A method includes receiving a request to verify a dynamic security code included in a transaction authorization request message. The transaction authorization request message was generated in connection with a payment account transaction. The method further includes performing a verification process with respect to the dynamic security code to generate a verification result. In addition, the transaction authorization request message may be modified by adding the verification result to the transaction authorization request message. Also, the modified transaction authorization request message may be transmitted to an issuer of a payment account designated for use in the payment account transaction.

An apparatus includes a transaction card bearing data and having an output interface capable of transmitting the data, a card reader having an input interface enabled to accept the data from the output interface of the transaction card, conversion circuitry converting the card data to an analog modulated signal, and an output pin from the card reader adapted to engage in a microphone port of a computerized appliance, the output pin providing the analog modulated signal to the port, and thence to the computerized appliance.

A method for tokenizing credentials is disclosed. In addition to a token, a verification value can be provided for each interaction. The verification value can be generated based at least in part on a dynamic data element. The dynamic data element may be kept secret, while the verification value can be distributed for use during an interaction. When the verification value is used, it can be validated by re-creating the verification value based at least on the stored dynamic data element.

A mobile checkout system and method for completing a purchase transaction to purchase items from an internet merchant. A user browses and selects items for purchase from the merchant through a shopping application or browser (mobile or PC). During the processing of the transaction, a checkout application installed on a mobile communication device is launched. The checkout application receives a checkout token created by a checkout server that identifies the purchase transaction. After user authentication, the system uses this token and communicates with the checkout server to cause the checkout server to complete the purchase transaction, in which payment data is securely transmitted and wherein a one-time-use cryptogram can be part of the payment information.

Systems, methods, and computer-readable media for providing accurate images of cards. An application executing on a mobile device may receive authentication credentials for an account, determine a card associated with the account, and determine a card manufacturer identifier (CMID) of the card. The application may receive, from a digital asset management system based on the CMID, a plurality of metadata attributes of the card and one or more images of the card. The application may determine, based on the metadata attributes and attributes of the mobile device, a first orientation of the card to enable near-field communication (NFC) data transfer between the card and the mobile device. The application may select a first image of the card. The application may generate a graphical user interface (GUI) including the first image and an indication specifying to tap the card to the mobile device according to the first orientation.

Systems, methods, and computer-readable media for facilitating frictionless credential provisioning on a user computing device are provided. Special frictionless tokens (e.g., ownership tokens) may be generated for each existing credential in a user's digital wallet. Such tokens may be stored in a user's AE locker (e.g., iCloud keychain) and synchronized across the user's devices using any suitable security features (e.g., using any suitable secure enclave processor (SEP)-based encryption). Such a token, as may be stored in a device's SEP, may be configured only to be read on that physical device. In this manner, the user may no longer need provide further proof of ownership of a credential or be hassled by passing any other challenge, but, instead, the additional security may be achieved using the ownership token, which may use the user's AE or device passcode in association with the user's physical device (and its SEP).

Financial transaction card data can be entered by providing a picture of the card to a server programmed with a text recognition algorithm. The server can perform text recognition on the image at the same time that a consumer enters additional required data, such as a zip code. The server can perform as much text recognition processing as possible in the time the consumer is entering the additional data. Once the additional data is received, a signal can be provided to the server indicating that the user is now waiting for results of the text recognition process, meaning the server should provide them as quickly as possible. Once text recognition results are received, a consumer can make a selection to identify a character which the text recognition algorithm did not sufficiently identify. Based on known account number constraints, the user selection can cause multiple characters to be identified.

Embodiments of systems and methods as disclosed herein may determine that an initiator of a communication on a distributed computer network is an automated script or the like. More particularly, in one embodiment, a web page including a hidden field may be generated in response to a request for the web page. This hidden field is a field included in the web page that is not visible to a human user when the web page is rendered by a browser and presented to the user. By comparing a received value for such a hidden field with an associated value for the hidden field as provided in the web page, the use of an automated script may be detected.

A method for encrypting a piece of payment means data is disclosed. This method is implemented by a payment means having a data processor. Such a method has at least one iteration of the following steps: obtaining a current piece of payment means data from a memory of the payment means; generating a following piece of payment means data as a function of the current piece of payment means data and as a function of an encryption key of the payment means; replacing the current piece of payment means data by the following piece of payment means data within the memory of the payment means.

A user enables a communication, such as through a tap, between an NFC-enabled payment or funding card and a mobile device. Card information, such as the card number, type, and expiration date, are read by the mobile device. The user is then authenticated through the user device, such as by entering a CVV code, a PIN for the card, a cardholder name, and/or a billing address for the card. If confirmed, the card is added to the user's mobile/cloud wallet.