The disclosure herein describes authentication of a user based on device-based user authentication data for transactions associated with a payment account. A service receives a registration message including device-based user authentication data and a payment account identifier. Based on the device-based user authentication data matching an authentication data type of issuer-approved data types, the device-based user authentication data is linked with the payment account. An authentication request associated with a transaction from the payment account is received including device-based user authentication data of the user. The user is authenticated based on the device-based user authentication data of the authentication request matching the device-based user authentication data linked with the payment account, whereby authentication of the identity of the user for the transaction is delegated to the service by the issuer of the payment account based on the linking of the device-based user authentication data with the payment account.

Payment devices and the systems and methods for securely managing financial transactions using the payment devices are provided. In one implementation, a portable proxy device comprises a memory configured to store a plurality of credentials. Each of the plurality of credentials pertains to one of a financial credential, an identification credential, or contractual credential. The portable proxy device also includes at least one interface, wherein each of the at least one interface is configured to communicate one of the plurality of credentials to an external device to complete one of a financial function, identification function, or contractual function.

Systems, methods, and non-transient machine-interpretable data representing executable instruction sets and/or other products for the processing of data for the secure creation, administration, manipulation, processing, and storage of electronic data useful in the processing of payment transactions and other secure data processes. In various aspects and embodiments the disclosure provides secure means for the authorization of sensitive and other data processes subject to controlled access. Such processes include, for example the creation, administration, authorization, virtualization, storage, and other manipulation or processing of electronic data representing characteristics of, instructions for, and information associated with consumer, business, and other payment accounts, and other forms of secure payment elements, such as payment tokens; and data useful in processing transactions using such accounts and elements. Information associated with particular payment means, such as accounts or payment tokens, can be stored, for example, in a data set, usually secure, sometimes referred to as a virtual or electronic wallet, or a secure payment token.

A method and an apparatus for identifying a user identity are disclosed. The method includes receiving, by a first platform, a first request sent by a second platform, the first request including a first identifier, the first identifier being a sequence number used for identifying the second platform and allocated to the second platform by the first platform after the second platform accesses the first platform; obtaining a second identifier corresponding to the first identifier, the second identifier being a sequence number used for identifying an identity of the second platform in the first platform; obtaining a third identifier corresponding to the first request, the third identifier being an account of a login user currently logging on to the first platform; encrypting the third identifier using the second identifier to obtain a fourth identifier; and returning the fourth identifier to the second platform.

A method for issuing certificates based on a blockchain network is provided. The method includes steps of: an authentication-supporting server, (a) if personal information on a user is acquired, (i) instructing a user device to generate a public and a private key of the user and transmit the public key to the authentication-supporting server, (ii) storing the certificate including the public hey as corresponding to the personal information, and (iii) determining whether one of current anchoring conditions is satisfied; (b) if it is, generating a root hash value by a Merkle tree operation on leaf nodes including hash values of the certificates stored after a previous anchoring condition is satisfied; and (c) one of (c-1) storing the transaction including the root hash value in a distributed database on the blockchain network and (c-2) instructing a blockchain node to store the transaction in the distributed database, and acquiring a transaction ID.

A method for authenticating a specific user by using certificates including a specific certificate of the specific user based on a blockchain network is provided. The method includes steps of: an authentication-supporting server, (a) on condition that a transaction is stored in a distributed database on the blockchain network from when a previous anchoring condition is satisfied to when a current anchoring condition is satisfied, wherein the transaction includes a root hash value created by a Merkle tree operation to leaf nodes having hash values of the certificates and the certificates including public keys of users, root hash identification information, and a transaction ID for locating the transaction on the distributed database are stored in the authentication-supporting server as corresponding to the specific user, if authentication of the specific user is requested, confirming validity of the specific certificate; and (b) if the specific certificate is valid, authenticating the specific user.

Disclosed is a method to facilitate an online shopping experience based on a game. The method includes receiving an amount from a user device, generating at least one token based on the amount, transmitting the at least one token to the user device, receiving at least one request from the user device, transmitting a vending machine interface to the user device, receiving at least one pull event from the user device based on the at least one token, generating at least one voucher based on the at least one pull event, transmitting the at least one voucher to the user device, transmitting at least one online store interface to the user device, receiving at least one shopping request from the user device, receiving the at least one voucher associated with the multiple points, from the user device and analyzing the at least one voucher to obtain at least one chip.

The present invention overcomes problem of pseudonymous Blockchain transactions that preclude the identification of an individual or institutional identity that rely solely on a Blockchain address of a recipient in a Blockchain transaction. A system and method is provided that verifies transfers in an on-chain Blockchain Bitcoin transaction by using a sequence of Blockchain Bitcoin transactions that establish and confirm an identity of one or more parties to the transaction.

A method for generation and distribution of protected user-specific information includes encrypting, by a processing device of a computer system, using a first encryption key of an encryption key pair, predetermined digits of a payment account number, the encryption yielding an encrypted identifier. The processing device of the computer system then generates a machine-readable code that is encoded with the encrypted identifier and additional data. A transmitting device of the computer system transmits, via an electronic communication, the generated machine-readable code to an electronic device of a user and transmits a second encryption key, of the encryption key pair, to a specialized computer system, wherein the second encryption key is associated with the first encryption key used to yield the encrypted identifier.

A transport layer security (TLS) connection is established between a signature device and the host computer via an interface (e.g., a universal serial bus (USB) interface). The signature device acts as a TLS server, and the host computer acts as a TLS client. Data such as pen data, control data, or image data may be received or transmitted via a USB bulk transfer mechanism. In one aspect, the host computer sends a command via the interface to the signature device to generate a new key pair, receives a certificate signing request (CSR) from the signature device via the interface, sends the CSR to a user certificate authority, receives a public key certificate from the user certificate authority, and sends the public key certificate to the signature device via the interface.