Techniques for providing to a user with an anonymous user signature on a message in a distributed decentralized network are presented. The techniques use a hardware security module and a certificate authority. The certificate authority: obtains a credential that includes a certificate for the user, where the certificate includes a user public key and a plurality of user attributes; receives a request for a signature on the message, where the request includes an indication of a subset of the plurality of user attributes to be revealed; accesses from the hardware security module a user secret key; and provides to the user at least the message signed by the user secret key and a zero-knowledge proof that establishes that the message is signed by the user secret key corresponding to the user public key in the credential without revealing the plurality of user attributes.

Systems and methods for payment processing include receiving, by a payment terminal, a personal account number to complete a payment. The personal account number is encrypted by the payment terminal. The encrypted personal account number is sent from the payment terminal to a merchant server via a network. The encrypted personal account number is sent from the merchant server to a tokenization service provider server for tokenization and validation via a payment processor. The merchant server receives an indication of whether the transaction was successful and a token from the tokenization service provider server.

Systems, methods, articles of manufacture, and computer-readable media for secure authentication based on identity data stored in a contactless card associated with an account. An application may receive an indication specifying to perform an operation. The application may receive encrypted data from the card. The application may receive an indication that the authentication server decrypted the encrypted data. The application may determine a type of data required to authorize the operation. The application may receive data comprising passport data or driver license data from the card. The application may determine that the data satisfies a rule for authorizing the operation and authorize performance of the operation based on the authentication server verifying the encrypted data and the data satisfying the at least one rule.

In an example involving a transaction conducted between a first party using a user mobile-identification-credential device (UMD) and a second party using a relying party system (RPS), RPS receives a request from UMD for transfer of an item, requests identification information of the first party from UMD, receives, based on consent of the first party, some or all user ID information associated with a mobile identification credential (MIC) which UMD received from an authorizing party system (APS), receives verification of the received user ID information, uses the verified user ID information to verify or not verify an identity of the first party, grants the request to transfer the item in exchange for payment or another item to be transferred from the first party to the second party when the identity of the first party is verified, and denies the request when the identity of the first party is not verified.

A mobile device with a display, processor(s), and memory: identifies a retail machine configured for wireless communications based on broadcasted information transmitted by the retail machine and including an identifier corresponding to the retail machine; transmits the identifier to a server and receives from the server an electronic communication including a promotional offer for products or services offered by the retail machine; displays the promotional offer; detects selection of a promotional offer; receives a notification from the retail machine that a product or service was provided by the retail machine for a user of the mobile device; transmits confirmation information associated with the notification to the server, receives promotion validation information from the server indicating validation of the promotional offer; and based on the promotion validation information, displays information confirming application of the promotional offer.

A node device in a blockchain receives an asset issuance transaction from an asset issuer, where the asset issuance transaction comprises a commitment value and a proof for performing a zero-knowledge proof with respect to the commitment value, and where the commitment value is calculated by inputting at least an asset type of a target asset object issued by the asset issuer to a commitment function. The zero-knowledge proof with respect to the commitment value based on the proof is initiated. It is determined that the asset type of the target asset object is in a set of legal asset types allowed to be issued by the asset issuer. In response to determining that the asset type of the target asset object is in the set of legal asset types allowed to be issued by the asset issuer, the commitment value to the blockchain is issued for storage.

Systems and methods are provided for authenticating users. An exemplary method includes receiving, by a directory server (DS), an authentication request for a transaction to an account where the request includes a token and a cryptogram, and transmitting the token and cryptogram to a digital service server (DSS). The method also includes mapping, by the DSS, the token to an account number for the account, validating the cryptogram, generating a directory server nonce (DSN) for the request, and transmitting the DSN and the account number to the DS. The method further includes transmitting, by the DS, the DSN and the account number to an access control server (ACS) associated with an issuer of the account and, in response to an issuer authentication value (IAV), compiling an accountholder authentication value (AAV) including the IAV, the DSN and an amount of the transaction and transmitting the AAV to a merchant or server.

The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authenticate device identity and authorize exchanges of data in real-time based on dynamically generated cryptographic data. For example, an apparatus may receive a first signal that includes a first cryptogram associated with a client device, and may perform operations that authenticate an identity of the client device based on a comparison of the received first cryptogram and a second cryptogram generated by a computing system associated with an application program executed by the client device. In response to the authenticated identity, the apparatus may load profile data associated with the client device from a storage unit, and perform operations consistent with the profile data in accordance with the authenticated identity.

Embodiments include methods and systems for linking high-value tokens using a low-value token, comprising receiving, from an electronic data server, a first high-value token and a request for a low-value token, the first high-value token being associated with sensitive data associated with a user, and the low-value token being associated with a subset of the sensitive data associated with the user. The methods and systems further comprise providing the low-value token to the electronic data server, and receiving, from a second electronic data server, the low-value token and a request for a second high-value token, the low-value token having been provided to the second electronic data server by the electronic data server. The methods and systems further comprise generating a second high-value token associated with the sensitive data associated with the user, and providing the second high-value token to the second electronic data server.

Disclosed herein are systems, methods, and devices for transaction methods for mobile wallet operations in a casino. Various embodiments are directed to applying funds to a user's mobile wallet by transactions at a kiosk, cage, Peripheral System, or other system of the casino. Embodiments are also directed to applying credit to an electronic gaming machine of the casino. Embodiments are also directed to returning or redeeming credit from an electronic gaming machine of the casino to the user. Embodiments are also directed to transferring credit from a mobile wallet to external funds.