A method of managing a multi-party cardless payment transaction includes receiving, at a service provider, a request for creating a data structure for tracking user expenses associated with an event; generating the data structure, wherein the data structure is stored in association with a database of the service provider; associating two or more user accounts with the data structure; receiving, via an application executing on at least one user device associated with a user account, expense data associated with the event; determining, for each user account, a portion of the expense data to be allocated to each user account; determining, based at least in part on the portion of the expense data to be allocated to each user account, an amount owed by each user; and causing at least one amount to be presented on the application to facilitate payment for at least the portion of the expense data.

Disclosed are methods and apparatuses for creating a verified mutually authenticated transaction between a service provider and an on-line identity for a physical client person. A dynamic optical mark may be displayed on a device screen where the physical client person is using a web service. The dynamic optical mark may be recognized via scanning the dynamic optical mark by a personal mobile device equipped with a camera. The verified mutually authenticated transaction between the service provider and the on-line identity for the physical client person may be used for sharing personal data of the physical client person by using out-of-band optical mark recognition of the dynamic optical mark. The verified mutually authenticated transaction may be initiated with a time-limited one-time password comprising a sequence of numbers encoded in the dynamic optical mark.

Provided are approaches for providing multiple user accounts in a same transaction card assembly. The transaction card assembly may include a first card including a first card first side opposite a first card second side, the first card first side including a first pair of magnetic stripes and the first card second side including a first pair of identification chips. The transaction card assembly may further include a second card coupled to the first card, the second card including a second card first side opposite a second card second side, the second card first side including a second pair of magnetic stripes, and the second card second side including a second pair of identification chips. The first and second cards are slidable relative to one another between multiple positions to selectively expose and cover each identification chip of the first and second pairs of identification chips.

Embodiments provide methods, and systems for cryptographic keys exchange where the method can include receiving, by a server system, a client public key being part of a client asymmetric key pair from a client device; sending, by the server system, a server public key being part of a server asymmetric key pair to the client device; generating, by the server system, a random value master key and sending the random value master key encrypted using the client public key to the client device; and generating, by the server system, an initial unique session key and sending the initial unique session key encrypted under the random value master key to the client device. A unique session key from the set of the unique session keys is used by the client device to encrypt a session data for transmission to the server system per session.

Systems and methods are disclosed for establishing a multi-dimensional fraud detection system and payment analysis. One method includes: receiving transaction history of a user, the transaction history including a first payment vehicle and a second payment vehicle; determining, of the received transaction history, one or more instances of switching from one the first payment vehicle to the second payment vehicle; and determining a user-specific abandonment score for the user, based on the determined instances of switching from the first payment vehicle to the second payment vehicle.

Described herein is a data optimization computer system for optimizing transaction authorization request messages directed to an authorizing party. The computer system includes a historical transaction database, a merchant database, and a data optimization computing device. The historical transaction database stores a plurality of historical transaction records. The merchant database stores a first merchant registered with the optimization computer system. The data optimization computing device may analyze at least a subset of the historical transaction records to generate a set of optimization rules. The set of optimization rules identifies optimal values for an optimized transaction authorization request message. The optimized transaction authorization request message may be associated with an improved likelihood of resulting in a positive request outcome.

Methods and apparatus for secure registration to enable transactions between a first user and a vendor that is facilitated by a payment server are disclosed. The method may comprise storing a form soliciting customer information including a plurality of fields, wherein at least one of the plurality of fields is associated with an attribute. The method including receiving a copy of the form including customer data in all of the plurality of fields and transmitting a first subset of the customer data based on the attribute associated with the first subset of the customer data. The method including receiving a token in response to the transmission of the first subset of customer data and transmitting the token and a second subset of the customer data, wherein the second subset is based on the attribute associated with the second subset of customer data.

Systems, methods, and computer-readable media for providing standards compliant encryption, storage, and retrieval of data are disclosed. In an embodiment, data is received at a first data center from a first device in connection with a service request and encrypted to produce encrypted data. The encrypted data may be transmitted from the first data center to the first device, and then may subsequently be received at a second data center. The second data center may store the encrypted data in a database accessible to the second data center. Because all data provided to the system is encrypted by the first data center prior to being stored and/or provided to the second data center, the database and the second data center may be out of the scope of compliance monitoring, auditing, and reporting for one or more data security standards.

Systems, methods, and devices are disclosed for preventing relay attacks. A user device may receive (e.g., when proximate to the first access device), from an intervening device, device identification data for a first access device. A message may be received from a second access device via the intervening device. The message may include a digital signature generated based at least in part on second access device identification data. The user device may validate the message utilizing the digital signature and a public key. If the message is invalid, the user device may discard the message. If the message is valid, (e.g., unaltered), the user device may determine that the user has not confirmed an intent to interact with the second access device and may terminate an further interaction with the second access device accordingly.

A method for authenticating e-commerce transactions involves receiving, from a payment network computer, a first authentication request message to authenticate a transaction associated with a payment account, the first authentication request message being initiated by an issuer domain computer not implementing a 3-D Secure authorization protocol, determining that the issuer domain computer has configured, at the access control server computer, a decision function of a second portion of the 3-D Secure authorization protocol and in response thereto, transmitting, to the issuer domain computer, a decision request message and information associated with the transaction, the decision request message requesting the issuer domain computer to determine an action for authenticating the transaction based on the information associated with the transaction and one or more programmatic rules of the issuer domain computer, the transmitting occurring in lieu of the access control server computer executing the decision function at the access control server computer.