Embodiments are directed to optimizing the secure provisioning of credentials to mobile devices through use of risk decision non-overrides. In some embodiments, a service provider receives a request from a wallet provider to provision a credential associated with an account to a mobile device. The request includes a first risk level associated with the provisioning. The service provider receives a second risk level associated with the provisioning request from an issuer of the account. Based upon determining that a non-override condition exists, the service provider uses the first risk level from the wallet provider and accordingly causes a user authentication to occur. A non-override condition may be determined based upon scenario indicators received within the provisioning request. In some embodiments, the non-override condition may be ignored when the first risk level indicates medium risk and the second risk level indicates high risk.

Cryptocurrency based malware and ransomware detection systems and methods are disclosed herein. An example method includes analyzing a plurality of malware or ransomware attacks to determine cryptocurrency payment address of malware or ransomware attacks, building a malware or ransomware attack database with the cryptocurrency payment addresses of the plurality of malware or ransomware attacks, identifying a proposed cryptocurrency transaction that includes an address that is included in the malware or ransomware attack database, and denying the proposed cryptocurrency transaction.

A method and system for detecting fraudulent network events in a payment card network by incorporating breach velocities into fraud scoring models are provided. A potential compromise event is detected, and payment cards that transacted at a compromised entity associated with the potential compromise event are identified. Subsequent transaction activity for the payment cards is reviewed, and a data structure for the payment cards are generated. The data structure sorts subsequent transaction activity into fraud score range stripes. The data structure is parsed over a plurality of time periods, and at least one cumulative metric is calculated for each of the time periods in each fraud score range stripe. A plurality of ratio striping values are determined, and a set of feature inputs is generated using the ratio striping values. The feature inputs are applied to a scoring model used to score future real-time transactions initiated using the payment cards.

A heuristic engine includes capabilities to collect an unstructured data set and detect instances of transaction fraud in a financial account. By providing a heuristic algorithm with unstructured transaction sets and indications of particular instances of transactions that correlate with past fraudulent activity allows prevention of future occurrences of fraud. Such heuristic algorithms may learn from past indications of fraudulent activity and improve accuracy of detection of future fraud detections.

A system and computer-implemented method for authenticating digital transactions. The method includes receiving a device registration request and a device attestation response including at least a device integrity status from a device. In response to the device registration request, the method includes providing a device registration response to the device, based on validation of the device integrity status. Further, the method includes receiving a first payment transaction request and an enrolment request from the device via an application to authenticate a second payment transaction request using a first type of authentication technique. Finally, the method includes enrolling the device to the first type of authentication technique and providing a second token to the device based on a result of the first payment transaction request, wherein the second token is used for authenticating the second payment transaction request.

Aspects and examples are disclosed for facilitating transactions with an interactive computing environment provided by a host system. In one example, a processing device receives a data network identifier or other identifier from an interactive computing environment. The data network identifier or other identifier can be associated with a mobile device conducting a transaction with the interactive computing environment. The processing device can also obtain a credential associated with the mobile device using the data network identifier. The processing device can additionally retrieve identification information from a credit file associated with the credential. The identification information can be useable for completing the transaction. The processing device can further transmit the identification information to a host server system executing the interactive computing environment.

This application discloses a repeat transaction verification method and apparatus, a device, and a medium. The method includes a repeat transaction verifier being deployed in a first node, and the method includes acquiring a pending transaction to be stored on a blockchain; acquiring a bit array and K hash functions of the repeat transaction verifier, the bit array comprising M array elements and comprising first array elements; based on the K hash functions, mapping the pending transaction to K target identification locations of the bit array, identifying array elements on the K target identification locations as transaction mapping values on the K target identification locations; and obtaining a first repeat transaction verification result of the first repeat transaction verification based on an association between the first array elements and the transaction mapping values on the K target identification locations.

A method is disclosed. The method comprising: receiving, by an access control sewer via a directory sewer from an authentication requestor, an authentication request comprising an account identifier, and information regarding a prior authentication method on the account identifier and a current authentication method for the account identifier associated with a transaction; performing, by the access control server, a risk analysis for the transaction based at least in part on the information and a threshold; authenticating, by the access control server, the user of the account identifier using the information, the account identifier, and a result of the risk analysis; modifying, by the access control server, an authentication response to include an authentication indicator, and transmitting, by the access control sewer, the authentication response to the authentication requestor.

A computer-implemented method for performing financial fraud assessment, the method includes receiving financial information associated with customer accounts that have been identified as being associated with suspicious financial activity; establishing communities for the customer accounts; creating a baseline set of features for each of the communities; receiving new financial information associated with customer accounts; updating the communities for the customer accounts based on the new financial information; extracting an updated set of features for each of the communities; and performing fraud assessment by determining whether a change between the updated set of features and the baseline set of features for each of the communities is indicative of an increased risk of fraud.

Methods and systems are presented for automatically verifying online content for different device configurations and/or account configurations. A request for verifying a user interface software workflow is received from a device. The request can specify particular parameters and content to see if that content appeared correctly when presented to users. Session data associated with one or more real-world user interaction sessions between user devices and a service provider server is obtained. The session data is used to generate data representing how one or more user interface elements are rendered on one or more user devices during the one or more real-world user interaction sessions. The data is comparable against benchmark data to determine if content was correctly presented. Reporting data can be made available that indicates if the user interface workflows are operating correctly.