A transaction security apparatus, including a database which stores information regarding an account, information regarding a user associated with the account, and information regarding a travel itinerary or schedule of the user; a receiver which receives information regarding a transaction involving the account and which includes information regarding the transaction, information regarding the account, and information regarding a position or location of the communication device; and a processor which information regarding the transaction. The processor determines a position, location, or geographic location, of the communication device and processes information for authenticating the user by processing information for comparing the position, location, or geographic location, of the communication device with or against an expected position, location, or geographic location, of the user, based on the itinerary or schedule of the user. If the processor determines that the user is authenticated, the processor processes information for allowing the transaction.

A method for processing cipher change failure comprises: storing a record's error information when a cipher change of ciphertext data in the record fails, the error information comprising an identifier of the record and a failure cause; determining a retry strategy based on the stored failure cause; and employing the retry strategy to reperform the cipher change of the ciphertext data in the record having the identifier.

Provided is a computer-implemented method for remotely authorizing a transaction. The method includes receiving a transaction request including at least one user identifier, determining an authorizing user of a plurality of authorizing users based at least partially on the at least one user identifier, determining whether the authorizing user is online, communicating, to a user device associated with the at least one authorizing user, an authorization request message, wherein, if the authorizing user is online, the authorization request message includes a mobile device message configured to prompt the authorizing user to provide an approval of the transaction request, and wherein, if the authorizing user is offline, the authorization request message includes an automated telephone call configured to audibly prompt the authorizing user to provide an approval of the transaction request, and completing the transaction in response to receiving an approval of the transaction request from the authorizing user.

A processor may detect a transaction made using a point of sale system. The processor may determine that the transaction indicates a smart device is not in use. The processor may send a command causing the smart device to operate in an away mode.

Provided is a system, method, and computer program product for predicting a specified geographic area of a user. The method includes receiving transaction data associated with a plurality of transactions during a predetermined time interval. The method also includes generating a geographic area prediction model based on the transaction data by determining a verified geographic area for each user, and determining transaction data associated with a plurality of transactions involving each user for a plurality of feature vector parameters, training the geographic area prediction model based on the plurality of feature vector parameters for the verified geographic area for each user, and validating the geographic area prediction model based on the plurality of feature vector parameters for the verified geographic area for each user.

In an aspect, a computing system is configured to: send, to a transfer rail server, a request for stored card data associated with a value transfer card; receive stored card data identifying an entity having a stored representation of the value transfer card; provide user interface data to a client device, the user interface data causing the client device to display a user interface that includes an entity listing that is based on the stored card data, the user interface including a selectable option to add an entity-based control to the identified entity; receive, from the client device, an instruction to apply an entity-based control to an identified one of the entities in the stored card data; and in response to receiving the instruction to apply the entity-based control, implement the entity-based control to affect use of the value transfer card by the identified entity and not affect use of the value transfer card by other entities.

A virtual card opening method and system, a payment system, and a card issuing system are disclosed. The method comprises: receiving, through an online traffic entrance associated with a payment system, a virtual card opening request from a user, the virtual card opening request comprising user information and type identifier information of a virtual card; searching, by the payment system, for a rule for acting as an agent to open a card and a card opening condition corresponding to the type identifier information from the payment system, the rule for acting as an agent to open a card and the card opening condition being obtained in advance by the payment system from a card issuing system; and generating, by the payment system, a target virtual card according to the user information and the rule for acting as an agent.

Transaction cards, systems and methods for performing fraud detection at POS devices based on analysis of feature sets are disclosed. In one embodiment, an exemplary transaction card may comprise one or more sensors configured to collect pre-card-use sensor data regarding a user of the card, circuitry that assembles such data into feature sets and performs fraud detection, and data storage. According to some aspects, the fraud detection may comprise: comparing user specific sensor data, collected for a current transaction, to a user-specific risk profile validation model, generated from prior transactions, to determine a risk score for the current transaction; and transmitting the risk score to a card transacting device when a card is presented during purchase. Further, the risk score may enable the card transacting device to evaluate a risk associated with accepting the transaction card to complete the attempted transaction.

A system and computer-implemented method for authenticating digital transactions. The method includes receiving a device registration request and a device attestation response including at least a device integrity status from a device. In response to the device registration request, the method includes providing a device registration response to the device, based on validation of the device integrity status. Further, the method includes receiving a first payment transaction request and an enrolment request from the device via an application to authenticate a second payment transaction request using a first type of authentication technique. Finally, the method includes enrolling the device to the first type of authentication technique and providing a second token to the device based on a result of the first payment transaction request, wherein the second token is used for authenticating the second payment transaction request.

A system and method for validating user address information is disclosed herein. A computing system periodically polls a client device associated with a user to identify a current location of the user. The computing system records the current location of the user after polling and a time associated with the polling. The computing system receives one or more transactions from one or more third party vendors. The computing system identifies, based on the one or more transactions, a location and a time associated with each transaction in the one or more transactions. The computing system defines a geographic area. The computing system determines that a current primary address on file for the user is outside of the geographic area. The computing system prompts, based on the determining, the user to update the current primary address.