The invention provides an easy to use credential management mechanism for multi-factor out-of-band multi-channel authentication process to protect user access to online portals. When opened, the client processing application generates a multi-dimensional code. The user scans the multi-dimensional code and validates the client processing application and triggers an out-of-band outbound mechanism. The portable mobile device invokes the authentication server to get authenticated. The authentication server authenticates the user based on shared secret key and is automatically allowed access to the online portal. The process of the invention includes an authentication server, a client processing application to generate an authentication vehicle or an embodiment (i.e. multi-dimensional bar code) and handle incoming requests, secret keys and a portable communication device with a smartphone application.

The invention provides an easy to use credential management mechanism for multi-factor out-of-band multi-channel authentication process to protect payment credentials without the risk of malware and skimming attacks. When opened, the secure payment application generates a multi-dimensional transitory key. The user authenticates the multi-dimensional transitory key and validates the secure payment application, triggering an out-of-band outbound mechanism. The portable mobile device invokes the authentication server and the authentication server authenticates the user based on the authenticated transitory key. After authentication, the merchant is allowed access to the payment credentials to complete the transaction. The process of the invention includes an authentication server, a secure payment application to generate an authentication vehicle or an embodiment (i.e. multi-dimensional transitory key) and handle incoming requests, and a portable communication device with a smartphone application.

An authentication computing device including at least one processor in communication with a memory is provided. The processor stores, within the memory, an authentication profile associated with an account holder. The authentication profile includes an account identifier associated with a payment account of the account holder and authentication information. The processor further receives an authentication request associated with the payment account and a payment card action request from a requestor for a payment card action to be performed through an automated teller machine (ATM). The processor also retrieves the stored authentication profile, generates an authentication challenge based on the authentication profile, transmits the authentication challenge to a client device and/or the ATM, receives an authentication response from the requestor, and determines an authentication result based, at least in part, on the authentication response. The authentication result indicates if the requestor is the authenticated account holder of the payment account.

A method for generation of an application cryptogram for use in a payment transaction includes: storing, in a first memory, a single use key associated with a transaction account; electronically transmitting the single use key to a processing server; receiving an encrypted session key and a server encryption key from the processing server; executing a first query to store the encrypted session key in the first memory and a second query to store the server encryption key in a second memory; decrypting the encrypted session key using the server encryption key; generating an application cryptogram based on the decrypted session key; and electronically transmitting the generated application cryptogram for use in a payment transaction.

The systems and methods on a blockchain platform for one or more intermediaries for services including proxy re-encryption, independent audit, multiple-signatures based smart wallet associated with a smart contract and split-key authentication to achieve secure passwordless login. Proxy re-encryption by receiving a ciphertext from a first user with condition parameters that has been encrypted with a dynamically selected encryption algorithm. Audit service receiving an encrypted file from a user for storage on the blockchain platform; enforcing the security policy parameters for all access requests to the file on the blockchain platform; and optionally providing audit report of the encrypted file storage and access. A smart wallet with a group key using multiple signatures based on receipt of a threshold number of signatures. Split-key authentication by splitting the private key into two or more parts; and assigning the split private key part to two or more client devices.

Systems, methods, apparatus, processes, computer program code and means for conducting transactions are described which allow a first party to a transaction to identify a second party to a transaction.

A digital currency settlement system, includes: a payment device, a digital currency block chain system, a network server, a management center, and a settlement terminal. The settlement terminal reads user information in the payment device of User A to generate a transaction, and the transaction is transmitted to the management center through the network server. The management center converts the quantity y of a digital currency in the transaction information into an intermediate currency of a corresponding quantity Y0, and transfers the intermediate currency of the corresponding quantity Y0 from an account of User A to an account of User B, and after a certain time, the total quantity Y of the intermediate currency in the account of User B is counted and converted into the digital currency of a corresponding quantity Z according to the total quantity of the intermediate currency.

A terminal includes a housing, a touch screen, and an imaging assembly. The imaging assembly in one embodiment is disposed in the housing so that an imaging axis extends externally from the housing. The imaging assembly can be utilized for capture of images disposed externally to the housing. In one embodiment a frame of image data captured utilizing an imaging assembly can be processed for attempting to decode a decodable indicia. In one embodiment a frame of image data captured utilizing an imaging assembly can be stored.

A method includes a validation computer receiving an authorization request message comprising a user state and a user proof from a user device. The user state comprises first and second user state elements. The user proof comprises first, second, and third user proof elements. The validation computer computes a first verification value by multiplying the first user proof element raised to the power of the second user state element, and the second user proof element raised to the power of the first user state element. The computer computes a second verification value by raising the second user proof element to the power of the second user state element. The computer compares the first verification value to a first accumulated state element of an accumulated state. The compares the second verification value to a second accumulated state element. The validation computer authorizes the authorization request message based on the comparison steps.

A customer information registration apparatus includes: a matching unit configured to match face data of a customer based on image data acquired by a camera in a shop against face data stored in a storage unit; a storing unit configured to store face data which is not stored in the storage unit into the storage unit in a case where the matching by the matching unit fails; a behavior information acquisition unit configured to acquire behavior information according to a behavior in the shop of the customer; a condition determination unit configured to determine whether or not to delete the face data stored in the storage unit based on the behavior information acquired by the behavior information acquisition unit; and a deletion unit configured to delete the face data stored in the storage unit based on a result of the determination by the condition determination unit are provided.