The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of vehicle based transactions. The innovation associates a tag with a financial account and a vehicle. The financial account is associated with a customer that is associated with the vehicle. The tag is readable to perform associated financial functions. The tag is scanned with a reader. The reader is associated with the entity authorized to make charges to the financial account. Security controls are applied for the tag. The security controls dictate a charge type or authorized creditor for executing transactions. A financial transaction is executed between an entity and the customer using the tag associated with the financial account.

A point of sale (POS) device includes an output device such as a speaker, a display screen, or a network interface. The POS device also includes a secure enclosure housing a secure processor and tamper detection circuitry for detecting attempts to tamper with the secure enclosure. Use of the output device is shared between the secure processor and a main processor via a switch that is controlled by the secure processor. The secure processor can switch control of the output device from the main processor to itself and can output an output dataset via the output device in a number of scenarios. These scenarios include the secure processor detecting an attempt to tamper with the secure enclosure, the secure processor recognizing that the main processor is behaving suspiciously, or the secure processor wanting to output sensitive information. The output dataset may include visual data, audio data, or network data.

A payment reader and a POS terminal may communicate over a wireless connection. The methods and systems include monitoring one or more parameters corresponding to a payment reader and another device in proximity to POS terminal. The POS terminal, through a set of customized instructions, determines whether behavior of the second device substantially corresponds to the first device, in order to detect suspected hardware or software intrusion associated with the secure device. On successful detection of a suspected intrusion, the POS terminal generates an alert for a user of the first device if illegal intrusion is suspected by the processor.

A payment service system may include a server that manages firmware updates for payment devices such as payment readers. A payment reader may access a firmware manifest including a listing of current firmware assets stored at the payment reader, and send the firmware manifest to the server. The server may compare the firmware manifest to available firmware bundles, which are ordered combinations of firmware assets that have been released for usage by payment readers. Some of the bundles may be blocking bundles, while some are non-blocking. If a payment reader is to be updated with a blocking bundle, it cannot process payments during the update. If the update is not a blocking bundle, the payment reader may continue to process payments.

An embedded electronic payment (EEP) system allows various devices and appliances to act as a merchant to accept electronic payments. The EEP system can be formed on an integrated circuit or as a software applet to run on a virtual machine. The integrated chip can be a standard IC, an application specific integrated chip, programmable logic device, or a multiprocessor based microcontroller. The EEP system operates with a standard interface that can be adapted to many applications. As a result, the cost of payment integration is reduced. The reduced cost of inclusion allows electronic payment systems to be applied in systems and devices where cost margins previously prohibited custom electronic payment systems. When the EEP system is included as an integrated chip, the system has improved security and power consumption compared to software solutions.

An apparatus for context-based credit card reader management is provided that includes a point-of sale (POS) terminal, configured to accept employee login credentials via a magnetic stripe card, to display menu items for selection, to add selected menu items to an order, and to accept payment for the order, where the payment may be obtained via swipe, dip, or tap. The POS terminal has a card reader and a reader controller. The card reader reads provided cards when fully powered and enabled. The reader controller is coupled to the card reader, and determines one or more workflow states of the POS terminal, and dynamically controls power states of the card reader according to the one or more workflow states.

A system for credit card reader mode management includes: a point-of sale (POS) terminal, that accepts login credentials via a magnetic stripe card, displays menu items, adds selected menu items to an order, and accepts payment instruments for the order, the POS terminal including: a first card reader, that reads first cards when enabled; a second card reader, that reads second cards when enabled; and a dual reader controller, that determines one or more workflow states of the POS terminal, and controls modes of the first and second card readers; and a backend server, that receives messages transmitted by the POS terminal including payment information obtained by the POS terminal, and that employs the payment information to process one of more transactions with one or more financial institutions to complete the payment for the order, and that notifies the POS terminal that the payment for the order is complete.

A method for dynamic adaptation of card reader protocol includes: providing a point-of sale (POS) terminal, that accepts login credentials via a magnetic stripe card, displays menu items for selection, adds selected menu items to an order, and accepts payment for the order, where the payment may be obtained via swipe, dip, or tap; via a card reader, reading provided cards when enabled; via a reader controller, determining one or more workflow states of the POS terminal, and controlling states and modes of the card reader; determining a type and capabilities of the card reader upon power up; and receiving instructions indicating the type and the capabilities, and communicating with the card reader according to the type and the capabilities responsive to a common set of commands employed by the POS terminal, and formatting data received from the card reader into a common data format.

A card is provided with a light sensor operable to receive information via light emitted from a display screen or another source of light. Accordingly, a mobile telephonic device or portable computer (e.g., tablet computer) may communicate information to a card via light pulses. Information communicated via light may include, for example, points balances, credit balances, debit balances, transaction history, software updates, coupons, promotions, advertisements or any other type of information.

Disclosed herein is a method and system to determine whether a payment terminal has been tampered with based on a comparison of attestation data received from the payment terminal, for example in an offline mode when an otherwise secure remote server cannot be reached. If the determination yields that the request has been approved, the terminal generates an attestation ticket having one or more validity conditions, wherein the validity conditions include expiration time that indicates the time after which the attestation ticket becomes invalid. The attestation ticket can be used as long as it is valid or until another trigger causes the ticket to be invalidated or regenerated.