This specification discloses devices and methods for a security concept that includes an immobile hardware token (e.g., a “wall token” that is fixed within a wall) which ensures that the more sensitive actions of electronic banking (e.g., money transfers of large sums to foreign bank accounts) can only be done from the account owner's home, but not from a remote place. However, other less sensitive (and lower security risk) actions can still be done from anywhere else. In some embodiments, the hardware token includes sensors to ensure that the token is not moved or tampered with, interfaces to provide distance bounding, and a crypto-processor to provide secure authentication. The distance bounding can be used to determine if the authentication device is in close proximity to the hardware token, which can in turn ensure that the authentication device is within the account owner's home.

A method of authenticating a user on behalf of a third party provider by an identity provider computing system is disclosed. The method includes receiving a user token and user device information from the third party provider; identifying the user based on the user token; identifying related user activity based on the user device information; and authenticating the user based on the related user activity.

Shoppers install a software app on a mobile device and create a user profile. The shopper scans a fingerprint using a fingerprint sensor. Scanned fingerprint data is wirelessly transmitted to the shopper's mobile device for re-transmission over the Internet for storage in a secured server. The shopper can add payment methods (credit cards, debit cards, etc.) to the user's profile. Participating merchants registered with the payment system provide a fingerprint sensor at the point of sale. A shopper transacts purchases at a merchant's location by placing a finger on the fingerprint sensor. Scanned fingerprint data is transmitted to a merchant point of sale device and re-transmitted over the Internet to confirm the identity of the shopper, and to complete the transaction. A shopper makes purchases online using the installed software app. Participating merchants integrate APIs with existing e-commerce platforms, allowing merchants to charge and/or request access to user payment accounts.

A method of determining a proximity of an antenna located in a payment instrument to an antenna located within an electronic device may include receiving, at the antenna located within the electronic device, a first signal from the antenna located in the payment instrument, the first signal received at a first time, receiving, at the antenna located within an electronic device, a second signal from the antenna located in the payment instrument, the second signal received at a second time, the second time being later than the first time, determining a difference in a signal strength between the first and second signals, and displaying, on a display of the electronic device, an indication based on the determination.

There is provided a wireless communication device that includes a communication unit that performs wireless communication with a connection device, and a control unit that encrypts a wireless communication channel with the connection device on the basis of a digital certificate issued by a certificate authority server. The communication unit receives payment information and a valid type of payment from the connection device via the encrypted wireless communication channel. The control unit determines a payment server on the basis of the valid type of payment and causes the communication unit to transmit a payment request based on the payment information to the payment server.

Various embodiments are directed to enhancing a card payment experience by a single tap of a contactless card to a user computing device. In examples, the single tap of the card may be preconfigured to cause automatic payment of a predefined amount toward a card balance. If the single tap is not preconfigured to mean automatic card payment, the user may be presented with a notification and various payment amount options, which the user can select to pay toward the card balance.

While mobile device location remains, private, user transaction controls are applied to a specific authorization request. The user transaction controls are pre-configured by the user of the mobile account holder device and identified by the enriched merchant data. Location algorithms predict transaction locations used to obtain enriched merchant data responsive to location privacy mode. Responsive to the user transaction controls, a fraud recommendation response is sent to the approval system, in real time with the transaction. The fraud recommendation response prevents a false negative by using an enriched merchant location rather than the raw merchant location.

Some embodiments may provide systems, methods and computer program code to method to facilitate an interaction involving a user which include determining that a user authentication is required to complete the interaction, identifying at least a first verified device associated with the user, and transmitting an authentication message to the at least first verified device.

A device may include a processor, a wireless transceiver in communication with the processor, and a non-transitory memory. The memory may store instructions that, when executed by the processor, cause the processor to perform processing. The processing may include receiving a command configured to be executed by an external user device. The external user device and the user device may be members of a network of trust. The processing may include detecting, by the wireless transceiver, a plurality of member devices of the network of trust in communication range of the device. The processing may include sending, by the wireless transceiver, the command to each of the plurality of member devices.

A device may include a processor, a wireless transceiver in communication with the processor, and a non-transitory memory. The memory may store instructions that, when executed by the processor, cause the processor to perform processing. The processing may include receiving a command configured to be executed by an external user device. The external user device and the user device may be members of a network of trust. The processing may include detecting, by the wireless transceiver, a plurality of member devices of the network of trust in communication range of the device. The processing may include sending, by the wireless transceiver, the command to each of the plurality of member devices.