Logo candidates for a specific ISO data can be identified from external resources based on the enriched merchant data. Low quality images of the logo candidates are filtered out with image analysis including entropy ratio evaluations of the logo candidates. Also, the logo candidates are processed with high quality filtering including classification of the logo candidates with a deep learning classifier for distinguishing logos from non-logos. A logo from the logo candidates is selected to associate with the ISO data packets. A display having the selected logo associated with a transaction of the ISO data packets can be generated for display to users.

Systems, methods, apparatuses, and computer-readable media for secure management of accounts on display devices using a contactless card. An application executing on a display device may receive a request specifying a service provider. The display device may receive a cryptogram generated a contactless card, and transmit the cryptogram to an authentication server. The authentication server may decrypt the cryptogram and generate a virtual account number associated with the contactless card. The authentication server may transmit the virtual account number to the service provider, which may create an account based at least in part on the virtual account number and the decryption of the cryptogram by the authentication server. The display may receive an authentication token generated by the service provider for the account, and access the account created by the service provider based at least in part on the authentication token.

There are provided systems and methods for code generation and tracking for automatic data synchronization in a data management system. A user associated with an entity, such as an employee of an organization, may purchase an item utilizing a payment instrument or card provided by the organization. In order to provide proper expense allocation, the organization may require receipt matching and storage per use of the payment instrument. An expense management system may provide digital code generation and output on a corresponding physical or digital receipt so that when the receipt is provided to the expense management system, the codes may be matched to backend data stored by the system. The receipts may be processed by extracting text data from an image of a receipt to determine the codes. The codes may then be used to search a database of codes to match to digital transaction data.

A method for performing a card-to-card direct contactless transaction between a first active stored-value smart card (SVSC) and a second active SVSC, each comprising an active near-field communication (NFC) reader. The method may include activating the first active SVSC by receiving input of a personal identification number (PIN) on a keypad located on the first active SVSC, verifying the PIN and further receiving input of a transaction amount on the keypad. The method may further include initiating a wireless NFC communication to perform the transaction by positioning the first active SVSC within a pre-determined distance to the second active SVSC and confirming accuracy of each of the first and second active SVSC using the active NFC reader to retrieve card ID data and confirm accuracy. Following confirming, the method may include directly completing the transaction between the first active SVSC and the second active SVSC.

A payment HSM hosted in a data center and comprising a host interface accessible by a remote end-user entity running a payment application using critical resources protected in the payment HSM, a second interface for main, operational management of the payment HSM by the end-user entity, and an Out-Of-Band, OOB, management interface being distinct and physically isolated from the communication channel of the second interface, and configured to allow secure access to the payment HSM by a third-party entity, distinct from the end-user entity. A resident, remotely configurable provisioning state-machine is implemented in the HSM for the management of the provisioning of the payment HSM for service to one or more end-user entities, under the control of the third-party entity over the OOB management interface.

Systems and methods for using a cryptogram lockbox are disclosed. In one embodiment, in a merchant-specific cryptogram lockbox comprising at least one computer processor, a method for generating a cryptogram locally using a cryptogram lockbox may include: (1) receiving, from merchant backend, a request for a cryptogram comprising an account identifier received from a customer in a transaction; (2) generating a cryptogram for the account identifier using a limited use key for the account identifier; and (3) returning the cryptogram to the merchant backend. The merchant may conduct the transaction using the cryptogram.

A point-of-sale device (POS) is described to include a secure transaction tunnel generator (STG). The STG may generate secure tunnels between peripherals attached to the POS and remote network resources. The secure tunnel may be generated using a trusted execution environment (TEE) of the POS. The STG may be alerted to the need to generate the secure tunnel based on an alert from the peripheral. The STG may execute under a protected environment and may generate two ends of a secure transaction tunnel using the TEE. The STG may also check the peripheral against whitelists and/or blacklists to determine whether the peripheral is allowed or not disallowed to participate in secure transactions. By generating the secure tunnel, the STG may facilitate performance of transactions in such a way that sensitive information is not available to unsecured processes in the POS. Other embodiments may be described and/or claimed.

A tamper-proof diamond package comprises a package body; at least one chip embedded in the package body and at least one antenna configured to enable communication with the chip; anti-counterfeiting visual impressions on the package body; a diamond pouch formed at a predetermined section within the package body; and one or more diamonds located inside the diamond pouch and an outer covering encasing the package body and configured to reveal any tampering with the one or more diamonds located in the diamond pouch. The diamond package can be credit card shaped and also contain serial number and website information and provide nominal dollar values. An associated diamond exchange system utilizes the diamond packages and provides a registration server which stores unique identifying information that enables interrogating the individual diamond packages and checking their authenticity with the registration server.

Described herein is a network apparatus with secure element and related systems, methods, and apparatuses. A described method includes receiving a request to perform a transaction. The method also includes obtaining confirmation that a network address associated with the request corresponds to a registered physical address. The method further includes obtaining account data and conducting a transaction using the account data.

A first communication channel is established between a contactless blank IC (integrated circuit) payment card and a mobile device. The mobile device is in proximity to the contactless blank IC payment card. A second communication channel is established, via the mobile device, between a remote personalization server computer and the contactless blank IC payment card. Payment card personalization data is received and stored in the contactless blank IC payment card. The data had been downloaded from the remote personalization server computer to the contactless blank IC payment card via the second communication channel.