A terminal device includes selection means for comparing a payment amount with a set amount read from a recording medium and for selecting between off-line processing and on-line processing, depending on a result of the comparison, off-line processing means for subtracting the payment amount from the set amount recorded in the recording medium and sending the payment amount to a server device; and on-line processing means for sending the payment amount to the server device and updating the set amount when having received an update value. A server device includes server processing means for receiving the payment amount from a terminal device and subtracting the payment amount from a balance of an account corresponding to the recording medium, and in a case of the on-line processing, sending the update value to the terminal device.

A payment processing device can implement a monitoring system to detect for tamper attempts at a chip card interface. The monitoring system can establish a baseline when no chip card is present in the chip card interface, or in some embodiments, when it is known that an authentic chip card 14 is present in the slot 21. During subsequent evaluations of the chip card interface by the monitoring system, a response received by the monitoring system that deviates from the baseline can indicate that a tamper attempt at the chip card interface may have occurred. If a tamper attempt is determined by the monitoring system, a remedial or corrective action can be taken.

Methods, apparatus and computer software are provided for authorizing an EMV transaction between a user device and a point of sale terminal, particularly, but not exclusively, in situations where a secure element is not made available for the deployment of a payment application on the user device. The payment application is instead deployed to a processing environment that is outside of any secure element on the user device. An ICC Master Key corresponding to the payment application is held by a trusted authority, such as the issuing bank. The trusted authority is adapted generate time-limited session keys on the basis of the ICC Master Key and distribute session keys to the payment application. Receipt of a session key by the payment application enables the payment application to conduct an EMV payment transaction. The session key is used to authorize a single EMV payment transaction.

An example transaction card may include a sensor to measure movement of the transaction card and one or more processors to monitor the movement of the transaction card via the sensor during a tracking period; determine measurements of a gait of a user during the tracking period from the movement of the transaction card during the tracking period; compare the measurements of the gait of the user during the tracking period and a gait signature associated with the transaction card; and/or perform an action associated with the transaction card based on a result of comparing the measurements of the gait of the user during the tracking period and the gait signature.

Secure storage platforms and their application in secure temporary property storage applications are disclosed and comprise: secure locker systems; secure locker systems comprising emergency access; secure locker systems comprising collapsible lockable compartments; secure storage systems comprising chain of custody management, recording and authentication; redirected delivery including post-delivery redirected delivery, en route delivery and dispatch delivery services comprising chain of custody services; and secure property claim check and car valet systems. A secure storage platform uses a secure protocol to establish challenge code and verification code generators to provide short lived single use access authentication codes to enable secure access and custody management of secured and stored property.

Secure storage platforms and their application in secure temporary property storage applications are disclosed and comprise: secure locker systems; secure locker systems comprising emergency access; secure locker systems comprising collapsible lockable compartments; secure storage systems comprising chain of custody management, recording and authentication; redirected delivery including post-delivery redirected delivery, en route delivery and dispatch delivery services comprising chain of custody services; and secure property claim check and car valet systems. A secure storage platform uses a secure protocol to establish challenge code and verification code generators to provide short lived single use access authentication codes to enable secure access and custody management of secured and stored property.

An instance of a physical product includes a verification code and a unique identifier disposed thereupon by which authenticity or condition of the instance may be determined. The combination may be uniquely associated with the instance and stored, by the issuer or manufacturer for each authentic instance, locally or within a decentralized computing system having an immutable data store. The verification code may be concealed by a tamper-evident component such that access of the verification code is evident upon visual inspection. Verification may require revealing of the verification code with tamper-evidence and submission of a request including the verification code and the unique identifier (or representation thereof) to receive a verification result. Each request to verify an instance may be recorded and returned with a next request for verification of the same instance of the product to indicate whether another entity has already performed a verification.

A method of protecting transactions in a card processing system from fraud comprises issuing a payment card having a first PAN number, a second PAN number and at least one of a magnetic strip or a smart chip. The first PAN number is encoded in machine readable language on each of the at least one of the magnetic strip or the smart chip and not displayed in human readable form on the payment card. The second PAN number is displayed in human readable form on the payment card and is not encoded in machine readable language on either of the at least one of the magnetic strip or the smart chip. The first PAN number is valid in the card processing system only for card-must-be-present transactions and the second PAN number is valid in the card processing system only for card-not-present transactions.

One variation of a method for controlling a dynamic transaction card includes: at a first time, accessing a first cryptogram; at a second time, establishing a wireless connection with a mobile computing device; in response to establishing the wireless connection with the mobile computing device, accessing a first token associated with the first cryptogram from the mobile computing device via the wireless connection; generating a first magnetic stripe sequence command representing the first cryptogram and the first token; and in response to detecting a magnetic stripe card reader proximal a magnetic stripe emulator integrated into the dynamic transaction card at a third time succeeding the second time, driving the magnetic stripe emulator according to the first magnetic stripe sequence command.

An approach is provided for authenticating a payment card. Information is read from the payment card being used for a purchase. The information includes an identifier and data on a chip, in braille cells, and in markings in the payment card. A hash read from the chip, the identifier, and security codes derived from the braille cells and the markings are sent to a payment system. A hash of an (n+1)-th block of a blockchain is received and recorded in the chip in response to validations of the hash as matching a hash of an n-th block of the blockchain, the identifier, and the first and second security codes, and a generation of the hash of the (n+1)-th block. Data about the purchase and the hash of the (n+1)-th block are sent to the payment system.