A system to indicate to a user to enter a personal identification number (PIN) on a commercial off the shelf (COTS) device, the system comprising: a secure card reader communicatively coupled to the COTS device, and wherein the secure card reader receives a payment card; a payment application installed on the COTS device; and one or more devices other than the COTS device. The payment application installed on the COTS device transmits one or more prompts to the one or more devices other than the COTS device based on a set of signals received from the secure card reader. The secure card reader transmits the set of signals after the payment card is received at the secure card reader, and the one or more prompts comprise at least one indication to the user to enter the PIN on a display of the COTS device.

An access control apparatus includes a sensor and an authentication circuit coupled to the sensor. The sensor detects eye movement of a user. The authentication circuit stores predetermined access code data corresponding to the user. The authentication circuit compares the detected eye movement of the user to the predetermined access code data. Based on the comparison indicating that the detected eye movement matches the predetermined access code data, the authentication circuit permits access beyond an access control point.

A payment button on a device, such as a mobile phone, allows the user to remain on the window or page from which an item was selected for purchase. When the user is ready to purchases, the button is selected, and the user simply enters an identifier, such as a password or PIN, and the transaction is processed. The button remains on the same screen and changes during different stages of the payment process.

An automated teller machine (ATM) includes a network interface, an input/output device configured to exchange data with a customer, and a processing circuit comprising a processor and memory. The memory is structured to store instructions that are executable by the processor and cause the processing circuit to receive account information identifying a credit account associated with the customer, transmit the account information identifying the credit account, receive reward information associated with the credit account, display a reward indication notifying the customer of reward information and providing the customer with an ability to indicate a preference to perform a currency reward withdrawal, receive data comprising an indication of the preference of the customer to perform the currency reward withdrawal, transmit a redemption request based on the indicated preference, receive a redemption request authorization, and dispense an amount of currency corresponding to an amount identified in the redemption request authorization.

A kiosk maintains a list of pre-paid orders. A first authentication process enables a consumer to select their order on the kiosk so as to receive the product or service that was remotely paid for via a mobile application. Authentication of the consumer selecting the order is performed based upon sending an order authentication notification to the mobile application that completed the order. If the user of the mobile application provides a positive authentication reply, the kiosk is unlocked to fulfill the order. The consumer may alternatively be authenticated by providing a personal identification number (PIN) that is associated with the order or associated with a user of the mobile application. Authentication using the PIN enables a consumer to interact with the kiosk to receive the previously ordered product or service without having to access their mobile phone or mobile application that was used to place the order.

There are provided systems and methods for a modular mobile point of sale device having separable units for configurable data processing. A modular device may include a main unit that includes data processing features to allow for a mobile point of sale, including a data entry unit for payment data, a communication component to secure communicate that data to a centralized transaction processor, and a processing unit to receive the data and instruct the centralized to process the data with an online service provider. The module device may also be physically and communicatively coupled to additional modules that may increase the on-device functionality of the main unit, include a module to allow user input and additional modules to accept other types of transaction input. On detection of a connected unit, the main unit may secure connect to and authenticate each attached module.

An access control apparatus includes a sensor and an authentication circuit coupled to the sensor. The sensor detects eye movement of a user. The authentication circuit stores predetermined access code data corresponding to the user. The authentication circuit compares the detected eye movement of the user to the predetermined access code data. Based on the comparison indicating that the detected eye movement matches the predetermined access code data, the authentication circuit permits access beyond an access control point.

A dual-factor PIN based authentication system and method uses a cryptogram provided by a contactless card associated with the client in association with a PIN stored by the contactless card to authenticate the client. In some embodiments, cryptogram authentication may be preconditioned upon a PIN match determination by the contactless card. In other embodiments, the cryptogram may be formed at least in part using the personal identification number (PIN) stored on the contactless card encoded using a dynamic key stored by the contactless card and uniquely associated with the client. Authentication may be achieved by comparing the cryptogram formed using the PIN against an expected cryptogram generated an expected PIN and an expected dynamic key.

A contactless card reader comprises a contactless card reader front-end coupled to a processor. A communications module is coupled to the processor and a set of sensors is coupled to the processor. The set of sensors determines parameters related to the location, orientation and motion of the card reader. The processor receives the parameters from the set of sensors and utilizes the parameters and scenario configuration data to evaluate a rule. The result of the evaluation of the rule results in a limitation on the operation of the card reader. The communications module is configured to intermittently receive the scenario configuration data from external sources.

Embodiments disclosed herein describe systems and methods for providing secure entry of authentication data on computing devices, such as mobile devices. In some embodiments, the systems and methods are implemented on a mobile device having one or more vibration motors configured to operate at one or more speeds, and a touch-sensitive display. The mobile device may determine that an application executing on the mobile device is requesting entry of authentication data from a user via the touch-sensitive display. The mobile device may detect entry of a first character of the authentication data from the user. During the entry of the first character of authentication data, the mobile device activates a vibration motor at a first speed.