A physical card (in some cases without any on-board source of power or computing capabilities) is configured to maintain access information for digital bearer assets. The physical card may include disposed thereon a single address operable to receive digital bearer assets in one or more transactions on a decentralized computing platform, like a blockchain-based decentralized computing platform. Other decentralized computing platforms utilize different address generation protocols, thus preventing use of a single address on those other platforms. A set of addresses is generated, each address corresponding to a given decentralized computing platform. Each address is based on a same underlying key-pair, and a primary address is selected from the set for a given card. The remaining addresses in the set are stored, without storage of the public key or private key, and returned in a response to a request for additional addresses of the currency card.

A payment processing device can implement a monitoring system to detect for tamper attempts at a chip card interface. The monitoring system can establish a baseline when no chip card is present in the chip card interface, or in some embodiments, when it is known that an authentic chip card 14 is present in the slot 21. During subsequent evaluations of the chip card interface by the monitoring system, a response received by the monitoring system that deviates from the baseline can indicate that a tamper attempt at the chip card interface may have occurred. If a tamper attempt is determined by the monitoring system, a remedial or corrective action can be taken.

Methods, apparatus and computer software are provided for authorizing an EMV transaction between a user device and a point of sale terminal, particularly, but not exclusively, in situations where a secure element is not made available for the deployment of a payment application on the user device. The payment application is instead deployed to a processing environment that is outside of any secure element on the user device. An ICC Master Key corresponding to the payment application is held by a trusted authority, such as the issuing bank. The trusted authority is adapted generate time-limited session keys on the basis of the ICC Master Key and distribute session keys to the payment application. Receipt of a session key by the payment application enables the payment application to conduct an EMV payment transaction. The session key is used to authorize a single EMV payment transaction.

Systems and methods for user authentication using an authentication sequence are disclosed. The disclosed systems and methods may include a computing device for authenticating a user. The computing device may include at least one processor and at least one computer-readable medium. The at least one computer-readable medium can containing instructions that, when executed by the at least one processor, cause the computing device to perform operations. The operations may include receiving an authentication sequence provided by one or more authentication objects and authenticating the user based on the authentication sequence. The authentication sequence can be a card-swipe sequence and authentication can be performed based on characteristics of the card-swipe sequence, such as the cards used, the order the cards are used in the sequence, the timing of card use, and the type of card swipe.

A smart card, a method for outputting validation data, and a method for responding to an operation request are provided. The method for outputting validation data includes acquiring an operation request by a smart card; acquiring smart card operation information of the smart card by the smart card, after acquiring the operation request, wherein the smart card operation information comprises at least a smart card mode factor for indicating a working mode of the smart card, and the working mode of the smart card comprises a non-contact communication mode and/or a contact communication mode; acquiring a validation data generating strategy, and using the validation data generating strategy to process at least the smart card operation information to obtain validation data by the smart card; outputting the validation data by the smart card after obtaining the validation data.

A smart card, a method for outputting validation data, and a method for responding to an operation request are provided. The method for outputting validation data includes acquiring an operation request by a smart card; acquiring smart card operation information of the smart card by the smart card, after acquiring the operation request, wherein the smart card operation information comprises at least a smart card mode factor for indicating a working mode of the smart card, and the working mode of the smart card comprises a non-contact communication mode and/or a contact communication mode; acquiring a validation data generating strategy, and using the validation data generating strategy to process at least the smart card operation information to obtain validation data by the smart card; outputting the validation data by the smart card after obtaining the validation data.

A method for providing and checking the validity of a virtual document on a first computer system is disclosed. The virtual document is provided by means of a mobile second computer system for a first computer system. The method includes receiving a password-protected storage address of a first database at which the virtual document can be read, reading the virtual document, displaying the virtual document on a display of the first computer system, receiving a unique second identifier of the mobile second computer system, calculating a third identifier using the received second identifier and a hash value of the virtual document, identifying the database entry of the second database in which a first identifier of a first pairing consisting of the mobile second computer system and the first virtual document is stored, comparing the calculated third identifier with the first identifier stored in the identifier database entry.

Disclosed is a method of managing a smart card configured for securing a transaction with an external device via a card reader, the method including the following steps: incrementing at least one command counter of commands received by the smart card during a transaction; and depending on the current value of the at least one counter and a command profile, implementation of a smart card management command.

One variation of a method for controlling a dynamic transaction card includes: at a first time, accessing a first cryptogram; at a second time, establishing a wireless connection with a mobile computing device; in response to establishing the wireless connection with the mobile computing device, accessing a first token associated with the first cryptogram from the mobile computing device via the wireless connection; generating a first magnetic stripe sequence command representing the first cryptogram and the first token; and in response to detecting a magnetic stripe card reader proximal a magnetic stripe emulator integrated into the dynamic transaction card at a third time succeeding the second time, driving the magnetic stripe emulator according to the first magnetic stripe sequence command.

The invention provides methods, systems and computer program products for identity authentication for payment card based payment transactions. A payment card may be configured for payor identity authentication for the purpose of an electronic payment transaction(s), and may comprise (i) sensors to measure card handling parameters, (ii) an authentication signature generator, configured to generate and store a biometric identity signature associated with an authorized cardholder—which signature is based on a first set of card handling parameter data received from the sensors, (iii) a card handling data comparator configured to receive a second set of card handling parameter data from the sensors, retrieve the biometric identity signature associated with the authorized cardholder, and compare the second set of card handling parameter data with data extracted from the retrieved biometric identity signature, and (iv) an authentication decision generator configured to generate an identity authentication decision based on the comparison.