According to one embodiment of the invention, a subtoken corresponding to a primary token is generated. The primary token corresponds to a credential. The credential may be, for example, a primary account number (PAN) corresponding to a payment account. The subtoken may be a temporary, one-time use subtoken based on a primary token associated with the credential that allows a user to conduct a transaction from his or her account, while still providing security for the user's sensitive data. The subtoken may contain a header and an obfuscated portion. The header of the subtoken routes the subtoken to the entity issuing the subtoken for translation into the primary token. The obfuscated portion acts as a pointer to the primary token and data associated with the primary token. A same check digit may be included in the subtoken, the primary token, and the credential, in order to ensure that the transaction is not improperly denied.

A method includes communicating with a remote server computer via a first mobile device to receive in the first mobile device a payment token associated with a PAN (primary account number). The PAN identifies a payment account owned by a user of the first mobile device. The method further includes provisioning the payment token from the first mobile device to a second mobile device in proximity to the first mobile device. The provisioning includes transfer of data from the first mobile device to the second mobile device.

A method includes storing transaction data relating to a plurality of payment transactions. The payment transactions were all performed using a payment token. The payment token had been provisioned to a first mobile device. The method further includes downloading the stored transaction data to a second mobile device. The second mobile device is owned by an account holder. The account holder had been issued a payment account identified by a PAN (primary account number. The payment token had been associated with the PAN.

The electronic device may invoke a host application. The device may display a first host user interface on the display, the first host user interface including a first host user interface component associated with a child application. In response, the device may invoke, using the host application, the child application executed at the electronic device. The device may transmit, using the host application, a request for data associated with a child user interface component to the child application. The device may transmit, using the child application, the request for data associated with the child user interface component to a child application server, wherein the data associated with the child user interface component is inaccessible by the host application. The device may receive, using the child application, the data associated with the child user interface component from the child application server. The device may display the child user interface component.

A method for enabling, via a digital wallet application, a smart card to operate as a primary smart card for a plurality of a user's smart cards. The primary smart card may include a microprocessor, a touch screen, a wireless interface and an embedded subscriber identification module (“E-SIM”) card. The method may include retrieving on the primary smart card, from the digital wallet application, a list of a plurality of smart cards, displaying on the touch screen of the primary smart card, a selectable list of the plurality of smart cards, receiving, via the touch screen, a selected smart card and storing the card data on the E-SIM of the primary smart card. When the primary smart card is within a pre-determined proximity to a point-of-sale (“POS”) device, the primary smart card may be configured to transmit the card payment data stored on the E-SIM to the POS device.

A computer-implemented system and method for controlling access to an account comprises, in a policy definition phase, receiving instructions to add an authorized user to an account from a primary user associated with the account. The method further comprises receiving, from the primary user, policy rules comprising one or more rules that restrict use of the account by the authorized user. In an account use phase, the method comprises receiving a transaction by the authorized user from a merchant, performing a policy rules determination that the transaction relates to a plurality of items and that one of the plurality of items does not meet the policy rules, and rejecting the transaction based on the policy rules determination.

Systems and methods for inter-bank and intra-application mobile banking communications and transfers including receiving a communication from a requesting device regarding a funds transfer, processing the communication to determine relevant funds transfer request details and initiating a communication window to allow fluid communication between a requestor and responder(s) regarding the funds transfer request.

A method and system of increasing the security of requests to access funds from a joint bank account by secondary users in order to permit a primary user to securely regulate fund usage are disclosed. The system and method are configured to link to a bank account and restrict the access of funds by secondary users per conditions defined by the primary user(s). An application can be accessed via a computing device that receives requests for funds from secondary users and requires the secondary user to also submit a digital image or video that supports their proposed transaction. The request will only be conveyed to the primary user if the necessary digital verification is received by the system.

A computer-implemented system and method may allow primary account holders (e.g., parents) to select merchants along specific routes where a secondary account holder (e.g., child) would be able to use a payment device. Each of these merchants may be categorized to further allow a parent to approve or reject purchases with a particular merchant. Any attempt to consummate a financial transaction with such a device at a disallowed merchant or at a merchant outside the defined geo-zone would not go through and may trigger an alert message to the parent/primary account holder (e.g., an email, SMS, phone call, etc.). Furthermore, setting a threshold may enable a trigger to ask the parent for approval in case the child makes a transaction of an amount exceeding the threshold value.

Using credit cards could be challenging when dealing with too many of them. We have a solution to use smaller credit cards link with a principal card. Mini-Dependent cards have limited amount of credit to help make using credits cards much simpler. The idea is to have a main credit card assigned to the head of an association and/or family. The principle can control the credit that is on a mini dependent and allows the individual to use limited credits from the principle without risking nearly as much as when a credit card gets lost or stolen. The amount of credits on a mini dependent can be set by the owner of Principle Credit Card. Example, a dependant credit card can be mounted inside fuel compartment of a vehicle for fueling, or can be mounted in a school student's wallet to facilitate using allowance.