Described herein is are systems and methods for conducting secure transactions. In one embodiment, a method (300) is provided of conducting a secure transaction between a merchant and a customer. Method (300) includes initiating a transaction between the customer and the merchant by capturing a primary account number of the customer and a transaction amount at a merchant terminal (104). A transaction identifier is generated that is unique to the transaction based on the primary account number and transaction amount. The transaction identifier is then encoded in a visual representation and presented on a display so that it can be captured by a camera on a customer device. In response, a customer app is launched on a customer device (106). The customer app is configured to: control the customer device (106) to present the customer with a user interface to enter a PIN number associated with the primary account number of the customer; and generate a PIN block for the PIN number and transmit the PIN block to a transaction server (102) for verification. A verification or rejection of the transaction is then generated from a financial institution associated with the customer account. Finally, the verification or rejection of the transaction is transmitted to the merchant terminal (104) to complete the transaction.

Methods for operating a portable electronic device to conduct a mobile payment transaction at a merchant terminal are provided. The electronic device may verify that the current user of the device is indeed the authorized owner by requiring the current user to enter a passcode. If the user is able to provide the correct passcode, the device is only partly ready to conduct a mobile payment. In order for the user to fully activate the payment function, the user may have to supply a predetermined payment activation input such as a double button press that notifies the device that the user intends to perform a financial transaction in the immediate future. The device may subsequently activate a payment applet for a predetermined period of time during which the user may hold the device within a field of the merchant terminal to complete a near field communications based mobile payment transaction.

Methods, systems, and apparatus, including computer programs encoded on computer storage media, for data transmission are provided. One of the methods includes: generating, by a computing device, a first asymmetrical key pair comprising a first public key and a first private key, sending, by the computing device, a data request comprising the first public key to a server, and receiving, by the computing device from the server, a ciphertext comprising encrypted data and a second public key. The second public key is associated with a second asymmetrical key pair that further comprises a second private key. The method also includes generating, by the computing device, a shared key based on the first private key and the second public key using a key-agreement algorithm and decrypting, by the computing device, the ciphertext using the shared key.

Systems for issuing authentication challenges based on fraud initiation requests are provided. The system may calculate a fraud risk level based on a fraud initiating request comprising identity-based data. In response to the fraud risk level indicating a risk of fraud, the system may generate an authentication challenge based on an authentication challenge type and an authentication challenge delivery channel. The system may transmit the authentication challenge and receive back an authentication challenge response. The system may verify the authentication challenge response and generate an authentication outcome based on the verification.

A method for measuring a distance between a first device and a second device, the method may include playing, by a first sound output unit, a first correlation tone; receiving, by a first sound sensing unit, the first correlation tone; detecting a start point of a reception of the first correlation tone; receiving, by the first sound sensing unit, a second correlation tone; wherein the second correlation tone is played by a second sound output unit in response to a reception, by a second sound sensing unit, of the first correlation tone; detecting a start point of a reception of the second correlation tone; receiving, by the first sound sensing unit, information about a processing time of the second device; calculating, by a first processing unit, a timing difference between (i) the start point of the reception of the second correlation tone, and (ii) the start point of the reception of the first correlation tone; and determining the distance between the first device and the second device based on a difference between the timing difference and the processing time of the second device; wherein the first processing unit, the first sound sensing unit and the first sound output unit belong to the first device; and wherein the second sound sending unit and the second sound output unit belong to the second device.

The present disclosure is directed to enhancing electronic information security. An electronic device is registered in a registration process. The registration process of the electronic device includes at least one of: obtaining a device identifier that is unique to the electronic device and storing the device identifier as a registered device identifier; or obtaining a location of the electronic device via Global Positioning System (GPS) and storing the location as a registered location of the electronic device. A dummy credit card number is generated. After the registration process and after the dummy credit card number is generated, a request to conduct a transaction electronically is received. The request contains the dummy credit card number. A determination is made as to whether the request was sent from the registered electronic device. The request is processed if the request has been determined to come from the registered electronic device.

Systems and methods for secure mobile transactions are disclosed. A method for conducting a transaction may include an issuer receiving, over a first network and from a customer mobile device, authentication information and mobile device location information; the issuer authenticating the customer, generating a transaction session identifier, and communicating the transaction session identifier to the mobile device over the first network; the issuer communicating, over a second network, the transaction session identifier and payment device information to an acquirer; the acquirer receiving, from the merchant, the transaction session identifier from the computer application, location information a merchant point of transaction, and transaction information; the acquirer generating a transaction authorization request including payment device information and the transaction information and communicating the request to the issuer portion over the second network; and the issuer authorizing the transaction authorization request. The issuer and acquirer may be under common control.

The present systems and methods provide for secured communication between a mobile device and a server/gateway. The systems and methods can be used, for example, as a way to confirm whether or not a transaction was actually authorized by the user, thereby settling a chargeback dispute for a previously executed transaction. The method comprises receiving the dispute regarding the transaction including associated transaction data, and retrieving a digital signature associated with the transaction data, the digital signature computed by signing the transaction data. The digital signature is then verified using a public key, wherein the public key corresponds to a private key stored on a mobile device. It is then determined whether or not the transaction is fraudulent based on a verification result of the digital signature.

Systems and methods for conducting convenient and secure mobile transactions between a payment terminal and a mobile device, e.g., in a fueling environment, are disclosed herein. In some embodiments, the payment terminal and the mobile device conduct a mutual authentication process that, if successful, produces a session key which can be used to encrypt sensitive data to be exchanged between the payment terminal and the mobile device. Payment and loyalty information can be securely communicated from the mobile device to the payment terminal using the session key. This can be done automatically, without waiting for the user to initiate a transaction, to shorten the overall transaction time. The transaction can also be completed without any user interaction with the mobile device, increasing the user's convenience since the mobile device can be left in the user's pocket, purse, vehicle, etc.

In some embodiments, systems, apparatuses and methods are provided to enhance customer service through the distribution of mobile sales vehicles comprising: an engine and a drivetrain; a point of sales system; product storage storing pre-selected products selected in response to an evaluation of location demographic information, and in response to an evaluation of population demographic information, wherein the pre-selected products comprise a sub-set of potential products available from a retail entity operating the sales vehicle; and a product distribution system coupled with the point of sales system and comprising a control circuit configured to authorize access by a customer to one or more products stored in the product storage and purchased by the customer.