This invention discloses a system and methods for defeating a so-called man-in-the-middle (MITM) attack. An electronic instruction to collect specified distinctive identifiers from a local/mobile computing device seeking access to a first network website, is generated by said first network website and that electronic instruction is assigned a unique onetime identification token. Said electronic instruction with said unique onetime identification token is transmitted by said first network website to said local/mobile computing device. Said unique onetime identification token is also maintained in a database of unique onetime identification tokens resident on said first network website. In addition, said unique onetime identification token is sent to a secondary network website, where it is also stored in a database of unique onetime identification tokens. Said unique onetime identification token may also contain a time expiration value which defines the validity period for said unique transaction identifier.

Described herein is a network apparatus with secure element and related systems, methods, and apparatuses. A described method includes receiving a request to perform a transaction. The method also includes obtaining confirmation that a network address associated with the request corresponds to a registered physical address. The method further includes obtaining account data and conducting a transaction using the account data.

Described herein are methods and systems directed to enabling resource providers to interact with access credentials that the resource provider is typically not capable of interaction with. In some embodiments, a virtual account identifier is issued in association with the access credential, the virtual account identifier being issued by an authorization provider which is different from the authorization provider having issued the access credential. The virtual account identifier may be provided to the resource provider in lieu of the access credential. The resource provider may then generate an authorization request message that includes the virtual account identifier, which may be routed to the authorization provider associated with the virtual account identifier. That authorization provider may then conduct the transaction using the access credential with the authorization provider having issued the access credential.

Novel modular smart management devices in the form of drop safes include the modular components of a chassis, door and technology cabinet. The drop safes enable retailers to make cash deposits quickly and safely within or near their own facilities. Various technology, including RFID readers, RFID tags, and other equipment allow the drop safes to identify each deposited bag. Employees utilize specialized apps on their mobile devices to facilitate deposit creation and other tasks. Novel methodologies for accessing the drop safes for emptying employ single-use, time-expiration type authorization codes along with other security measures to minimize risk and to provide other benefits. Novel structures along with methodologies for replacing, on-site, modular components with auto-detection of functionality during initialization and re-initialization enables for efficient replacement and upgrading of components, including the upgrading of safes to provide additional functionality.

Novel modular smart management devices in the form of drop safes include the modular components of a chassis, door and technology cabinet. The drop safes enable retailers to make cash deposits quickly and safely within or near their own facilities. Various technology, including RFID readers, RFID tags, and other equipment allow the drop safes to identify each deposited bag. Employees utilize specialized apps on their mobile devices to facilitate deposit creation and other tasks. Novel methodologies for accessing the drop safes for emptying employ single-use, time-expiration type authorization codes along with other security measures to minimize risk and to provide other benefits. Novel structures along with methodologies for replacing, on-site, modular components with auto-detection of functionality during initialization and re-initialization enables for efficient replacement and upgrading of components, including the upgrading of safes to provide additional functionality.

User Authentication A mobile user authentication application is operable to perform one or more of the following operations: ⋅authenticate a user in a voice call to a telephony service, by passing an authentication code to the telephony service within the voice call [FIGS. 2, 2c]; ⋅validate a user instruction during a secure messaging session [FIG. 3]; and ⋅authenticate a user at a physical local service by obtaining a challenge code at that local service, validating the challenge code with a remote authentication service, obtain a confirmation code from the authentication service and presenting the confirmation code for validation at the local service [FIGS. 4, 4a and 4b].

A computer-implemented method for applying enrichment services hosted on a second interchange network to a payment transaction initiated over a first interchange network is provided. A transfer process module hosted on the first interchange network receives a first service request from a requestor, formatted in accordance with a first set of proprietary communications standards associated with the first payment network, and transforms the first service request to a second service request formatted in accordance with a second set of proprietary communications standards associated with the second payment network. An enrichment services computer system hosted on the second interchange network receives the second service request and generates a first service response formatted in accordance with the first set of proprietary communications standards. The first service response is transformed at the transfer process module to create a second service response formatted in accordance with the second set of proprietary communications standards.

A computer-implemented method for performing a stand-in payment authorization is provided. The method is implemented using a stand-in payment authorization (SPA) computing device. The method includes storing account numbers of predesignated cardholders in an account file that are designated to receive stand-in authorization by the SPA computing device. The method also includes receiving an authorization request data signal redirected to the SPA computing device after the authorization request data signal was submitted to an unresponsive issuing bank computing device. The method further includes generating an authorization response data signal based at least upon a comparison of the account numbers stored in the account file to a candidate account number. The method further includes transmitting the authorization response data signal.

A system and method are described that enables mobile devices (e.g. including but not limited to a mobile phone or the like), to intercept and respond to contactless card authentication requests, allowing mobile devices to be used in place of contactless cards. Enabling mobile phone devices to emulate contactless cards decreases issues related to lost or damaged cards, enabling a single device to be used to provide tokens related to multiple different contactless cards, and leverages functionality of the mobile device to provide dual-factor authentication.

An electronic payment card processing system and method includes at least one computing device in communication with a multi-party payment processing system and network for processing payment card transactions. The computing device receives transaction data for a plurality of payment card transactions identifies foreign exchange transactions based on the received transaction data, and applies a chargeback loss mitigation rule to filter a chargeback request for a disputed transaction charge that relates to an identified foreign exchange transaction, thereby preventing an unnecessary chargeback for the foreign exchange transaction.