Novel modular smart management devices in the form of drop safes include the modular components of a chassis, door and technology cabinet. The drop safes enable retailers to make cash deposits quickly and safely within or near their own facilities. Various technology, including RFID readers, RFID tags, and other equipment allow the drop safes to identify each deposited bag. Employees utilize specialized apps on their mobile devices to facilitate deposit creation and other tasks. Novel methodologies for accessing the drop safes for emptying employ single-use, time-expiration type authorization codes along with other security measures to minimize risk and to provide other benefits. Novel structures along with methodologies for replacing, on-site, modular components with auto-detection of functionality during initialization and re-initialization enables for efficient replacement and upgrading of components, including the upgrading of safes to provide additional functionality.

A medical kiosk has a frame that encloses a medical diagnosis chair and a video screen within is configured for interactive video and audio communication between a medical provider and a user. A financial transaction interface is configured to provide secure payment processing that allows the user to pay and enter the medical kiosk. A UV light disinfection system is disposed within said frame to provide a sterile decontaminated user space. The medical kiosk includes a network communication module and a system control unit in electrical communication with the medical diagnosis chair, the video screen, the financial transaction interface, the UV light disinfection systems and the network communication module wherein the user is provided with non-invasive medical conferencing with the medical provider to remotely diagnose and treat the user.

This disclosure describes systems and methods related to facilitating card present transaction. In one embodiment, a service provider system may receive a request from a merchant to initiate a card present transaction associated with a consumer. The service provider system may determine an identifier associated with a mobile device associated with the consumer. The service provider system may communicate to the mobile device, based at least in part on the identifier, a message that facilitates invocation of a transaction module associated with the mobile device. The service provider system may facilitate the car present transaction based at least in part on an interaction with the transaction module.

A method for performing a card-to-card direct contactless transaction between a first active stored-value smart card (“SVSC”) and a second active SVSC, each comprising an active near-field communication (“NFC”) reader. The method may include activating the first active SVSC by receiving input of a personal identification number (“PIN”) on a keypad located on the first active SVSC, verifying the PIN and further receiving input of a transaction amount on the keypad. The method may further include initiating a wireless NFC communication to perform the transaction by positioning the first active SVSC within a pre-determined distance to the second active SVSC and confirming accuracy of each of the first and second active SVSC using the active NFC reader to retrieve card ID data and confirm accuracy. Following confirming, the method may include directly completing the transaction between the first active SVSC and the second active SVSC.

There is disclosed a payment HSM hosted in a data center and comprising a host interface accessible by a remote end-user entity running a payment application using critical resources protected in the payment HSM, a second interface for main, operational management of the payment HSM by the end-user entity, and an Out-Of-Band, OOB, management interface being distinct and physically isolated from the communication channel of the second interface, and configured to allow secure access to the payment HSM by a third-party entity, distinct from the end-user entity. A resident, remotely configurable provisioning state-machine is implemented in the HSM for the management of the provisioning of the payment HSM for service to one or more end-user entities, under the control of the third-party entity over the OOB management interface.

A method for certificate transaction validation of a blockchain-based resource public key infrastructure aims to avoid security threats caused by conflicts or illegal transactions during transactions and improve security. A technical solution is as follows: constructing a resource public key infrastructure RPKIB system composed of a resource issuer, a resource transaction application client, a resource receiver, a blockchain network and a validation node; designing operations of a resource certificate and route origin authorization ROA as transactions, submitting operations of various resource transactions initiated by a resource issuer as transactions to the blockchain network, running, by the validation node, a smart contract to verify the transactions, and distinguishing whether the operations are malicious behaviors or normal operations of an authority.

A point-of-sale (POS) application is installed on a computing device of a merchant to process purchase transactions in conjunction with a network-accessible payment processing system. Software is also installed on the computing device to evaluate trustworthiness of the device and to prevent the device from performing sensitive operations such as purchase transactions when the device is deemed to be untrustworthy. The software obtains a security policy from the payment processing system and locally stores the security policy. The security policy specifies trust criteria and enforcement instructions, which can be updated from time to time when the payment processing system is accessible. The software evaluates device trustworthiness by gathering information regarding device conditions and comparing the information to the trust criteria. If the trust criteria are not satisfied, sensitive operations are disabled.

A payment method and system based on a cloud application instance, and a related device are provided. The method includes the following steps: The cloud application instance sends an order and a device identity to a payment management node. The payment management node records a correspondence between the order and the device identity. The cloud application instance sends an order payment request to a terminal device. The terminal device sends, to the payment management node based on the order payment request, an order obtaining request carrying the device identity. The payment management node obtains the order from the correspondence based on the device identity carried in the order obtaining request, and sends the order to the terminal device. The terminal device receives and processes the order.

Systems and methods are disclosed for automated fraud detection and analytics using aggregated payment vehicles and devices, at the individual and/or household level. One method includes receiving an authorization request for a payment transaction originating at a merchant, using a first payment vehicle; receiving device information of a first device used in the payment transaction; retrieving transaction data and identifying information associated with the authorization request before the authorization request is routed to a financial institution; searching and determining payment vehicles and devices associated with the individual using the retrieved identifying information; aggregating transaction data associated with the payment vehicles and devices from the transaction database; retrieving reported fraudulent activities pertaining to the payment vehicles and devices; and generating a profile data for the individual according to the identifying information associated with the authorization request, personally identifiable information (PII), the aggregated transaction data, and reported fraudulent activities.

Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key.