A method of establishing a secure channel between a human user and a computer application is described. A secret unique identifier (PIN) is shared between a user and an application. When the user makes a request that involves utilizing the PIN for authentication purposes, the application renders a randomly selected identifier. The randomly selected identifier is in a format that is recognizable to a human but is not readily recognizable by an automated agent. The randomly selected identifier is then presented to the human user. The user identifies the relationship between the randomly selected identifier and the PIN. If the user's input reflects the fact that the user knows the PIN, then the user is authenticated.

A method for authenticating a cardholder for a candidate purchase using an authentication computing device in communication with a memory is provided. The method includes receiving an authentication profile associated with the cardholder during an enrollment process for an authentication service, storing the authentication profile within the memory, and receiving an authentication request for the candidate purchase over a first communication link. The candidate purchase is initiated at a client device. The method further includes retrieving the stored authentication profile from the memory, generating a challenge message based on the stored authentication profile, transmitting the challenge message to a user device over a second communication link, receiving a challenge response including authentication information collected from the user device, comparing the collected authentication information to the stored authentication profile, and authenticating the cardholder for the candidate purchase based on the comparison.

A first device may be operable to receive a request to accept a payment via an ISO 18000-7 interface. The first device may transmit, via the ISO 18000-7 interface, a wake-up message to a second device comprising an ISO 18000-7 interface. The first device may transmit, via the ISO 18000-7 interface, an authorization request to the second device. The first device may receive an authorization message from the second device. The first device may decide whether to accept the payment based on the received authorization message. The first device may register with a retail outlet's network upon coming into range of a registration terminal of the network. While registered with the network, the first device may communicate with the network utilizing the ISO 18000-7 interface. The first device may deregister with the network upon coming into range of a deregistration terminal of the network.

A method including receiving a first application user credential associated with a user profile; comparing, for a first match, the first application user credential with a stored second application user credential, wherein the stored second application user credential is associated with a user identity; and responsive to finding a first match, verifying the user identity by performing the following: communicating with a card using near field communication; receiving a public key of a key pair of the card and cardholder identification information of an account holder of the card; instructing the card to generate a digital signature; receiving the digital signature from the card; verifying the digital signature using the public key; and comparing, for a second match, at least a portion of the user identity with at least a portion of the cardholder identification information.

Embodiments provide methods, and server systems for enhancing checkout experience of an e-commerce transaction. A method includes receiving, by a server system associated with a payment network, a pre-authentication request signal for a prospective e-commerce transaction for a payment card of user. The pre-authentication request signal includes a time data for an expected transaction time, a transaction amount data, a payment card data and at least one transaction identifier data. The method includes electronically facilitating a pre-authentication of the prospective e-commerce transaction based at least on performing a multi-factor pre-authentication. Upon successful pre-authentication, the method includes storing a pre-authenticated transaction data. The method includes sending a notification signal of successful pre-authentication to a user device. The method includes processing the prospective e-commerce transaction at the expected transaction time based on a user input received using a user interface of an e-commerce application and upon successfully verifying the pre-authenticated transaction data.

An adaptive authentication (AA) computer device used for improved payment transaction authentication services is provided. The AA computer device includes at least one processor in communication with at least one memory device and is configured to retrieve historical transaction data and authentication types for each historical transaction. The AA computer device is also configured to generate a model associating each of the authentication types with a corresponding set of values for transaction parameters. The AA computer device is further configured to receive pending transaction data including a cardholder identifier of a first cardholder, a merchant identifier, and a transaction amount. The AA computer device is further configured to determine an authentication type by applying the model to the transaction parameters derived from the pending transaction and transmit to the first cardholder an authentication request of the authentication type.

A shim detection device is selectively interfaced to a portion of a chip card reader that is integrated into a terminal. The shim detection device is configured to detect when a shimmer is inserted into the chip card reader during a card transaction at the terminal and take an automated action in response thereto.

An electronic payment card processing system and method includes at least one computing device in communication with a multi-party payment processing system and network for processing payment card transactions. The computing device receives transaction data for a plurality of payment card transactions identifies foreign exchange transactions based on the received transaction data, and applies a chargeback loss mitigation rule to filter a chargeback request for a disputed transaction charge that relates to an identified foreign exchange transaction, thereby preventing an unnecessary chargeback for the foreign exchange transaction.

The present disclosure is directed to enhancing electronic information security. An electronic device is registered in a registration process. The registration process of the electronic device includes at least one of: obtaining a device identifier that is unique to the electronic device and storing the device identifier as a registered device identifier; or obtaining a location of the electronic device via Global Positioning System (GPS) and storing the location as a registered location of the electronic device. A dummy credit card number is generated. After the registration process and after the dummy credit card number is generated, a request to conduct a transaction electronically is received. The request contains the dummy credit card number. A determination is made as to whether the request was sent from the registered electronic device. The request is processed if the request has been determined to come from the registered electronic device.

A transaction authorization server receives an optical machine-readable code (OMRC) request message from a merchant terminal, which includes a transaction reference number, a transaction time, a transaction amount, and a merchant identifier associated with the merchant terminal. OMRC information is generated based on a combination of the transaction reference number and the transaction time. An OMRC response message is generated containing the OMRC information and sent toward the merchant terminal. The OMRC information is stored in a data structure with an association to the merchant identifier. An OMRC verification message is received from a user terminal, and is selectively validated based on the OMRC information that was stored. When validated, the server sends to the user terminal an OMRC validation message containing an indication that the decoded OMRC information is valid, the transaction amount, and the merchant identifier.