An authentication application may receive, from a merchant application of a client device, a merchant identifier, a transaction identifier of a transaction, encrypted data, and a location of the client device. The authentication application may decrypt the encrypted data based at least in part on a private key. The authentication application may determine that the contactless card has been used to make a previous purchase with the merchant and that the location of the client device is within a threshold distance of a known location associated with a contactless card. A virtual account number generator may generate a virtual account number and transmit the merchant identifier, the transaction identifier, the virtual account number, an expiration date, and a card verification value (CVV) to a merchant server associated with the merchant to process the transaction using the transaction identifier, the virtual account number, the expiration date, and the CVV.

Provided herein is a method for delivering web content to a computer user where the computer user must provide data for verification. A control presented by a first web page provided by a requesting server of a requesting party may be selected to request a further web page where data may be entered that requires verification. The requesting server may redirect the computer user to a verifying server that may provide a second web page to fulfil the request for the further web page. The second web page may be presented as a foreground window positioned over a backdrop frame. The foreground window may be provided with fields for entering the data and the backdrop frame may be provided by the requesting party. The verifying server may verify data entered in the foreground window and may send the requesting server a notification as to whether the verification was successful.

The present disclosure generally relates to the use of loyalty accounts, private label payment accounts, and general payment accounts using a wearable electronic device with an electronic wallet. Various accounts are linked to the electronic device. In some examples, the electronic device is NFC-enabled. The electronic device may be used to provide loyalty account information and payment account information to a payment terminal, such as an NFC-enabled payment terminal.

Disclosed are methods and systems for payment card transactions, where a Card Verification Value (CVV) or Card Verification Code (CVC) is generated dynamically as part of a tokenized session.

Systems, methods, and computer-readable media for providing accurate images of cards. An application executing on a mobile device may receive authentication credentials for an account, determine a card associated with the account, and determine a card manufacturer identifier (CMID) of the card. The application may receive, from a digital asset management system based on the CMID, a plurality of metadata attributes of the card and one or more images of the card. The application may determine, based on the metadata attributes and attributes of the mobile device, a first orientation of the card to enable near-field communication (NFC) data transfer between the card and the mobile device. The application may select a first image of the card. The application may generate a graphical user interface (GUI) including the first image and an indication specifying to tap the card to the mobile device according to the first orientation.

Various embodiments are generally directed to autofilling card data from a contactless card to a form of a computing device. An application may determine that a payment field of a form has received focus. The application may then receive encrypted data from a communications interface of a contactless card associated with an account. The application may then receive, from a server, verification of the encrypted data. The application may then receive, from the server, an encrypted account number associated with the account, and decrypt the encrypted account number to yield the account number. An autofill service of an operating system (OS) executing on the processor circuit, may then autofill the account number to the payment field of the form.

A method for contactless payment relay attack protection includes receiving an online authorization request including a cryptogram, a measured processing time, and a reference processing time from a terminal. The cryptogram is verified, and a determination is performed as to whether the measured processing time exceeds the reference processing time. An online authorization response authorizing or declining a monetary transaction is transmitted, based on the determination. An artificial intelligence transaction analysis can be performed based on past and current conditions (e.g., battery level, operating system, open applications) of a payment device such as a mobile phone, past and current conditions of a terminal, and/or a monetary amount. The online authorization response can be based on the artificial intelligence transaction analysis.

Systems, methods, and computer-readable storage media utilized for authenticating and authorizing payments. One method includes receiving one or more biometrics and authenticating the one or more biometrics of the customer based on accessing a customer authentication database and comparing the one or more biometrics to one or more stored authentication templates. The method further includes receiving context information gathered by the POS device, wherein the context information includes a plurality of context elements that describe a context of the transaction and selecting a customer payment profile from a plurality of customer payment profiles identified by the one or more biometrics of the customer. The method further includes authorizing the payment for the transaction from a payment account associated with the selected customer payment profile and sending, to the POS device, a notification that the customer has been authenticated and that the payment for the transaction has been authorized.

Systems and methods for managing a user-selected card verification code (CVC2) value for a payment card are disclosed. A sever is coupled to a payment card database and a hardware security module. The server is programmed to receive a request from a user to change the CVC2 value of the payment card to the user-selected CVC2 value. Based upon the request, the server retrieves from a payment card table stored on the database a payment card record associated with the payment card. The server transmits the user-selected CVC2 value, and, from the payment card record, a primary account number, a payment card expiry date, and a first service code to a hardware security module. The server subsequently receives from the hardware security module a second service code associated with the user-selected CVC2 value. The server updates the first service code in the payment card record to the second service code.

Secure authentication and delayed transaction processing for booking management systems is provided. Third-party services partner with booking management systems to aggregate and list offerings of the third-party services in a digestible display on a one-stop platform. A booking management system can manage the authentication of payment card information on behalf of any number of such third-party services. The booking management system can maintain and process authentication information associated with traveler payment cards, and provide virtual payment information to the third-party services for delayed transactions. The third-party services may later initiate the delayed transactions using the virtual payment information, without being required to perform authentication processing on the traveler payment card information maintained by the booking management system.