Disclosed is a card that generates a dynamic security code for a card transaction, e.g. a card not present transaction. The card receives a request to generate a dynamic security code from an electronic device external to the card via an external card interface. The card receives a message including a time via the external card interface. The card computes the dynamic security code based on the time and a key stored at the card. The card sends the dynamic security code to the electronic device via the external card interface for display on a display of the electronic device. The card may determine an authenticity of the message including the time.

A method for tokenizing credentials is disclosed. In addition to a token, a verification value can be provided for each interaction. The verification value can be generated based at least in part on a dynamic data element. The dynamic data element may be kept secret, while the verification value can be distributed for use during an interaction. When the verification value is used, it can be validated by re-creating the verification value based at least on the stored dynamic data element.

The present disclosure inter alia presents a method of regaining an original Card Security Code, CSC, from a temporary CSC used in a card based transaction. In one embodiment, the method comprises obtaining (610) a temporary CSC, wherein the temporary CSC has been generated by previously applying a minimal perfect hash function to the CSC as well as a first data seed; obtaining (620) a second data seed, the second data seed being a same data seed as the first data seed; and applying (630) a same minimal perfect hash function to the obtained second data seed together with each one of several CSCs from a stored list of available CSCs until a match is found between the obtained temporary CSC and one CSC from the stored list of available CSCs.

A method for facilitating a transaction may include generating, via a token server computer, a token for use by a first entity computer, wherein the token is generated in response to a request received from the first entity computer. The method may also include transmitting, via the token server computer, the token to the first entity computer, wherein the first entity computer transmits the token to a second entity computer. The method may also include receiving, at the token server computer and from the first entity computer, data indicative of the second entity computer successfully receiving the token. The data may include a hashed value derived from at least the token, data indicative of an identity of the second entity computer, and writing, by the token server computer, the data indicative of the second entity computer successfully receiving the token to a registry.

Embodiments of the present invention relate to systems and methods that allow users to use their communication devices to perform transactions (e.g., payment transactions, access transactions, etc.). To complete a transaction, a resource provider electronically generates a code representing transaction data and displays it on an access device. The user scans the code with his or her communication device using a camera associated with the communication device, for example. The code is interpreted by an application on the communication device. The user may request and receive a token at the communication device corresponding to sensitive information selected to perform the transaction (e.g., a primary account number). The user may then provide the token and the transaction data via the communication device to a server computer, which may facilitate completion of the transaction between the user and the resource provider using the transaction data and the token.

Like many credit card payments, virtual card payments are subject to fraudulent transactions. To lower this possibility, data collected from a settlement transaction is stored including a merchant category code, a tax identification number, a merchant identification and an IP address of the processing terminal. Subsequent payments from the same payor to the same payee are verified against the previous settlement transaction data to minimize the possibility of fraud.

A method for optimizing transaction authorization conversion rates using measured feedback includes retrieving payment transaction parameters and authorization results for a plurality of past payment transactions from a database, generating a transaction success model comprising authorization success factors for each of a plurality of payment transaction parameters using data science methods for statistical inference based on the retrieved payment transaction parameters and authorization results, receiving, at an acquirer processor, a payment transaction from a merchant, modifying one or more parameters of the payment transaction according to the generated transaction success model, and submitting the modified payment transaction to a financial institution for processing.

Application-based point of sale systems in mobile operating systems. A first application may generate a first URL directed to a second application, a parameter of the first URL comprising an identifier of the first application. A mobile operating system (OS) may access the first URL to open the second application. The second application may receive, from a server, a virtual account number (VAN). The second application may initiate a server on a port and generate a second URL directed to the first application, a parameter of the second URL comprising the port. The OS may access the second URL to open the first application. The first application may establish a connection with the server using the specified port and receive the VAN from the second application via the connection. The first application may autofill the VAN to a form field of a payment form in the first application.

Systems and methods for managing a user-selected card verification code (CVC2) value for a payment card are disclosed. A sever is coupled to a payment card database and a hardware security module. The server is programmed to receive a request from a user to change the CVC2 value of the payment card to the user-selected CVC2 value. Based upon the request, the server retrieves from a payment card table stored on the database a payment card record associated with the payment card. The server transmits the user-selected CVC2 value, and, from the payment card record, a primary account number, a payment card expiry date, and a first service code to a hardware security module. The server subsequently receives from the hardware security module a second service code associated with the user-selected CVC2 value. The server updates the first service code in the payment card record to the second service code.

A user apparatus connectable to a block chain system is provided. The user apparatus includes a memory, a communication interface, and at least one processor configured to divide a block chain consisting of a plurality of blocks into an active area and an inactive area based on a predefined standard, store blocks included in the active area in a first portion of the memory, based on a transaction occurring in the block chain system, record information of the transaction in the blocks stored in the first portion of the memory, and control the communication interface to transmit transaction information satisfying a predefined condition among the transaction information stored in the first portion to a manager apparatus included in the block chain system.