An instruction to generate target information is received by a server and from a first user. The instruction includes two or more pieces of user identity information associated with two or more different users. The two or more pieces of user identity information are combined, by the server and in a predetermined method, into continuous text information. The two or more pieces of user identity information in the continuous text information are separated by one or more separation strings. The target information is generated, by the server, based on at least a predetermined algorithm and the continuous text information.

A store management server configured to communicate with an alert device installed in a store, includes a network interface and a processor configured to identify a customer entering the store, acquire customer information about the identified customer, detect that the customer is holding a commodity in the store, acquire sales restriction information about the commodity held by the customer, determine whether the customer is eligible to buy the commodity held by the customer based on the acquired customer information and sales restriction information, and control the network interface to transmit, when it is not determined that the customer is eligible to buy the commodity, a first command to an alert device. The first command causes the alert device to output an alert.

A method for secured receipt and usage of payment credentials using a commercial-off-the-shelf (COTS) device includes: storing, in the COTS device, a secure application program and cryptographic keys; establishing, by the program, a secure communication channel with a back-end system inaccessible by any application program or component in the COTS device; exchanging attestation data between the program and the back-end system using the communication channel; receiving payment credentials from a payment card by a near field communication (NFC) interface in the COTS device; transmitting the payment credentials to the program by the NFC interface; enciphering, by the program, the payment credentials; and transmitting, by the program of the COTS device, the enciphered payment credentials to the back-end system using the secure communication channel.

Disclosed embodiments include an NFC payment method and apparatus implemented on a mobile terminal. In some embodiments, an NFC payment function of a mobile terminal is activated; an NFC connection to a POS terminal is directly established in an inactive-screen state, so as to start the current payment process; payment authentication is performed on a user, so as to instruct the POS terminal to make a payment when the authentication is completed. Some embodiments of the present disclosure provides a more convenient and efficient NFC payment manner. In some embodiments, the system can directly invoke NFC quick payment in an inactive-screen state, which significantly reduces an operation time and operation cost of a user. Moreover, the user may need to be authenticated before the payment, which also guarantees the security of the payment. Therefore, some embodiments of the present disclosure provides better mobile quick payment experience for the user.

A method including receiving an indication for a digital alert associated with a specific action for a user account of a user; generating and outputting a first message comprising a web page link; receiving an indication of a request to access the web page link by the user device; responsive to receiving the indication of the request to access the web page link, accessing, based on the indication for a digital alert, user-specific information associated with the user account from the at least one third-party device; and generating, based on the indication for a digital alert and the user-specific information, a customized user interaction-specific web page comprising the user-specific information associated with the user account and at least one user input field.

A method 1000 for authenticating operations within consent architecture includes obtaining an operation request 142 requesting a service application 140 to access a remote entity 130 to perform an operation (138). The method also includes issuing, by the service application, an authentication request 152 requesting an authenticator application 150 to obtain user authentication credentials 154 for authenticating a user 12 before the remote entity performs the operation. The method also includes encrypting, by the authenticator application, the obtained user authentication credentials using a public key 132 of the remote entity. The service application is restricted from obtaining the user authentication credentials in unencrypted form. The method also includes providing, by the authenticator application, the encrypted user authentication credentials to the service application and transmitting, by the service application, the operation request and the encrypted user authentication credentials to the remote entity.

A method includes initiating, by a computing device, an acquisition process with a merchant server to acquire an item using an exchange item. The method further includes determining, by the merchant server and/or a marketplace server, whether the acquisition process requires verification of the merchant server. When the acquisition process requires verification, the method further includes obtaining, by the marketplace server, a verification signature of the merchant server. The method further includes authenticating, by the marketplace server, the verification signature of the merchant server in accordance with use rules associated with the exchange item. When the verification signature is authenticated, the method further includes facilitating, by the marketplace server, exchange of the secure custody of the exchange item data file between the computing device and the merchant server in accordance with the secure custody protocol to finalize the acquisition process.

A method includes initiating, by a computing device, an acquisition process with a merchant server to acquire an item using an exchange item. The method further includes determining, by the merchant server and/or a marketplace server, whether the acquisition process requires verification of the merchant server. When the acquisition process requires verification, the method further includes obtaining, by the marketplace server, a verification signature of the merchant server. The method further includes authenticating, by the marketplace server, the verification signature of the merchant server in accordance with use rules associated with the exchange item. When the verification signature is authenticated, the method further includes facilitating, by the marketplace server, exchange of the secure custody of the exchange item data file between the computing device and the merchant server in accordance with the secure custody protocol to finalize the acquisition process.

A trusted transaction signal is passed from a merchant to an account provider. A merchant receives a payment account association with a transaction between a customer and the merchant, and determines a level of risk for the transaction. If the customer is unknown to the merchant, the trust level is determined to be a default trust level. If the customer is known to the merchant, then a risk assessment determines whether the trust level is the default trust level, or a second, greater, trust level. A transaction notification is sent to the account provider. When the trust level is the default level, the notification includes a merchant ID that identifies the merchant and signifies the default trust level for the transaction. When the trust level is the greater level, the notification includes a different merchant ID that also identifies the merchant, but represents the second trust level for the transaction.

A computerized method for securely verifying age of users of remote devices interacting with provider resources includes receiving a request for age verification of the user; providing directly to the user device an interface for input of identifying data; receiving, from the user device, identifying data; providing, to a third party verification source, the identifying data; receiving, from the third party verification source, an indication of confirmation of the identifying data; determining, based on the received indication, whether a confidence level has been met; responsive to determining that a confidence level as been met, causing a token indicative of age verification to be generated; providing the token to the user device; providing a positive indication to the provider system, including identification of the token, and anonymizing user-identifiable data.