服务器计算机160通信的复杂性。令牌SDK 112处理与令牌服务器计算机160的所有交互,并把结果向移动应用111提供。例如,当令牌SDK 112从移动应用111接收请求时,令牌SDK112向令牌服务器计算机160发送令牌请求消息。令牌请求消息可以包括由MAP计算机140向移动应用提供的加密的用户数据。当令牌SDK 112从令牌服务器计算机160接收令牌时,令牌SDK 112可以通知移动应用111令牌已经被成功地接收,无需把令牌向移动应用111传送。在一些实施例中,令牌SDK 112可以生成代表令牌的令牌密钥。替代性地,令牌服务器计算机160可以向令牌SDK 112提供令牌密钥连同令牌。令牌SDK112可以向移动应用111发送令牌密钥,而不把令牌向移动应用111传送。
移动应用111和令牌SDK 112之间的通信可以通过调用方法处理。令牌请求方法可以获取包含输入参数(例如加密的用户数据)的对象和回调(callback)对象(在/如果接收令牌时,请求令牌SDK 112通知移动应用111)。例如,在一些实施例中,移动应用开发人员可以定义回调类,由此创建回调对象。回调类可以定义两种方法,成功(令牌的成功接收)和失败(未向移动装置提供令牌),其中,移动应用开发人员指定分别对于成功和失败方法要采取的措施。回调可以返回响应对象或者错误对象,以从令牌SDK 112向移动应用111传送信息。相应地,令牌SDK API可以实现回调,其将请求的操作的成功或失败通知移动应用111。
图5-8图解说明由图4中图示的令牌SDK-令牌服务器计算机集成系统执行的各个过程的流程图。具体地,图5示出示例性认证过程的流程图;图6示出示例性储备过程的流程图;图7示出示例性动态参数补充过程的流程图;图8示出图4中图示的系统的示例性挂起过程的流程图。接下来讨论每个流程图。
图5示出针对具有与令牌SDK-令牌服务器计算机集成配置对应的第一示例性集成配置的系统的示例性认证过程500的流程图。在步骤502,移动应用可以创建令牌SDK的实例,其会用安全模块加密敏感数据,并将其存储在令牌SDK数据存储器中。令牌SDK实例与令牌服务器计算机通信,以请求访问令牌,并执行移动装置注册活动。
在步骤504,一旦用户提供其凭证(诸如用户名和口令)以登录到应用,应用就对用户认证。在步骤506,应用可以从MAP计算机请求声明用户的身份的JSON网络令牌(JWT)。MAP计算机可以通过填充必要的认证参数并用JSON网络加密(JWE)框架对其编码,来编译JWT。MAP计算机可以向移动应用提供生成的JWT认证令牌。
在步骤508,移动应用可以创建具有JWT认证令牌的认证参数对象。认证参数对象可以向令牌SDK发送,以使用JWT认证令牌从令牌服务器计算机获得令牌。移动应用还可以创建如上文描述的定义成功和失败方法的响应回调对象。成功和失败方法可以由令牌SDK使用以通知移动应用是否从令牌服务器计算机接收令牌。
令牌服务器计算机可以经由令牌API接收JWT,并经由令牌API向令牌SDK提供访问令牌。令牌服务器计算机还可以经由装置注册API接收移动装置信息,并经由装置注册API向移动装置返回会话ID。会话ID可以指示通信正来自已认证的装置。认证可以返回访问令牌和访问令牌的TTL。这些由令牌SDK安全地存储以用于后续使用。
图6示出针对具有与令牌SDK-令牌服务器计算机集成配置对应的第一示例性集成配置的系统的示例性储备过程600的流程图。如图6中图示的,令牌储备方法可以由移动应用调用以检索并存储针对特定的账户和/或信道的令牌信息。令牌储备方法储备代表与账户关联的信息的令牌。针对移动应用的回调可以指示令牌储备方法的成功处理,并向移动应用提供可以包含唯一地标识储备的令牌的令牌密钥的令牌储备响应。移动应用可以保持令牌密钥,以便做出关于该存储的令牌的后续调用。这些步骤在下文讨论。
在步骤602,移动应用可以提示用户提供用户可能想驻存在移动装置上的用户数据(诸如支付信息)。不过,由用户提供的用户数据并不存储在移动装置上。具体地,移动应用请求MAP计算机以加密用户数据。在步骤604,用户凭证向MAP计算机提供以用于加密。MAP计算机向移动应用提供加密的用户数据对象。
在步骤606,移动应用可以创建包含从MAP计算机接收的加密的用户数据的储备令牌参数对象。移动应用还可以创建定义成功和失败方法的响应回调对象。响应回调对象可以用来从令牌SDK接收响应值。如上文提供的,当令牌SDK从令牌服务器计算机接收令牌时,令牌SDK并不向移动应用提供令牌。不过,令牌SDK可以通知移动应用是接收(成功)还是没有接收令牌(失败)。
在步骤608,令牌SDK可以与令牌服务器计算机通信以请求加密的用户数据(诸如支付信息)的标记化。令牌服务器计算机可以接收加密的用户数据,标识与用户数据关联的账户,创建代表账户的令牌,存储令牌,并向令牌SDK发送令牌。在需要时,令牌SDK可以利用令牌来代替用户数据。一旦从令牌服务器计算机接收令牌,令牌SDK可以存储令牌,并通知移动应用关于令牌的成功接收。在一些实施例中,在步骤610,令牌SDK可以向移动应用提供标识令牌的令牌密钥。
图7示出针对具有与令牌SDK-令牌服务器计算机集成配置对应的第一示例性集成配置的系统的示例性动态参数补充过程700的流程图。如图7中图示,动态数据补充方法可以由令牌SDK调用以例如通过延长限制使用密钥(LUK)的持续时间补充用于储备的令牌的动态数据。此方法可根据需要用于做出补充请求的应用。令牌SDK可以通过移动支付应用(例如payWaveTM)部件设置跟踪LUK存活时间(TTL)的定时器。因为令牌SDK知道何时发生交易,所以令牌SDK能够相对交易次数风险阈值的令牌发行方值跟踪交易次数。相应地,移动应用不需要跟踪或向令牌SDK提供此信息。为了管理限制使用密钥补充,令牌SDK可以提供两种方法:第一种方法用于周期性(例如每小时)检查限制使用密钥存活时间阈值是否已经期满并在存活时间(TTL)期满时触发补充意图,第二种方法用于捕获由第一种方法触发的补充意图。
在步骤702,移动应用可以标识令牌的TTL接近期满,并开始编译补充令牌请求需要的对象。在步骤704,移动应用可以创建包含加密的用户数据的补充参数对象。补充参数对象还可以包含标识令牌的令牌密钥。移动应用还可以创建定义成功和失败方法的响应回调对象。
在步骤706,令牌SDK可以检索由令牌密钥标识的令牌,并与令牌服务器计算机通信以请求令牌的动态参数的补充。令牌服务器计算机可以补充令牌LUK和关联的TTL信息。令牌服务器计算机可以向令牌SDK返回信息,令牌SDK又可以通知移动应用补充过程或者成功或者失败。
而且,在一些实施例中,在由用户发行的每次交易尝试之后,使用给定的令牌,令牌SDK可以检查是否已经超过补充LUK的交易次数阈值。当交易次数阈值增加时,令牌SDK可以发起LUK补充。
此外,可以执行状态检查方法,该方法可以由令牌SDK调用以得到所有本地储备的令牌的状态。状态检查方法可以检查针对移动应用的所有储备的令牌的状态。后续的动作可以因为找到的状态而发生。在一些实施例中,移动应用可以调用状态检查方法,以相对令牌服务器计算机中相同令牌的状态检查令牌SDK中储备的令牌的状态。
图8示出针对具有与令牌SDK-令牌服务器计算机集成配置对应的第一示例性集成配置的系统的示例性挂起过程800的流程图。在步骤802,移动应用平台可以向移动应用发送消息以挂起移动装置上加载的令牌。
在步骤804,移动应用可以做出请求以挂起与账户关联的(若干)令牌。移动应用可以生成包括标识要被挂起的令牌的令牌密钥的应用对象。移动应用还可以生成定义成功和失败方法的响应回调对象。移动应用可以向令牌SDK传送应用对象和响应回调对象。
在步骤806,令牌SDK可以与令牌服务器计算机通信以请求令牌服务器计算机挂起与账户关联的令牌。一旦接收请求(消息),令牌服务器计算机可以挂起令牌,并向令牌SDK返回挂起的令牌。令牌SDK可以存储挂起的令牌并通知移动应用。
如图8中图示的,挂起令牌过程包括生命周期管理调用以挂起一个令牌或多个令牌。调用针对令牌服务器计算机做出,并且当接收确认令牌挂起的成功响应时,令牌的状态在令牌SDK数据存储器中被修改成新状态。针对用于激活令牌服务器计算机中挂起的令牌的令牌恢复方法(之后是激活用户装置上的令牌)以及用于从令牌服务器计算机删除令牌的删除令牌方法(之后是从用户装置删除),可以提供类似的流程。
II.移动应用提供者计算机-令牌服务器计算机集成选项
在一些实施例中,令牌SDK可以经由移动应用提供者(MAP)计算机与移动应用和令牌服务器计算机集成在一起。移动应用可以主要使用令牌SDK以发起对此类集成中的令牌服务器计算机的访问。不过,移动应用和令牌服务器计算机之间的集成是通过MAP计算机的。即,令牌SDK并不直接与令牌服务器计算机交互。
图9图解说明MAP计算机-令牌服务器计算机集成,其中,移动应用111通过MAP计算机140与令牌服务器计算机160交互。
如上文讨论的,移动应用111可以从MAP计算机140接收加密的用户数据(例如加密的支付数据,诸如加密的支付账号)。移动应用111可以向令牌SDK 112传送加密的用户数据以用于获得代表与加密的用户数据关联的账户的令牌。移动应用111可以通过向令牌SDK发送令牌储备请求消息请求令牌SDK 112以从令牌服务器计算机160获得令牌(步骤901)。令牌SDK 112可以生成令牌储备请求消息,并将该消息经由MAP计算机140向令牌服务器计算机160发送(步骤902、903和904)。
此集成模式可以使应用开发人员通过其应用(诸如使用MAP计算机)与令牌服务器计算机联系。在一些实施例中,为了标准化应用开发人员的过程,令牌SDK可以提供称作令牌提供者的接口以执行各种不同的方法。
令牌提供者可以执行令牌请求方法以通过其MAP计算机140联系令牌服务器计算机160。令牌SDK 112可以对由移动应用111在储备请求消息(在步骤901发送)中传送的令牌提供者对象调用此方法。具体地,在步骤901,移动应用111可以调用令牌SDK方法,指定请求、针对移动应用的回调和与令牌提供者连接的通常代表MAP计算机140上的服务器的对象。令牌提供者对象指定要被填充的响应和被称作SDK回调的另一回调,其可以用来通过令牌请求方法回调到令牌SDK 112。
在步骤902,令牌SDK 112可以准备请求并向移动应用111提供此请求。具体地,令牌SDK 112可以调用令牌提供者对象的令牌请求方法,指定请求参数和针对SDK回调的引用。
在步骤903,移动应用111可以向MAP计算机140提供请求。即,在步骤904,令牌请求方法执行由移动应用111指定的动作以与MAP计算机140连接,并从令牌服务器计算机160获得信息(例如令牌)。MAP计算机140可以与令牌服务器计算机160通过令牌服务器计算机API180交互以请求和接收令牌(步骤904)。
一旦MAP计算机140从令牌服务器计算机160接收响应,MAP计算机140可以向移动应用111转发接收的消息(步骤905)。移动应用可以把响应转换成可以由令牌SDK 112阅读和使用的格式。例如,响应一开始可以以JSON格式接收,并且可以转换成由令牌SDK 112指定的Java对象格式。在步骤906,移动应用111可以把来自令牌服务器计算机160的格式化响应向令牌SDK 112转发。
在步骤906,移动应用111可以用从MAP计算机140接收的响应填充响应对象(在令牌提供者的回调中指定的)。移动应用把响应对象返回令牌请求方法。移动应用111对提供者回调调用成功方法或失败方法,并在这些方法中传送响应对象。移动应用111可以在令牌请求方法内进行此操作。
移动应用111可以执行至少两种回调。一种回调可以是移动应用111通知令牌SDK112上文讨论的令牌请求方法的成功或失败。当移动应用111得到针对其对MAP计算机140(例如令牌请求方法)请求的成功响应时,则移动应用111可以提供包含要存储在令牌SDK112中的数据的响应对象(步骤906)。如果令牌请求方法失败,则应用对回调调用失败函数。此外,当移动应用111已经通知令牌SDK 112对MAP计算机140发出的请求的成功或失败时,令牌SDK 112则可以调用第二种回调以使移动应用111知道储备请求的成功/失败(步骤907)。具体地,令牌SDK 112回调可以调用移动应用回调的成功方法或失败方法,以向移动应用111返回响应。移动应用的回调是在步骤901中移动应用111做出请求时指定的标准回调。
在此第二示例性集成配置中,移动应用111与MAP计算机140通信(步骤903),MAP计算机140处理与令牌服务器计算机160的交互(步骤904)。MAP计算机140然后向移动应用111提供从令牌服务器计算机160接收的响应数据(步骤905)。移动应用111将来自MAP计算机140的响应向令牌SDK 112提供(步骤906)。与第一示例性集成配置类似,令牌SDK 112使用回调向移动应用111提供结果(指示令牌是否被成功地储备)(步骤907)。
图10-13图解说明由图9中图示的MAP计算机-令牌服务器计算机集成系统执行的各个过程的流程图。具体地,图10示出示例性认证过程的流程图;图11示出示例性储备过程的流程图;图12示出示例性动态参数补充过程的流程图;图13示出图9中图示的系统的示例性挂起过程的流程图。接下来讨论每个流程图。
图10示出针对具有与MAP计算机-令牌服务器计算机集成配置对应的第二示例性集成配置的系统的示例性认证过程1000的流程图。在步骤1002,移动应用可以创建令牌SDK的实例,其会用安全模块加密敏感数据,并将其存储在令牌SDK数据存储器上。
在步骤1004,一旦用户提供其凭证(诸如用户名和口令)以登录到应用,移动应用就对用户认证。在步骤1006,移动应用从令牌SDK接收认证所需的装置数据。移动应用然后调用MAP计算机用于用令牌服务器计算机进行认证。MAP计算机可以编译用于认证的必需信息。例如,MAP计算机可以编译针对访问令牌认证方法的JWT。可能需要调用令牌API以得到访问令牌。令牌服务器计算机可以接受JWT并提供访问令牌。令牌服务器计算机还可以注册装置,并响应于装置细节返回会话ID。
在步骤1008,移动应用可以接收认证完成的指示。
图11示出针对具有与MAP计算机-令牌服务器计算机集成配置对应的第二示例性集成配置的系统的示例性储备过程1100的流程图。在步骤1102,移动应用可以创建令牌储备请求所需的对象(例如令牌储备方法)。移动应用可以创建包含加密的用户数据的储备令牌参数对象。移动应用还创建包含与MAP计算机通信以用于令牌储备的功能的令牌提供者对象。移动应用还可以创建定义成功和失败方法的响应回调对象。移动应用可以向令牌储备方法传送储备令牌参数、令牌提供者和响应回调对象。如图11中图示的,令牌储备方法可以被移动应用调用,以检索并存储用于具体的账户和/或信道的令牌信息。
在步骤1104,令牌储备方法可以调用令牌SDK方法以与令牌服务器计算机通信,请求加密的用户信息的标记化。在步骤1106,此调用可以向MAP计算机传送。此调用可以使MAP计算机执行令牌提供者方法,使MAP计算机执行其自己的网络调用以采集令牌。具体地,MAP计算机可以与令牌服务器计算机交互。令牌服务器计算机可以接收加密的用户数据,标识与加密的用户数据关联的账户,生成代表账户的令牌,存储令牌,并向MAP计算机发送令牌。MAP计算机可以在回调中向令牌SDK传送令牌。令牌SDK 112然后可以存储令牌。
在步骤1108,外部回调然后可以向移动应用返回成功,交还针对令牌储备请求的响应,其可以包含唯一地标识储备的令牌的令牌密钥。移动应用可以保持令牌密钥,以便做出关于关联的令牌的后续调用。移动应用并不访问令牌本身。
在此集成模型中,移动应用并不需要提供用户数据(例如支付账户信息,诸如PAN或PAN参考标识符)。MAP计算机响应于由MAP计算机做出的储备请求提供来自令牌服务器计算机的令牌数据。MAP计算机通过内部回调向令牌SDK提供令牌。
图12示出针对具有与MAP计算机-令牌服务器计算机集成配置对应的第二示例性集成配置的系统的示例性动态参数补充过程1200的流程图。动态数据补充方法可以由具有客户补充提供者(例如网络调用程序)的移动应用调用,以补充用于令牌的动态数据。例如,令牌SDK可以提供管理限制使用密钥补充的两种方法:第一种方法用于周期性(例如每个小时)检查限制使用密钥存活时间阈值是否已经期满,并在存活时间(TTL)期满时触发补充意图,第二种方法用于捕获由第一种方法触发的补充意图。
在步骤1202,移动应用可以标识令牌的TTL接近期满,并开始编译补充令牌请求所需的对象。移动应用可以创建包含加密的用户数据的补充参数对象。补充参数对象还可以包含标识令牌的令牌密钥。移动应用还创建包含与MAP计算机通信以用于令牌补充的功能的补充提供者对象。移动应用还可以创建定义成功和失败方法的响应回调对象。移动应用可以向动态数据补充方法传送补充参数、补充提供者和响应回调对象。
在步骤1204,动态数据补充方法可以调用令牌SDK方法以与令牌服务器计算机通信,请求动态令牌参数的补充,并提供关联的令牌数据。在步骤1206,此调用可以向MAP计算机传送。此调用可以使MAP计算机执行补充提供者方法,使MAP计算机执行其自己的网络调用以采集令牌补充响应。具体地,MAP计算机可以与令牌服务器计算机交互。令牌服务器计算机可以接收补充请求,补充令牌SDK和关联的TTL信息。MAP计算机可以在回调中向令牌SDK 112传送补充的令牌SDK和关联的TTL信息。令牌SDK 112然后可以存储信息。
在步骤1208,外部回调然后可以向移动应用返回成功,交还针对令牌储备请求的响应,其可以包含唯一地标识储备的令牌的令牌密钥。移动应用可以保持令牌密钥以便做出关于关联的令牌的后续调用。移动应用并不访问令牌本身。
图13示出针对具有与MAP计算机-令牌服务器计算机集成配置对应的第二示例性集成配置的系统的示例性挂起过程1300的流程图。在步骤1302,移动应用平台可以向移动应用发送消息以挂起移动装置上加载的令牌。
在步骤1304,移动应用可以做出请求以挂起与账户关联的(若干)令牌。移动应用可以生成包括标识要被挂起的令牌的令牌密钥的参数应用对象,并且如果适用生成指示令牌应当被挂起的原因以及原因描述的原因代码。移动应用还创建包含与MAP计算机通信以用于挂起请求的功能的挂起令牌对象。移动应用还可以创建定义成功和失败方法的响应回调对象。移动应用可以向令牌挂起方法传送参数、挂起令牌提供者和响应回调对象。
在步骤1306,令牌挂起方法可以调用令牌SDK方法与令牌服务器计算机通信以请求挂起令牌。令牌挂起方法可以挂起令牌服务器计算机中的令牌,之后挂起用户装置上的令牌。在步骤1308,针对令牌SDK的调用可以向MAP计算机传送。此调用可以使MAP计算机执行其自己的网络调用以采集令牌状态响应。具体地,MAP计算机可以与令牌服务器计算机交互。令牌服务器计算机可以接收挂起的令牌请求,挂起令牌,并向MAP计算机发送更新的令牌状态(即挂起的)。MAP计算机可以在回调中向令牌SDK 112传送更新的令牌状态。令牌SDK112然后可以在令牌存储器中存储令牌状态。
在步骤1310,外部回调然后可以向移动应用返回成功。
图13中图示的令牌挂起方法可以包括挂起一个令牌或挂起多个令牌的生命周期管理调用。调用可以向令牌服务器计算机做出,并且当接收确认令牌挂起的成功响应时,令牌的状态可以在令牌SDK数据存储器中被修改。在一些实施例中,一次能够挂起一个令牌。
示例性计算机系统
图14中示出的各个参与方和元件可以操作一个或多个计算机设备(例如服务器计算机)以促进本文中描述的功能。图14中的任何元件可以使用任何适当数目的子系统以促进本文中描述的功能。这些子系统或部件的示例示于图14中。示出了诸如打印机1408、键盘1416、固定磁盘1418(或包括计算机可读介质的其它存储器)、耦连至显示适配器1410的监视器1412以及其它的子系统。外围设备和输入/输出(I/O)装置耦连至I/O控制器1402,其可以由本领域已知的许多手段(诸如串行端口1414)连接至计算机系统。例如,串行端口1414或外部接口1420可以用来把计算机设备连接至广域网(诸如互联网)、鼠标输入装置或扫描仪。经由系统总线的互连使中央处理器1406与每个子系统通信,并控制来自系统存储器1404或固定磁盘1418的指令的执行,以及信息在子系统之间的交换。
关于上文描述的方面中的一些的特定细节在下文提供。在不偏离本发明的精神和范围下,特定方面的特定细节可以以任何适当方式组合。
用于包含代码或代码部分的存储介质和计算机可读介质可以包括本领域已知或使用的任何适当介质,包括存储介质和通信介质,诸如但不限于以用于存储和/或传输信息(诸如计算机可读指令、数据结构、程序模块或其它数据)的任何方法或技术实现的易失性和非易失性,可移动和不可移动介质,包括RAM、ROM、EEPROM、闪存或其它存储器技术、CD-ROM、数字通用盘(DVD)或其它光存储、磁带盒、磁带、磁盘存储或其它磁存储装置、数据信号、数据传输或可以用来存储或传输期望信息并且可以由计算机访问的任何其它介质。基于本文中提供的公开和教导,本领域技术人员可以认识到实现各个实施例的其它方式和/或方法。
应当理解,如上文描述的本发明可以使用模块化或集成方式的计算机软件以控制逻辑的形式实现。基于本文中提供的公开和教导,本领域技术人员可以知道并认识到使用硬件以及硬件和软件的结合实现本发明的其它方式和/或方法。
应当理解,如上文描述的本发明可以使用模块化或集成方式的计算机软件以控制逻辑的形式实现。基于本文中提供的公开和教导,本领域技术人员可以知道并认识到使用硬件以及硬件和软件的结合实现本发明的其它方式和/或方法。
本申请中描述的任何软件部件或功能可以使用任何适当的计算机语言(比方说例如Java、C++或Perl)使用例如传统的或面向对象的技术实现为由处理器执行的软件代码。软件代码可以存储为计算机可读介质(诸如随机存取存储器(RAM)、只读存储器(ROM)、磁介质(诸如硬盘或软盘)或光介质(诸如CD-ROM))上的一系列指令或命令。任何这些计算机可读介质可以驻存在单个运算设备上或内部,并且可以存在于系统或网络内的不同运算设备上或内部。
上文的描述是示意性的不是限制性的。在查看本公开后,本发明的许多变形对本领域技术人员是显然的。因此,本发明的范围应当不参考上文的描述确定,而是应当参考所附权利要求连同其全部范围或等同物确定。
在不偏离本发明的范围下,来自任一实施例的一个或多个特征可以与其余任何实施例的一个或多个特征组合。
对“一(a)”、“一(an)”或“所述(the)”的叙述旨在表示“一个或多个”,除非明确指示为相反。

Claims (18)

1.一种用于数据安全的方法,包括:
由移动装置从远程移动应用服务器接收与所述移动装置的用户关联的加密的用户数据,其中,所述加密的用户数据是使用与令牌服务器计算机关联的加密密钥生成的;
由所述移动装置生成令牌请求消息,所述令牌请求消息包括所述加密的用户数据;
由所述移动装置经由所述远程移动应用服务器向所述令牌服务器计算机发送所述令牌请求消息,其中,所述令牌服务器计算机使用所述加密密钥解密所述加密的用户数据,标识与解密的用户数据关联的账户,生成与所述账户关联的令牌,存储所述令牌,并向所述移动装置发送所述令牌;
由所述移动装置经由所述远程移动应用服务器从所述令牌服务器计算机接收与所述加密的用户数据关联的令牌;以及
由所述移动装置在令牌存储器中存储所述令牌。
2.根据权利要求1所述的方法,其中,在令牌存储器中存储所述令牌包括在所述移动装置的安全存储器中存储令牌,确定与存储的令牌关联的令牌密钥,并向所述移动装置上的移动应用提供所述令牌密钥,以用作针对所述令牌的令牌参考标识符。
3.根据权利要求1所述的方法,还包括:
由所述移动装置请求所述令牌的状态;
由所述移动装置从所述令牌服务器计算机接收令牌状态响应;以及
由所述移动装置在所述令牌存储器中存储与所述令牌关联的状态。
4.根据权利要求1所述的方法,其中,所述加密密钥和与所述移动装置的用户关联的所述用户数据由所述远程移动应用服务器存储。
5.根据权利要求1所述的方法,其中,所述令牌存储器由所述移动装置上提供的令牌模块管理,所述令牌模块与所述令牌服务器计算机关联,使得所述移动装置经由所述令牌模块与所述令牌服务器计算机对接。
6.根据权利要求5所述的方法,其中,所述令牌模块与所述令牌服务器计算机的应用编程接口(API)对接。
7.根据权利要求1所述的方法,其中,所述令牌请求消息经由所述移动装置上提供的令牌模块发送至所述令牌服务器计算机,并且由所述令牌模块从所述令牌服务器计算机接收与所述加密的用户数据关联的令牌。
8.根据权利要求1所述的方法,还包括:
与访问装置交互,以使用所述移动装置上提供的移动应用发起交易;以及
向所述访问装置提供所述令牌,其中,所述令牌由绕过所述移动应用的令牌模块提供至所述访问装置,其中,所述令牌模块存储在所述移动装置上。
9.一种用于数据安全的方法,包括:
由移动装置上提供的移动应用从远程移动应用服务器接收加密的用户数据,所述加密的用户数据与所述移动装置的用户的账户关联,其中,所述加密的用户数据是使用与令牌服务器计算机关联的加密密钥生成的;
与令牌模块交互以经由所述远程移动应用服务器从所述令牌服务器计算机请求令牌,其中,所述令牌代表所述加密的用户数据;
由所述移动应用接收指示经由所述远程移动应用服务器从所述令牌服务器计算机接收到与所述加密的用户数据关联的令牌的消息;
与访问装置交互,以发起交易;以及
请求所述令牌模块,以向所述访问装置提供所述令牌,使得所述令牌由绕过所述移动应用的所述令牌模块提供至所述访问装置。
10.根据权利要求9所述的方法,还包括:
由所述移动应用从所述令牌模块接收令牌请求消息,其中,所述令牌请求消息包括所述加密的用户数据,并由所述令牌模块生成;
由所述移动应用经由所述远程移动应用服务器向所述远程移动应用服务器发送所述令牌请求消息,其中,所述远程移动应用服务器使用所述令牌请求消息从所述令牌服务器计算机获得所述令牌;
由所述移动应用经由所述远程移动应用服务器从所述远程移动应用服务器接收令牌响应消息;以及
由所述移动应用向所述令牌模块发送所述令牌请求消息,其中,所述令牌模块存储所述令牌。
11.根据权利要求9所述的方法,其中,所述令牌模块生成包括所述加密的用户数据的令牌请求消息,向所述令牌服务器计算机发送所述令牌请求消息,从所述令牌服务器计算机接收令牌,并存储所述令牌。
12.一种移动装置,包括:
处理器;以及
包括代码的存储器元件,所述代码能够由所述处理器执行,用于执行一种方法,所述方法包括:
由移动装置从远程移动应用服务器接收与所述移动装置的用户关联的加密的用户数据,其中,所述加密的用户数据是使用与令牌服务器计算机关联的加密密钥生成的;
由所述移动装置生成令牌请求消息,所述令牌请求消息包括所述加密的用户数据;
由所述移动装置经由所述远程移动应用服务器向所述令牌服务器计算机发送所述令牌请求消息,其中,所述令牌服务器计算机使用所述加密密钥解密所述加密的用户数据,标识与解密的用户数据关联的账户,生成与所述账户关联的令牌,存储所述令牌,并向所述移动装置发送所述令牌;
由所述移动装置经由所述远程移动应用服务器从所述令牌服务器计算机接收与所述加密的用户数据关联的令牌;以及
由所述移动装置在令牌存储器中存储所述令牌。
13.根据权利要求12所述的移动装置,其中,在令牌存储器中存储所述令牌包括在所述移动装置的安全存储器中存储令牌,确定与存储的令牌关联的令牌密钥,并向所述移动装置上的移动应用提供所述令牌密钥,以用作针对所述令牌的令牌参考标识符。
14.根据权利要求12所述的移动装置,其中,所述令牌请求消息经由所述移动装置上提供的令牌模块发送至所述令牌服务器计算机,并且由所述令牌模块从所述令牌服务器计算机接收与所述加密的用户数据关联的令牌。
15.根据权利要求12所述的移动装置,其中,所述方法还包括:
与访问装置交互,以使用所述移动装置上提供的移动应用发起交易;以及
向所述访问装置提供所述令牌,其中,所述令牌由绕过所述移动应用的令牌模块提供至所述访问装置,其中,所述令牌模块存储在所述移动装置上。
16.根据权利要求12所述的移动装置,其中,所述方法还包括:
由所述移动装置请求所述令牌的状态;
由所述移动装置从所述令牌服务器计算机接收令牌状态响应;以及
由所述移动装置在所述令牌存储器中存储与所述令牌关联的状态。
17.根据权利要求12所述的移动装置,其中,所述令牌存储器由所述移动装置上提供的令牌模块管理,所述令牌模块与所述令牌服务器计算机关联,使得所述移动装置经由所述令牌模块与所述令牌服务器计算机对接。
18.根据权利要求17所述的移动装置,其中,所述令牌模块与所述令牌服务器计算机的应用编程接口(API)对接。
CN201580051326.XA 2014-09-26 2015-09-28 远程服务器加密的数据的储备系统和方法 Active CN107087432B (zh)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010703728.6A CN111866873B (zh) 2014-09-26 2015-09-28 远程服务器加密的数据的储备系统和方法

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201462056401P 2014-09-26 2014-09-26
US62/056,401 2014-09-26
US201562107966P 2015-01-26 2015-01-26
US62/107,966 2015-01-26
PCT/US2015/052667 WO2016049636A2 (en) 2014-09-26 2015-09-28 Remote server encrypted data provisioning system and methods

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN202010703728.6A Division CN111866873B (zh) 2014-09-26 2015-09-28 远程服务器加密的数据的储备系统和方法

Publications (2)

Publication Number Publication Date
CN107087432A CN107087432A (zh) 2017-08-22
CN107087432B true CN107087432B (zh) 2020-08-07

Family

ID=55582265

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202010703728.6A Active CN111866873B (zh) 2014-09-26 2015-09-28 远程服务器加密的数据的储备系统和方法
CN201580051326.XA Active CN107087432B (zh) 2014-09-26 2015-09-28 远程服务器加密的数据的储备系统和方法

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN202010703728.6A Active CN111866873B (zh) 2014-09-26 2015-09-28 远程服务器加密的数据的储备系统和方法

Country Status (10)

Country Link
US (2) US10255456B2 (zh)
EP (2) EP3518567B1 (zh)
CN (2) CN111866873B (zh)
AU (2) AU2015319804B2 (zh)
BR (1) BR112017005824A2 (zh)
CA (1) CA2960319A1 (zh)
ES (1) ES2732564T3 (zh)
RU (2) RU2019124722A (zh)
SG (2) SG11201701653WA (zh)
WO (1) WO2016049636A2 (zh)

Families Citing this family (301)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140019352A1 (en) 2011-02-22 2014-01-16 Visa International Service Association Multi-purpose virtual card transaction apparatuses, methods and systems
US8762263B2 (en) 2005-09-06 2014-06-24 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
US7739169B2 (en) 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
US7937324B2 (en) 2007-09-13 2011-05-03 Visa U.S.A. Inc. Account permanence
US8219489B2 (en) 2008-07-29 2012-07-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US10867298B1 (en) 2008-10-31 2020-12-15 Wells Fargo Bank, N.A. Payment vehicle with on and off function
US20100114768A1 (en) 2008-10-31 2010-05-06 Wachovia Corporation Payment vehicle with on and off function
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US8893967B2 (en) 2009-05-15 2014-11-25 Visa International Service Association Secure Communication of payment information to merchants using a verification token
US8534564B2 (en) 2009-05-15 2013-09-17 Ayman Hammad Integration of verification tokens with mobile communication devices
US9105027B2 (en) 2009-05-15 2015-08-11 Visa International Service Association Verification of portable consumer device for secure services
US9038886B2 (en) 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US10846683B2 (en) 2009-05-15 2020-11-24 Visa International Service Association Integration of verification tokens with mobile communication devices
US10140598B2 (en) 2009-05-20 2018-11-27 Visa International Service Association Device including encrypted data for expiration date and verification value creation
AU2011205391B2 (en) 2010-01-12 2014-11-20 Visa International Service Association Anytime validation for verification tokens
US9245267B2 (en) 2010-03-03 2016-01-26 Visa International Service Association Portable account number for consumer payment account
US9342832B2 (en) 2010-08-12 2016-05-17 Visa International Service Association Securing external systems with account token substitution
US10586227B2 (en) 2011-02-16 2020-03-10 Visa International Service Association Snap mobile payment apparatuses, methods and systems
WO2012112822A2 (en) 2011-02-16 2012-08-23 Visa International Service Association Snap mobile payment apparatuses, methods and systems
US10223691B2 (en) 2011-02-22 2019-03-05 Visa International Service Association Universal electronic payment apparatuses, methods and systems
EP2681701A4 (en) 2011-03-04 2014-08-20 Visa Int Service Ass INTEGRATION OF PAYMENT OPTIONS IN SAFE ITEMS OF COMPUTERS
WO2012142045A2 (en) 2011-04-11 2012-10-18 Visa International Service Association Multiple tokenization for authentication
US9582598B2 (en) 2011-07-05 2017-02-28 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
US9355393B2 (en) 2011-08-18 2016-05-31 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US10121129B2 (en) 2011-07-05 2018-11-06 Visa International Service Association Electronic wallet checkout platform apparatuses, methods and systems
WO2013019567A2 (en) 2011-07-29 2013-02-07 Visa International Service Association Passing payment tokens through an hop/sop
US10242358B2 (en) 2011-08-18 2019-03-26 Visa International Service Association Remote decoupled application persistent state apparatuses, methods and systems
US9710807B2 (en) 2011-08-18 2017-07-18 Visa International Service Association Third-party value added wallet features and interfaces apparatuses, methods and systems
US10825001B2 (en) 2011-08-18 2020-11-03 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US10223730B2 (en) 2011-09-23 2019-03-05 Visa International Service Association E-wallet store injection search apparatuses, methods and systems
WO2013103991A1 (en) 2012-01-05 2013-07-11 Visa International Service Association Data protection with translation
US10223710B2 (en) 2013-01-04 2019-03-05 Visa International Service Association Wearable intelligent vision device apparatuses, methods and systems
WO2013113004A1 (en) 2012-01-26 2013-08-01 Visa International Service Association System and method of providing tokenization as a service
AU2013214801B2 (en) 2012-02-02 2018-06-21 Visa International Service Association Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems
US10282724B2 (en) 2012-03-06 2019-05-07 Visa International Service Association Security system incorporating mobile device
US20130297501A1 (en) 2012-05-04 2013-11-07 Justin Monk System and method for local data conversion
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
WO2014008403A1 (en) 2012-07-03 2014-01-09 Visa International Service Association Data protection hub
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
AU2013315510B2 (en) 2012-09-11 2019-08-22 Visa International Service Association Cloud-based Virtual Wallet NFC Apparatuses, methods and systems
US10176478B2 (en) 2012-10-23 2019-01-08 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
US10304047B2 (en) 2012-12-07 2019-05-28 Visa International Service Association Token generating component
US10740731B2 (en) 2013-01-02 2020-08-11 Visa International Service Association Third party settlement
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US11055710B2 (en) 2013-05-02 2021-07-06 Visa International Service Association Systems and methods for verifying and processing transactions using virtual currency
US9978062B2 (en) 2013-05-15 2018-05-22 Visa International Service Association Mobile tokenization hub
US10878422B2 (en) 2013-06-17 2020-12-29 Visa International Service Association System and method using merchant token
SG10201800626RA (en) 2013-07-24 2018-02-27 Visa Int Service Ass Systems and methods for interoperable network token processing
EP3025291A1 (en) 2013-07-26 2016-06-01 Visa International Service Association Provisioning payment credentials to a consumer
WO2015021420A1 (en) 2013-08-08 2015-02-12 Visa International Service Association Methods and systems for provisioning mobile devices with payment credentials
US10496986B2 (en) 2013-08-08 2019-12-03 Visa International Service Association Multi-network tokenization processing
US10891610B2 (en) 2013-10-11 2021-01-12 Visa International Service Association Network token system
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
US10515358B2 (en) 2013-10-18 2019-12-24 Visa International Service Association Contextual transaction token methods and systems
US10489779B2 (en) 2013-10-21 2019-11-26 Visa International Service Association Multi-network token bin routing with defined verification parameters
US10366387B2 (en) 2013-10-29 2019-07-30 Visa International Service Association Digital wallet system and method
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
CN115082065A (zh) 2013-12-19 2022-09-20 维萨国际服务协会 基于云的交易方法和系统
US10433128B2 (en) 2014-01-07 2019-10-01 Visa International Service Association Methods and systems for provisioning multiple devices
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
US11615401B1 (en) 2014-04-30 2023-03-28 Wells Fargo Bank, N.A. Mobile wallet authentication systems and methods
US9652770B1 (en) 2014-04-30 2017-05-16 Wells Fargo Bank, N.A. Mobile wallet using tokenized card systems and methods
US11748736B1 (en) 2014-04-30 2023-09-05 Wells Fargo Bank, N.A. Mobile wallet integration within mobile banking
US10997592B1 (en) 2014-04-30 2021-05-04 Wells Fargo Bank, N.A. Mobile wallet account balance systems and methods
US11610197B1 (en) 2014-04-30 2023-03-21 Wells Fargo Bank, N.A. Mobile wallet rewards redemption systems and methods
US11461766B1 (en) 2014-04-30 2022-10-04 Wells Fargo Bank, N.A. Mobile wallet using tokenized card systems and methods
US11288660B1 (en) 2014-04-30 2022-03-29 Wells Fargo Bank, N.A. Mobile wallet account balance systems and methods
SG11201608973TA (en) 2014-05-01 2016-11-29 Visa Int Service Ass Data verification using access device
SG10202007850WA (en) 2014-05-05 2020-09-29 Visa Int Service Ass System and method for token domain control
EP3146747B1 (en) 2014-05-21 2020-07-01 Visa International Service Association Offline authentication
US11023890B2 (en) 2014-06-05 2021-06-01 Visa International Service Association Identification and verification for provisioning mobile application
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US10484345B2 (en) 2014-07-31 2019-11-19 Visa International Service Association System and method for identity verification across mobile applications
US20170220819A1 (en) * 2014-08-12 2017-08-03 Hewlett Packard Enterprise Development Lp Information exchange gateway
US10445739B1 (en) 2014-08-14 2019-10-15 Wells Fargo Bank, N.A. Use limitations for secondary users of financial accounts
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US10140615B2 (en) 2014-09-22 2018-11-27 Visa International Service Association Secure mobile device credential provisioning using risk decision non-overrides
US11257074B2 (en) 2014-09-29 2022-02-22 Visa International Service Association Transaction risk based token
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
GB201419016D0 (en) 2014-10-24 2014-12-10 Visa Europe Ltd Transaction Messaging
US11620643B2 (en) 2014-11-26 2023-04-04 Visa International Service Association Tokenization request via access device
US10257185B2 (en) 2014-12-12 2019-04-09 Visa International Service Association Automated access data provisioning
JP6622309B2 (ja) 2014-12-12 2019-12-18 ビザ インターナショナル サービス アソシエーション マシンツーマシン装置のためのプロビジョニング・プラットフォーム
US10205710B2 (en) * 2015-01-08 2019-02-12 Intertrust Technologies Corporation Cryptographic systems and methods
US10096009B2 (en) 2015-01-20 2018-10-09 Visa International Service Association Secure payment processing using authorization request
US20180268403A1 (en) * 2015-01-27 2018-09-20 Abhishek Guglani Multiple protocol transaction encryption
US11250391B2 (en) 2015-01-30 2022-02-15 Visa International Service Association Token check offline
US11853919B1 (en) 2015-03-04 2023-12-26 Wells Fargo Bank, N.A. Systems and methods for peer-to-peer funds requests
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
US11736468B2 (en) * 2015-03-16 2023-08-22 Assa Abloy Ab Enhanced authorization
US10910089B2 (en) * 2015-03-20 2021-02-02 Universal Patient Key, Inc. Methods and systems providing centralized encryption key management for sharing data across diverse entities
US11429975B1 (en) 2015-03-27 2022-08-30 Wells Fargo Bank, N.A. Token management system
SG11201706576TA (en) 2015-04-10 2017-09-28 Visa Int Service Ass Browser integration with cryptogram
US9998978B2 (en) 2015-04-16 2018-06-12 Visa International Service Association Systems and methods for processing dormant virtual access devices
US10410208B2 (en) * 2015-04-24 2019-09-10 Capital One Services, Llc Token identity devices
US10552834B2 (en) 2015-04-30 2020-02-04 Visa International Service Association Tokenization capable authentication framework
US10505940B2 (en) * 2015-06-19 2019-12-10 Capital One Services, Llc Systems and methods for managing electronic tokens for device interactions
US11170364B1 (en) 2015-07-31 2021-11-09 Wells Fargo Bank, N.A. Connected payment card systems and methods
CN114529300A (zh) 2015-10-15 2022-05-24 维萨国际服务协会 即时令牌发行系统
CN113542293B (zh) 2015-12-04 2023-11-07 维萨国际服务协会 用于令牌验证的方法及计算机
US10243958B2 (en) 2016-01-07 2019-03-26 Visa International Service Association Systems and methods for device push provisoning
US10475036B2 (en) * 2016-01-08 2019-11-12 Ca, Inc. Restricting account use by controlled replenishment
WO2017136418A1 (en) 2016-02-01 2017-08-10 Visa International Service Association Systems and methods for code display and use
US11501288B2 (en) 2016-02-09 2022-11-15 Visa International Service Association Resource provider account token provisioning and processing
US10313321B2 (en) 2016-04-07 2019-06-04 Visa International Service Association Tokenization of co-network accounts
US11386421B2 (en) 2016-04-19 2022-07-12 Visa International Service Association Systems and methods for performing push transactions
US11250424B2 (en) 2016-05-19 2022-02-15 Visa International Service Association Systems and methods for creating subtokens using primary tokens
EP3466017B1 (en) 2016-06-03 2021-05-19 Visa International Service Association Subtoken management system for connected devices
WO2017211524A1 (en) * 2016-06-08 2017-12-14 Deutsche Telekom Ag Improved handling of ims services and emergency calls in a roaming scenario of a user equipment
US11068899B2 (en) 2016-06-17 2021-07-20 Visa International Service Association Token aggregation for multi-party transactions
CN115187242A (zh) 2016-06-24 2022-10-14 维萨国际服务协会 唯一令牌认证验证值
US11386223B1 (en) 2016-07-01 2022-07-12 Wells Fargo Bank, N.A. Access control tower
US10992679B1 (en) 2016-07-01 2021-04-27 Wells Fargo Bank, N.A. Access control tower
US11615402B1 (en) 2016-07-01 2023-03-28 Wells Fargo Bank, N.A. Access control tower
US11935020B1 (en) 2016-07-01 2024-03-19 Wells Fargo Bank, N.A. Control tower for prospective transactions
US11886611B1 (en) 2016-07-01 2024-01-30 Wells Fargo Bank, N.A. Control tower for virtual rewards currency
BR112018076196A2 (pt) 2016-07-11 2019-03-26 Visa International Service Association método, e, dispositivos de comunicação portátil e de acesso.
CN109478287B (zh) 2016-07-19 2023-08-15 维萨国际服务协会 分发令牌和管理令牌关系的方法
SG10201605974YA (en) * 2016-07-20 2018-02-27 Mastercard Asia Pacific Pte Ltd Transaction facilitation
WO2018026841A1 (en) * 2016-08-01 2018-02-08 Georgia Tech Research Corporation Methods and systems for providing secure mobile edge computing ecosystems
US10075300B1 (en) 2016-09-13 2018-09-11 Wells Fargo Bank, N.A. Secure digital communications
US10057061B1 (en) 2016-09-13 2018-08-21 Wells Fargo Bank, N.A. Secure digital communications
US10509779B2 (en) 2016-09-14 2019-12-17 Visa International Service Association Self-cleaning token vault
EP3456034B1 (en) * 2016-09-23 2021-06-23 Apple Inc. Managing credentials of multiple users on an electronic device
US11468414B1 (en) 2016-10-03 2022-10-11 Wells Fargo Bank, N.A. Systems and methods for establishing a pull payment relationship
KR101944741B1 (ko) * 2016-10-28 2019-02-01 삼성에스디에스 주식회사 암호화 장치 및 방법
US10492067B2 (en) * 2016-11-18 2019-11-26 Siemens Industry, Inc. Secure access authorization method
WO2018098492A1 (en) 2016-11-28 2018-05-31 Visa International Service Association Access identifier provisioning to application
US10853798B1 (en) 2016-11-28 2020-12-01 Wells Fargo Bank, N.A. Secure wallet-to-wallet transactions
US10659433B2 (en) * 2016-11-30 2020-05-19 Salesforce.Com, Inc. Encrypting and securing data with reverse proxies across frames in an on-demand services environment
US20180158052A1 (en) * 2016-12-01 2018-06-07 The Toronto-Dominion Bank Asynchronous cryptogram-based authentication processes
US10057225B1 (en) 2016-12-29 2018-08-21 Wells Fargo Bank, N.A. Wireless peer to peer mobile wallet connections
US10915899B2 (en) 2017-03-17 2021-02-09 Visa International Service Association Replacing token on a multi-token user device
US11556936B1 (en) 2017-04-25 2023-01-17 Wells Fargo Bank, N.A. System and method for card control
US10902418B2 (en) 2017-05-02 2021-01-26 Visa International Service Association System and method using interaction token
US11494765B2 (en) 2017-05-11 2022-11-08 Visa International Service Association Secure remote transaction system using mobile devices
TWI643148B (zh) * 2017-06-02 2018-12-01 中華電信股份有限公司 Mobile device, method, computer program product, and distribution system thereof for configuring ticket co-branded credit card based on coding technology
US11062388B1 (en) 2017-07-06 2021-07-13 Wells Fargo Bank, N.A Data control tower
US10491389B2 (en) 2017-07-14 2019-11-26 Visa International Service Association Token provisioning utilizing a secure authentication system
US10776777B1 (en) 2017-08-04 2020-09-15 Wells Fargo Bank, N.A. Consolidating application access in a mobile wallet
US11004548B1 (en) 2017-09-20 2021-05-11 Datavant, Inc. System for providing de-identified mortality indicators in healthcare data
US11182780B2 (en) 2017-11-13 2021-11-23 American Express Travel Related Services Company, Inc. Secured account provisioning and payments for NFC-enabled devices
US11188887B1 (en) 2017-11-20 2021-11-30 Wells Fargo Bank, N.A. Systems and methods for payment information access management
US11537748B2 (en) 2018-01-26 2022-12-27 Datavant, Inc. Self-contained system for de-identifying unstructured data in healthcare records
US11102180B2 (en) * 2018-01-31 2021-08-24 The Toronto-Dominion Bank Real-time authentication and authorization based on dynamically generated cryptographic data
US10645583B2 (en) * 2018-02-15 2020-05-05 Nokia Technologies Oy Security management for roaming service authorization in communication systems with service-based architecture
US11295297B1 (en) 2018-02-26 2022-04-05 Wells Fargo Bank, N.A. Systems and methods for pushing usable objects and third-party provisioning to a mobile wallet
EP3531358A1 (en) * 2018-02-27 2019-08-28 Mastercard International Incorporated Reducing fraudulent data transfers
EP3762844A4 (en) 2018-03-07 2021-04-21 Visa International Service Association SECURE REMOTE TOKEN RELEASE WITH ONLINE AUTHENTICATION
US11687929B2 (en) * 2018-03-23 2023-06-27 American Express Travel Related Services Co., Inc. Authenticated secure online and offline transactions
US11397935B2 (en) * 2018-04-02 2022-07-26 Hover Developer Services, Inc. System and method for wireless transactions
US11042668B1 (en) 2018-04-12 2021-06-22 Datavant, Inc. System for preparing data for expert certification and monitoring data over time to ensure compliance with certified boundary conditions
US11120144B1 (en) 2018-04-12 2021-09-14 Datavant, Inc. Methods and systems providing central management of distributed de-identification and tokenization software for sharing data
US11080423B1 (en) 2018-04-13 2021-08-03 Datavant, Inc. System for simulating a de-identified healthcare data set and creating simulated personal data while retaining profile of authentic data
US11074577B1 (en) 2018-05-10 2021-07-27 Wells Fargo Bank, N.A. Systems and methods for making person-to-person payments via mobile client application
US11775955B1 (en) 2018-05-10 2023-10-03 Wells Fargo Bank, N.A. Systems and methods for making person-to-person payments via mobile client application
US10572683B2 (en) 2018-05-13 2020-02-25 Richard Jay Langley Individual data unit and methods and systems for enhancing the security of user data
US11256789B2 (en) 2018-06-18 2022-02-22 Visa International Service Association Recurring token transactions
US10546444B2 (en) 2018-06-21 2020-01-28 Capital One Services, Llc Systems and methods for secure read-only authentication
CA3105345A1 (en) * 2018-07-03 2020-01-09 Visa International Service Association Token state synchronization
CN110677268B (zh) * 2018-07-03 2022-04-08 中国电信股份有限公司 Nfv自动编排调度方法、装置和系统
US10802948B2 (en) 2018-07-13 2020-10-13 Bank Of America Corporation Integrated testing data provisioning and conditioning system for application development
US11558193B2 (en) * 2018-08-13 2023-01-17 Google Llc Location-based access to controlled access resources
EP3841498B1 (en) 2018-08-22 2024-05-01 Visa International Service Association Method and system for token provisioning and processing
US11605065B2 (en) * 2018-08-24 2023-03-14 Mastercard International Incorporated Systems and methods for secure remote commerce
US11599862B1 (en) 2018-08-30 2023-03-07 Wells Fargo Bank, N.A. User interface for a biller directory and payments engine
US12045809B1 (en) * 2018-08-30 2024-07-23 Wells Fargo Bank, N.A. Biller consortium enrollment and transaction management engine
US10554411B1 (en) 2018-10-02 2020-02-04 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
KR20210068391A (ko) 2018-10-02 2021-06-09 캐피탈 원 서비시즈, 엘엘씨 비접촉식 카드의 암호화 인증을 위한 시스템 및 방법
US10686603B2 (en) 2018-10-02 2020-06-16 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US11210664B2 (en) 2018-10-02 2021-12-28 Capital One Services, Llc Systems and methods for amplifying the strength of cryptographic algorithms
US10579998B1 (en) 2018-10-02 2020-03-03 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US10582386B1 (en) 2018-10-02 2020-03-03 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
WO2020072626A1 (en) 2018-10-02 2020-04-09 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US10949520B2 (en) 2018-10-02 2021-03-16 Capital One Services, Llc Systems and methods for cross coupling risk analytics and one-time-passcodes
US10565587B1 (en) 2018-10-02 2020-02-18 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
KR20210068028A (ko) 2018-10-02 2021-06-08 캐피탈 원 서비시즈, 엘엘씨 비접촉식 카드의 암호화 인증을 위한 시스템 및 방법
US10771254B2 (en) 2018-10-02 2020-09-08 Capital One Services, Llc Systems and methods for email-based card activation
WO2020072537A1 (en) 2018-10-02 2020-04-09 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US10771253B2 (en) 2018-10-02 2020-09-08 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
JP2022511281A (ja) 2018-10-02 2022-01-31 キャピタル・ワン・サービシーズ・リミテッド・ライアビリティ・カンパニー 非接触カードの暗号化認証のためのシステムおよび方法
US10505738B1 (en) 2018-10-02 2019-12-10 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
WO2020072694A1 (en) 2018-10-02 2020-04-09 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
AU2019351911A1 (en) 2018-10-02 2021-02-25 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
WO2020072552A1 (en) 2018-10-02 2020-04-09 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US10542036B1 (en) 2018-10-02 2020-01-21 Capital One Services, Llc Systems and methods for signaling an attack on contactless cards
US10581611B1 (en) 2018-10-02 2020-03-03 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
WO2020072670A1 (en) 2018-10-02 2020-04-09 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US10511443B1 (en) 2018-10-02 2019-12-17 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
WO2020072474A1 (en) 2018-10-02 2020-04-09 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US10592710B1 (en) 2018-10-02 2020-03-17 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US10733645B2 (en) 2018-10-02 2020-08-04 Capital One Services, Llc Systems and methods for establishing identity for order pick up
US10860814B2 (en) 2018-10-02 2020-12-08 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US10607214B1 (en) 2018-10-02 2020-03-31 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US10489781B1 (en) 2018-10-02 2019-11-26 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
CA3115084A1 (en) 2018-10-02 2020-04-09 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
US10909527B2 (en) 2018-10-02 2021-02-02 Capital One Services, Llc Systems and methods for performing a reissue of a contactless card
CN112805737A (zh) 2018-10-08 2021-05-14 维萨国际服务协会 用于令牌邻近交易的技术
US10372440B1 (en) * 2018-11-09 2019-08-06 Capital One Services, Llc Tokenized mobile device update systems and methods
US10671375B1 (en) * 2018-11-09 2020-06-02 Capital One Services, Llc Tokenized mobile device update systems and methods
CN116074089A (zh) * 2018-11-14 2023-05-05 维萨国际服务协会 多个令牌的云令牌预配
US11361302B2 (en) 2019-01-11 2022-06-14 Capital One Services, Llc Systems and methods for touch screen interface interaction using a card overlay
US11037136B2 (en) 2019-01-24 2021-06-15 Capital One Services, Llc Tap to autofill card data
US11496454B2 (en) * 2019-01-31 2022-11-08 Dell Products L.P. System and method for providing comprehensive remote authorized access to multiple equipment in a datacenter
US10467622B1 (en) 2019-02-01 2019-11-05 Capital One Services, Llc Using on-demand applications to generate virtual numbers for a contactless card to securely autofill forms
US11120453B2 (en) 2019-02-01 2021-09-14 Capital One Services, Llc Tap card to securely generate card data to copy to clipboard
US10510074B1 (en) 2019-02-01 2019-12-17 Capital One Services, Llc One-tap payment using a contactless card
US10425129B1 (en) 2019-02-27 2019-09-24 Capital One Services, Llc Techniques to reduce power consumption in near field communication systems
US10523708B1 (en) 2019-03-18 2019-12-31 Capital One Services, Llc System and method for second factor authentication of customer support calls
US10643420B1 (en) 2019-03-20 2020-05-05 Capital One Services, Llc Contextual tapping engine
US10535062B1 (en) 2019-03-20 2020-01-14 Capital One Services, Llc Using a contactless card to securely share personal data stored in a blockchain
US10984416B2 (en) 2019-03-20 2021-04-20 Capital One Services, Llc NFC mobile currency transfer
US10438437B1 (en) 2019-03-20 2019-10-08 Capital One Services, Llc Tap to copy data to clipboard via NFC
US10970712B2 (en) 2019-03-21 2021-04-06 Capital One Services, Llc Delegated administration of permissions using a contactless card
US11227280B2 (en) 2019-03-25 2022-01-18 Capital One Services, Llc Systems and methods for increased efficiency and reliability of contactless card transactions
US12105789B2 (en) * 2019-03-27 2024-10-01 Visa International Service Association Enhanced consumer device validation
US10467445B1 (en) 2019-03-28 2019-11-05 Capital One Services, Llc Devices and methods for contactless card alignment with a foldable mobile device
US11849042B2 (en) 2019-05-17 2023-12-19 Visa International Service Association Virtual access credential interaction system and method
US11521262B2 (en) 2019-05-28 2022-12-06 Capital One Services, Llc NFC enhanced augmented reality information overlays
US11551190B1 (en) 2019-06-03 2023-01-10 Wells Fargo Bank, N.A. Instant network cash transfer at point of sale
US10516447B1 (en) 2019-06-17 2019-12-24 Capital One Services, Llc Dynamic power levels in NFC card communications
US11025732B2 (en) * 2019-06-17 2021-06-01 Vmware, Inc. Method and apparatus to perform user authentication during cloud provider sessions
US11392933B2 (en) 2019-07-03 2022-07-19 Capital One Services, Llc Systems and methods for providing online and hybridcard interactions
US10871958B1 (en) 2019-07-03 2020-12-22 Capital One Services, Llc Techniques to perform applet programming
US11694187B2 (en) 2019-07-03 2023-07-04 Capital One Services, Llc Constraining transactional capabilities for contactless cards
US12086852B2 (en) 2019-07-08 2024-09-10 Capital One Services, Llc Authenticating voice transactions with payment card
US10713649B1 (en) 2019-07-09 2020-07-14 Capital One Services, Llc System and method enabling mobile near-field communication to update display on a payment card
US10498401B1 (en) 2019-07-15 2019-12-03 Capital One Services, Llc System and method for guiding card positioning using phone sensors
US10885514B1 (en) 2019-07-15 2021-01-05 Capital One Services, Llc System and method for using image data to trigger contactless card transactions
US11182771B2 (en) 2019-07-17 2021-11-23 Capital One Services, Llc System for value loading onto in-vehicle device
US10832271B1 (en) 2019-07-17 2020-11-10 Capital One Services, Llc Verified reviews using a contactless card
US10733601B1 (en) 2019-07-17 2020-08-04 Capital One Services, Llc Body area network facilitated authentication or payment authorization
US11521213B2 (en) 2019-07-18 2022-12-06 Capital One Services, Llc Continuous authentication for digital services based on contactless card positioning
US10506426B1 (en) 2019-07-19 2019-12-10 Capital One Services, Llc Techniques for call authentication
US10541995B1 (en) 2019-07-23 2020-01-21 Capital One Services, Llc First factor contactless card authentication system and method
WO2021026534A1 (en) * 2019-08-08 2021-02-11 Visa International Service Association Mobile application integration
KR20220071211A (ko) 2019-10-02 2022-05-31 캐피탈 원 서비시즈, 엘엘씨 비접촉식 레거시 자기 스트라이프 데이터를 사용한 클라이언트 디바이스 인증
US11582036B1 (en) * 2019-10-18 2023-02-14 Splunk Inc. Scaled authentication of endpoint devices
US11842328B2 (en) * 2019-10-24 2023-12-12 Mastercard International Incorporated Systems and methods for provisioning a token to a token storage device
US11451520B2 (en) * 2019-12-05 2022-09-20 Jonathan Cobb Private network and application provisioning system
US11651361B2 (en) 2019-12-23 2023-05-16 Capital One Services, Llc Secure authentication based on passport data stored in a contactless card
US10885410B1 (en) 2019-12-23 2021-01-05 Capital One Services, Llc Generating barcodes utilizing cryptographic techniques
US10657754B1 (en) 2019-12-23 2020-05-19 Capital One Services, Llc Contactless card and personal identification system
US10733283B1 (en) 2019-12-23 2020-08-04 Capital One Services, Llc Secure password generation and management using NFC and contactless smart cards
US11113685B2 (en) 2019-12-23 2021-09-07 Capital One Services, Llc Card issuing with restricted virtual numbers
US10862540B1 (en) 2019-12-23 2020-12-08 Capital One Services, Llc Method for mapping NFC field strength and location on mobile devices
US11615395B2 (en) 2019-12-23 2023-03-28 Capital One Services, Llc Authentication for third party digital wallet provisioning
US10853795B1 (en) 2019-12-24 2020-12-01 Capital One Services, Llc Secure authentication based on identity data stored in a contactless card
US11200563B2 (en) 2019-12-24 2021-12-14 Capital One Services, Llc Account registration using a contactless card
US10664941B1 (en) 2019-12-24 2020-05-26 Capital One Services, Llc Steganographic image encoding of biometric template information on a card
US10757574B1 (en) 2019-12-26 2020-08-25 Capital One Services, Llc Multi-factor authentication providing a credential via a contactless card for secure messaging
US10909544B1 (en) 2019-12-26 2021-02-02 Capital One Services, Llc Accessing and utilizing multiple loyalty point accounts
US11038688B1 (en) 2019-12-30 2021-06-15 Capital One Services, Llc Techniques to control applets for contactless cards
US10860914B1 (en) 2019-12-31 2020-12-08 Capital One Services, Llc Contactless card and method of assembly
US11455620B2 (en) 2019-12-31 2022-09-27 Capital One Services, Llc Tapping a contactless card to a computing device to provision a virtual number
WO2021150218A1 (en) * 2020-01-22 2021-07-29 Visa International Service Association System and method for revocable peer-to-peer payments
US11210656B2 (en) 2020-04-13 2021-12-28 Capital One Services, Llc Determining specific terms for contactless card activation
US11823175B2 (en) 2020-04-30 2023-11-21 Capital One Services, Llc Intelligent card unlock
US10915888B1 (en) 2020-04-30 2021-02-09 Capital One Services, Llc Contactless card with multiple rotating security keys
US10861006B1 (en) 2020-04-30 2020-12-08 Capital One Services, Llc Systems and methods for data access control using a short-range transceiver
US11222342B2 (en) 2020-04-30 2022-01-11 Capital One Services, Llc Accurate images in graphical user interfaces to enable data transfer
US11030339B1 (en) * 2020-04-30 2021-06-08 Capital One Services, Llc Systems and methods for data access control of personal user data using a short-range transceiver
US10963865B1 (en) 2020-05-12 2021-03-30 Capital One Services, Llc Augmented reality card activation experience
US11100511B1 (en) 2020-05-18 2021-08-24 Capital One Services, Llc Application-based point of sale system in mobile operating systems
US11063979B1 (en) 2020-05-18 2021-07-13 Capital One Services, Llc Enabling communications between applications in a mobile operating system
US11062098B1 (en) 2020-08-11 2021-07-13 Capital One Services, Llc Augmented reality information display and interaction via NFC based authentication
US10992606B1 (en) 2020-09-04 2021-04-27 Wells Fargo Bank, N.A. Synchronous interfacing with unaffiliated networked systems to alter functionality of sets of electronic assets
US11755779B1 (en) 2020-09-30 2023-09-12 Datavant, Inc. Linking of tokenized trial data to other tokenized data
WO2022072166A1 (en) * 2020-10-01 2022-04-07 Mastercard Internationalincorporated Systems and methods for securely opening apis with cardholder authentication and consent
US11165586B1 (en) 2020-10-30 2021-11-02 Capital One Services, Llc Call center web-based authentication using a contactless card
US11482312B2 (en) 2020-10-30 2022-10-25 Capital One Services, Llc Secure verification of medical status using a contactless card
US11373169B2 (en) 2020-11-03 2022-06-28 Capital One Services, Llc Web-based activation of contactless cards
US11216799B1 (en) 2021-01-04 2022-01-04 Capital One Services, Llc Secure generation of one-time passcodes using a contactless card
US11546338B1 (en) 2021-01-05 2023-01-03 Wells Fargo Bank, N.A. Digital account controls portal and protocols for federated and non-federated systems and devices
US11682012B2 (en) 2021-01-27 2023-06-20 Capital One Services, Llc Contactless delivery systems and methods
US11562358B2 (en) 2021-01-28 2023-01-24 Capital One Services, Llc Systems and methods for near field contactless card communication and cryptographic authentication
US11687930B2 (en) 2021-01-28 2023-06-27 Capital One Services, Llc Systems and methods for authentication of access tokens
US11792001B2 (en) 2021-01-28 2023-10-17 Capital One Services, Llc Systems and methods for secure reprovisioning
US11438329B2 (en) 2021-01-29 2022-09-06 Capital One Services, Llc Systems and methods for authenticated peer-to-peer data transfer using resource locators
US11777933B2 (en) 2021-02-03 2023-10-03 Capital One Services, Llc URL-based authentication for payment cards
US11637826B2 (en) 2021-02-24 2023-04-25 Capital One Services, Llc Establishing authentication persistence
US11245438B1 (en) 2021-03-26 2022-02-08 Capital One Services, Llc Network-enabled smart apparatus and systems and methods for activating and provisioning same
US11632362B1 (en) * 2021-04-14 2023-04-18 SHAYRE, Inc. Systems and methods for using JWTs for information security
US11961089B2 (en) 2021-04-20 2024-04-16 Capital One Services, Llc On-demand applications to extend web services
US11935035B2 (en) 2021-04-20 2024-03-19 Capital One Services, Llc Techniques to utilize resource locators by a contactless card to perform a sequence of operations
US11902442B2 (en) 2021-04-22 2024-02-13 Capital One Services, Llc Secure management of accounts on display devices using a contactless card
US11354555B1 (en) 2021-05-04 2022-06-07 Capital One Services, Llc Methods, mediums, and systems for applying a display to a transaction card
US12041172B2 (en) 2021-06-25 2024-07-16 Capital One Services, Llc Cryptographic authentication to control access to storage devices
US20230015697A1 (en) * 2021-07-13 2023-01-19 Citrix Systems, Inc. Application programming interface (api) authorization
US12061682B2 (en) 2021-07-19 2024-08-13 Capital One Services, Llc System and method to perform digital authentication using multiple channels of communication
US12062258B2 (en) 2021-09-16 2024-08-13 Capital One Services, Llc Use of a payment card to unlock a lock
US11995621B1 (en) 2021-10-22 2024-05-28 Wells Fargo Bank, N.A. Systems and methods for native, non-native, and hybrid registration and use of tags for real-time services
CN114124382B (zh) * 2021-12-01 2024-04-09 深圳市闪剪智能科技有限公司 凭证更新方法、系统、设备及存储介质
US12069173B2 (en) 2021-12-15 2024-08-20 Capital One Services, Llc Key recovery based on contactless card authentication
US12003640B2 (en) 2022-01-06 2024-06-04 Visa International Service Association Efficient token provisioning system and method
US20230353575A1 (en) * 2022-04-27 2023-11-02 Capital One Services, Llc Cloud service-based secured data workflow integration and methods thereof
WO2023245007A1 (en) * 2022-06-14 2023-12-21 Capital One Services, LLC. Techniques to perform tap to pay operations in the ios and android operating system environments

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012030162A2 (ko) * 2010-08-31 2012-03-08 비씨카드 주식회사 카드 결제 방법, 카드 결제 시스템 및 그를 위한 이동 단말기

Family Cites Families (443)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5280527A (en) 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
US5613012A (en) 1994-11-28 1997-03-18 Smarttouch, Llc. Tokenless identification system for authorization of electronic transactions and electronic transmissions
US5781438A (en) 1995-12-19 1998-07-14 Pitney Bowes Inc. Token generation process in an open metering system
US6044360A (en) 1996-04-16 2000-03-28 Picciallo; Michael J. Third party credit card
US5930767A (en) 1997-05-28 1999-07-27 Motorola, Inc. Transaction methods systems and devices
US5913203A (en) 1996-10-03 1999-06-15 Jaesent Inc. System and method for pseudo cash transactions
US5953710A (en) 1996-10-09 1999-09-14 Fleming; Stephen S. Children's credit or debit card system
GB9624127D0 (en) 1996-11-20 1997-01-08 British Telecomm Transaction system
US5949044A (en) 1997-06-13 1999-09-07 Walker Asset Management Limited Partnership Method and apparatus for funds and credit line transfers
US7177835B1 (en) 1997-08-28 2007-02-13 Walker Digital, Llc Method and device for generating a single-use financial account number
US6163771A (en) 1997-08-28 2000-12-19 Walker Digital, Llc Method and device for generating a single-use financial account number
US6000832A (en) 1997-09-24 1999-12-14 Microsoft Corporation Electronic online commerce card with customer generated transaction proxy number for online transactions
US5883810A (en) 1997-09-24 1999-03-16 Microsoft Corporation Electronic online commerce card with transactionproxy number for online transactions
US6014635A (en) 1997-12-08 2000-01-11 Shc Direct, Inc. System and method for providing a discount credit transaction network
US6385596B1 (en) 1998-02-06 2002-05-07 Liquid Audio, Inc. Secure online music distribution system
US6980670B1 (en) 1998-02-09 2005-12-27 Indivos Corporation Biometric tokenless electronic rewards system and method
US6636833B1 (en) 1998-03-25 2003-10-21 Obis Patents Ltd. Credit card system and method
US6422462B1 (en) 1998-03-30 2002-07-23 Morris E. Cohen Apparatus and methods for improved credit cards and credit card transactions
IL125826A (en) 1998-08-17 2001-05-20 Ur Jonathan Shem Method for preventing unauthorized use of credit cards in remote payments and an optional supplemental-code card for use therein
US8799153B2 (en) 1998-08-31 2014-08-05 Mastercard International Incorporated Systems and methods for appending supplemental payment data to a transaction message
CZ20001481A3 (cs) 1998-09-04 2001-10-17 Impower, Inc. Elektronické obchodování s anonymním nakupováním a s anonymní maloobchodní dodávkou
US6327578B1 (en) 1998-12-29 2001-12-04 International Business Machines Corporation Four-party credit/debit payment protocol
EP1028401A3 (en) 1999-02-12 2003-06-25 Citibank, N.A. Method and system for performing a bankcard transaction
US7571139B1 (en) 1999-02-19 2009-08-04 Giordano Joseph A System and method for processing financial transactions
US6227447B1 (en) 1999-05-10 2001-05-08 First Usa Bank, Na Cardless payment system
US7194437B1 (en) 1999-05-14 2007-03-20 Amazon.Com, Inc. Computer-based funds transfer system
US7908216B1 (en) 1999-07-22 2011-03-15 Visa International Service Association Internet payment, authentication and loading system using virtual smart card
WO2001008066A1 (en) 1999-07-26 2001-02-01 Iprivacy Llc Electronic purchase of goods over a communication network including physical delivery while securing private and personal information
US6748367B1 (en) 1999-09-24 2004-06-08 Joonho John Lee Method and system for effecting financial transactions over a public network without submission of sensitive information
AU1598101A (en) 1999-11-10 2001-06-06 Serge M. Krasnyansky On-line payment system
WO2001045056A1 (en) 1999-12-17 2001-06-21 Chantilley Corporation Limited Secure transaction systems
US20020178370A1 (en) 1999-12-30 2002-11-28 Gurevich Michael N. Method and apparatus for secure authentication and sensitive data management
US7426750B2 (en) 2000-02-18 2008-09-16 Verimatrix, Inc. Network-based content distribution system
US6453301B1 (en) 2000-02-23 2002-09-17 Sony Corporation Method of using personal device with internal biometric in conducting transactions over a network
US20010029485A1 (en) 2000-02-29 2001-10-11 E-Scoring, Inc. Systems and methods enabling anonymous credit transactions
TW550477B (en) 2000-03-01 2003-09-01 Passgate Corp Method, system and computer readable medium for Web site account and e-commerce management from a central location
US7865414B2 (en) 2000-03-01 2011-01-04 Passgate Corporation Method, system and computer readable medium for web site account and e-commerce management from a central location
US7627531B2 (en) 2000-03-07 2009-12-01 American Express Travel Related Services Company, Inc. System for facilitating a transaction
AU2001243658B2 (en) 2000-03-15 2005-12-15 Mastercard International Incorporated Method and system for secure payments over a computer network
US20100228668A1 (en) 2000-04-11 2010-09-09 Hogan Edward J Method and System for Conducting a Transaction Using a Proximity Device and an Identifier
US7177848B2 (en) 2000-04-11 2007-02-13 Mastercard International Incorporated Method and system for conducting secure payments over a computer network without a pseudo or proxy account number
US20100223186A1 (en) 2000-04-11 2010-09-02 Hogan Edward J Method and System for Conducting Secure Payments
US6990470B2 (en) 2000-04-11 2006-01-24 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US7379919B2 (en) 2000-04-11 2008-05-27 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US20070129955A1 (en) 2000-04-14 2007-06-07 American Express Travel Related Services Company, Inc. System and method for issuing and using a loyalty point advance
CA2305249A1 (en) 2000-04-14 2001-10-14 Branko Sarcanin Virtual safe
US8046256B2 (en) 2000-04-14 2011-10-25 American Express Travel Related Services Company, Inc. System and method for using loyalty rewards as currency
US6592044B1 (en) 2000-05-15 2003-07-15 Jacob Y. Wong Anonymous electronic card for generating personal coupons useful in commercial and security transactions
US20020016749A1 (en) 2000-05-26 2002-02-07 Borecki Dennis C. Methods and systems for network based electronic purchasing system
US6891953B1 (en) 2000-06-27 2005-05-10 Microsoft Corporation Method and system for binding enhanced software features to a persona
US6938019B1 (en) 2000-08-29 2005-08-30 Uzo Chijioke Chukwuemeka Method and apparatus for making secure electronic payments
WO2002019225A1 (en) 2000-09-01 2002-03-07 Infospace, Inc. Method and system for facilitating the transfer of funds utilizing a telephonic identifier
US20020073045A1 (en) 2000-10-23 2002-06-13 Rubin Aviel D. Off-line generation of limited-use credit card numbers
US7996288B1 (en) 2000-11-15 2011-08-09 Iprivacy, Llc Method and system for processing recurrent consumer transactions
US20040236632A1 (en) 2000-12-07 2004-11-25 Maritzen Michael L. System and method for conducing financial transactions using a personal transaction device with vehicle-accessed, payment-gateway terminals
US6931382B2 (en) 2001-01-24 2005-08-16 Cdck Corporation Payment instrument authorization technique
GB2372616A (en) 2001-02-23 2002-08-28 Hewlett Packard Co Transaction method and apparatus using two part tokens
US7292999B2 (en) 2001-03-15 2007-11-06 American Express Travel Related Services Company, Inc. Online card present transaction
US7237117B2 (en) 2001-03-16 2007-06-26 Kenneth P. Weiss Universal secure registry
EP1381987A4 (en) 2001-03-26 2010-09-22 3M Future Ltd TRANSACTION AUTHORIZATION SYSTEM
US20020147913A1 (en) 2001-04-09 2002-10-10 Lun Yip William Wai Tamper-proof mobile commerce system
US7650314B1 (en) 2001-05-25 2010-01-19 American Express Travel Related Services Company, Inc. System and method for securing a recurrent billing transaction
US8060448B2 (en) 2001-05-30 2011-11-15 Jones Thomas C Late binding tokens
JP4363800B2 (ja) 2001-06-11 2009-11-11 ソニー株式会社 電子商取引支援装置,電子商取引支援方法およびコンピュータプログラム
US7805378B2 (en) 2001-07-10 2010-09-28 American Express Travel Related Servicex Company, Inc. System and method for encoding information in magnetic stripe format for use in radio frequency identification transactions
US20060237528A1 (en) 2001-07-10 2006-10-26 Fred Bishop Systems and methods for non-traditional payment
US8737954B2 (en) 2001-08-21 2014-05-27 Bookit Oy Ajanvarauspalvelu Managing recurring payments from mobile terminals
US7444676B1 (en) 2001-08-29 2008-10-28 Nader Asghari-Kamrani Direct authentication and authorization system and method for trusted network of financial institutions
US7103576B2 (en) 2001-09-21 2006-09-05 First Usa Bank, Na System for providing cardless payment
US7805376B2 (en) 2002-06-14 2010-09-28 American Express Travel Related Services Company, Inc. Methods and apparatus for facilitating a transaction
US6901387B2 (en) 2001-12-07 2005-05-31 General Electric Capital Financial Electronic purchasing method and apparatus for performing the same
US7904360B2 (en) 2002-02-04 2011-03-08 Alexander William EVANS System and method for verification, authentication, and notification of a transaction
US7890393B2 (en) 2002-02-07 2011-02-15 Ebay, Inc. Method and system for completing a transaction between a customer and a merchant
AUPS087602A0 (en) 2002-03-04 2002-03-28 Ong, Yong Kin (Michael) Electronic fund transfer system
AU2003230751A1 (en) 2002-03-29 2003-10-13 Bank One, Delaware, N.A. System and process for performing purchase transaction using tokens
US20040210498A1 (en) 2002-03-29 2004-10-21 Bank One, National Association Method and system for performing purchase and other transactions using tokens with multiple chips
GB2387253B (en) 2002-04-03 2004-02-18 Swivel Technologies Ltd System and method for secure credit and debit card transactions
US20030191709A1 (en) 2002-04-03 2003-10-09 Stephen Elston Distributed payment and loyalty processing for retail and vending
US7707120B2 (en) 2002-04-17 2010-04-27 Visa International Service Association Mobile account authentication service
US7979348B2 (en) 2002-04-23 2011-07-12 Clearing House Payments Co Llc Payment identification code and payment system using the same
US6880079B2 (en) * 2002-04-25 2005-04-12 Vasco Data Security, Inc. Methods and systems for secure transmission of information using a mobile device
US8412623B2 (en) 2002-07-15 2013-04-02 Citicorp Credit Services, Inc. Method and system for a multi-purpose transactional platform
US7209561B1 (en) 2002-07-19 2007-04-24 Cybersource Corporation System and method for generating encryption seed values
US20040127256A1 (en) 2002-07-30 2004-07-01 Scott Goldthwaite Mobile device equipped with a contactless smart card reader/writer
US7801826B2 (en) 2002-08-08 2010-09-21 Fujitsu Limited Framework and system for purchasing of goods and services
US7353382B2 (en) 2002-08-08 2008-04-01 Fujitsu Limited Security framework and protocol for universal pervasive transactions
US7606560B2 (en) 2002-08-08 2009-10-20 Fujitsu Limited Authentication services using mobile device
US6805287B2 (en) 2002-09-12 2004-10-19 American Express Travel Related Services Company, Inc. System and method for converting a stored value card to a credit card
AU2003296927A1 (en) 2002-11-05 2004-06-07 Todd Silverstein Remote purchasing system and method
US7502933B2 (en) 2002-11-27 2009-03-10 Rsa Security Inc. Identity authentication system and method
GB2396472A (en) 2002-12-18 2004-06-23 Ncr Int Inc System for cash withdrawal
US7827101B2 (en) 2003-01-10 2010-11-02 First Data Corporation Payment system clearing for transactions
TW200412524A (en) 2003-01-15 2004-07-16 Lee Fung Chi A small amount paying/receiving system
US8082210B2 (en) 2003-04-29 2011-12-20 The Western Union Company Authentication for online money transfers
WO2005001751A1 (en) 2003-06-02 2005-01-06 Regents Of The University Of California System for biometric signal processing with hardware and software accelaration
GB0318000D0 (en) 2003-07-31 2003-09-03 Ncr Int Inc Mobile applications
US20050199709A1 (en) 2003-10-10 2005-09-15 James Linlor Secure money transfer between hand-held devices
US20050080730A1 (en) 2003-10-14 2005-04-14 First Data Corporation System and method for secure account transactions
US7567936B1 (en) 2003-10-14 2009-07-28 Paradox Technical Solutions Llc Method and apparatus for handling pseudo identities
US20050108178A1 (en) 2003-11-17 2005-05-19 Richard York Order risk determination
US7543739B2 (en) 2003-12-17 2009-06-09 Qsecure, Inc. Automated payment card fraud detection and location
WO2005079050A1 (en) 2004-01-20 2005-08-25 Kamfu Wong A-computer accounting system with a lock using in a bank and the corresponding method used for secure payment by phone
US7584153B2 (en) 2004-03-15 2009-09-01 Qsecure, Inc. Financial transactions with dynamic card verification values
US7580898B2 (en) 2004-03-15 2009-08-25 Qsecure, Inc. Financial transactions with dynamic personal account numbers
GB0407369D0 (en) 2004-03-31 2004-05-05 British Telecomm Trust tokens
US20140019352A1 (en) 2011-02-22 2014-01-16 Visa International Service Association Multi-purpose virtual card transaction apparatuses, methods and systems
US20050269401A1 (en) 2004-06-03 2005-12-08 Tyfone, Inc. System and method for securing financial transactions
WO2005119607A2 (en) 2004-06-03 2005-12-15 Tyfone, Inc. System and method for securing financial transactions
US7693797B2 (en) * 2004-06-21 2010-04-06 Nokia Corporation Transaction and payment system security remote authentication/validation of transactions from a transaction provider
US8412837B1 (en) 2004-07-08 2013-04-02 James A. Roskind Data privacy
US7264154B2 (en) 2004-07-12 2007-09-04 Harris David N System and method for securing a credit account
US7287692B1 (en) 2004-07-28 2007-10-30 Cisco Technology, Inc. System and method for securing transactions in a contact center environment
GB0420409D0 (en) 2004-09-14 2004-10-20 Waterleaf Ltd Online commercial transaction system and method of operation thereof
US7051929B2 (en) 2004-10-18 2006-05-30 Gongling Li Secure credit card having daily changed security number
US7548889B2 (en) 2005-01-24 2009-06-16 Microsoft Corporation Payment information security for multi-merchant purchasing environment for downloadable products
US7849020B2 (en) 2005-04-19 2010-12-07 Microsoft Corporation Method and apparatus for network transactions
JP2008541206A (ja) * 2005-04-19 2008-11-20 マイクロソフト コーポレーション ネットワーク商取引
US20060235795A1 (en) 2005-04-19 2006-10-19 Microsoft Corporation Secure network commercial transactions
US20080035738A1 (en) 2005-05-09 2008-02-14 Mullen Jeffrey D Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
US7793851B2 (en) 2005-05-09 2010-09-14 Dynamics Inc. Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
WO2006135779A2 (en) 2005-06-10 2006-12-21 American Express Travel Related Services Company, Inc. System and method for mass transit merchant payment
US8762263B2 (en) 2005-09-06 2014-06-24 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
US20130332343A1 (en) 2005-10-06 2013-12-12 C-Sam, Inc. Multi-tiered, secure mobile transactions ecosystem enabling platform comprising a personalization tier, a service tier, and an enabling tier
US8205791B2 (en) 2005-10-11 2012-06-26 National Payment Card Association Payment system and methods
US8352376B2 (en) 2005-10-11 2013-01-08 Amazon Technologies, Inc. System and method for authorization of transactions
US7853995B2 (en) 2005-11-18 2010-12-14 Microsoft Corporation Short-lived certificate authority service
US20070136193A1 (en) 2005-12-13 2007-06-14 Bellsouth Intellectual Property Corporation Methods, transactional cards, and systems using account identifers customized by the account holder
US8275312B2 (en) 2005-12-31 2012-09-25 Blaze Mobile, Inc. Induction triggered transactions using an external NFC device
US8352323B2 (en) 2007-11-30 2013-01-08 Blaze Mobile, Inc. Conducting an online payment transaction using an NFC enabled mobile communication device
US20070170247A1 (en) 2006-01-20 2007-07-26 Maury Samuel Friedman Payment card authentication system and method
US20070179885A1 (en) 2006-01-30 2007-08-02 Cpni Inc. Method and system for authorizing a funds transfer or payment using a phone number
US8001055B2 (en) 2006-02-21 2011-08-16 Weiss Kenneth P Method, system and apparatus for secure access, payment and identification
US8234220B2 (en) 2007-02-21 2012-07-31 Weiss Kenneth P Universal secure registry
BRPI0708276A2 (pt) 2006-03-02 2011-05-24 Visa Int Service Ass métodos para efetuar autenticação de transação em um pedido por correio eletrÈnico e pedido por telefone e para efetuar autenticação em uma transação de pagamento on-line
US8225385B2 (en) 2006-03-23 2012-07-17 Microsoft Corporation Multiple security token transactions
US9065643B2 (en) 2006-04-05 2015-06-23 Visa U.S.A. Inc. System and method for account identifier obfuscation
US7818264B2 (en) 2006-06-19 2010-10-19 Visa U.S.A. Inc. Track data encryption
US20070245414A1 (en) 2006-04-14 2007-10-18 Microsoft Corporation Proxy Authentication and Indirect Certificate Chaining
US20070288377A1 (en) 2006-04-26 2007-12-13 Yosef Shaked System and method for authenticating a customer's identity and completing a secure credit card transaction without the use of a credit card number
US20070291995A1 (en) 2006-06-09 2007-12-20 Rivera Paul G System, Method, and Apparatus for Preventing Identity Fraud Associated With Payment and Identity Cards
US20080015988A1 (en) 2006-06-28 2008-01-17 Gary Brown Proxy card authorization system
US10019708B2 (en) 2006-08-25 2018-07-10 Amazon Technologies, Inc. Utilizing phrase tokens in transactions
US7469151B2 (en) 2006-09-01 2008-12-23 Vivotech, Inc. Methods, systems and computer program products for over the air (OTA) provisioning of soft cards on devices with wireless communications capabilities
US20080228646A1 (en) 2006-10-04 2008-09-18 Myers James R Method and system for managing a non-changing payment card account number
WO2008059465A2 (en) 2006-11-16 2008-05-22 Net 1 Ueps Technologies, Inc. Secure financial transactions
US7848980B2 (en) 2006-12-26 2010-12-07 Visa U.S.A. Inc. Mobile payment system and method using alias
US20090006262A1 (en) 2006-12-30 2009-01-01 Brown Kerry D Financial transaction payment processor
US7841539B2 (en) 2007-02-15 2010-11-30 Alfred Hewton Smart card with random temporary account number generation
US20080201264A1 (en) 2007-02-17 2008-08-21 Brown Kerry D Payment card financial transaction authenticator
US20080243702A1 (en) 2007-03-30 2008-10-02 Ricoh Company, Ltd. Tokens Usable in Value-Based Transactions
US7938318B2 (en) 2007-04-03 2011-05-10 Intellectual Ventures Holding 32 Llc System and method for controlling secured transaction using directionally coded account identifiers
US7896238B2 (en) 2007-04-03 2011-03-01 Intellectual Ventures Holding 32 Llc Secured transaction using color coded account identifiers
JP5520813B2 (ja) 2007-04-17 2014-06-11 ビザ ユー.エス.エー.インコーポレイテッド 取引のための個人認証方法、サーバ、およびその方法を実行するためのプログラム記憶媒体
US7959076B1 (en) 2007-04-26 2011-06-14 United Services Automobile Association (Usaa) Secure card
US7784685B1 (en) 2007-04-26 2010-08-31 United Services Automobile Association (Usaa) Secure card
US8109436B1 (en) 2007-04-26 2012-02-07 United Services Automobile Association (Usaa) Secure card
US7891563B2 (en) 2007-05-17 2011-02-22 Shift4 Corporation Secure payment card transactions
US7770789B2 (en) 2007-05-17 2010-08-10 Shift4 Corporation Secure payment card transactions
ES2748847T3 (es) 2007-05-17 2020-03-18 Shift4 Corp Transacciones de tarjeta de pago seguras
US7841523B2 (en) 2007-05-17 2010-11-30 Shift4 Corporation Secure payment card transactions
US7971261B2 (en) 2007-06-12 2011-06-28 Microsoft Corporation Domain management for digital media
US7739169B2 (en) 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
US8121942B2 (en) 2007-06-25 2012-02-21 Visa U.S.A. Inc. Systems and methods for secure and transparent cardless transactions
JP2009015548A (ja) 2007-07-04 2009-01-22 Omron Corp 運転支援装置および方法、並びに、プログラム
US8326758B2 (en) 2007-08-06 2012-12-04 Enpulz, L.L.C. Proxy card representing many monetary sources from a plurality of vendors
US8494959B2 (en) 2007-08-17 2013-07-23 Emc Corporation Payment card with dynamic account number
US7849014B2 (en) 2007-08-29 2010-12-07 American Express Travel Related Services Company, Inc. System and method for facilitating a financial transaction with a dynamically generated identifier
US9070129B2 (en) 2007-09-04 2015-06-30 Visa U.S.A. Inc. Method and system for securing data fields
US7937324B2 (en) 2007-09-13 2011-05-03 Visa U.S.A. Inc. Account permanence
US9747598B2 (en) 2007-10-02 2017-08-29 Iii Holdings 1, Llc Dynamic security code push
US8095113B2 (en) 2007-10-17 2012-01-10 First Data Corporation Onetime passwords for smart chip cards
US20090106160A1 (en) 2007-10-19 2009-04-23 First Data Corporation Authorizations for mobile contactless payment transactions
CN101425894B (zh) 2007-10-30 2012-03-21 阿里巴巴集团控股有限公司 一种业务实现系统及方法
US8249985B2 (en) 2007-11-29 2012-08-21 Bank Of America Corporation Sub-account mechanism
US20090157555A1 (en) 2007-12-12 2009-06-18 American Express Travel Related Services Company, Bill payment system and method
US8117129B2 (en) 2007-12-21 2012-02-14 American Express Travel Related Services Company, Inc. Systems, methods and computer program products for performing mass transit merchant transactions
US8011577B2 (en) 2007-12-24 2011-09-06 Dynamics Inc. Payment cards and devices with gift card, global integration, and magnetic stripe reader communication functionality
US8224702B2 (en) 2007-12-28 2012-07-17 Ebay, Inc. Systems and methods for facilitating financial transactions over a network
US7922082B2 (en) 2008-01-04 2011-04-12 M2 International Ltd. Dynamic card validation value
FR2926938B1 (fr) 2008-01-28 2010-03-19 Paycool Dev Procede d'authentification et de signature d'un utilisateur aupres d'un service applicatif, utilisant un telephone mobile comme second facteur en complement et independamment d'un premier facteur
US8255971B1 (en) 2008-03-03 2012-08-28 Jpmorgan Chase Bank, N.A. Authentication system and method
US8578176B2 (en) 2008-03-26 2013-11-05 Protegrity Corporation Method and apparatus for tokenization of sensitive sets of characters
US20090248583A1 (en) 2008-03-31 2009-10-01 Jasmeet Chhabra Device, system, and method for secure online transactions
US20090327131A1 (en) 2008-04-29 2009-12-31 American Express Travel Related Services Company, Inc. Dynamic account authentication using a mobile device
US20090276347A1 (en) 2008-05-01 2009-11-05 Kargman James B Method and apparatus for use of a temporary financial transaction number or code
US9715709B2 (en) 2008-05-09 2017-07-25 Visa International Services Association Communication device including multi-part alias identifier
US8651374B2 (en) 2008-06-02 2014-02-18 Sears Brands, L.L.C. System and method for payment card industry enterprise account number elimination
US20090307140A1 (en) 2008-06-06 2009-12-10 Upendra Mardikar Mobile device over-the-air (ota) registration and point-of-sale (pos) payment
US9269010B2 (en) 2008-07-14 2016-02-23 Jumio Inc. Mobile phone payment system using integrated camera credit card reader
US8090650B2 (en) 2008-07-24 2012-01-03 At&T Intellectual Property I, L.P. Secure payment service and system for interactive voice response (IVR) systems
US8219489B2 (en) 2008-07-29 2012-07-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US9053474B2 (en) 2008-08-04 2015-06-09 At&T Mobility Ii Llc Systems and methods for handling point-of-sale transactions using a mobile device
US8281991B2 (en) 2008-08-07 2012-10-09 Visa U.S.A. Inc. Transaction secured in an untrusted environment
US8403211B2 (en) 2008-09-04 2013-03-26 Metabank System, program product and methods for retail activation and reload associated with partial authorization transactions
EP2166484A1 (fr) * 2008-09-19 2010-03-24 SCP Asclépios Procédé d'accès à des données nominatives, tel qu'un dossier médical personnalisé, à partir d'un agent local de génération
JP2010086175A (ja) * 2008-09-30 2010-04-15 Dainippon Printing Co Ltd リモートアクセス管理システム及び方法
US8965811B2 (en) 2008-10-04 2015-02-24 Mastercard International Incorporated Methods and systems for using physical payment cards in secure E-commerce transactions
US20100094755A1 (en) 2008-10-09 2010-04-15 Nelnet Business Solutions, Inc. Providing payment data tokens for online transactions utilizing hosted inline frames
US20100106644A1 (en) 2008-10-23 2010-04-29 Diversinet Corp. System and Method for Authorizing Transactions Via Mobile Devices
US8126449B2 (en) 2008-11-13 2012-02-28 American Express Travel Related Services Company, Inc. Servicing attributes on a mobile device
US8196813B2 (en) 2008-12-03 2012-06-12 Ebay Inc. System and method to allow access to a value holding account
US8838503B2 (en) 2008-12-08 2014-09-16 Ebay Inc. Unified identity verification
US8060449B1 (en) 2009-01-05 2011-11-15 Sprint Communications Company L.P. Partially delegated over-the-air provisioning of a secure element
US10037524B2 (en) 2009-01-22 2018-07-31 First Data Corporation Dynamic primary account number (PAN) and unique key per card
US10354321B2 (en) 2009-01-22 2019-07-16 First Data Corporation Processing transactions with an extended application ID and dynamic cryptograms
US8606638B2 (en) 2009-03-02 2013-12-10 First Data Corporation Systems, methods and apparatus for facilitating transactions using a mobile device
US20100235284A1 (en) 2009-03-13 2010-09-16 Gidah, Inc. Method and systems for generating and using tokens in a transaction handling system
US8595098B2 (en) 2009-03-18 2013-11-26 Network Merchants, Inc. Transmission of sensitive customer information during electronic-based transactions
US8567670B2 (en) 2009-03-27 2013-10-29 Intersections Inc. Dynamic card verification values and credit transactions
US8584251B2 (en) 2009-04-07 2013-11-12 Princeton Payment Solutions Token-based payment processing system
US20100258620A1 (en) 2009-04-10 2010-10-14 Denise Torreyson Methods and systems for linking multiple accounts
US9572025B2 (en) 2009-04-16 2017-02-14 Telefonaktiebolaget Lm Ericsson (Publ) Method, server, computer program and computer program product for communicating with secure element
WO2010126509A2 (en) 2009-04-30 2010-11-04 Donald Michael Cardina Systems and methods for randomized mobile payment
US8725122B2 (en) 2009-05-13 2014-05-13 First Data Corporation Systems and methods for providing trusted service management services
US8534564B2 (en) 2009-05-15 2013-09-17 Ayman Hammad Integration of verification tokens with mobile communication devices
US10140598B2 (en) 2009-05-20 2018-11-27 Visa International Service Association Device including encrypted data for expiration date and verification value creation
US20100306076A1 (en) 2009-05-29 2010-12-02 Ebay Inc. Trusted Integrity Manager (TIM)
TWI402775B (zh) 2009-07-16 2013-07-21 Mxtran Inc 金融交易系統、自動櫃員機、與操作自動櫃員機的方法
CA2770893A1 (en) 2009-08-10 2011-02-17 Visa International Service Association Systems and methods for enrolling users in a payment service
US20110047076A1 (en) 2009-08-24 2011-02-24 Mark Carlson Alias reputation interaction system
US20110083018A1 (en) 2009-10-06 2011-04-07 Validity Sensors, Inc. Secure User Authentication
US8447699B2 (en) 2009-10-13 2013-05-21 Qualcomm Incorporated Global secure service provider directory
WO2011047034A2 (en) 2009-10-13 2011-04-21 Square, Inc. Systems and methods for decoding card swipe signals
CA2777799A1 (en) 2009-10-16 2011-04-21 Visa International Service Association Anti-phishing system and method including list with user data
US20110246317A1 (en) 2009-10-23 2011-10-06 Apriva, Llc System and device for facilitating a transaction through use of a proxy account code
US8296568B2 (en) 2009-10-27 2012-10-23 Google Inc. Systems and methods for authenticating an electronic transaction
US8433116B2 (en) 2009-11-03 2013-04-30 Mela Sciences, Inc. Showing skin lesion information
US9633351B2 (en) 2009-11-05 2017-04-25 Visa International Service Association Encryption switch processing
US10255591B2 (en) 2009-12-18 2019-04-09 Visa International Service Association Payment channel returning limited use proxy dynamic value
US8739262B2 (en) 2009-12-18 2014-05-27 Sabre Glbl Inc. Tokenized data security
US9324066B2 (en) 2009-12-21 2016-04-26 Verizon Patent And Licensing Inc. Method and system for providing virtual credit card services
US8788429B2 (en) 2009-12-30 2014-07-22 First Data Corporation Secure transaction management
AU2011205391B2 (en) 2010-01-12 2014-11-20 Visa International Service Association Anytime validation for verification tokens
BR112012017880A2 (pt) 2010-01-19 2020-11-17 Visa International Service Association "método, e, sistema"
US20110178926A1 (en) 2010-01-19 2011-07-21 Mike Lindelsee Remote Variable Authentication Processing
US8615468B2 (en) 2010-01-27 2013-12-24 Ca, Inc. System and method for generating a dynamic card value
US9501773B2 (en) 2010-02-02 2016-11-22 Xia Dai Secured transaction system
US8510816B2 (en) 2010-02-25 2013-08-13 Secureauth Corporation Security device provisioning
US8458487B1 (en) 2010-03-03 2013-06-04 Liaison Technologies, Inc. System and methods for format preserving tokenization of sensitive information
US9245267B2 (en) 2010-03-03 2016-01-26 Visa International Service Association Portable account number for consumer payment account
WO2011112502A1 (en) 2010-03-07 2011-09-15 Gilbarco Inc. Fuel dispenser payment system and method
US8887308B2 (en) 2010-03-21 2014-11-11 William Grecia Digital cloud access (PDMAS part III)
US8533860B1 (en) 2010-03-21 2013-09-10 William Grecia Personalized digital media access system—PDMAS part II
US8402555B2 (en) 2010-03-21 2013-03-19 William Grecia Personalized digital media access system (PDMAS)
US20110238573A1 (en) 2010-03-25 2011-09-29 Computer Associates Think, Inc. Cardless atm transaction method and system
US8380177B2 (en) 2010-04-09 2013-02-19 Paydiant, Inc. Mobile phone payment processing methods and systems
US8336088B2 (en) 2010-04-19 2012-12-18 Visa International Service Association Alias management and value transfer claim processing
AU2011261259B2 (en) 2010-06-04 2015-05-14 Visa International Service Association Payment tokenization apparatuses, methods and systems
US8442914B2 (en) 2010-07-06 2013-05-14 Mastercard International Incorporated Virtual wallet account with automatic-loading
US8571939B2 (en) 2010-07-07 2013-10-29 Toshiba Global Commerce Solutions Holdings Corporation Two phase payment link and authorization for mobile devices
US8453226B2 (en) 2010-07-16 2013-05-28 Visa International Service Association Token validation for advanced authorization
WO2012012445A2 (en) 2010-07-19 2012-01-26 Universal Commerce, Inc. Mobile system and method for payments and non-financial transactions
US20120028609A1 (en) 2010-07-27 2012-02-02 John Hruska Secure financial transaction system using a registered mobile device
US9342832B2 (en) 2010-08-12 2016-05-17 Visa International Service Association Securing external systems with account token substitution
CN101938520B (zh) 2010-09-07 2015-01-28 中兴通讯股份有限公司 一种基于移动终端签名的远程支付系统及方法
US20120066078A1 (en) 2010-09-10 2012-03-15 Bank Of America Corporation Overage service using overage passcode
US8898086B2 (en) 2010-09-27 2014-11-25 Fidelity National Information Services Systems and methods for transmitting financial account information
US9558481B2 (en) 2010-09-28 2017-01-31 Barclays Bank Plc Secure account provisioning
US20120095852A1 (en) 2010-10-15 2012-04-19 John Bauer Method and system for electronic wallet access
US20120095865A1 (en) 2010-10-15 2012-04-19 Ezpayy, Inc. System And Method For Mobile Electronic Purchasing
US10176477B2 (en) 2010-11-16 2019-01-08 Mastercard International Incorporated Methods and systems for universal payment account translation
US8577336B2 (en) 2010-11-18 2013-11-05 Mobilesphere Holdings LLC System and method for transaction authentication using a mobile communication device
US20130275308A1 (en) 2010-11-29 2013-10-17 Mobay Technologies Limited System for verifying electronic transactions
US9141945B2 (en) 2010-12-02 2015-09-22 Appmobi Iplc, Inc. Secure distributed single action payment system
US20120143754A1 (en) 2010-12-03 2012-06-07 Narendra Patel Enhanced credit card security apparatus and method
WO2012082795A1 (en) 2010-12-13 2012-06-21 Magtek, Inc. Systems and methods for conducting contactless payments using a mobile and a magstripe payment card
US8762284B2 (en) 2010-12-16 2014-06-24 Democracyontheweb, Llc Systems and methods for facilitating secure transactions
US8646059B1 (en) 2010-12-17 2014-02-04 Google Inc. Wallet application for interacting with a secure element application without a trusted server for authentication
EP2656281A4 (en) 2010-12-20 2015-01-14 Antonio Claudiu Eram SYSTEM, METHOD AND APPARATUS FOR PERMITTING MOBILE PAYMENTS AND EXECUTING ORDERS
US20120173431A1 (en) 2010-12-30 2012-07-05 First Data Corporation Systems and methods for using a token as a payment in a transaction
US20120185386A1 (en) 2011-01-18 2012-07-19 Bank Of America Authentication tool
WO2012098555A1 (en) 2011-01-20 2012-07-26 Google Inc. Direct carrier billing
US8725644B2 (en) 2011-01-28 2014-05-13 The Active Network, Inc. Secure online transaction processing
US20120203664A1 (en) 2011-02-09 2012-08-09 Tycoon Unlimited, Inc. Contactless wireless transaction processing system
US20120203666A1 (en) 2011-02-09 2012-08-09 Tycoon Unlimited, Inc. Contactless wireless transaction processing system
US8751381B2 (en) 2011-02-23 2014-06-10 Mastercard International Incorporated Demand deposit account payment system
US9773212B2 (en) 2011-02-28 2017-09-26 Visa International Service Association Secure anonymous transaction apparatuses, methods and systems
EP2681701A4 (en) 2011-03-04 2014-08-20 Visa Int Service Ass INTEGRATION OF PAYMENT OPTIONS IN SAFE ITEMS OF COMPUTERS
US20120231844A1 (en) 2011-03-11 2012-09-13 Apriva, Llc System and device for facilitating a transaction by consolidating sim, personal token, and associated applications for electronic wallet transactions
US20120233004A1 (en) 2011-03-11 2012-09-13 James Bercaw System for mobile electronic commerce
US20120246071A1 (en) 2011-03-21 2012-09-27 Nikhil Jain System and method for presentment of nonconfidential transaction token identifier
US9883387B2 (en) 2011-03-24 2018-01-30 Visa International Service Association Authentication using application authentication element
WO2012142045A2 (en) 2011-04-11 2012-10-18 Visa International Service Association Multiple tokenization for authentication
WO2012142370A2 (en) 2011-04-15 2012-10-18 Shift4 Corporation Method and system for enabling merchants to share tokens
US9256874B2 (en) 2011-04-15 2016-02-09 Shift4 Corporation Method and system for enabling merchants to share tokens
US9818111B2 (en) 2011-04-15 2017-11-14 Shift4 Corporation Merchant-based token sharing
US8688589B2 (en) 2011-04-15 2014-04-01 Shift4 Corporation Method and system for utilizing authorization factor pools
US20120271770A1 (en) 2011-04-20 2012-10-25 Visa International Service Association Managing electronic tokens in a transaction processing system
WO2012151590A2 (en) 2011-05-05 2012-11-08 Transaction Network Services, Inc. Systems and methods for enabling mobile payments
US8412631B2 (en) 2011-05-13 2013-04-02 American Express Travel Related Services Company, Inc. Cloud enabled payment processing system and method
US20130204793A1 (en) 2011-05-17 2013-08-08 Kevin S. Kerridge Smart communication device secured electronic payment system
US9106632B2 (en) 2011-05-26 2015-08-11 First Data Corporation Provisioning by delivered items
US8943574B2 (en) 2011-05-27 2015-01-27 Vantiv, Llc Tokenizing sensitive data
US10395256B2 (en) 2011-06-02 2019-08-27 Visa International Service Association Reputation management in a transaction processing system
EP2715633A4 (en) 2011-06-03 2014-12-17 Visa Int Service Ass APPARATUSES, METHODS, AND SYSTEMS FOR SELECTING VIRTUAL PORTFOLIO CARD
US8538845B2 (en) 2011-06-03 2013-09-17 Mozido, Llc Monetary transaction system
US10318932B2 (en) 2011-06-07 2019-06-11 Entit Software Llc Payment card processing system with structure preserving encryption
RU2602394C2 (ru) 2011-06-07 2016-11-20 Виза Интернешнл Сервис Ассосиэйшн Устройства, способы и системы токенизации конфиденциальности платежей
WO2012167941A1 (en) 2011-06-09 2012-12-13 Gemalto Sa Method to validate a transaction between a user and a service provider
US9355393B2 (en) 2011-08-18 2016-05-31 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US9639828B2 (en) 2011-07-15 2017-05-02 Visa International Service Association Method and system for hosted order page/silent order post plus fraud detection
WO2013019567A2 (en) 2011-07-29 2013-02-07 Visa International Service Association Passing payment tokens through an hop/sop
US20130054337A1 (en) 2011-08-22 2013-02-28 American Express Travel Related Services Company, Inc. Methods and systems for contactless payments for online ecommerce checkout
WO2013028901A2 (en) 2011-08-23 2013-02-28 Visa International Service Association Authentication process for value transfer machine
US20130218769A1 (en) 2011-08-23 2013-08-22 Stacy Pourfallah Mobile Funding Method and System
EP2751754A4 (en) 2011-08-30 2015-06-03 C Douglas Yeager SYSTEMS AND METHOD FOR AUTHORIZING A TRANSACTION WITH AN UNEXPECTED CRYPTOGRAM
US20130339253A1 (en) 2011-08-31 2013-12-19 Dan Moshe Sincai Mobile Device Based Financial Transaction System
US8171525B1 (en) 2011-09-15 2012-05-01 Google Inc. Enabling users to select between secure service providers using a central trusted service manager
US8838982B2 (en) 2011-09-21 2014-09-16 Visa International Service Association Systems and methods to secure user identification
US8453223B2 (en) 2011-09-23 2013-05-28 Jerome Svigals Method, device and system for secure transactions
US20140310113A1 (en) 2011-10-01 2014-10-16 Uttam Sengupta Cloud based credit card emulation
IN2014KN00998A (zh) 2011-10-12 2015-09-04 C Sam Inc
US9229964B2 (en) 2011-10-27 2016-01-05 Visa International Business Machines Corporation Database cloning and migration for quality assurance
US9830596B2 (en) 2011-11-01 2017-11-28 Stripe, Inc. Method for conducting a transaction between a merchant site and a customer's electronic device without exposing payment information to a server-side application of the merchant site
CN104025507B (zh) 2011-11-01 2017-02-22 谷歌公司 用于多个服务供应商可信服务管理器和安全元件的接口连接的系统、方法和计算机程序产品
US20130124364A1 (en) 2011-11-13 2013-05-16 Millind Mittal System and method of electronic payment using payee provided transaction identification codes
US20160140566A1 (en) 2011-11-13 2016-05-19 Google Inc. Secure transmission of payment credentials
WO2013086048A1 (en) 2011-12-05 2013-06-13 Visa International Service Association Dynamic network analytic system
US8555079B2 (en) 2011-12-06 2013-10-08 Wwpass Corporation Token management
US8972719B2 (en) 2011-12-06 2015-03-03 Wwpass Corporation Passcode restoration
US8656180B2 (en) 2011-12-06 2014-02-18 Wwpass Corporation Token activation
US20130159178A1 (en) 2011-12-14 2013-06-20 Firethorn Mobile, Inc. System and Method For Loading A Virtual Token Managed By A Mobile Wallet System
US20130159184A1 (en) 2011-12-15 2013-06-20 Visa International Service Association System and method of using load network to associate product or service with a consumer token
US20140040139A1 (en) 2011-12-19 2014-02-06 Sequent Software, Inc. System and method for dynamic temporary payment authorization in a portable communication device
WO2013096606A1 (en) 2011-12-21 2013-06-27 Mastercard International Incorporated Methods and systems for providing a payment account with adaptive interchange
US9077769B2 (en) 2011-12-29 2015-07-07 Blackberry Limited Communications system providing enhanced trusted service manager (TSM) verification features and related methods
US20130254117A1 (en) 2011-12-30 2013-09-26 Clay W. von Mueller Secured transaction system and method
US8566168B1 (en) 2012-01-05 2013-10-22 Sprint Communications Company L.P. Electronic payment using a proxy account number stored in a secure element
WO2013103991A1 (en) 2012-01-05 2013-07-11 Visa International Service Association Data protection with translation
WO2013113004A1 (en) 2012-01-26 2013-08-01 Visa International Service Association System and method of providing tokenization as a service
US10643191B2 (en) 2012-01-27 2020-05-05 Visa International Service Association Mobile services remote deposit capture
US8595850B2 (en) 2012-01-30 2013-11-26 Voltage Security, Inc. System for protecting sensitive data with distributed tokenization
EP2624190A1 (en) 2012-02-03 2013-08-07 Pieter Dubois Authentication of payment transactions using an alias
WO2013116726A1 (en) 2012-02-03 2013-08-08 Ebay Inc. Adding card to mobile wallet using nfc
US20130212024A1 (en) 2012-02-10 2013-08-15 Protegrity Corporation Tokenization in distributed payment environments
US20130212017A1 (en) 2012-02-14 2013-08-15 N.B. Development Services Inc. Transaction system and method of conducting a transaction
US20130226813A1 (en) 2012-02-23 2013-08-29 Robert Matthew Voltz Cyberspace Identification Trust Authority (CITA) System and Method
US20130246199A1 (en) 2012-03-14 2013-09-19 Mark Carlson Point-of-transaction account feature redirection apparatuses, methods and systems
US9105021B2 (en) 2012-03-15 2015-08-11 Ebay, Inc. Systems, methods, and computer program products for using proxy accounts
US9092776B2 (en) 2012-03-15 2015-07-28 Qualcomm Incorporated System and method for managing payment in transactions with a PCD
US20130246259A1 (en) 2012-03-15 2013-09-19 Firethorn Mobile, Inc. System and method for managing payment in transactions with a pcd
US20130246267A1 (en) 2012-03-15 2013-09-19 Ebay Inc. Systems, Methods, and Computer Program Products for Using Proxy Accounts
US20130254102A1 (en) 2012-03-20 2013-09-26 First Data Corporation Systems and Methods for Distributing Tokenization and De-Tokenization Services
US9818098B2 (en) 2012-03-20 2017-11-14 First Data Corporation Systems and methods for facilitating payments via a peer-to-peer protocol
US20130254028A1 (en) 2012-03-22 2013-09-26 Corbuss Kurumsal Telekom Hizmetleri A.S. System and method for conducting mobile commerce
US20130262315A1 (en) 2012-03-30 2013-10-03 John Hruska System for Secure Purchases Made by Scanning Barcode Using a Registered Mobile Phone Application Linked to a Consumer-Merchant Closed Loop Financial Proxy Account System
US10515359B2 (en) 2012-04-02 2019-12-24 Mastercard International Incorporated Systems and methods for processing mobile payments by provisioning credentials to mobile devices without secure elements
WO2013151807A1 (en) 2012-04-02 2013-10-10 Jvl Ventures, Llc Systems, methods, and computer program products for provisioning payment accounts into mobile wallets and managing events
WO2013155536A1 (en) 2012-04-13 2013-10-17 Mastercard International Incorporated Systems, methods, and computer readable media for conducting a transaction using cloud based credentials
JP5795453B2 (ja) 2012-04-18 2015-10-14 グーグル・インコーポレーテッド セキュア要素を用いない支払取引処理
US20130282588A1 (en) 2012-04-22 2013-10-24 John Hruska Consumer, Merchant and Mobile Device Specific, Real-Time Dynamic Tokenization Activation within a Secure Mobile-Wallet Financial Transaction System
US9137225B2 (en) 2012-04-23 2015-09-15 Raghavendra Kulkarni Seamless remote storage of uniformly encrypted data for diverse platforms and devices
US20130297501A1 (en) 2012-05-04 2013-11-07 Justin Monk System and method for local data conversion
US10275764B2 (en) 2012-05-04 2019-04-30 Mastercard International Incorporated Transaction data tokenization
US9521548B2 (en) 2012-05-21 2016-12-13 Nexiden, Inc. Secure registration of a mobile device for use with a session
US20130311382A1 (en) 2012-05-21 2013-11-21 Klaus S. Fosmark Obtaining information for a payment transaction
WO2013179271A2 (en) 2012-06-01 2013-12-05 Mani Venkatachalam Sthanu Subra Method and system for human assisted secure payment by phone to an insecure third-party service provider
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
US20140007205A1 (en) * 2012-06-28 2014-01-02 Bytemobile, Inc. No-Click Log-In Access to User's Web Account Using a Mobile Device
US20140007213A1 (en) 2012-06-29 2014-01-02 Wepay, Inc. Systems and methods for push notification based application authentication and authorization
WO2014008403A1 (en) 2012-07-03 2014-01-09 Visa International Service Association Data protection hub
US9059972B2 (en) 2012-07-03 2015-06-16 International Business Machines Corporation Issuing, presenting and challenging mobile device identification documents
US8856887B2 (en) 2012-07-09 2014-10-07 Ping Identity Corporation Methods and apparatus for delegated authentication token retrieval
US9043609B2 (en) 2012-07-19 2015-05-26 Bank Of America Corporation Implementing security measures for authorized tokens used in mobile transactions
US20140025581A1 (en) 2012-07-19 2014-01-23 Bank Of America Corporation Mobile transactions using authorized tokens
US20140025585A1 (en) 2012-07-19 2014-01-23 Bank Of America Corporation Distributing authorized tokens to conduct mobile transactions
US9846861B2 (en) 2012-07-25 2017-12-19 Visa International Service Association Upstream and downstream data conversion
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US10339524B2 (en) 2012-07-31 2019-07-02 Worldpay, Llc Systems and methods for multi-merchant tokenization
US10346838B2 (en) 2012-07-31 2019-07-09 Worldpay, Llc Systems and methods for distributed enhanced payment processing
US10152711B2 (en) 2012-07-31 2018-12-11 Worldpay, Llc Systems and methods for arbitraged enhanced payment processing
EP2885904B1 (en) 2012-08-03 2018-04-25 Vasco Data Security International GmbH User-convenient authentication method and apparatus using a mobile authentication application
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
EP2885753A4 (en) 2012-08-17 2016-01-06 Google Inc WIRELESS READER FUNCTIONALITY AND PAYMENT TRANSACTION TERMINAL
EP2701415A1 (en) * 2012-08-24 2014-02-26 Raja Kuppuswamy Mobile electronic device and use thereof for electronic transactions
AU2013308905B2 (en) 2012-08-28 2018-12-13 Visa International Service Association Protecting assets on a device
AU2013315510B2 (en) 2012-09-11 2019-08-22 Visa International Service Association Cloud-based Virtual Wallet NFC Apparatuses, methods and systems
GB2506591A (en) * 2012-09-28 2014-04-09 Bell Identification Bv Method of providing secure services using a mobile device
US9390412B2 (en) 2012-10-16 2016-07-12 Visa International Service Association Dynamic point of sale system integrated with reader device
US10176478B2 (en) 2012-10-23 2019-01-08 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
US20140164243A1 (en) 2012-12-07 2014-06-12 Christian Aabye Dynamic Account Identifier With Return Real Account Identifier
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
BR112015020007A2 (pt) 2013-02-26 2017-07-18 Visa Int Service Ass métodos e sistemas para proporcionar credenciais de pagamento
US20140279554A1 (en) 2013-03-12 2014-09-18 Seth Priebatsch Distributed authenticity verification for consumer payment transactions
US9397980B1 (en) * 2013-03-15 2016-07-19 Microstrategy Incorporated Credential management
US9249241B2 (en) 2013-03-27 2016-02-02 Ut-Battelle, Llc Surface-functionalized mesoporous carbon materials
AU2014246711A1 (en) 2013-04-04 2015-10-29 Visa International Service Association Method and system for conducting pre-authorized financial transactions
US20140310183A1 (en) 2013-04-15 2014-10-16 Lance Weber Embedded acceptance system
US20140331265A1 (en) 2013-05-01 2014-11-06 Microsoft Corporation Integrated interactive television entertainment system
US11055710B2 (en) 2013-05-02 2021-07-06 Visa International Service Association Systems and methods for verifying and processing transactions using virtual currency
US20140330722A1 (en) 2013-05-02 2014-11-06 Prasanna Laxminarayanan System and method for using an account sequence identifier
US9760886B2 (en) 2013-05-10 2017-09-12 Visa International Service Association Device provisioning using partial personalization scripts
US9978062B2 (en) 2013-05-15 2018-05-22 Visa International Service Association Mobile tokenization hub
US10878422B2 (en) 2013-06-17 2020-12-29 Visa International Service Association System and method using merchant token
AU2014285769A1 (en) 2013-07-02 2016-01-07 Visa International Service Association Payment card including user interface for use with payment card acceptance terminal
WO2015009765A1 (en) 2013-07-15 2015-01-22 Visa International Service Association Secure remote payment transaction processing
SG10201800626RA (en) 2013-07-24 2018-02-27 Visa Int Service Ass Systems and methods for interoperable network token processing
US10496986B2 (en) 2013-08-08 2019-12-03 Visa International Service Association Multi-network tokenization processing
WO2015021420A1 (en) 2013-08-08 2015-02-12 Visa International Service Association Methods and systems for provisioning mobile devices with payment credentials
KR102552606B1 (ko) 2013-08-15 2023-07-06 비자 인터네셔널 서비스 어소시에이션 보안 요소를 이용한 보안 원격 지불 거래 처리
CA2924683A1 (en) 2013-09-20 2015-03-26 Visa International Service Association Secure remote payment transaction processing including consumer authentication
US10891610B2 (en) 2013-10-11 2021-01-12 Visa International Service Association Network token system
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
US10515358B2 (en) 2013-10-18 2019-12-24 Visa International Service Association Contextual transaction token methods and systems
US10489779B2 (en) 2013-10-21 2019-11-26 Visa International Service Association Multi-network token bin routing with defined verification parameters
US10366387B2 (en) 2013-10-29 2019-07-30 Visa International Service Association Digital wallet system and method
US20150127529A1 (en) 2013-11-05 2015-05-07 Oleg Makhotin Methods and systems for mobile payment application selection and management using an application linker
US20150142673A1 (en) 2013-11-18 2015-05-21 Mark Nelsen Methods and systems for token request management
CA2930149A1 (en) 2013-11-19 2015-05-28 Visa International Service Association Automated account provisioning
US20150161597A1 (en) 2013-12-09 2015-06-11 Kaushik Subramanian Transactions using temporary credential data
CN115082065A (zh) 2013-12-19 2022-09-20 维萨国际服务协会 基于云的交易方法和系统
US10445718B2 (en) 2013-12-27 2019-10-15 Visa International Service Association Processing a transaction using multiple application identifiers
US10108409B2 (en) 2014-01-03 2018-10-23 Visa International Service Association Systems and methods for updatable applets
US10433128B2 (en) 2014-01-07 2019-10-01 Visa International Service Association Methods and systems for provisioning multiple devices
US20150199679A1 (en) 2014-01-13 2015-07-16 Karthikeyan Palanisamy Multiple token provisioning
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
US20150220917A1 (en) 2014-02-04 2015-08-06 Christian Aabye Token verification using limited use certificates
WO2015143017A1 (en) 2014-03-18 2015-09-24 Visa International Service Association Systems and methods for locally derived tokens
US20150278799A1 (en) 2014-03-27 2015-10-01 Karthikeyan Palanisamy System incorporating wireless share process
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
SG11201608973TA (en) 2014-05-01 2016-11-29 Visa Int Service Ass Data verification using access device
SG10202007850WA (en) 2014-05-05 2020-09-29 Visa Int Service Ass System and method for token domain control
CN106462843A (zh) 2014-05-13 2017-02-22 维萨国际服务协会 用于安全远程支付处理的主小应用程序
US11023890B2 (en) 2014-06-05 2021-06-01 Visa International Service Association Identification and verification for provisioning mobile application
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US10484345B2 (en) 2014-07-31 2019-11-19 Visa International Service Association System and method for identity verification across mobile applications
US9779345B2 (en) 2014-08-11 2017-10-03 Visa International Service Association Mobile device with scannable image including dynamic data
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
CN106797311B (zh) 2014-08-29 2020-07-14 维萨国际服务协会 用于安全密码生成的系统、方法和存储介质
US11257074B2 (en) 2014-09-29 2022-02-22 Visa International Service Association Transaction risk based token
SG11201702277UA (en) 2014-10-10 2017-04-27 Visa Int Service Ass Methods and systems for partial personalization during mobile application update
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
US20160217461A1 (en) 2015-01-23 2016-07-28 Ajit Gaddam Transaction utilizing anonymized user data
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
SG11201706576TA (en) 2015-04-10 2017-09-28 Visa Int Service Ass Browser integration with cryptogram
US9998978B2 (en) 2015-04-16 2018-06-12 Visa International Service Association Systems and methods for processing dormant virtual access devices
CN114529300A (zh) 2015-10-15 2022-05-24 维萨国际服务协会 即时令牌发行系统
US10243958B2 (en) 2016-01-07 2019-03-26 Visa International Service Association Systems and methods for device push provisoning
US11501288B2 (en) 2016-02-09 2022-11-15 Visa International Service Association Resource provider account token provisioning and processing
US10313321B2 (en) 2016-04-07 2019-06-04 Visa International Service Association Tokenization of co-network accounts
JP2017192117A (ja) * 2016-04-15 2017-10-19 富士通株式会社 センサ装置、情報収集システム、および情報収集方法

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012030162A2 (ko) * 2010-08-31 2012-03-08 비씨카드 주식회사 카드 결제 방법, 카드 결제 시스템 및 그를 위한 이동 단말기

Also Published As

Publication number Publication date
AU2015319804A1 (en) 2017-03-23
US20190188414A1 (en) 2019-06-20
CA2960319A1 (en) 2016-03-31
WO2016049636A3 (en) 2016-05-12
RU2019124722A (ru) 2019-10-01
EP3198907A4 (en) 2018-05-02
ES2732564T3 (es) 2019-11-25
CN111866873B (zh) 2023-09-05
AU2019203959A1 (en) 2019-06-27
US10643001B2 (en) 2020-05-05
SG11201701653WA (en) 2017-04-27
WO2016049636A2 (en) 2016-03-31
US10255456B2 (en) 2019-04-09
EP3198907A2 (en) 2017-08-02
EP3518567B1 (en) 2020-09-09
CN107087432A (zh) 2017-08-22
RU2017114373A3 (zh) 2019-02-27
US20160092696A1 (en) 2016-03-31
EP3198907B1 (en) 2019-04-10
SG10201810140QA (en) 2018-12-28
RU2017114373A (ru) 2018-10-29
BR112017005824A2 (pt) 2017-12-12
EP3518567A1 (en) 2019-07-31
RU2698762C2 (ru) 2019-08-29
AU2015319804B2 (en) 2019-03-14
CN111866873A (zh) 2020-10-30

Similar Documents

Publication Publication Date Title
US10643001B2 (en) Remote server encrypted data provisioning system and methods
KR102479086B1 (ko) 동적인 실제 크리덴셜들을 표시하기 위한 정적 토큰 시스템 및 방법
US11250391B2 (en) Token check offline
US20220019995A1 (en) Limited-use keys and cryptograms
US11170379B2 (en) Peer forward authorization of digital requests
KR102293822B1 (ko) 클라우드-기반 트랜잭션 방법 및 시스템
FI125071B (fi) Maksujärjestelmä
WO2017160877A1 (en) Technical architecture supporting tokenized payments
CN107210912B (zh) 对应用程序库的授权访问
US12045815B2 (en) Mobile device transaction credential lending
US20230336349A1 (en) Comprehensive storage application provisioning using a provisioning software development kit (sdk)

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant