The present invention provides a method and system for securing sensitive data from unauthorized access or use. The method and system of the present invention is useful in a wide variety of settings, including commercial settings generally available to the public which may be extremely large or small with respect to the number of users. The method and system of the present invention is also useful in a more private setting, such as with a corporation or governmental agency, as well as between corporation, governmental agencies or any other entity.

A method to enable transactions comprising transmitting, by a vendor server, a request message to the e-commerce system for a token. Receiving a token in response to the request message. Generating an offer message including a mailto hyperlink, wherein the offer message is an email message including a mailto hyperlink is configured to generate an email reply message include the token. Transmitting the offer message to an email address associated with the customer. Receiving a response message from the e-commerce system, the response message including transaction details that confirm the token was validated by the e-commerce system. Transmitting a payment processing request message to a payment processor, wherein the payment processing request is based on the transaction details. Receiving a notification from the payment processor, that payment processing has been completed. Transmitting an email message to the email address of the customer, that payment has been processed.

Systems, apparatuses, and methods for providing an account token to an external entity during the lifecycle of a payment transaction. In some embodiments, an external entity may be a merchant computer requesting authorization of a payment message. In other embodiments, the external entity may be a support computer providing a payment processing network or a merchant support functions.

Embodiments of the invention relate to systems and methods for efficiently provisioning mobile devices with personalization data. For some embodiments, a method is disclosed comprising receiving a request for provisioning comprising device information for a mobile device and user authentication information for a user, generating a partial personalization script, an activation script, and a deletion script using the device information, sending the partial personalization script, the activation script, and the deletion script to an application provider computer, wherein the application provider computer initiates execution of the partial personalization script on the mobile device, authenticating the user authentication information, and sending an activation message to the application provider computer, wherein the application provider computer initiates execution of the activation script.

Embodiments described herein provide approaches for processing a payment in an electronic commerce environment. Specifically, a customer of a merchant website in the electronic commerce environment is provided a universal payment interface in response to the customer's request to pay. The universal payment interface retrieves a proprietary token from the customer. This proprietary token is a mobile device-based token that is provided by a provider associated with the mobile device. The universal payment interface requests a determination from the provider as to whether the proprietary token is valid, and the payment is verified based on the determination from the provider.

A system and method for facilitating a secured value transfer. A first user and the system obtain a pair of encryption and decryption apparatuses. The first user creates a request including his unique identifier and a value to be transferred. The first user encrypts the request using the encryption apparatus and sends it to the second user. The second user sends to the system the request and the second user's unique identifier. The system uses the decryption apparatus to decrypt the request. The system checks the usage of the request against a threshold limit. After a successful usage check, the system then transfers the value from the first user to the second user. The system may comprise (a) a plurality of system server for exchanging data with users' personal computing devices, registering users, and conducting transactions, and (b) data storages storing user accounts and other persistent data.

Embodiments are directed to the generation of a token associated with a status. The status of the token may affect how the token is treated and the types of restrictions placed on the token. The status of the token may indicate that the token is generated based on verification of secure user data. Alternatively, the status of the token may indicate that the token is generated based on insufficient user data and, as such, restrictions may be imposed on the token. The token requestor may be a mobile application, such as a merchant mobile application provisioned on a user device. In response to a token request from the merchant, the token provider issues tokens with varying status based on a confidence level. The status of the token may be indicated in terms of token assurance level.

A tampering verification system and method for financial institution certificates are based on blockchain and verify whether one of the financial institution certificates has been tampered with by comparing the contents of the financial institution certificate at the point of first being generated by a financial institution and at the point of client issue.

Systems and related methods facilitating interactions between a merchant device, a central system and a consumer device are discussed herein. Wallet identifying data may be used to secure messages between the consumer device and the merchant device over a wireless link. For example, the merchant device may include circuitry configured to wirelessly receive the wallet identifying data from a consumer device and to transmit the wallet identifying data to the central system. In response, consumer identifying data associated with the wallet identifying data may be received by the merchant device from the central system. In some embodiments, the consumer identifying data may be associated with a unit of location, such as a dine-in location at a restaurant, to facilitate consumer service.

Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device. The method comprises receiving, by a mobile payment application on a secure memory of the mobile device, transaction data from a transaction processor application on the mobile device. The method further comprises validating that the transaction processor application is authentic and in response to validating the transaction processor application, providing encrypted payment credentials to the transaction processor application. The transaction processor application further initiates a payment transaction with a transaction processor server computer using the encrypted payment credentials.