A computer-implemented method for predicting interchange charges includes: retrieving a historical transactions set, where each completed transaction in the set includes transaction features, a bank identification number (BIN), and a corresponding true interchange code; transforming all BINs in the set into a corresponding plurality of BIN features that comprise probabilities; creating a first training set including all transaction features, all pluralities of BIN features, and all true interchange codes associated with the historical transactions set; training a random forest model using the first training set and generating a second training set including rounded BIN features, rounded transaction features, discrete ones of the transaction features, and the true interchange codes; training the random forest model using the second training set to generate a trained random forest model for prediction of the interchange codes; and executing the trained random forest model for new transactions to generate corresponding predicted interchange codes.

Methods and devices for sending security information are disclosed. The methods may be performed by an electronic device and may include several steps or operations, such as: detecting an event encountered by the electronic device; storing security information that is representative of the event in a secure memory of the device; after the storing, starting a transaction with an external terminal; and sending the security information to the external terminal in a transaction message during the transaction.

This specification discloses techniques for risk identification. One example method includes receiving, by a client device, a risk identification request identifying a requested service operation and service data associated with the requested service operation; retrieving, by the client device, service data corresponding to the risk identification request; determining, by the client device, service indicator data associated with the service data; analyzing, by the client device, one or more of the service data and the service indicator based on a risk identification rule or a risk identification model to produce a risk result; and determining, by the client device, whether the requested service operation is a high risk operation based at least in part on the risk result.

A method and system of selectively initiation biometric security based on thresholds is described. The method includes determining a transaction amount of a current transaction involving an electronic portable transaction device, retrieving a threshold amount from a data storage device, comparing the transaction amount and threshold amount, and, if the transaction amount matches or exceeds the threshold amount, initiating a biometric authentication process.

A folding mechanism is used to authenticate purchases when making transactions using a contactless smart card. By folding the contactless card in a precise manner, the electrical resistance of the antenna circuit of the contactless card is changed by bypassing the card's built-in resistors. A user may set a folding orientation as the password of the contactless card. This folding orientation determines the electrical resistance of the card necessary to authenticate a purchase.

A system and method for facilitating communication between a smart card and a terminal, the method comprising receiving a first ATR message at a first time that is within a first predetermined clock cycles after a reset; waiting for a second ATR message indicative of a successful biometric authentication from the smart card; receiving the second ATR message at a second time that is within a second predetermined clock cycles after the first time; and exchanging transaction-related messages with the smart card.

Today, merchant Point of Sale (POS) systems can be certified by the merchant acquirers for Level 3 with a certified EMV Level 1 contact and contactless reader. The EMV Level 2 payment kernel is configured to meet the merchant's requirements based on the rules the merchant sets in the payment kernel. These rules and parameters are static. The present specification discloses a personal POS (pPOS) device and method, where different merchants can use the same customer pPOS hardware by changing the configuration of the payment kernel to their rules prior to processing the payment. Therefore, the present specification discloses devices and methods that can process payment transactions using a payment kernel that is dynamically configurable.

A credit card provider server device collects data indicative of at least one of i) environment of a user, ii) activities of the user, and iii) other characteristics of the user. When the credit card provider server device receives, from a payment issuer server device, a context request requesting a user context at a time a payment request is made, the credit card provider server device generates a user context for the user. The user context includes one or more indications related to the one or both of the environment of the user and the activities of the user at the time of the payment request. The credit card provider server device transmits the user context to the payment issuer server device for use in authenticating the payment request.

A cashless transaction processing method is disclosed. The method comprises: receiving, in an issuer server, a transaction token request from a customer device, the transaction token request comprising an indication of a payment card account associated with a customer; providing a token to the customer device in response to the transaction token request; storing an indication of the token on the issuer server; receiving, from an acquirer server, a transaction authorization request, the transaction authorization request comprising a token; authenticating the token received in the transaction authorization request against the stored token; and initiating a transaction for the transaction amount from the payment card account associated with the customer.

A system and computer-implemented method for authenticating digital transactions. The method includes receiving a device registration request and a device attestation response including at least a device integrity status from a device. In response to the device registration request, the method includes providing a device registration response to the device, based on validation of the device integrity status. Further, the method includes receiving a first payment transaction request and an enrolment request from the device via an application to authenticate a second payment transaction request using a first type of authentication technique. Finally, the method includes enrolling the device to the first type of authentication technique and providing a second token to the device based on a result of the first payment transaction request, wherein the second token is used for authenticating the second payment transaction request.