According to one embodiment of the invention, a subtoken corresponding to a primary token is generated. The primary token corresponds to a credential. The credential may be, for example, a primary account number (PAN) corresponding to a payment account. The subtoken may be a temporary, one-time use subtoken based on a primary token associated with the credential that allows a user to conduct a transaction from his or her account, while still providing security for the user's sensitive data. The subtoken may contain a header and an obfuscated portion. The header of the subtoken routes the subtoken to the entity issuing the subtoken for translation into the primary token. The obfuscated portion acts as a pointer to the primary token and data associated with the primary token. A same check digit may be included in the subtoken, the primary token, and the credential, in order to ensure that the transaction is not improperly denied.

The present application provides a service processing method, apparatus and server, and the method includes: when a first user logs on a client device based on a first account, receiving an operation request for requesting a service operation from the first user; according to the first account, searching account binding relationship which has been stored; if a second account of a second user bound with the first account is found, permitting the first user to accomplish the service operation using the second account authority of the second account; after the first user accomplishes the service operation using the second account authority of the second account, updating the second account information of the second account according to the operation result of the service operation. By applying the embodiments of the present application, the first user can accomplish various service operations on the basis of the account authorities of the multiple bound accounts, thus expanding the way of implementing services; and the times of transmission of service data among different accounts can be reduced, thus improving the interactive efficiency of service information.

Systems and methods are provided for use in distributing payment transaction notifications. One exemplary method includes identifying, by a computing device, transaction data for a transaction associated with a child token to a group payment account and identifying, by the computing device, in a data structure, a parent token with which the child token is associated. The parent token is enrolled to receive a notification for the transaction associated with the child token. As such, the method further includes transmitting, by the computing device, a notification to a communication device of a group member associated with the parent token in response to the transaction involving the child token, where the notification includes transaction data associated with the transaction such that the transaction is thereby identified to the group member along with the associated transaction data.

A payment accessory device is operatively coupled to a smart speaker. The smart speaker provides a voice-implemented personal assistant software service. A method of operating the payment accessory device includes communicating with a remote server computer via a mobile device. The purpose of the communication is for the mobile device to receive a payment token. The payment token is provisioned from the mobile device to the payment accessory device while positioning the mobile device in proximity to the payment accessory device. The provisioning of the payment token includes transfer of data from the mobile device to the payment accessory device.

A method for distributing controlled tokens to a secondary mobile device includes: storing account profiles, each including an account identifier, set of token credentials, and an associated mobile device identifier; receiving a token distribution request from a first mobile device including a first mobile device identifier, recipient mobile device identifier, specific account identifier, and account controls; identifying a specific account profile including the specific account identifier and first mobile device identifier; generating a single use identification value and reservation identifier; transmitting the single use identification value to the first mobile device; transmitting the reservation identifier to a second mobile device associated with the recipient mobile device identifier; receiving the reservation identifier and the single use identification value from the second mobile device; verifying the reservation identifier and single use identification value received from the second mobile device; and transmitting a new set of token credentials to the second mobile device.

Examples described herein include systems, methods, instructions, and other implementations for data security. One example includes receiving a checkout communication associated with a secure transaction, where the checkout communication includes a first child merchant identifier associated with a first child merchant system, a second child merchant identifier associated with a second child merchant system, and a parent merchant identifier associated with a parent merchant system. The parent merchant identifier is associated with multiple different child merchant identifiers. The parent merchant system is then authenticated using the parent merchant identifier. The authentication of the parent merchant system is then used to facilitate payments with the multiple different child merchant systems.

A card holder's verified date of birth can be stored in a system and a verification communication link can be used for an age verification check using a required age and the card holder's verified date of birth. A verification cache can be used so that any age verification check can be done on a per transaction basis. The first setting of the verification cache can trigger the age verification check on the verification communication link while a transaction is processed on another communication link.

A first user device may request a provisioning system to create a restricted mobile payment account on a second user device. The provisioning system may send a registration notification to the second user device to trigger registration of the restricted mobile payment account. The provisioning system may also cause creation of the restricted mobile payment account based on account information received with the request from the first user device.

The present disclosure relates to an information processing device, an information processing terminal, an information processing method, and a program capable of further enhancing convenience of a settlement service. Acquired are an upper limit amount set as an upper limit for payment at a time of purchase of a desired product or service, and identification information assigned to a card used when the payment is made. Then, performed is processing of associating the identification information with and recording the upper limit amount on continuous settlement information that continuously records information regarding a settlement for a payment. The present technology can be applied to, for example, an information processing system that provides a settlement service.

Methods, computer program products, and systems are presented and can include for instance: The method can include for example, establishing a permission that authorizes a second shopper to act on behalf of a first shopper, the first shopper having a profile that includes first shopper information stored in a secure computing environment; and performing a transaction based on one or more input of the second shopper, the transaction using content of the first shopper information stored in a secure computing environment, wherein the second shopper is restricted from accessing one or more information item of the first shopper information stored in a secure computing environment.