35 results about "Payment card industry" patented technology

A dynamic signature / sign biometric verification system for detecting and preventing fraudulent transactions is described. The system comprises remote digital signature / sign input devices, a means to extract spatial and temporal features from the signature, a means to transmit the signature / sign features along with customer identifier information to a centralized signature / sign verification authority, a means for combining signature / sign feature verification with other forms of fraud detection technology, and a means for transmitting the results of a signature / sign verification back to the remote location where the signature / sign was captured. The system was primarily developed for use in payment card industries (e.g. credit cards, debit cards) but has applicability to other centralized signature / sign verification applications such as Automated Teller Machine authorizations and other identity theft detection and monitoring services.

Equipment and methods for facilitating service provisioning in a system that includes a payment processor, a number of service providers and a mediator that mediates information exchange between the payment processor and service providers, and a mobile terminal operated by payment card holder. In some disclosed embodiments, service provisioning can be facilitated in cases wherein the payment processor must reside in a strictly regulated Payment Card Industry (PCI) compliant environment and the service providers operate servers that are not PCI-compliant.

Generally, embodiments of the invention are directed to methods, computer readable medium, servers and systems for enabling merchants to use hosted order pages (HOPs) and / or silent order posts (SOPS) and thereby avoid handling payment information and the costs associated Payment Card Industry (PCI) compliance, while at the same time utilize third-party fraud detection screens and thereby avoid costs associated with fraudulent transactions.

A secure mobile phone-point of sale (POS) system includes a mobile phone integrated with a secure PED module. The secure PED module is integrated with the mobile phone via the phone's serial port or directly to the phone's Printed Circuit Board Assembly (PCBA). The secure PED module conforms to security standards imposed by the payment card industry. The secure mobile phone-POS system has the functionality of both the secure PED and the mobile phone and the look and feel of the mobile phone.

A secure electronic payment transaction system includes a Secure Transaction Module (STM) and a host device. The STM includes hardware and software components that meet the security requirements of the payment card industry and provide secure payment transactions utilizing banking cards. The host device includes a communication modem for connecting to financial institutions via a network connection. The STM connects to the host device via an interface and communicates with the financial institutions via the host device's communication modem. The STM is self-sufficient and can be connected to any host device over any interface.

Techniques for eliminating the need for merchants and acquirers to conduct Payment Card Industry (“PCI”) security audit procedures are provided. Merchants and acquirers can eliminate the operating expenses associated with conducting audits to ensure compliance with PCI Data Security Standards (“DSS”), while at the same time ensuring that cardholders' data remains secure, thus protecting the cardholders from fraudulent transactions. System security is further enhanced through the use of per transaction audits, with the scope of the audit being directly between the Point of Sale (POS) terminal and the payment processing network. PCI DSS compliance can thus be assured on a per transaction basis, as opposed to only ensuring compliance generally for a merchant or acquirer on a periodic basis. Per transaction PCI DSS compliance is assured, while at the same time eliminating the need for merchants or acquirers to conduct compliance audits.

A method and apparatus is provided for secure terminals that facilitate secure data transmission and are compliant with the payment card industry (PCI) data security requirements. A security processor is combined with an application processor and a display into a secure display control unit (SDCU) that provides tamper resistance and other security measures. Modular secure I / O devices are interfaced to the SDCU via a wired, or wireless, medium so as to facilitate secure data transfer to the SDCU during a point-of-sale (POS) transaction or other transaction that requires secure data entry. The secure I / O devices implement one-time-pad (OTP) encryption, where the random keys, or pads, are generated by a derived unique key per transaction (DUKPT) generator. Other embodiments facilitate interconnection of the secure I / O devices to a hardware security module (HSM) or a personal computer (PC) while maintaining a high level of data security.

A secure mobile phone-point of sale (POS) system includes a mobile phone integrated with a secure PED module. The secure PED module is integrated with the mobile phone via the phone's serial port or directly to the phone's Printed Circuit Board Assembly (PCBA). The secure PED module conforms to security standards imposed by the payment card industry. The secure mobile phone-POS system has the functionality of both the secure PED and the mobile phone and the look and feel of the mobile phone.

A system to ensure compliance with data security standards for merchants that store, process, and transmit secure data, includes a security appliance having a global unit to monitor the functions of the security appliance, a logging unit to log data from network devices at the merchant's site and from other security appliance units, an integrity unit to construct maps of file systems of the network devices and to compare the constructed maps with previously constructed maps to detect differences between them, and a scanning unit to periodically scan the network to detect unrecognized devices on the network. The system further includes a display unit to provide compliance information on a secure basis, a back-end unit to automate and manage compliance-related tasks and data security events, and a control unit to monitor compliance performance in real-time and to implement required procedures to ensure compliance with data security standards.

A secure mobile phone-point of sale (POS) system includes a mobile phone integrated with a secure PED module. The secure PED module is integrated with the mobile phone via the phone's serial port or directly to the phone's Printed Circuit Board Assembly (PCBA). The secure PED module conforms to security standards imposed by the payment card industry. The secure mobile phone-POS system has the functionality of both the secure PED and the mobile phone and the look and feel of the mobile phone.

Techniques for eliminating the need for merchants and acquirers to conduct Payment Card Industry (“PCI”) security audit procedures are provided. Merchants and acquirers can eliminate the operating expenses associated with conducting audits to ensure compliance with PCI Data Security Standards (“DSS”), while at the same time ensuring that cardholders' data remains secure, thus protecting the cardholders from fraudulent transactions. System security is further enhanced through the use of per transaction audits, with the scope of the audit being directly between the Point of Sale (POS) terminal and the payment processing network. PCI DSS compliance can thus be assured on a per transaction basis, as opposed to only ensuring compliance generally for a merchant or acquirer on a periodic basis. Per transaction PCI DSS compliance is assured, while at the same time eliminating the need for merchants or acquirers to conduct compliance audits.

A secure data depository assembly, and an associated method, provides for storage of data at a secured location forming a vault. Data associated with any of various compliance standards, such as the HIPAA (Health Insurance Portability and Accountability Act) and the PCI (Payment Card Industry) data security standard is stored at sub-vaults defined at the vault. An access controller controls access to the sub-vaults and the data stored thereat. Remote requests generated remote from the vault are routed by way of a packet data network, and, if appropriate, the access controller provides access to the vault and sub-vault contents pursuant to the request.

A dynamic signature / sign biometric verification system for detecting and preventing fraudulent transactions is described. The system comprises remote digital signature / sign input devices, a means to extract spatial and temporal features from the signature, a means to transmit the signature / sign features along with customer identifier information to a centralized signature / sign verification authority, a means for combining signature / sign feature verification with other forms of fraud detection technology, and a means for transmitting the results of a signature / sign verification back to the remote location where the signature / sign was captured. The system was primarily developed for use in payment card industries (e.g. credit cards, debit cards) but has applicability to other centralized signature / sign verification applications such as Automated Teller Machine authorizations and other identity theft detection and monitoring services.

Equipments and methods are disclosed for facilitating service provisioning in a system that comprises a payment processor, a number of service providers and a mediator that mediates information exchange between the payment processor and service providers, and a mobile terminal operated by payment card holder. In some implementations, service provisioning can be facilitated in cases wherein the payment processor must reside in a strictly regulated Payment Card Industry (PCI) compliant environment and the service providers operate servers that are not PCI-compliant.

A secure data depository assembly, and an associated method, provides for storage of data at a secured location forming a vault. Data associated with any of various compliance standards, such as the HIPAA (Health Insurance Portability and Accountability Act) and the PCI (Payment Card Industry) data security standard is stored at sub-vaults defined at the vault. An access controller controls access to the sub-vaults and the data stored thereat. Remote requests generated remote from the vault are routed by way of a packet data network, and, if appropriate, the access controller provides access to the vault and sub-vault contents pursuant to the request.

Equipment and methods for facilitating service provisioning in a system that include a payment processor, a number of service providers and a mediator that mediates information exchange between the payment processor and service providers, and a mobile terminal operated by payment card holder. In some disclosed embodiments, service provisioning can be facilitated in cases where the payment processor must reside in a strictly regulated Payment Card Industry (PCI) compliant environment and the service providers operate servers that are not PCI-compliant.

The Electronic Coupon Generation, Distribution, Reimbursement and Settlement System is a fully integrated system that is designed to coexist with paper based coupon systems and Internet sites that generate paper coupons and as warranted replace these coupon systems.The system is intended to be used by consumers who enroll and become active members and their representatives who initiate qualified shopping sessions at system supported point-of-sales sites.A proprietary database management enables manufacturers (or product controllers) to provide formatted information used by the system to generate electronic coupons and distribute them to consumers at point-of-sale sites controlled by participating merchandisers located throughout the country. The system supports the immediate reimbursement of consumers and reflects the coupons generated and reimbursement earnings on the register tape for a qualified shopping trip. The system also supports all settlement between manufacturers and merchandisers and the collection of service fees related to the electronic coupons generated.Coupon transaction history is collected for monitoring and audit purposes and appropriately selectively shared with manufacturers and merchandisers. The system uses the Internet and established secure sites to support communications and provide information and planning tools to consumers, manufacturers and merchandisers using the system. All processing, data storage and data transmissions is performed in compliance with the highly regarded data security standards established by the Payment Card Industry (PCI) for handling sensitive user information involving debit / credit card and financial transaction processing.

Equipments and methods are disclosed for facilitating service provisioning in a system that comprises a payment processor, a number of service providers and a mediator that mediates information exchange between the payment processor and service providers, and a mobile terminal operated by payment card holder. In some implementations, service provisioning can be facilitated in cases wherein the payment processor must reside in a strictly regulated Payment Card Industry (PCI) compliant environment and the service providers operate servers that are not PCI-compliant.

Equipments and methods are disclosed for facilitating service provisioning in a system that comprises a payment processor, a number of service providers and a mediator that mediates information exchange between the payment processor and service providers, and a mobile terminal operated by payment card holder. In some implementations, service provisioning can be facilitated in cases wherein the payment processor must reside in a strictly regulated Payment Card Industry (PCI) compliant environment and the service providers operate servers that are not PCI-compliant.

The present invention relates to a mobile PCI POS terminal. The mobile PCI POS terminal of the present invention comprises the following components: a mobile POS terminal main body which comprises a scanner module, a printer module, a main display module, a wireless modem module, a main control module with a memory, and a power module with a battery; a separable PIN entry device (PED) unit which is coupled to the mobile POS terminal main body through a communication connector, is accommodated in a separable housing, comprises a smart card reader and a magnetic card reader, a keypad module, a PED display, and a PED controller, and is connected with the mobile POS terminal main body through the communication connector; and a PCI security device which is only equipped in the separable PED unit, wherein the PCI security device forbids the PED unit when the separable housing is detached or invaded.

A system for providing Payment Card Industry (PCI) compliance for a contact center is disclosed. The system includes a monitoring module configured to monitor a communication session between an agent and a customer. At least one image associated with the agent's computer screen is captured during the communication session. An analysis module is configured to compare the at least one image with at least one predefined image. A control module is configured to control a recording of information associated with the communication session based on the comparison.

Equipment and methods for facilitating service provisioning in a system that includes a payment processor, a number of service providers and a mediator that mediates information exchange between the payment processor and service providers, and a mobile terminal operated by payment card holder. In some disclosed embodiments, service provisioning can be facilitated in cases wherein the payment processor must reside in a strictly regulated Payment Card Industry (PCI) compliant environment and the service providers operate servers that are not PCI-compliant.

Equipment and methods for facilitating service provisioning in a system that include a payment processor, a number of service providers and a mediator that mediates information exchange between the payment processor and service providers, and a mobile terminal operated by payment card holder. In some disclosed embodiments, service provisioning can be facilitated in cases where the payment processor must reside in a strictly regulated Payment Card Industry (PCI) compliant environment and the service providers operate servers that are not PCI-compliant.

A secure mobile phone-point of sale (POS) system includes a mobile phone integrated with a secure PED module. The secure PED module is integrated with the mobile phone via the phone's serial port or directly to the phone's Printed Circuit Board Assembly (PCBA). The secure PED module conforms to security standards imposed by the payment card industry. The secure mobile phone-POS system has the functionality of both the secure PED and the mobile phone and the look and feel of the mobile phone.

Equipments and methods are disclosed for facilitating service provisioning in a system that comprises a payment processor, a number of service providers and a mediator that mediates information exchange between the payment processor and service providers, and a mobile terminal operated by payment card holder. In some implementations, service provisioning can be facilitated in cases wherein the payment processor must reside in a strictly regulated Payment Card Industry (PCI) compliant environment and the service providers operate servers that are not PCI-compliant.

Equipments and methods are disclosed for facilitating service provisioning in a system that comprises a payment processor, a number of service providers and a mediator that mediates information exchange between the payment processor and service providers, and a mobile terminal operated by payment card holder. In some implementations, service provisioning can be facilitated in cases wherein the payment processor must reside in a strictly regulated Payment Card Industry (PCI) compliant environment and the service providers operate servers that are not PCI-compliant.

A system for providing Payment Card Industry (PCI) compliance for a contact center is disclosed. The system includes a monitoring module configured to monitor a communication session between an agent and a customer. At least one image associated with the agent's computer screen is captured during the communication session. An analysis module is configured to compare the at least one image with at least one predefined image. A control module is configured to control a recording of information associated with the communication session based on the comparison.

Generally, embodiments of the invention are directed to methods, computer readable media, servers and systems for enabling merchants to use hosted order pages (HOPs) and / or silent order posts (SOPs) and thereby avoid handling payment information and the costs associated Payment Card Industry (PCI) compliance, while at the same time utilize third-party fraud detection screens and thereby avoid costs associated with fraudulent transactions.