US Pat. No. 9,317,689

METHOD AND APPARATUS FOR SECURE APPLICATION EXECUTION

Visa International Servic...

1. A method comprising:
executing, by a server computer, a payment application in a first trusted execution environment on the server computer;
establishing a secure communication channel between the first trusted execution environment executing on the server computer
and a second trusted execution environment executing on a first mobile device, wherein

the first mobile device concurrently executes an instance of the payment application in the second trusted execution environment,
and

the first trusted execution environment is a software trusted execution environment and the second trusted execution environment
is a secure element, wherein the secure element comprises secure memory and secure hardware computing logic;

generating, by the server computer, a synchronizing event to the second trusted execution environment;
comparing, by the server computer, a first state associated with the payment application executing in the first trusted execution
environment and a second state associated with the instance of the payment application executing in the second trusted execution
environment using the secure communication channel; and

detecting, by the server computer, a difference in the first state and the second state.

US Pat. No. 9,313,215

MONITORING AND LIMITING REQUESTS TO ACCESS SYSTEM RESOURCES

Visa International Servic...

1. A method of processing requests at a merchant service provider system, the requests received from merchant-side applications
of a merchant, the method comprising:
providing, by the merchant service provider system, the merchant with an interface having controls;
receiving an input selecting at least one of the merchant-side applications of the merchant, wherein the controls of the interface
permit the merchant to select the at least one of the merchant-side applications of the merchant;

receiving an input assigning a limit on a number of requests from the at least one of the merchant-side applications of the
merchant that the merchant service provider system will process, wherein the controls of the interface permit the merchant
to assign the limit on the number of requests from the at least one of the merchant-side applications of the merchant that
the merchant service provider system will process;

enabling, by the merchant service provider system, the merchant to allocate data processing resources of the service provider
system to higher-priority services by permitting the merchant to assign lower limits on the number of requests for lower-priority
services that the merchant service provider system will process;

storing the limit assigned to the at least one of the merchant-side applications of the merchant in a data storage element
accessible by the merchant service provider system;

monitoring, by the merchant service provider system, incoming requests from the merchant-side applications of the merchant,
wherein the monitoring includes:

processing the incoming requests from the merchant-side applications;
identifying merchant-side application that generated each incoming request; and
counting the incoming requests from the at least one of the merchant-side applications of the merchant; and
generating, by the merchant service provider system, an alert if the number of requests from the at least one of the merchant-side
applications exceeds the limit.

US Pat. No. 9,426,127

SMALL FORM-FACTOR CRYPTOGRAPHIC EXPANSION DEVICE

Visa International Servic...

1. A label comprising:
a top electrical contact plate on top of the label for interfacing to a communication device;
a bottom electrical contact plate on bottom of the label for interfacing to a communication component;
a substrate disposed between the top electrical contact plate and the bottom electrical contact plate; and
a hardware security module embedded within the substrate and disposed entirely between a top planar area spanned by the top
electrical contact plate and a bottom planar area spanned by the bottom electrical contact plate, wherein the hardware security
module is coupled to the top and bottom electrical contact plates, and includes a secure processing unit and a public processing
unit,

wherein the public processing unit includes a communication device interface coupled to the top electrical contact plate,
and a communication component interface coupled to the bottom electrical contact plate, and

wherein the public processing unit is configured to process messages received at the communication device interface and the
communication component interface, and to send, to the secure processing unit, requests to perform cryptographic operations
in response to receiving messages on the communication device interface that are associated with secure operations.

US Pat. No. 9,384,493

SYSTEMS AND METHODS TO QUANTIFY CONSUMER SENTIMENT BASED ON TRANSACTION DATA

VISA INTERNATIONAL SERVIC...

1. A computer-implemented method, comprising:
providing a computing apparatus having
a transaction handler configured in an electronic payment processing network connecting separate computers, including
first computers controlling consumer accounts from which payments of transactions are made in the electronic payment processing
network;

second computers controlling merchant accounts in which the payments are received via the electronic payment processing network;
and

transaction terminals configured to initiate the transactions in the electronic payment processing network using identifications
of the consumer accounts;

a data warehouse coupled with the transaction handler and storing:
first transaction data recording payment transactions processed by the transaction handler in a first period of time, and
second transaction data recording payment transactions processed by the transaction handler in a second period of time; and
a portal coupled with the data warehouse;
receiving, in the portal of the computing apparatus using a communication channel outside the electronic payment processing
network, internet content indicative of consumer sentiment during the first period of time;

evaluating, by the computing apparatus, consumer sentiment values based on the internet content published during the first
period of time;

correlating, by the computing apparatus using a machine learning technique, the first transaction data recording the payment
transactions processed by the transaction handler in the first period of time with the consumer sentiment values evaluated
based on the internet content published during the first period of time;

generating, by the computing apparatus, a computer quantification model of consumer sentiment from the correlating;
training the computer quantification model based on adjusting parameters of the quantification model to reduce differences
between

the consumer sentiment values evaluated based on internet content published during the first period of time, and
numerical values computed from applying the first transaction data in the first period of time to the quantification model;
adjusting regional and temporal differences in emotional sentiment for the numerical values in the training of the quantification
model;

receiving, by the computing apparatus from the data warehouse, the second transaction data recording payment transactions
of a group of users during the second period of time;

applying, by the computing apparatus, the second transaction data to the quantification model;
determining, by the computing apparatus through the applying of the second transaction data to the computer quantification
model, a numerical value of consumer sentiment of the group of the users during the second period of time;

identifying, by the computing apparatus, offers based at least in part on the numerical value of consumer sentiment of the
group of the users; and

communicating, by the portal using a channel outside the electronic payment processing network, the offers to the group of
the users.

US Pat. No. 9,317,848

INTEGRATION OF VERIFICATION TOKENS WITH MOBILE COMMUNICATION DEVICES

Visa International Servic...

1. A mobile communication device comprising:
a housing; and
a verification token disposed within the housing, the verification token comprising
a computer-readable medium;
a data processor electrically coupled to the verification token and the computer-readable medium;
code embodied on the computer-readable medium that directs the data processor to obtain identification information;
code embodied on the computer-readable medium that directs the data processor to transmit the identification information to
an entity; and

code embodied on the computer-readable medium that directs the data processor to receive, after transmitting the identification
information, a dynamic PAN from the entity; and

code embodied on the computer-readable medium that directs the data processor to locate a browser web page on the mobile communication
device that has a form field for an account number and a form field for a verification value, and to enter the dynamic PAN
received from the entity in the form field for the account number.

US Pat. No. 9,485,253

FAMILIAR DYNAMIC HUMAN CHALLENGE RESPONSE TEST CONTENT

VISA INTERNATIONAL SERVIC...

1. A method comprising:
receiving transaction data associated with a plurality of transactions at a server computer;
scrubbing the transaction data of personally identifiable information that can be used to identify a person or an account
associated with the transaction data;

extracting, by the server computer, a plurality of challenge items from the scrubbed transaction data using an extraction
algorithm, the extraction algorithm selecting the plurality of challenge items from data strings in the transaction data;

storing, by the server computer, the plurality of challenge items in a challenge repository, wherein the plurality of challenge
items may be used to generate distorted challenge messages;

electronically providing, by the server computer to a user device over a communications network, a distorted challenge message
comprising one or more of the plurality of challenge items from the challenge repository along with other distorted challenge
items not derived from the received transaction data; and

receiving, by the server computer from the user device over the communications network, a selection of the one or more of
the plurality of challenge items from the challenge repository from among the one or more challenge items and the other distorted
challenge items.

US Pat. No. 9,311,582

PAYMENT CARD SYSTEM AND METHOD

Visa International Servic...

1. A card comprising:
a first layer;
a second layer adjacent to the first layer and comprising a composite, wherein the composite comprises a polymer and a metal,
and wherein the metal comprises about 15 to 50 volume % of the composite, thereby resulting in the composite being less susceptible
to electrostatic buildup than the metal; and

at least one of a magnetic stripe and a contactless element.

US Pat. No. 9,098,843

SYSTEM AND METHOD FOR TEMPORARILY ENABLING PROPRIETARY TRANSIT PAYMENTS ON A HOTEL ROOM KEY

Visa International Servic...

1. A portable device payment processing system comprising:
a database; and
a server computer coupled to the database, wherein the server computer comprises a processor and a computer-readable storage
medium coupled to the processor, the computer-readable storage medium comprising code executable by the processor for implementing
a method comprising:

receiving transaction data at the server computer from a transit payment system, wherein the transaction data is transit transaction
data, the transit transaction data including an identifier of the transit payment system and a payment application identifier
of a payment application, and wherein the payment application is embedded in a portable device involved in a transaction with
the transit payment system;

determining, by the server computer, a hotel based on the payment application identifier in the transaction data; and
sending, by the server computer, the transaction data to a hotel management system associated with the hotel, wherein the
hotel management system places a charge based on the transaction data onto a hotel folio.

US Pat. No. 9,432,845

SYSTEM AND METHOD FOR AUTOMATED ANALYSIS COMPARING A WIRELESS DEVICE LOCATION WITH ANOTHER GEOGRAPHIC LOCATION

Visa International Servic...

1. A method of determining fraudulent activity, the method comprising the steps of:
receiving, over a first network, information identifying the location of an electronic device;
receiving, over a second network, information identifying the location of a wireless device associated with a user;
caching the information identifying the location of the wireless device for comparison with the information identifying the
location of the electronic device;

associating a date and time of the cached information identifying the location of the wireless device with the information
identifying the location of the electronic device;

generating a comparison of the cached information identifying the location of the wireless device with the information identifying
the location of the electronic device;

evaluating results of the comparison based on proximity of the compared locations;
applying an algorithmic value to the results indicating a relative degree of proximity of the location of the wireless device
with the location of the electronic device; and

sending the algorithmic value to a processing system configured to determine, based on the algorithmic value, the authenticity
of the identity of the user.

US Pat. No. 9,355,394

SYSTEMS AND METHODS OF AGGREGATING SPLIT PAYMENTS USING A SETTLEMENT ECOSYSTEM

Visa International Servic...

1. A method comprising:
presenting a graphical user interface associated with a collaboration service on a computing device for enrolling a user in
the collaboration service;

enabling the user to enroll in the collaboration service associated with a collaboration server;
receiving, by the computing device, transaction data for a transaction event associated with a plurality of participants,
the transaction data including a transaction value associated with the plurality of participants;

receiving, by the computing device, a selection of a participant in the plurality of participants to be a payer of the transaction
event, wherein the transaction value of the transaction event is paid for by the selected payer of the transaction event;

determining, by the computing device, based at least in part on the transaction data, a portion of the transaction value owed
by one or more remaining participants in the plurality of participants to the selected payer of the transaction event, the
portion of the transaction value being less than the transaction value; and

causing the collaboration server to generate and send one or more notifications to the one or more remaining participants
in the plurality of participants to be displayed on one or more graphical user interfaces of one or more computing devices
of the one or more remaining participants, wherein a notification of the one or more notifications includes the portion of
the transaction value.

US Pat. No. 9,330,386

DEVICE, SYSTEM AND METHOD FOR REDUCING AN INTERACTION TIME FOR A CONTACTLESS TRANSACTION

Visa International Servic...

1. A non-transitory computer readable medium embodying information indicative of instructions for causing a reader to perform
operations comprising:
wirelessly sending from a reader to a contactless payment device in a command message a terminal unpredictable number and
a transaction amount;

receiving from the contactless payment device in response to the command message a wireless message with a dynamic signature
generated based on an application transaction counter (ATC), the terminal unpredictable number, the transaction amount, and
a card unpredictable number, the dynamic signature sent with an application file locator (AFL); and then

wirelessly transmitting from the reader to the contactless payment device a read record command message to request one or
more records indicated in the AFL from the contactless payment device;

receiving from the contactless payment device the requested one or more records requested by the read record command message;
and

causing a recalculation of the dynamic signature in order to authorize a contactless transaction if the dynamic signature
received from the contactless payment device matches the recalculated dynamic signature.

US Pat. No. 9,286,604

OVER THE AIR MANAGEMENT OF PAYMENT APPLICATION INSTALLED IN MOBILE DEVICE

Visa International Servic...

1. A method in a mobile communication device, the method comprising:
receiving, by the mobile communication device, an input from a user, the input indicative of a password for access to a payment
application resident on the mobile communication device, wherein the payment application allows a predetermined number of
password entry attempts;

determining, by the mobile communication device, that the password is not correct;
responsive to the determining that the password is not correct, determining, by the mobile communication device, that the
predetermined number of password entry attempts has been reached; and

responsive to the determining that the predetermined number of password entry attempts has been reached, preventing, by the
mobile communication device, access to the payment application, wherein the preventing includes:

transmitting, to a remote computer, a lock application request message;
receiving, from the remote computer, an application lock script; and
executing, by the mobile communications device, the application lock script to lock the payment application by modifying an
access control data value within a secure memory of the mobile communication device.

US Pat. No. 9,075,653

EMBEDDING SUPPLEMENTAL CONSUMER DATA

Visa International Servic...

1. A computer-implemented method comprising:
receiving, by a computer, a code format, wherein the code format indicates a plurality of fields included in a code and an
ordering of the fields;

determining, by the computer, numeric field values associated with the plurality of fields by:
receiving a plurality of field values associated with the plurality of fields, each of the fields being associated with a
field radix; and

converting the field values into numeric field values;
combining, by the computer, the numeric field values to generate a normalized value, wherein the normalized value is associated
with a normalized radix, and wherein the normalized radix is greater than the field radices; and

generating, by the computer, a code representative of the plurality of field values using the normalized value, wherein the
code format is known by a second computer, wherein the second computer is operable to decode the code.

US Pat. No. 9,998,978

SYSTEMS AND METHODS FOR PROCESSING DORMANT VIRTUAL ACCESS DEVICES

VISA INTERNATIONAL SERVIC...

11. A method comprising:receiving, by a server computer, a dormancy request from an authorization server, wherein the dormancy request includes information identifying a virtual access device;
determining, by the server computer, that the virtual access device is dormant based at least on previous transactions involving the virtual access device and at least one dormancy rule;
sending, by the server computer, a dormancy response to the authorization server indicating that the virtual access device is dormant; and
causing the authorization server to cease a renewal of the virtual access device based on the dormancy response.

US Pat. No. 9,449,327

MERCHANT ALERT BASED SYSTEM AND METHOD INCLUDING CUSTOMER PRESENCE NOTIFICATION

Visa International Servic...

1. A method comprising:
providing an interface allowing a merchant to specify criteria for alerts, the interface including a merchant-specified predetermined
number of disputed purchases for customers;

receiving, at a server computer, an indication from a merchant proximity system of a consumer having a profile entering a
store of a merchant;

retrieving the profile of the first consumer, the retrieving based upon the indication;
determining, by the server computer using the retrieved profile, that the first consumer has had more than the merchant-specified
predetermined number of disputed purchases with a payment processing network;

generating an alert message based on the determination; and
sending the alert message to the merchant before the merchant conducts a transaction with the first consumer.

US Pat. No. 9,390,445

AUTHENTICATION USING BIOMETRIC TECHNOLOGY THROUGH A CONSUMER DEVICE

Visa International Servic...

1. A method for authenticating a user for a payment transaction, comprising:
storing, by a server computer, a user fraud profile and a queue;
associating, by the server computer, a predetermined period of time with the queue;
receiving, by the server computer and from a device, payment transaction data associated with the payment transaction and
a biometric digital artifact;

comparing, by the server computer, the biometric digital artifact to other biometric digital artifacts stored in the user
fraud profile;

authenticating, by the server computer, the payment transaction based on the comparison;
sending, by the server computer, an authentication result to the device;
storing, by the server computer, the biometric digital artifact in the queue;
determining, by the server computer, that the predetermined period of time associated with the queue has expired;
retrieving, by the server computer, the biometric digital artifact from the queue based on the determination; and
updating, by the server computer, the user fraud profile with the retrieved biometric digital artifact.

US Pat. No. 9,240,011

SYSTEMS AND METHODS TO COMMUNICATE WITH TRANSACTION TERMINALS

VISA International Servic...

1. A method implemented in a transaction terminal, the method comprising:
receiving, in the transaction terminal for a payment transaction, a code provided in an authorization response transmitted
via a communication channel from a transaction handler through an acquirer processor, wherein the transaction handler is configured
to communicate with transaction terminals via acquirer processors in receiving authorization requests and providing authorization
responses;

in response to detection of the code in the authorization response, invoking, by the transaction terminal, an application
running in the transaction terminal, wherein the application is invoked to established an out-of-band communication connection
from the application to a portal of the transaction handler, the out-of-band communication connection being separate from
the communication channel through which the authorization response is provided from the transaction handler to the transaction
terminal, and present a user interface under control of the portal over the out-of-band communication connection between the
application and the portal of the transaction handler;

receiving, in the user interface, at least one user response related to the payment transaction prior to completion of the
payment transaction on the transaction terminal; and

transmitting, by the transaction terminal via the application, the user response to the portal of the transaction handler
via the out-of-band communication connection.

US Pat. No. 9,165,294

METHOD FOR USING BARCODES AND MOBILE DEVICES TO CONDUCT PAYMENT TRANSACTIONS

Visa International Servic...

1. A method of conducting a payment transaction comprising:
receiving, by a mobile device operated by a user, an authentication communication from a digital wallet of a central server
computer, wherein the authentication communication is sent in response to the payment transaction being initiated by the user
on a client computer;

capturing an image of a two-dimensional barcode on a physical payment token with a camera in the mobile device;
generating, by the mobile device, barcode data based on the captured image;
transmitting, by the mobile device, the barcode data to the central server computer comprising the digital wallet, wherein
the central server computer decrypts or decodes the barcode data from the mobile device; and

receiving, at the mobile device, a dynamic data element from the central server computer, wherein the dynamic data element
is adapted to be transmitted to the central server computer from the client computer in which the user has entered the dynamic
data element,

wherein the central server computer initiates the payment transaction after the central server computer determines that the
dynamic data element received from the client computer matches the dynamic data element that was sent from the central server
computer to the mobile device.

US Pat. No. 9,135,621

METHODS AND SYSTEMS FOR PERFORMING AUTHENTICATION IN CONSUMER TRANSACTIONS

Visa International Servic...

1. A method comprising:
prior to receiving transaction type information indicative of a type of transaction engaged in between a consumer and a merchant,
performing an enrollment process including:

receiving consumer registration information including a financial account identifier;
determining whether the financial account identifier is within a registered range;
upon determining that the financial account identifier is not within the registered range, terminating the enrollment process;
and

upon determining that the financial account identifier is within the registered range, initializing a consumer record in an
account holder file, wherein initializing the consumer record comprises:

prompting the consumer for additional authentication information used to authenticate the consumer during subsequent purchase
transactions, wherein the additional authentication information includes a password and a hint question and response pair,

receiving the additional authentication information, and
storing the additional authentication information in the account holder file;
receiving, at an authentication system, transaction type information indicative of the type of transaction engaged in between
the consumer and the merchant;

determining, at the authentication system, the type of transaction engaged in between the consumer and the merchant based
on the received transaction type information;

communicating, from the authentication system, an authentication prompt based on the type of transaction engaged in between
the consumer and the merchant;

in response to communicating an authentication prompt, receiving, at the authentication system, authentication information
for authenticating the consumer; and

authenticating the consumer based on the received authentication information.

US Pat. No. 9,105,027

VERIFICATION OF PORTABLE CONSUMER DEVICE FOR SECURE SERVICES

Visa International Servic...

1. A computer program product embodied on a computer-readable medium, the product comprising:
code that directs a data processor to receive a request for a secure datum for a portable consumer device associated with
a user, the request comprising identification information pertaining to the portable consumer device, the identification information
including an account number that was assigned to the portable consumer device by an issuer, and that was embedded in the portable
consumer device prior to receiving the request for the secure datum, wherein the account number is configured to be read and
directly used by a payment processing network to identify an account of the user that the payment processing network can use
to process payment transactions for the user;

code that directs the data processor to apply at least one validation test pertaining to the received request, wherein the
validation test is a test that determines whether the verification token is authentic or whether the verification token has
been involved in fraudulent transactions; and

code that directs the data processor to send, if the at least one validation test is passed, a secure datum to a verification
token associated with the user or to an entity configured to forward the secure datum to the token, wherein the secure datum
is configured to be entered onto a Purchase Authentication Page by the verification token.

US Pat. No. 9,092,769

TRUSTED INTERNAL INTERFACE

Visa International Servic...

1. A payment device comprising:
a processor;
a memory coupled to the processor;
a value-add application stored in the memory;
a payment application stored in the memory, wherein the payment application is configured to validate the value-add application
before providing payment data for a payment account from the payment application to the value-add application;

a trusted interface in the memory that couples the payment application to the value-add application, the payment application
providing the payment data, the value-add application providing value-add data relevant to the transaction, the trusted interface
being configured to enable transmission of a request for the payment data or value-add data between the payment application
and the value-add application, the trusted interface being further configured to enable transmission of payment data or value-add
data responsive to the request between the payment application and the value-add application; and

a communications interface configured to transmit payment data together with value-add data from at least one of the payment
application and the value-add application to an external communications network.

US Pat. No. 9,094,356

SUPPLEMENTAL ALERT SYSTEM AND METHOD

Visa International Servic...

1. A method comprising:
receiving an authorization request message at a server computer, the authorization request message generated in response to
a user conducting a transaction, wherein the authorization request message requests authorization for the transaction;

generating a first alert message by the server computer based on one or more rules, in response to receiving the authorization
request message;

transmitting, by the server computer, the first alert message to a first notification device associated with the user, the
first alert message informing the user of the transaction;

generating a second alert message by the server computer based on one or more rules specified by the user in response to receiving
the authorization request message, the second alert message associated with the transaction; and

transmitting, by the server computer, the second alert message to a second notification device associated with a message recipient,
the second alert message transmitted via a platform specified in the one or more rules, the second alert message informing
the message recipient of the transaction,

wherein the one or more rules used to generate the second alert message comprise a rule that only generates the second alert
message if the authorization request message indicates that the transaction is being conducted at a predetermined merchant
category or merchant.

US Pat. No. 9,071,463

SYSTEMS AND METHODS FOR SORTING ALERT AND OFFER MESSAGES ON A MOBILE DEVICE

Visa International Servic...

1. A machine-readable non-transitory medium embodying information indicative of instructions for causing one or more machines
to perform operations comprising:
receiving automatic sorting criteria from a user associated with a mobile device;
receiving alert messages, wherein each alert message includes a transaction amount associated with a transaction conducted
with a merchant;

automatically sorting the alert messages by transaction amount based on the automatic sorting criteria, the sorting performed
automatically upon receipt of one or more of the alert messages; and

displaying the sorted alert messages.

US Pat. No. 9,373,111

PAYMENT CARD WITH INTEGRATED CHIP

Visa International Servic...

1. A method comprising:
receiving, by a server computer, from an access device associated with a merchant during a transaction, an authorization request
message comprising an account number and encrypted additional data related to the transaction involving the merchant;

requesting, by the server computer, authorization for the transaction by sending a request message to an issuer computer,
wherein the request message comprises the account number included in the received authorization request message;

decrypting, by the server computer, the encrypted additional data included in the authorization request message associated
with the transaction;

storing, by the server computer, the decrypted additional data associated with the transaction in a database;
receiving, by the server computer, from the issuer computer, an authorization response message that indicates an authorization
of the transaction;

determining, by the server computer, that the merchant is eligible to receive the decrypted additional data associated with
the transaction;

based on determining that the merchant is eligible to receive the decrypted additional data associated with the transaction,
modifying, by the server computer, the authorization response message by inserting the decrypted additional data into the
authorization response message; and

transmitting, by the server computer, the modified authorization response message inserted with the decrypted additional data
to the access device.

US Pat. No. 9,325,833

SYSTEMS AND METHODS FOR SORTING ALERT AND OFFER MESSAGES ON A MOBILE DEVICE

Visa International Servic...

1. A mobile device comprising:
A processor; and
A computer readable medium coupled to the processor, wherein the processor is configured to execute a set of instructions
stored on the medium to enable the processor to perform operations comprising:

receiving automatic sorting criteria from a user associated with a mobile device;
receiving alert messages;
automatically sorting the alert messages based on the automatic sorting criteria, the sorting performed automatically upon
receipt of one or more of the alert messages; and

displaying the sorted alert messages.

US Pat. No. 9,324,088

SYSTEMS AND METHODS TO PROVIDE MESSAGES IN REAL-TIME WITH TRANSACTION PROCESSING

VISA INTERNATIONAL SERVIC...

1. A computer-implemented method, comprising:
storing, in a computing apparatus having a transaction handler, a plurality of trigger records;
processing, by the transaction handler, an authorization request received from an acquirer processor, the authorization request
being processed for a payment to be made by an issuer processor on behalf of a user having an account identifier associated
with the issuer processor, the acquirer processor to receive the payment on behalf of a merchant;

determining, by the transaction handler, whether the authorization request matches one of the plurality of trigger records;
and

if the authorization request matches a trigger record in the plurality of the trigger records,
identifying, by the computing apparatus, a communication reference of the user in accordance with the trigger record,
generating, by the computing apparatus, a message regarding a benefit that will be provided to the user upon completion of
the payment requested via the authorization request, and

transmitting, from the computing apparatus, the message to the user via the communication reference prior to providing the
benefit to the user.

US Pat. No. 9,317,672

ONLINE ACCOUNT ACCESS CONTROL BY MOBILE DEVICE

VISA INTERNATIONAL SERVIC...

1. A method for controlling access to an online account, the method comprising:
receiving an access control message from a mobile device-that includes a request to disable login access to an online account,
wherein the online account is associated with login information comprising a password and identification information associated
with the online account;

establishing, in response to receiving the access control message, a short message service communication session with the
mobile device;

receiving, via the short message service communication session, identifying information associated with the mobile device,
the identifying information including at least one of a Mobile Subscriber Integrated Services Digital Network (MSISDN) number,
an International Mobile Subscriber Identity (IMSI), and an International Mobile Station Equipment Identifier (IMEI);

identifying the online account based at least in part on the identifying information associated with the mobile device, wherein
the identifying the online account includes comparing an identifier of the mobile device to a plurality of stored identifiers;

sending a user verification query message to the mobile device via the short message service communication session;
receiving a user verification response message from the mobile device via the short message service communication session,
wherein the user verification response message includes verification information that is different from the login information
for the online account;

verifying the user verification response message, wherein the verifying includes comparing the verification information to
stored information; and

if the user verification response message is verified, disabling login access to the online account, such that the online
account is prevented from being accessed even when the login information for the online account is correctly entered.

US Pat. No. 9,195,822

FAMILIAR DYNAMIC HUMAN CHALLENGE RESPONSE TEST CONTENT

VISA INTERNATIONAL SERVIC...

1. A method comprising:
receiving transaction data associated with a plurality of transactions;
scrubbing the transaction data of personally identifiable information that can be used to identify a person or an account
associated with the transaction data;

extracting, by a server computer, a plurality of challenge items from the scrubbed transaction data using an extraction algorithm,
the extraction algorithm selecting the plurality of challenge items from data strings in the transaction data, wherein the
plurality of challenge items include a plurality of different types of transaction data;

storing the plurality of challenge items in a challenge repository, wherein the plurality of challenge items may be used to
generate distorted challenge messages; and

electronically providing a distorted challenge message comprising one or more of the plurality of challenge items from the
challenge repository.

US Pat. No. 9,160,734

SERVICE ACTIVATION USING ALGORITHMICALLY DEFINED KEY

Visa International Servic...

1. A method comprising:
receiving, by an issuer computer, a request message from a mobile device to provision a previously issued account on the mobile
device for conducting transactions;

identifying, by the issuer computer, that a user associated with the mobile device is authorized to provision the previously
issued account on the mobile device based on issuer-specified criteria established by an issuer associated with the issuer
computer;

retrieving, by the issuer computer, data associated with the user and a shared data element shared between the issuer computer
and a service provider computer, wherein the data associated with the user was provided as part of a relationship between
the user and the issuer, and wherein only the data associated with the user agreed to by the issuer and the service provider
is retrieved;

generating, by the issuer computer, a first activation code by the issuer computer, the first activation code based on the
data associated with the user and the shared data element; and

sending, by the issuer computer, the first activation code to the mobile device, wherein the user sends the first activation
code and the data associated with the user to the service provider computer, the service provider computer generates a second
activation code based on the data associated with the user and the shared data element, and the service provider computer
provisions the account associated with the user to the mobile device when the first and second activation codes are the same.

US Pat. No. 9,117,225

APPARATUSES, METHODS AND SYSTEMS FOR TRANSFORMING USER INFRASTRUCTURE REQUESTS INPUTS TO INFRASTRUCTURE DESIGN PRODUCT AND INFRASTRUCTURE ALLOCATION OUTPUTS

VISA INTERNATIONAL SERVIC...

1. An information technology infrastructure and excess hardware-reducing design apparatus to transform user infrastructure
requests inputs to infrastructure design product and infrastructure allocation outputs, comprising:
a processor; and
a memory in communication with the processor containing processor-readable instructions to:
receive a user automated project infrastructure request;
identify the user automated project infrastructure request with pre-defined project infrastructure templates;
wherein identifying the user automated project infrastructure request with pre-defined project infrastructure templates automatically
reduces excess hardware requirements;

wherein the project infrastructure template is converted to project infrastructure design diagrams via hand-made modeling
tools;

wherein the project infrastructure template is an editable resource flow chart diagram;
wherein the project infrastructure template is converted to project infrastructure design diagrams via Unified Modeling Language
(UML);

wherein the infrastructures specified in the parsed structured data file may separate project resources into a plurality of
purpose-specific zones; and

wherein the Unified Modeling Language is Systems Modeling Language (SysML);
retrieve a project infrastructure template that best matches the user automated project infrastructure request;
generate a structured data file based on the project infrastructure template;
wherein the structured data file is Extensible Markup Language Metadata Interchange (XMI);
parse the structured data file;
send the parsed structured data file to an infrastructure provider;
allocate infrastructures specified in the parsed structured data file to be implemented by the user; and
allocate new infrastructure resources wherein user provides requests to change the infrastructure that was sent.

US Pat. No. 9,443,253

SYSTEMS AND METHODS TO PROVIDE AND ADJUST OFFERS

VISA INTERNATIONAL SERVIC...

1. A method, comprising:
providing a computing apparatus comprising:
a transaction handler to generate transaction data from processing transactions of a first user, wherein a spending pattern
of the first user is determined based on the transaction data,

a data warehouse configured to store records to keep track of milestones for the first user as a transaction history of the
first user is monitored in real time, and

a portal configured to allow a first computing device of a merchant to specify one or more predetermined time instances for
evaluation of the spending pattern, and further configured to receive communications from the first computing device regarding
programming of computing system functions for a campaign;

receiving, via the portal, a communication reference functions for the first user;
monitoring, in real time by the transaction handler, the transaction history;
receiving, in the computing apparatus, a set of records for the campaign, each record identifying at least one condition for
matching an event in the campaign with a user participating in the campaign;

monitoring, by the computing apparatus, events relevant to the campaign in accordance with the set of records;
in response to receiving an authorization request from a transaction terminal, detecting, by the transaction handler, a first
purchase satisfying a first record of the set of records; and

in response to detection of the first purchase:
transmitting, by the computing apparatus, using the communication reference, a message in accordance with the first record
to cause display in a first user interface of a second computing device of the first user to announce a benefit to be provided
to the first user in response to a second purchase satisfying a second record of the set of records, and

transmitting an electronic file to the second computing device to enable the benefit for use by the second computing device
in the second purchase;

receiving, from the second computing device, first data including data from a cookie stored at the second computing device;
selecting, from the data warehouse, based on the first data, a user profile for the first user;
during execution of the campaign, a modifying programming; and
in response to the modifying of the programming, and based on the user profile:
transmitting an updated electronic file to the second computing device to modify the benefit as controlled by the programming
modification, and

causing adjustment in placement of a display associated with the updated electronic file in the first user interface.

US Pat. No. 9,424,413

INTEGRATION OF PAYMENT CAPABILITY INTO SECURE ELEMENTS OF COMPUTERS

Visa International Servic...

1. A method comprising:
receiving, at a secure element of a computer, a real account number and at least one of an expiration date, a card verification
value, or a billing ZIP code of user-specific payment information, wherein the secure element is immune from being hacked
by computer viruses installed on the computer, wherein the secure element comprises a processor, a memory coupled to the processor,
and an input/output controller coupled to the processor, and wherein the memory stores a unique identifier identifying the
secure element;

obtaining the unique identifier identifying the secure element from the memory of the secure element;
sending the received real account number, the received at least one of the expiration date, the card verification value, or
the billing ZIP code, and the obtained unique identifier identifying the secure element to a validation entity server;

receiving, in response to sending the received real account number, the received at least one of the expiration date, the
card verification value, or the billing ZIP code, and the obtained unique identifier identifying the secure element to the
validation entity server, a pseudo account number from the validation entity server, the received pseudo account number being
different from the real account number of the user-specific payment information and having the same form as the real account
number; and

storing, in the memory of the secure element, the received pseudo account number, wherein the method further comprises:
encrypting, the unique identifier identifying the secure element using an encryption key stored in the secure element, prior
to sending the obtained unique identifier to the validation entity server.

US Pat. No. 9,355,390

PREPAID ACCOUNT FUNDS TRANSFER APPARATUSES, METHODS AND SYSTEMS

VISA INTERNATIONAL SERVIC...

1. A prepaid account funds transfer processor-implemented method for automatically scheduling a prepaid funds transfer based
on a prepaid accounts receivable request, comprising:
receiving at a prepaid accounts receivable request server, via an electronic payment processing network, from a transferee
user holding a transferee prepaid account, a prepaid account receivables request specifying i) a transferee user identifier
and ii) a prepaid funds transfer amount to be transferred from a transferor prepaid account of the transferor user to the
transferee prepaid account of the transferee user;

in response to receiving the prepaid account receivables request, retrieving, via the prepaid accounts receivable request
server, a prepaid account link data record based on the received transferee user identifier from a links database, the prepaid
link data record i) providing a link between the transferor prepaid account and the transferee prepaid account and ii) being
generated at the time of creation of the transferee prepaid account;

determining, via the prepaid accounts receivable request server, using the retrieved prepaid account link data record, the
transferor prepaid account that is linked with the transferee prepaid account; and

generating, via the prepaid accounts receivable request server, a prepaid account funds transfer schedule record for storage
in a schedules database, the prepaid account funds transfer schedule record indicating a date when the prepaid funds transfer
amount of funds specified in the prepaid account receivables request are to be automatically transferred from the transferor
prepaid account to the transferee prepaid account.

US Pat. No. 9,280,764

GATEWAY SERVICE PLATFORM

Visa International Servic...

1. A method comprising:
selecting, by a device, a gateway amongst a plurality of gateways;
sending a request, from the device to the selected gateway over an open network, to access a service, wherein the device is
configured to communicate with the gateway before communicating with an acquirer,

wherein the request is sent to a service system provided by a server computer, wherein the service system is one of a plurality
of service systems communicatively coupled to the gateway, wherein the service system is communicatively coupled to a payment
processing system, wherein the service system is configured to provide one or more of services related to an account held
by a user, and wherein the service system further comprises an application tier and is configured to communicate with a shared
database tier that is being shared amongst the plurality of service systems, wherein the application tier contains logic used
to provide one or more services related to the account held by the user, and wherein the shared database tier stores information
used to provide the one or more services related to the account held by the user; and

receiving, at the device, a response from the service system.

US Pat. No. 9,430,666

METHOD AND SYSTEM FOR FACILITATING DATA ACCESS AND MANAGEMENT ON A SECURE TOKEN

Visa International Servic...

1. A method of using a server computer operated by a value added service provider, the method comprising:
receiving a directory identifier by the server computer from an issuer bank server computer corresponding to a first directory
instance of multiple directory instances in a file system on a secure token device, wherein the file system includes an open
storage architecture having a common data storage space shared by multiple value added service providers, and wherein the
first directory instance is associated with a first value added service provider for use with the secure token device,

providing, over a network via a network interface, access parameters from the server computer to a first value-added application
associated with the first value added service provider stored on a client device, wherein the client device is configured
to store multiple value-added applications associated respectively with the multiple value added service providers for access
to the common data storage space of the secure token device, and

wherein data stored in the common data storage space associated with the first value added service provider is shared among
the first value-added application and a second value-added application associated with a second value added service provider
when a customer is participating in a joint promotional program of the first value added service provider and the second value
added service provider, and

wherein the data associated with the first value added service provider is only accessible by the first value-added application
when the customer is not participating in the joint promotional program of the first value added service provider and the
second value added service provider.

US Pat. No. 9,420,448

SYSTEM AND METHOD FOR AUTOMATED ANALYSIS COMPARING A WIRELESS DEVICE LOCATION WITH ANOTHER GEOGRAPHIC LOCATION

Visa International Servic...

1. A system for comparing a wireless device's location obtained from a wireless network with the wireless device user's location
obtained from another network comprising:
a module to obtain from a wireless network a location of a wireless device;
a module to obtain, from a data network exclusive of the wireless network, a location of a user associated with the wireless
device;

a module to determine the proximity among wireless device locations with locations of wireless device users accessing other
devices; and

a module to evaluate the results of a comparison among wireless device locations with locations of wireless device users accessing
other devices based on proximity of the compared locations.

US Pat. No. 9,342,832

SECURING EXTERNAL SYSTEMS WITH ACCOUNT TOKEN SUBSTITUTION

Visa International Servic...

1. A method comprising:
receiving, by a tokenization server, a registration request message from a merchant computer;
assigning, by the tokenization server, a merchant verification value and a token derivation key to a merchant associated with
the merchant computer;

storing, by the tokenization server, the token derivation key and the merchant verification value in a database;
receiving, by the tokenization server, an authorization request message for a transaction that includes an account identifier
and the merchant verification value, wherein the authorization request message is sent by the merchant computer;

sending, by the tokenization server, the authorization request message to an issuer computer for authorization of the transaction;
receiving, by the tokenization server from the issuer computer, an authorization response message indicating whether the transaction
has been authorized by the issuer computer;

retrieving, by the tokenization server, the token derivation key using the merchant verification value included in the authorization
request message from the database;

generating, by the tokenization server, an account token using the token derivation key by encrypting the account identifier
using the token derivation key;

inserting, by the tokenization server, the account token in the authorization response message received from the issuer computer;
and

sending, by the tokenization server, the authorization response message including the account token to the merchant computer,
wherein the token derivation key is available only to the tokenization server.

US Pat. No. 9,324,069

TRANSIT ACCESS APPARATUS AND METHOD INCLUDING DEVICE AUTHENTICATION

VISA INTERNATIONAL SERVIC...

1. An apparatus for enabling a patron to access and utilize a transit system, comprising:
a processor programmed to execute a set of instructions;
a data storage medium coupled to the processor; and
the set of instructions contained in the data storage medium, wherein when the set of instructions are executed by the processor,
the apparatus enables the patron to access and utilize the transit system by

receiving entry data in response to authenticating a payment device belonging to the patron presented at an entrance gate
of the transit system at the start of a trip conducted by the patron, wherein the patron is able to enter and begin use of
the transit system prior to initiating a pre-authorization process for a payment transaction based on the patron's use of
the transit system;

initiating the pre-authorization process for the payment transaction while the patron is using the transit system and is on
the trip, wherein the pre-authorization process includes generating a pre-authorization amount for the payment transaction,
wherein the pre-authorization process comprises a request for authorization for the transaction for the pre-authorization
amount which is reserved from an account balance of an account associated with the payment device until settlement of the
payment transaction; and

receiving exit data in response to authenticating the payment device at an exit gate of the transit system at the end of the
trip, wherein the authenticating the payment device belonging to the patron presented at the transit system entrance gate
and the authenticating the payment device at the exit gate of the transit system ensures that the payment device has not become
invalid during the patron's use of the transit system.

US Pat. No. 9,280,765

MULTIPLE TOKENIZATION FOR AUTHENTICATION

Visa International Servic...

1. A method comprising:
receiving at a first entity computer operated by a first entity, a first token from a consumer;
determining, by the first entity computer, a second token associated with the first token; and
sending, by the first entity computer, the second token to a server computer at a second entity, wherein the server computer
determines an account identifier associated with the second token and,

wherein the method further comprises generating, by the first entity computer, an authorization request message comprising
the second token; and

wherein sending the second token to the server computer at the second entity comprises
sending, by the first entity computer, the authorization request message to the server computer at the second entity, wherein
the server computer receives the authorization request message, determines the account identifier by electronically searching
a database for an account identifier associated with the second token, modifies the authorization request message to include
the account identifier, and sends the modified authorization request message to an account issuer computer to authorize the
transaction.

US Pat. No. 9,159,084

SYSTEMS AND METHODS TO COMMUNICATION VIA A MERCHANT AGGREGATOR

VISA International Servic...

1. A computer-implemented method, comprising:
receiving, in a computing apparatus comprising a portal, first data identifying a merchant, the first data including a first
merchant identifier of the merchant, wherein the portal is configured to communicate with a remote computing device over a
communication network to receive the first data, the computing apparatus having at least one processor and memory storing
instructions configured to instruct the at least one processor to perform the method, and the computing apparatus further
comprising a transaction handler;

determining, by the transaction handler of the computing apparatus using the first data, a second merchant identifier different
from the first merchant identifier, the second merchant identifier configured to identify the merchant in authorization requests
for transactions of the merchant submitted to the transaction handler, wherein the computing apparatus further comprises a
data warehouse coupled with the transaction handler to store transaction data recording transactions processed by the transaction
handler;

storing, in the data warehouse of the computing apparatus, second data associating the first merchant identifier and the second
merchant identifier;

monitoring, by the computing apparatus using the second merchant identifier, transactions of the merchant to detect a subset
of the transactions, wherein the computing apparatus further comprises a media controller; and

in response to detecting a transaction in the subset, transmitting by the media controller of the computing apparatus a message
to the remote computing device in real time as the transaction handler processes the transaction, wherein the message contains
information about the transaction and identifies the merchant using the first merchant identifier.

US Pat. No. 9,848,052

SYSTEM AND METHOD FOR TOKEN DOMAIN CONTROL

VISA INTERNATIONAL SERVIC...

1. A method comprising:
receiving, by a processor in a token service computer, a first token request from a first token requestor computer, wherein
the first token request includes a payment account number and a first domain identifier;

identifying, by the processor in the token service computer, a payment token associated with the payment account number;
generating, by the processor in the token service computer, a first token code associated with the payment token;
assigning, by the processor in the token service computer, the payment token and the first token code to the first domain
identifier, such that the first token code is specific to a first domain associated with the first domain identifier;

providing, by the processor in the token service computer, the payment token and the first token code to the first token requestor
computer, wherein the first token requestor subsequently uses the payment token in place of the payment account number for
a first payment transaction, and wherein the first token requestor's subsequent use of the payment token is valid if the payment
token is accompanied by the first token code and used within the first domain;

receiving, by the processor in the token service computer, a second token request from a second token requestor computer,
wherein the second token request includes the payment account number and a second domain identifier, wherein the payment account
number received in the second token request is the same as the payment account number received in the first token request;

identifying, by the processor in the token service computer, the payment token associated with the payment account number;
generating, by the processor in the token service computer, a second token code associated with the payment token, wherein
the second token code is different than the first token code, and wherein the second token code and the first token code are
both associated with the same payment token;

assigning, by the processor in the token service computer, the payment token and the second token code to the second domain
identifier, such that the second token code is specific to a second domain associated with the second domain identifier, wherein
the first domain identifier is different than the second domain identifier, and wherein the first domain is different than
the second domain; and

providing, by the processor in the token service computer, the payment token and the second token code to the second token
requestor computer, wherein the second token requestor subsequently uses the payment token in place of the payment account
number for a second payment transaction, wherein the second token requestor's subsequent use of the payment token is valid
if the payment token is accompanied by the second token code and used within the second domain.

US Pat. No. 9,355,393

MULTI-DIRECTIONAL WALLET CONNECTOR APPARATUSES, METHODS AND SYSTEMS

Visa International Servic...

1. A multi-directional wallet service connection processor implemented method comprising:
receiving, via a processor, a wallet service connection request;
determining at least one entity to be involved in fulfilling the wallet service connection request, including any of a source
entity and a target entity;

determining a wallet service connection source action and a wallet service connection target action;
determining a wallet service connection privilege associated with the at least one entity and the wallet service connection
source action and the wallet service connection target action;

performing the wallet service connection source action on the source entity;
providing a result of the performed wallet service connection source action on the source entity to the target entity for
execution of the wallet service connection target action on the target entity, wherein the wallet service connection target
action is to map a wallet user interface obtained as a result of the wallet service connection source action into a native
wallet user interface and generate a native wallet user interface widget for extension; and

obtaining a result of the wallet service connection target action.

US Pat. No. 9,348,896

DYNAMIC NETWORK ANALYTICS SYSTEM

VISA INTERNATIONAL SERVIC...

1. A method for iteratively retrieving data relevant to a query, comprising:
receiving, by a data analyzer module, a first data message including the query from a data requester;
determining, by the data analyzer module, a current risk level associated with the query;
retrieving, by the data analyzer module, risk data relevant to the query from one or more fixed risk data tables and one or
more dynamic risk data tables;

determining, by the data analyzer module, that the risk data is not a sufficient amount of data to form a response to the
query based on the current risk level by determining that one or more cut-off values have not been reached;

retrieving, by the data analyzer module, first external data relevant to the query from a first external data source in response
to the determination that the risk data is not a sufficient amount of data to form the response;

determining, by the data analyzer module, that the risk data and the first external data are not a sufficient amount of data
to form the response to the query based on the current risk level by determining that the one or more cut-off values have
not been reached;

retrieving, by the data analyzer module, additional external data relevant to the query from one or more additional external
data sources until the data analyzer module determines that the risk data, the first external data, and the additional external
data are a sufficient amount data to form the response to the query based on the current risk level by determining that the
one or more cut-off values have been reached;

determining, by the data analyzer module, that the risk data, the first external data, and the additional external data are
a sufficient amount of data to form the response to the query based on the current risk level by determining that the one
or more cut-off values have been reached;

generating, by the data analyzer module, a second data message containing the response to the query; and
providing, by the data analyzer module, the second data message to the data requester.

US Pat. No. 9,332,396

SYSTEMS AND METHODS TO PROVIDE LOCATION-DEPENDENT INFORMATION DURING AN OPTIMAL TIME PERIOD

VISA INTERNATIONAL SERVIC...

1. A computing apparatus, comprising:
a portal configured to
receive location data from a mobile device, the location data identifying locations of the mobile device at a plurality of
different time instances,

extract from the location data routes traversed by the mobile device, and
generate route words representing the routes, wherein each of the route words has an ordered list of location identifiers,
each of the location identifiers representing a defined location;

a data storage device configured to store the route words in a route dictionary, wherein for each respective route identified
by a respective route word, the route dictionary stores at least a frequency of the mobile device traversing the respective
route and a time period during which the mobile device traverses the respective route;

wherein in response to the portal receiving an indication of a recently completed route of the mobile device, the portal is
configured to

look up a plurality of route words from the route dictionary using at least one of:
a location identifier of a destination of the recently completed route, and
a location identifier of the origin of the recently completed route;
select a selected route word from the plurality of route words based at least in part on frequencies of the plurality of route
words;

determine ranks of a plurality of data items based at least in part on distances of locations of the data items to a route
represented by the selected route word;

select one or more selected data items based on the ranks;
look up from the route dictionary a time period of the selected route word during which the mobile device traverses the route
represented by the selected route word; and

transmit the one or more selected data items to the mobile device a predetermined time period before a next trip of the mobile
device traversing the route represented by the selected route word according to the time period of the selected route word.

US Pat. No. 9,129,321

FRAUD DETECTION SYSTEM AUDIT CAPABILITY

Visa International Servic...

1. A method comprising:
providing, by a server computer, a user interface on a first computer for viewing and modifying a plurality of fraud detection
rules for detecting fraudulent transactions;

receiving, by the server computer, a modification to a first fraud detection rule from the plurality of fraud detection rules
from a user via the user interface;

recording, by the server computer, the modification in a database by creating a first entry for the modification, the first
entry including a field indicating a user identifier associated with the user;

subsequent to recording the modification, providing, by the server computer, the user interface on a second computer;
receiving, by the server computer, via the user interface on the second computer, a search request for prior modifications
associated with the first fraud detection rule, the search request including a search parameter corresponding to the first
fraud detection rule;

searching the database, by the server computer, for entries of the prior modifications associated with the first fraud detection
rule using the search parameter; and

returning, by the server computer, a search result to the second computer, wherein the search result includes the user identifier
of the user who modified the first fraud detection rule in the first entry.

US Pat. No. 9,111,314

SYSTEM AND METHOD FOR CUSTOM SERVICE MARKETS

Visa International Servic...

1. A method for providing a custom service market comprising:
publishing computer readable code received from a service provider along with a plurality of other computer readable code
received from a plurality of other service providers on a financial services store interface on a server computer, wherein
representations of the plurality of the published computer readable code from the service providers are provided for display
on a user client device to enable browsing and selection of services from the service providers based on the displayed representations
of the published computer readable code; and

receiving a selection of a specific combination of the representations of the published computer readable code from the service
providers on the display of the user client device; and

applying the services associated with the selected combination to payment transactions originating from a merchant operating
the user client device.

US Pat. No. 9,948,673

RELIABLE TIMESTAMP CREDENTIAL

Visa International Servic...

1. A communication device comprising:a processor; and
a memory storing computer readable code, which when executed by the processor, causes the communication device to perform operations including:
transitioning the communication device from an active state to an inactive state;
transitioning the communication device from the inactive state back to the active state;
subsequent to transitioning back to the active state, receiving a request to generate an access credential;
determining whether the communication device successfully executed a predetermined shutdown sequence when the communication device transitioned to the inactive state;
determining whether the communication device has synchronized with an authorization network subsequent to transitioning back to the active state;
generating the access credential including a timestamp, wherein the access credential indicates that the access credential has reliable timestamp information by having a non-reset value in the timestamp if the communication device successfully executed the predetermined shutdown sequence or has synchronized with an authorization network subsequent to transitioning back to the active state, and wherein the access credential indicates that the access credential has unreliable timestamp information when the communication device failed to successfully execute the predetermined shutdown sequence and has not synchronized with an authorization network subsequent to transitioning back to the active state; and
providing the access credential to an access device associated with the authorization network to authenticate the communication device.

US Pat. No. 9,424,421

SECURITY ENGINE FOR A SECURE OPERATING ENVIRONMENT

Visa International Servic...

1. A method comprising:
executing, by a mobile computing device, a secure operating environment on the mobile computing device, wherein the secure
operating environment executes on the mobile computing device independently of a host operating environment of the mobile
computing device;

receiving, by the secure operating environment, a request for a security service, the request received from an application
executing in the secure operating environment;

determining, by the secure operating environment, a security capability of the mobile computing device to provide the security
service, wherein the security capability of the mobile computing device is provided in part by the host operating environment;

determining, by the secure operating environment, a security capability of the secure operating environment to provide the
security service;

performing a comparison between the security capability of the mobile computing device and the security capability of the
secure operating environment;

selecting, by the secure operating environment, based on the comparison, a first security capability to provide the security
service, wherein the first security capability is selected from one or both of the security capability of the mobile computing
device or the security capability of the secure operating environment; and

providing, by the secure operating environment, the security service to the application, wherein the security service is provided
based on the first security capability.

US Pat. No. 9,058,548

PAYMENT CARD SYSTEM AND METHOD

Visa International Servic...

1. A card comprising:
a composite layer comprising a polymer and a plurality of particles, wherein each of the plurality of particles comprises:
a core comprising a metal; and
an outer coating comprising an insulator, wherein the plurality of particles comprise at least about 15 volume % of the composite
layer, and wherein the composite layer is less susceptible to electrostatic buildup than the metal.

US Pat. No. 9,813,245

METHODS FOR SECURE CRYPTOGRAM GENERATION

VISA INTERNATIONAL SERVIC...

1. A computer-implemented method comprising:
determining, by a user device, an ephemeral key pair comprising an ephemeral public key and an ephemeral private key;
sending, by the user device, a provisioning request message including the ephemeral public key to a provisioning server computer;
receiving, by the user device, a provisioning response message including encrypted credentials from the provisioning server
computer;

determining, by the user device, a response shared secret using the ephemeral private key and a static server public key;
decrypting, by the user device, the encrypted credentials using the response shared secret to determine credentials;
obtaining key derivation parameters from the credentials; and
deriving a first cryptogram key from the response shared secret using the key derivation parameters, the first cryptogram
key operable to generate a first cryptogram for use in a first secure communication with a validation server computer.

US Pat. No. 9,367,843

TRANSACTION ALERTING IN A MULTI-NETWORK ENVIRONMENT

Visa International Servic...

1. A method for generating an alert, the method comprising:
receiving by a transaction processing server computer an authorization request message associated with a first transaction,
wherein the transaction processing server computer is configured to receive authorization request messages from a first payment
network and a second payment network;

determining whether the authorization request message was routed through the first payment network or the second payment network,
wherein the authorization request message is routed through either the first payment network or the second payment network;

in response to determining that the authorization request message was routed through the second payment network, transmitting
alert initiation data from the transaction processing server computer to an alert platform associated with the first payment
network but not associated with the second payment network; and

in response to determining that the authorization request message was routed through the first payment network, transmitting
alert initiation data from the first payment processing network to the alert platform;

wherein the alert platform is configured to:
apply at least one alert criterion to the alert initiation data to determine if an alert is to be generated;
generate the alert; and
transmit the alert to a mobile application executed by a processor of a mobile device, the mobile device being associated
with a first payment account and a second payment account, and the authorization request message being associated with the
first payment account or the second payment account.

US Pat. No. 9,848,298

SYSTEM AND METHOD FOR AUTOMATED ANALYSIS COMPARING A WIRELESS DEVICE LOCATION WITH ANOTHER GEOGRAPHIC LOCATION

Visa International Servic...

1. A method comprising:
obtaining, from a database associated with a wireless network, a location of a wireless device;
obtaining, from a data network exclusive of the wireless network, a location of a second device with which a user associated
with the wireless device is interacting;

obtaining, based on the obtained location of the second device, a location of the user;
converting the location of the wireless device and the location of the user into a common location format;
comparing the location of the wireless device and the location of the user to determine proximity of the location of the wireless
device to the location of the user; and

sending a result of the comparison of the location of the wireless device and the location of the user to a processing system.

US Pat. No. 9,495,544

SECURE DATA TRANSMISSION AND VERIFICATION WITH UNTRUSTED COMPUTING DEVICES

Visa International Servic...

1. A method in a secure module executing on a computing device with an operating system, comprising:
causing, by the secure module, a user interface to be presented to a user by providing obfuscated user interface data to the
operating system that does not reveal meaningful elements that are part of the user interface;

receiving, by the secure module from the operating system, a notification that the user has provided an input value via the
user interface to the computing device, wherein the notification does not include the input value and the operating system
is not aware of the input value;

responsive to said receiving the notification, identifying an obfuscated user input value that represents the input value;
de-obfuscating, by the secure module, the obfuscated user input value to yield the input value;
receiving, by the secure module, one or more additional notifications that data representing the input value has been processed
by one or more respective software or hardware modules of the computing device; and

updating, by the secure module, a measured value for information flow tracking in response to the one or more notifications,
wherein the measured value identifies the one or more software or hardware modules that have processed the data representing
the input value; and

wherein the method further comprises
after said receiving the notification that the user has provided the input value,
causing, by the secure module, an updated user interface to be presented to the user by providing updated obfuscated user
interface data to the operating system that does not reveal meaningful elements that are part of the updated user interface.

US Pat. No. 9,490,985

SYSTEMS AND METHODS TO SECURE USER IDENTIFICATION

VISA INTERNATIONAL SERVIC...

1. A method, comprising:
communicating, by a computing device, with a user device to receive information about a user of the user device;
forming, by the computing device, a dataset including
the information about the user received from the user device, and
a first identifier of the user used by the computing device to identify the user from a plurality of users of the computing
device;

generating, by the computing device, a digital signature on the dataset;
generating, by the computing device, a second identifier of the user using the digital signature, wherein the second identifier
is not part of the dataset; and

providing, by the computing device, an instruction to the user device to redirect the user to a server separate from the computing
device, the instruction configured to instruct the user device to use the second identifier to identify the user in submitting
the information about the user to the server;

wherein the server is configured to validate the information about the user submitted from the user device with the second
identifier via

extracting the first identifier and the digital signature from the second identifier;
combining the first identifier extracted from the second identifier with the information about the user submitted from the
user device to the server to form a reconstructed dataset;

validating the reconstructed dataset against the digital signature extracted from the second identifier.

US Pat. No. 9,466,075

SYSTEMS AND METHODS TO PROCESS REFERRALS IN OFFER CAMPAIGNS

VISA INTERNATIONAL SERVIC...

1. A method, comprising:
providing a computing apparatus including a transaction handler configured to process enrollment of an enrolling user;
receiving, by the transaction handler, enrollment information corresponding to an enrollment request from the enrolling user;
receiving, by the transaction handler, electronic authorization requests from transaction terminals;
sending, by the transaction handler, transaction data associated with the authorization requests to a data warehouse to cause
storage of the transaction data in the data warehouse;

determining, by the transaction handler, an identifier of a referring user based on the enrollment information;
in response to an enrollment of the enrolling user as a result of a referral from the referring user:
determining, by the transaction handler, whether the enrolling user is eligible to qualify for a status of completing a set
of requirements associated with a first event specified by a merchant for an offer campaign in which the enrolling user is
participating, the determining based at least in part on the transaction data, and

determining, by the transaction handler, whether the referring user is eligible to qualify for a status of completing a set
of requirements associated with a second event specified by the merchant for an offer campaign in which the referring user
is participating;

in response to verification of enrollment of the enrolling user, sending, by the transaction handler:
an electronic communication to cause recording, by the data warehouse, of data in a first data record indicating achievement
of the enrolling user in the offer campaign in which the enrolling user is participating,

an electronic communication to cause updating of a second data record stored in the data warehouse regarding the status of
completing the set of requirements for the referring user,

a first notification to the enrolling user in accordance with a first action specified by the merchant in relation to the
first event, the first action to cause a display of the first notification in a user interface of a first computing device
of the enrolling user, and

a second notification to the referring user in accordance with a second action specified by the merchant in relation to the
second event, the second action to cause a display of the second notification in a user interface of a second computing device
of the referring user.

US Pat. No. 9,456,348

SYSTEMS AND METHODS FOR AUTHENTICATING A USER OF A COMPUTER APPLICATION, NETWORK, OR DEVICE USING A WIRELESS DEVICE

Visa International Servic...

1. A method for authenticating a previously registered user of an application requiring secure access to the application using
a mobile access point, a computerized authentication system, and a wireless device associated with the user, the method comprising:
providing an invocation element on one or more of the wireless device or the mobile access point, the invocation element capable
of being activated by a single user action;

receiving an indication at the computerized authentication system that the invocation element has been activated;
obtaining a location of the wireless device;
determining whether the wireless device is associated with an authorized user based on a previously registered association
between a wireless device identifier associated with the wireless device and an application identifier associated with the
application using the computerized authentication system;

approving the user to use the application using the computerized authentication system based on a predetermined location criterion
related to one or more of the obtained wireless device location or a location of the mobile access point, when the wireless
device is associated with an authorized user; and

producing an indication on one or more of the mobile access point or the wireless device that the user has been authenticated
when the user was approved using the computerized authentication system.

US Pat. No. 9,439,036

SYSTEMS AND METHODS TO SELECT LOCATIONS OF INTEREST BASED ON DISTANCE FROM ROUTE POINTS OR ROUTE PATHS

VISA INTERNATIONAL SERVIC...

1. A computer-implemented method, comprising:
receiving, by a computing apparatus, a route information of a user;
selecting, by the computing apparatus, for location identification, an area within a predetermined threshold distance along
the selected route;

obtaining, by the computing apparatus, locations that are at least partially located within the selected area along the user's
route;

selecting, by the computing apparatus, at least a portion of the user's route for measuring distances of the locations along
the user's route;

determining, by the computing apparatus, respective distances of the locations from the selected portion;
computing, by the computing apparatus, affinity values of the user for the locations based on electronic payment transaction
data of the user;

computing respective utility values of the locations from a predetermined function based on the affinity values of the user
for the locations and the respective distances of the locations, wherein each utility value of a location is the predetermined
function of

an affinity value of the user for the location, and
a distance of the location, where the utility value of the location computed from the predetermined function increases
when the affinity value of the user for the location increases, and
when the distance of the location decreases;
ranking, by the computing apparatus, the locations based on the respective utility values; and
presenting, by the computing apparatus, one or more top ranked locations having highest utility values to the user.

US Pat. No. 9,424,603

MOBILE LOCATION NOTIFICATIONS SYSTEM AND METHOD

VISA INTERNATIONAL SERVIC...

1. A method, performed by a server computer, the method comprising:
electronically receiving, by the server computer, an authorization request message transmitted by an access device operated
by a mobile merchant, the authorization request message corresponding to a transaction conducted by the mobile merchant and
including:

a first data element identifying a transaction time, the transaction time corresponding to the time the authorization request
message was transmitted; and

a second data element identifying a mobile merchant location, the mobile merchant location corresponding to the location of
the access device at the time the authorization request message was transmitted, wherein the mobile merchant location is determined
utilizing one or more of global positioning system (GPS) data, cellular phone tower triangulation data, cellular phone tower
signal strength data, wireless access point location data, or internet protocol (IP) address data;

extracting, by the server computer, the first data element and the second data element from the received authorization request
message;

analyzing, by the server computer, the extracted first and second data elements to determine the transaction time and the
mobile merchant location;

electronically receiving, by the server computer, a client device location transmitted by a client device;
determining, by the server computer, that the distance between the mobile merchant location and the client device location
is within a threshold distance;

generating, by the server computer, a notification message when the distance between the mobile merchant location and the
client device location is within the threshold distance, wherein the notification message includes a graphical indication
of the mobile merchant location and the transaction time, wherein the graphical indication corresponds to the mobile merchant
location, which is determined using one or more of global positioning system (GPS) data, cellular phone tower triangulation
data, cellular phone tower signal strength data, wireless access point location data, or internet protocol (IP) address data;
and

electronically transmitting, by the server computer, the notification message to the client device according to a schedule
established in association with the client device, wherein the client device is enabled to display the notification message.

US Pat. No. 9,386,045

DEVICE COMMUNICATION BASED ON DEVICE TRUSTWORTHINESS

Visa International Servic...

1. A method comprising:
requesting, by a user device, one or more trustworthiness attributes of a target device before exchanging data with the target
device;

receiving the one or more trustworthiness attributes of the target device;
determining, based on the received one or more trustworthiness attributes of the target device, a set of one or more security
policies to enforce on a communication channel used for exchanging data between the user device and the target device, wherein
the set of one or more security policies is determined by determining a trustworthiness score of the target device based on
the received one or more trustworthiness attributes of the target device, and determining a trust level of the target device
based on the trustworthiness score; and

establishing the communication channel between the user device and the target device according to the set of one or more security
policies,

wherein when the trust level of the target device corresponds to a first trust level, the set of one or more security policies
includes at least one of using a first encryption algorithm to encrypt the data being exchanged on the communication channel,
and digitally signing the data being exchanged on the communication channel, and when the trust level of the target device
corresponds to a second trust level, the set of one or more security policies includes at least one of using a second encryption
algorithm that is different than the first encryption algorithm to encrypt the data being exchanged on the communication channel.

US Pat. No. 9,176,543

ACCESS USING A MOBILE DEVICE WITH AN ACCELEROMETER

Visa International Servic...

1. A mobile device comprising:
a processor;
a sensor coupled to the processor; and
a memory coupled to the processor and storing machine readable code, which when executed by the processor, causes the mobile
device to:

generate first sensor data using the sensor of the mobile device to facilitate a transaction being conducted with the mobile
device, wherein the sensor is a motion or pressure sensor and measures an external force caused by a physical interaction;

initiate comparison of first interaction data with second interaction data, the first interaction data including first location
data and the first sensor data of the mobile device, the second interaction data including second location data and second
sensor data of a terminal device, wherein the first location data is compared with the second location data to determine whether
the first location data corresponds to the second location data, and the first sensor data is compared with the second sensor
data after comparison of the first location data and the second location data to determine whether the mobile device and the
terminal device physically interacted with each other; and

receive a transaction message when the mobile device and the terminal device are determined to have physically interacted
with each other, wherein the transaction message indicates whether or not the transaction is approved.

US Pat. No. 9,117,212

SYSTEM AND METHOD FOR AUTHENTICATION USING SPEAKER VERIFICATION TECHNIQUES AND FRAUD MODEL

Visa International Servic...

1. A method for authenticating a user for a transaction, comprising:
providing, by a device, a word string that comprises a random element;
transmitting an audio segment, to a server computer, wherein the audio segment originated from the user and wherein the server
computer authenticates the user for the transaction based at least in part on the transmitted audio segment; and

receiving, from the server computer, an indication that the user is authenticated for the transaction, wherein the server
computer holds the audio segment in a queue for a predetermined period of time, and delays updating of a fraud model with
the audio segment being held in the queue until after the predetermined period of time has elapsed and when no fraud has been
reported for the predetermined period of time.

US Pat. No. 9,111,280

GENERAL PURPOSE MESSAGING

Visa International Servic...

1. A method comprising:
building, by a user device, a message request to be sent to a messaging service comprising a mobile gateway and a message
server, the message request including data elements corresponding to message parameters specified by a user of the user device,
the message request configured to cause the messaging service to send the user device pending messages designated for the
user and satisfying the message parameters, wherein building the message request comprises

obtaining, at the user device, the message parameters, wherein the message parameters comprise an indication that the user
only desires to receive messages that are of an urgent priority level and an indication of a maximum number of the pending
messages that the user desires to receive in response to the message request,

converting, by the user device, the message parameters into the data elements, and
embedding, by the user device, the data elements and a message sequence number in the message request;
sending, from the user device to the messaging service, the message request having embedded therein the data elements corresponding
to the message parameters,

wherein the message request having the data elements embedded therein enables the messaging service to identify and send back
to the user device pending messages satisfying the user's message parameters that were pre-selected by or on behalf of the
user, and

wherein the message server in the messaging service is configured to
receive the message request,
access a table of data elements and corresponding message parameters, locate in the table of data elements, the message parameters
corresponding to the data elements embedded in the message request,

access pending messages data that includes a plurality of pending messages, identify in the pending messages data pending
messages that are designated for the user and corresponding to the message parameters, and

send the identified pending messages to the user device as response messages; and
receiving, by the user device, the response messages, each response message comprising the sequence number, and wherein the
method further comprises embedding, by the user device, a last successful received response message sequence number in the
message request, which indicates the sequence number received in the last successfully received response message.

US Pat. No. 10,049,360

SECURE COMMUNICATION OF PAYMENT INFORMATION TO MERCHANTS USING A VERIFICATION TOKEN

Visa International Servic...

1. A method initiating a payment transaction, the method comprising:presenting, from a merchant server comprising a data processor and a computer readable medium comprising computer code, a website portal providing various web pages that enable a user to select at least one product or service for purchase to a computer, the computer code directing the data processor in the merchant server to create an active purchase session for the user that is actively pursuing a purchase transaction;
receiving, by the merchant server, one or more messages directly from a validation entity, the one or more messages including data including data representative of at least a portion of identification information of a portable consumer device obtained from a verification token, after the validation entity has determined that one or more validation tests pertaining to the verification token are passed;
correlating, by the merchant server, the data received in the one or more messages from the validation entity to the active purchase session; and
initiating the payment transaction using at least some of the data received in the one or more messages.

US Pat. No. 9,452,353

GAME CARD INCLUDING PAYMENT IDENTIFIER

VISA INTERNATIONAL SERVIC...

1. A portable consumer device comprising:
a substrate;
a financial account identifier on the front of the substrate, wherein the financial account identifier is from an issuer,
wherein the financial account identifier is configured to conduct a transaction with a first system, and wherein the first
system comprises a payment network;

a game code on the back of the substrate, wherein the game code is configured to conduct a transaction with a second system
that is different from the first system, wherein the second system comprises a game system including an electronic game, wherein
the game code represents a value in the electronic game, and wherein the game code is separate from the financial account
identifier;

an electronic or magnetic data storage medium storing at least the financial account identifier; and
a game graphic that is associated with the electronic game, the game graphic including the name of the electronic game or
an icon associated with the electronic game.

US Pat. No. 9,396,465

APPARATUS INCLUDING DATA BEARING MEDIUM FOR REDUCING FRAUD IN PAYMENT TRANSACTIONS USING A BLACK LIST

Visa International Servic...

1. An apparatus for reducing fraud in electronic payment transactions, comprising:
a processor configured to execute a set of instructions;
a memory coupled to the processor for storing the set of instructions; and
the set of instructions stored in the memory, wherein when the instructions are executed by the processor, the apparatus operates
to:

receive a plurality of authorization messages associated with a plurality of electronic payment transactions from a plurality
of merchant computers and forward the plurality of authorization messages to an issuer computer for approval, each authorization
message comprising an account number associated with a payment card issued by an issuer associated with the issuer computer
and data regarding an electronic consumer device used to conduct an associated electronic payment transaction, wherein the
account number associated with the payment card is entered into the electronic consumer device to conduct the electronic payment
transaction, wherein the data regarding the electronic consumer device includes device identification data uniquely identifying
the electronic consumer device;

identify, using the device identification data, that the same electronic consumer device being used to conduct each of the
plurality of electronic payment transactions;

process the plurality of authorization messages to determine that the electronic consumer device was previously used to conduct
one or more declined or fraudulent transactions, the processing including:

analyzing the plurality of electronic payment transactions, and
determining, based on the analyzing, that one or more electronic payment transactions among the plurality of electronic payment
transactions are declined or fraudulent;

determine a score for the electronic consumer device based on a number and type of the one or more declined or fraudulent
electronic payment transactions;

blacklist the electronic consumer device when the score exceeds a predetermined threshold, wherein the predetermined threshold
depends upon one or more factors associated with the electronic consumer device;

store the score and determination of blacklisting the electronic consumer device;
receive a subsequent authorization message from a merchant computer for an authorization process associated with a subsequent
electronic payment transaction initiated with the merchant computer using the blacklisted electronic consumer device;

communicate, after receiving the subsequent authorization message, the determination of blacklisting the electronic consumer
device to the merchant computer in an authorization response message as part of the authorization process for the subsequent
electronic payment transaction; and

deny authorization for the subsequent electronic payment transaction based on the score and determination of blacklisting
the electronic consumer device.

US Pat. No. 9,390,412

DYNAMIC POINT OF SALE SYSTEM INTEGRATED WITH READER DEVICE

Visa International Servic...

1. A method, comprising:
receiving, by a server computer of a service provider, a session request to establish a session for communication with a computing
device to conduct a payment transaction between a merchant and a consumer;

sending, by the server computer, activation information to the computing device, wherein the activation information includes
a uniform resource locator that identifies a location of a webpage on the server computer, and wherein interaction with a
prompt on the webpage enables operation of a reader device to receive payment information from a portable device;

receiving, from the computing device in response to the computing device, receiving of the activation information, a request
to retrieve the webpage at the location on the server computer;

upon retrieval of the webpage at the location, sending the webpage to the computing device;
receiving, by the server computer, from the computing device, encrypted payment information via an order form of the webpage,
wherein the encrypted payment information is encrypted at the reader device based on the payment information received from
the portable device, and wherein the order form includes the encrypted payment information received from the reader device;
and

processing, by the processor, the payment transaction based on the encrypted payment information received via the order form.

US Pat. No. 9,372,971

INTEGRATION OF VERIFICATION TOKENS WITH PORTABLE COMPUTING DEVICES

Visa International Servic...

1. A verification token comprising:
an interface;
a computer-readable medium;
a data processor electrically coupled to the interface, and the computer-readable medium;
code embodied on the computer-readable medium that directs the data processor to transmit at least a portion of identification
information to an entity that can provide a dynamic PAN;

code embodied on the computer-readable medium that directs the data processor to receive, after transmitting said identification
information, the dynamic PAN from the entity; and

code embodied on the computer-readable medium that directs the data processor to locate a browser web page on the computer
that has a form field, and to enter the dynamic PAN received from the entity in the form field,

wherein the verification token is configured to be located within a housing of the computer or a peripheral device electrically
coupled to the computer, wherein the computer and the peripheral device comprise data processors that are separate from the
data processor in the verification token.

US Pat. No. 9,245,267

PORTABLE ACCOUNT NUMBER FOR CONSUMER PAYMENT ACCOUNT

Visa International Servic...

4. A method for processing a transaction, comprising:
receiving, by a server computer from a point of sale terminal, an authorization request message for the transaction comprising
an account identifier that identifies an account used to conduct the transaction, the account identifier not including information
identifying a first issuer for the account, and an issuer identifier data string separate from the account identifier that
identifies the first issuer for the account, wherein the account identifier is extracted, by the point of sale terminal, from
a first data field of a payment device associated with the account that does not store the issuer identifier data string,
and wherein the issuer identifier data string is extracted, by the point of sale terminal, from a second separate data field
of the payment device, after the payment device interacts with the point of sale terminal;

determining, by the server computer, based on the issuer identifier data, the first issuer for the account;
routing, by the server computer, the authorization request message to the first issuer using the issuer identifier data string;
receiving, by the server computer, from the first issuer for the account, an authorization response message containing a decision
from the issuer whether to approve or deny the transaction; and

forwarding the authorization response message to the point of sale terminal, wherein the account used to conduct the transaction
is later identified with a second issuer different from the first issuer and used to conduct a second transaction.

US Pat. No. 9,225,531

AUTOMATED TEST TO TELL COMPUTERS AND HUMANS APART

Visa International Servic...

1. A method comprising:
in response to receiving a request to validate a user to determine if the user is a computer or a human, performing the following
steps:

randomly selecting a set of images from an image data store, wherein the image data store includes a plurality of images that
are each categorized into one of a plurality of categories according to content of each image, wherein each image in the set
of images is associated with a different category, wherein each image in the set of images is a randomly selected type of
image, the type of image indicating how the image was generated, wherein the type of image includes two or more of a photograph,
a drawing, a clipart or a line drawing;

for a given image among the set of images, determining the category associated with the given image;
generating a challenge instruction using the category of the given image, wherein the challenge instruction instructs the
user to select an image from the set of images corresponding to the category;

generating a user interface for displaying the challenge instruction and for displaying each image from the set of images
sequentially to the user one at a time, each image being displayed for an interval of time, wherein the interval of time each
image is displayed is selected randomly for each image in the set of images;

receiving a user input indicating an image selected by the user from the set of images; and
when the image selected by the user is associated with the category identified in the challenge instruction, generating a
response to the request to validate the user, indicating that the user has successfully responded to the challenge instruction.

US Pat. No. 9,160,416

CONTACTLESS DISABLEMENT

Visa International Servic...

1. A portable device comprising:
a contactless interface;
a communication interface;
a memory element, comprising configuration data, operatively coupled to the contactless and contact interface;
an application stored in the memory element; and
financial data stored in the memory element,
wherein the configuration data cause the contactless interface to be enabled or disabled depending upon a state of the configuration
data, the configuration data configured to enable the contactless interface only through a command from an issuer using the
contact interface.

US Pat. No. 9,129,281

AUTOMATED CONTACTLESS ACCESS DEVICE LOCATION SYSTEM AND METHOD

Visa International Servic...

1. A method comprising:
electronically receiving mapping parameters, wherein the mapping parameters provide parameters for generating a map;
electronically receiving location data corresponding to contactless access devices;
adding, to a location database, the location data corresponding to the contactless access devices;
adding, to a mapping database, the mapping parameters, wherein the mapping parameters and the location data are received from
and defined by an issuer, wherein the mapping parameters comprise an indication of one or more filters applied to the location
data, wherein each of the one or more filters include a condition, wherein contactless access devices not satisfying the condition
are not included in map data generated using the location data; and

generating map data using the mapping database and the location database.

US Pat. No. 10,073,962

SYSTEM AND METHOD EMPLOYING REDUCED TIME DEVICE PROCESSING

VISA INTERNATIONAL SERVIC...

1. A method comprising:physically contacting, by an access device, a user device;
receiving, by the access device, credentials from the user device for a transaction;
storing, by the access device, the credentials;
sending, by the access device, a message to the user device informing the user device that the transaction is completed or that transaction authorization will be deferred because online authorization is not available, even though online authorization is available;
receiving, by the access device, a cryptogram from the user device, wherein the user device returns to a default setting after sending the cryptogram, thereby completing, by the access device, communications with the user device;
allowing, by the access device after completing communications with the user device, the user device to be removed from the access device before an authorization response message for the transaction is received from an authorizing entity computer;
generating, by the access device, an authorization request message for the transaction, wherein the authorization request message includes the cryptogram;
transmitting, by the access device, the authorization request message to the authorizing entity computer; and
receiving, by the access device, the authorization response message for the transaction from the authorizing entity computer while the user device is physically separated from the access device.

US Pat. No. 9,691,109

MECHANISM FOR REPUTATION FEEDBACK BASED ON REAL TIME INTERACTION

VISA INTERNATIONAL SERVIC...

1. A method comprising:
receiving, at a first computer, a request from a user for permission to submit feedback associated with a resource provider,
wherein the request is received after the user has interacted with the resource provider, and after an authorization request
message associated with the interaction was sent to a second computer different from the first computer;

sending, by the first computer, to the second computer, a transaction confirmation request message regarding whether the user
has interacted with the resource provider before activating a feedback function at the first computer for the user;

receiving, at the first computer, from the second computer, a transaction confirmation response message indicating that the
user has interacted with the resource provider based on an interaction record of the second computer;

allowing, by the first computer, the user to submit feedback associated with the resource provider; and
receiving, at the first computer, feedback associated with the resource provider.

US Pat. No. 9,589,266

RESTRICTED-USE ACCOUNT PAYMENT ADMINISTRATION APPARATUSES, METHODS AND SYSTEMS

Visa International Servic...

1. A processor-implemented restricted-use account reimbursement management method, comprising:
receiving electronically, by a payment processing computer network, a restricted-use account reimbursement request including
receipt information related to a purchase transaction from a user mobile wallet component instantiated on a memory of a user
mobile device, the receipt information having a purchase item that has already been paid for by a user, said purchase item
being potentially eligible for a restricted-account usage;

obtaining, by a transaction processor, purchase item information from the receipt information included in the restricted-use
account reimbursement request;

automatically generating, by the transaction processor, a computer-executable link to identify a recommended restricted-use
account of the user in response to accessing information generated from the mobile device of the user, said information generated
from the mobile device comprising GPS information from a GPS component;

determining, by the transaction processor, based on the restricted-use account whether the purchase item is eligible for the
restricted-account usage;

in response to the determining eligibility of the purchase item, determining, by the transaction processor, a reimbursement
amount associated with the purchase item from the purchase item information and the restricted-use account as a result of
executing the computer-executable link;

generating, by the transaction processor, a reimbursement authorization request message including the purchase item information
and the reimbursement amount in response to the determining;

transmitting, by the transaction processor, the reimbursement authorization request message to a restricted-account issuer
for approval; and

transacting electronically, by the transaction processor via the payment processing computer network, the reimbursement amount
from the restricted-use account to a user financial account upon the restricted-account issuer approval.

US Pat. No. 9,516,487

AUTOMATED ACCOUNT PROVISIONING

VISA INTERNATIONAL SERVIC...

1. A method comprising:
receiving, by a mobile communication device, an information request message from an issuer server computer thereby initiating
provisioning of a payment account on the mobile communication device without a user interacting with the mobile communication
device, wherein the issuer server computer is associated with an issuer that issued the payment account to the user;

automatically determining, by the mobile communication device, provisioning information associated with a secure memory in
response to the information request message and without input of the user operating the mobile communication device;

generating, by the mobile communication device, a provisioning request message including the provisioning information;
sending, by the mobile communication device, the provisioning request message including the provisioning information to a
provisioning system or the issuer server computer;

receiving, by the mobile communication device, a provisioning response message including provisioning data from the provisioning
system, wherein the provisioning data is generated using the provisioning information associated with the secure memory; and

storing, by the mobile communication device, the provisioning data in the secure memory, wherein the provisioning data associates
the mobile communication device with the payment account.

US Pat. No. 9,406,057

ALERT PRIORITIZATION LOGIC

Visa International Servic...

1. An alerts messaging system comprising:
a database comprising alert triggers; and
a server computer coupled to the database, wherein the server computer comprises a processor and a computer-readable storage
medium coupled to the processor, the computer readable storage medium comprising code executable by the processor for implementing
a method comprising:

providing an alert triggers selection and prioritization interface to allow a user to select a plurality of the alert triggers
and to set a priority value for each of the alert triggers;

receiving an authorization request message from an access device for a payment transaction that satisfies multiple alert triggers
including a first alert trigger and a second alert trigger, the authorization request message including at least first transaction
data satisfying the first alert trigger associated with a first priority value and second transaction data satisfying the
second alert trigger associated with a second priority value;

accessing the database comprising the alert triggers;
determining, for the payment transaction, priority values corresponding to the multiple alert triggers satisfied by the payment
transaction;

determining a priority of the multiple alert triggers based on the priority values corresponding to the multiple alert triggers;
and

performing additional processing based on the priority of the multiple alert triggers including:
generating one or more alert messages based on the priority of the alert triggers;
dynamically selecting an alternate delivery channel that is different than a user-configured default delivery channel assigned
to the priority of the alert triggers, the alternate delivery channel being dynamically selected based on reachability of
a user device and delivery channel cost associated with the alternate delivery channel; and

sending one or more of the generated alert messages to the user device via the alternate delivery channel, the one or more
of the generated alert messages including a count of a total number of transactions that have caused an alert message to be
sent.

US Pat. No. 10,089,683

FRAUD REDUCTION SYSTEM FOR TRANSACTIONS

VISA INTERNATIONAL SERVIC...

1. A computer-implemented method of reducing fraud in transactions, comprising:obtaining, by a risk management engine, authentication history data from an authentication history server, the authentication history server comprising an archive of authentication operations performed or attempted using an authentication protocol that requires a user to provide an authentication credential prior to authorization processing;
identifying, by the risk management engine, authentication process characteristics common to confirmed fraudulent transactions in the authentication history data;
generating, by the risk management engine, rules based upon the authentication process characteristics;
receiving, by a directory server, a verification request message from a merchant computer;
receiving, by the risk management engine from the directory server, a request to perform a fraud assessment for a payment account that is being used to conduct a payment transaction prior to initiation of the authorization processing for the payment transaction;
requesting, by the risk management engine and from the authentication history server, data regarding a history of authentication operations performed involving the payment account;
performing, by the risk management engine, a fraud assessment process using the rules and the data requested from the authentication history server;
determining, as a result of the fraud assessment process, by the risk management engine, that the risk of the payment transaction exceeds a specified threshold and is suspected of being fraudulent; and
generating, by the risk management engine, and sending an early warning message to the directory server and an access control server at an issuer of the payment account prior to generation of an authorization request message, by the access control server, for the payment transaction to prevent generation of the authorization request message for the payment transaction.

US Pat. No. 10,055,745

SYSTEMS AND METHODS TO MODIFY INTERACTION RULES DURING RUN TIME

VISA INTERNATIONAL SERVIC...

1. A computer-implemented method, comprising:providing a computing apparatus comprising:
a transaction handler configured in an electronic payment processing network in communication paths between:
transaction terminals configured to initiate payment transactions made using payment accounts; and
issuer processors configured to control the payment accounts;
a portal configured to provide a communications interface for communicating with user and merchant computing devices without using the communication paths, and
a data warehouse, coupled with the portal and the transaction handler, configured to store data indicating a completion status of events for each of a plurality of users;
receiving, by the portal, from a user computing device of a first user, a communication reference of the first user;
receiving, by the portal, from a merchant computing device, input data specifying a set of event records that defines a campaign, the set of event records comprising a first event record and a second event record, each respective event record in the set of event records having a plurality of data fields, including:
a first field to specify an event type,
at least one second field to specify conditions related to events of the event type, and
a third field to specify an identifier of the respective event record,
the second event record further having:
a fourth field to specify the identifier of the first event record as a prerequisite for processing of the second event record;
generating, by the computing apparatus, trigger records according to the set of event records identified in the input data to detect a first event associated with the first event record based on the event type specified in the first field of the first event record and the conditions specified in the at least one second field of the first event record and to detect a second event associated with the second event record based on the event type specified in the first field of the second event record and the conditions specified in the at least one second field of the second event record, wherein the second event associated with the second event record is not detected before the first event associated with the first event record identified in the fourth field as the prerequisite of the second event record is detected;
storing, in the data warehouse, the trigger records generated according to the set of event records identified in the input data;
identifying, by the transaction handler, a first communication associated with the first event for the first user based on at least one of the trigger records that identifies the event type specified in the first field of the first event record and the conditions specified in the at least one second field of the first event record, in real-time with providing a response to the first communication, wherein the first event corresponds to a transaction made in the electronic payment processing network;
detecting, by the transaction handler, the second event required of the first user based on at least one of the trigger records that identifies the event type specified in the first field of the second event record and the conditions specified in the at least one second field of the second event record in a sequence according to the prerequisite identified by the identifier of the first event record specified in the fourth field of the second event record;
in response to an occurrence of each event associated with each event record of the set of the event records for the first user:
performing, by the computing apparatus, an action specified in a corresponding one of the event records specified in the input data;
determining, by a message broker, a message specified by the corresponding one of the event records specified in the input data;
transmitting, by a media controller, the message to the user computing device via the communication reference in accordance with the input data, the message transmitted to arrive at the user computing device in real time with the occurrence of the respective event;
storing, in the computing apparatus, data indicating completion of the respective event by the first user in the campaign;
receiving, via the portal, from the merchant computing device, a modification to the input data at a time during the campaign when the first user has a position between a beginning of the campaign and an ending of the campaign, the position based on completion of at least one event associated with the set of event records that defines the campaign; and
updating, by the computing apparatus, in the data warehouse, at least one of the trigger records according to the modification while preserving the position of the first user in the campaign as modified by the modification to the input data.

US Pat. No. 9,864,988

PAYMENT PROCESSING FOR QUALIFIED TRANSACTION ITEMS

Visa International Servic...

1. A point of sale (POS) terminal, comprising:
a bar code scanner configured to read a bar code from a portable consumer device, wherein the portable consumer device comprises
an electronic coupon loaded to enable payment in a transaction, the coupon associated with an account number identifying a
funding source of a benefit in a payment processing network, the coupon comprising a first code representing a first category
of eligible items of different types, the first category of eligible items eligible for the benefit sponsored by the funding
source, and the payment processing network comprising a payment processor computing device;

a processor;
memory storing instructions configured to instruct the processor to:
receive, for storage at the POS terminal, a plurality of coupon codes, each coupon code corresponding to a respective category
of eligible items, and each category associated with a set of item identification codes;

receive, by the POS terminal from the portable consumer device, during a check-out process of a user purchasing a set of purchase
items of different types, the first code, wherein the receiving the first code comprises reading the bar code from the portable
consumer device using the bar code scanner;

receive, by the POS terminal, the account number, wherein the account number is read from the portable consumer device;
identify, by the POS terminal, a subset of the purchase items, wherein the identifying the subset is based on the received
first code, the stored plurality of coupon codes, and a schema of eligible items classified under the first category, and
wherein the identifying the subset further comprises determining whether a first purchase item in the set of purchase items
is in the first category based on whether a first item identification code of the first purchase item is classified under
the first category in accordance with the schema; and

generate, by the POS terminal, a split transaction in which an authorization request for the benefit applied to the subset
of the purchase items is processed in accordance with the account number in the payment processing network;

wherein, in the split transaction, the POS terminal is configured to accept the benefit applied to the subset of the purchase
items as a first payment for the set of purchase items and configured to accept a second payment for the set of purchase items;

wherein electronic authorization communication by the POS terminal regarding the split transaction causes the payment processor
computing device to charge the first payment to a first account identified by the account number, and to charge the second
payment to a second account of a source other than the funding source.

US Pat. No. 9,684,920

DUAL ENCODING OF MACHINE READABLE CODE FOR AUTOMATIC SCAN-INITIATED PURCHASE OR UNIFORM RESOURCE LOCATOR CHECKOUT

VISA INTERNATIONAL SERVIC...

1. A central server computer comprising:
a processor; a computer readable medium coupled to the processor; and a network interface coupled to the processor, the network
interface located at a network interface address,

wherein the network interface is configured to receive a first form comprising first recognizable additional data from a first
electronic device that includes a compliant machine readable code reader module, wherein the first recognizable additional
data is presented to a user by the first electronic device after a first scanning device in the first electronic device scans
a machine readable code associated with a product, the first electronic device identifying at least the network interface
address and product information within the scanned machine readable code, the product information being identified by decoding
unrecognizable additional data within the scanned machine readable code, wherein the first form is generated from the identified
product information, and wherein the first form is received by the network interface at the identified network interface address
subsequent to the user of the first electronic device entering a user input associated with the first recognizable additional
data,

wherein the network interface is further configured to receive the unrecognizable additional data from a second electronic
device that includes a non-compliant machine readable code reader module, wherein the unrecognizable additional data is received
by the network interface after a second scanning device in the second electronic device scans the machine readable code associated
with the product, the second electronic device identifying the network interface address but being unable to decode the unrecognizable
additional data within the scanned machine readable code, the network interface receiving the unrecognizable additional data
at the network interface address identified in the machine readable code, the unrecognizable additional data appended to the
network interface address in a uniform resource locator,

wherein the computer readable medium comprises a decoding module including code that when executed causes the processor to
decode the unrecognizable additional data received via the uniform resource locator to form second recognizable additional
data to be presented to the second electronic device,

wherein the first form is generated by the first electronic device to include the first recognizable additional data, and
wherein the central server computer is configured to generate the second form to include the second recognizable additional
data in response to receiving an indication from the second electronic device, the second form being generated by auto-filling
a network document hosted by the central server with at least a portion of the second recognizable additional data.

US Pat. No. 9,582,598

HYBRID APPLICATIONS UTILIZING DISTRIBUTED MODELS AND VIEWS APPARATUSES, METHODS AND SYSTEMS

Visa International Servic...

1. A processor-implemented method of providing distributed model views utilizing a hybrid application environment, comprising:
receiving, at a processor, a request to create a hybrid web-view within a native application running on a user's mobile device;
transmitting, in response to the request, a web-view application request to a third party view provider;
receiving, via the processor and from the third party view provider, a web-view application view, wherein the web-view application
view is embedded with a hybrid application handler interaction link request;

instantiating, on the user mobile device, a native language handler link configured to receive a notification signal when
the web-view application view interaction link is triggered;

transmitting, to a private data provider, a model population request including the representation of the web-view application
view;

receiving, in response to the model population request, a populated model containing user data from the private data provider;
receiving an indication that the instantiated native language handler link has been triggered via the web-view application;
creating a native language representation of the current state of the web-view application view;
requesting, from the third-party view provider, a second web-view application view;
receiving, from the third-party view provider, the second web-view application view;
creating a web-view environment insertion function using the populated model, wherein the insertion function is configured
to populate the web-view environment with a plurality of data values from the populated model; and

injecting the web-view environment insertion function into the second web-view application view.

US Pat. No. 9,530,009

SECURE EXECUTION AND UPDATE OF APPLICATION MODULE CODE

Visa International Servic...

1. A method comprising:
a) determining that a first root of trust, comprising executable instructions, for an application module stored in memory
of a communication device needs to be updated, the application module comprising an application module kernel and an application
module frontend, wherein the application module frontend has low tamper resistance, the application module kernel has medium
tamper resistance, and the first root of trust has heavy tamper resistance;

b) receiving a second root of trust, comprising executable instructions, for the application module at the communication device;
c) after receiving the second root of trust, using the executable instructions from the second root of trust to generate a
first attestation value for the application module kernel and using executable instructions from the application module kernel
to generate a second attestation value for the application module frontend in a trust chain verification process; and

d) storing the first attestation value and the second attestation value determined during the trust chain verification process.

US Pat. No. 9,473,454

SECURITY GATEWAY COMMUNICATION

Visa International Servic...

1. A method for establishing a communication channel between a client device communicatively coupled to a client interface
of the gateway device and a server communicatively coupled to a host interface of the gateway device, the method comprising;
sending, by the client device, a predetermined sequence of client synchronize messages to a plurality of client ports on the
client interface of the gateway device in a predetermined client port order;

receiving a client response message from the gateway device only after the predetermined sequence of client synchronize messages
has been sent the client response message being received on a port of the client device that did not send any of the client
synchronize messages; and

establishing a communication channel to communicate user messages between the client device and the server, the communication
channel being established only after the gateway device has received a server response message on the host interface in response
to the gateway device sending a predetermined sequence of server synchronize messages to the server.

US Pat. No. 9,256,764

SEARCHABLE ENCRYPTED DATA

Visa International Servic...

1. A data encryption computer, comprising:
a processor; and
a non-transitory computer-readable storage medium, comprising code executable by the processor for implementing a method comprising:
receiving a plurality of sensitive data records comprising personal information of different users;
identifying one or more searchable fields for the sensitive data records, wherein each searchable field is associated with
a subset of the personal information for a user;

generating a searchable field index for each of the one or more searchable fields based on which one of at least three sensitivity
levels that each searchable field corresponds to,

wherein when the searchable field corresponds to a first sensitivity level, the searchable field index is in a plain text
format, when the searchable field corresponds to a second sensitivity level, the searchable field index is a hash value, and
when the searchable field corresponds to a third sensitivity level, the searchable field index is an encrypted hash value;

encrypting the sensitive data records using at least one database encryption key;
providing the database encryption key to a plurality of client computers authorized to decrypt the encrypted data records;
and

providing a searchable encrypted database comprising the searchable field indices and the encrypted sensitive data records
to a database access server, wherein the plurality of client computers are operable to obtain the sensitive data records from
the database access server using the database encryption key.

US Pat. No. 10,114,955

INCREASING SEARCH ABILITY OF PRIVATE, ENCRYPTED DATA

Visa International Servic...

1. A method for searching a database to obtain data, comprising:receiving, by a computer database system, a request for data comprising a search string;
determining a search column of a first table indicated in relation to the search string, the first table storing plaintext data of a particular type of personally identifiable information (PII) within the search column;
searching the search column of the first table of the computer database system using the search string to identify a matching string, wherein the first table includes an encrypted foreign key for each field, and the matching string is identified from the plaintext data;
obtaining at least one encrypted foreign key corresponding to the matching string identified using the search string;
sending the at least one encrypted foreign key to a decryption engine executing on one or more processors of the computer database system;
receiving from the decryption engine, at least one decrypted foreign key corresponding to the at least one encrypted foreign key, wherein the decrypted foreign key is generated by the decryption engine using a decryption key unique to the first table;
searching a second table of the computer database system using the at least one decrypted foreign key to obtain encrypted data, wherein the encrypted data comprises a different second type of PII;
sending the encrypted data to the decryption engine to decrypt the encrypted data; and
receiving, from the decryption engine, decrypted data resulting from decryption of the encrypted data, wherein the decrypted data comprises the requested data.

US Pat. No. 9,972,021

SYSTEMS AND METHODS TO RANK AND SELECT TRIGGERS FOR REAL-TIME OFFERS

Visa International Servic...

1. A method, comprising:providing a computing apparatus comprising:
a transaction handler configured in an electronic payment processing network in which the transaction handler interconnects issuer processors controlling consumer accounts from which payments are made and acquirer processors controlling merchant accounts to which the payments are made;
a data warehouse coupled with the transaction handler and configured to store identifiers of the consumer accounts in association with respective communication references, wherein authorization communications within the electronic payment processing network for the payments identify the consumer accounts using the identifiers of the consumer accounts, the data warehouse further storing transaction data recording the payments processed by the transaction handler in the electronic payment processing network, and further storing a set of triggers, each of the triggers identifying a set of one or more conditions which, when satisfied by a transaction processed by the transaction handler, cause transmission of a message to a user associated with the consumer account;
a portal coupled with the transaction handler and the data warehouse and configured to communicate via a communication channel outside the electronic payment processing network; and
a message broker configured to transmit messages using the respective communication references;
receiving, in the portal via the communication channel outside the electronic payment processing network, an input specifying a set of users;
ranking, by the computing apparatus, the triggers based at least in part on transaction data of the users recorded by the transaction handler in the data warehouse to generate a ranked list of the triggers;
providing, by the portal via the communication channel outside the electronic payment processing network, the ranked list for presentation via a user interface on a separate computer to allow selection of one or more triggers from the ranked list of triggers;
receiving, in the portal via the communication channel outside the electronic payment processing network, an input selecting one or more selected triggers from the ranked list of triggers, wherein the one or more selected triggers correspond to payment transactions made in the electronic payment processing network;
receiving, in the portal via the communication channel outside the electronic payment processing network, an input specifying an offer;
generating, by the computing apparatus in accordance with the input, one or more trigger records containing the one or more selected triggers selected from the ranked list of triggers;
storing in the data warehouse, the one or more trigger records;
monitoring, by the transaction handler, transactions being processed at the transaction handler to select a subset of the transactions according to the one or more trigger records by determining whether conditions specified in a trigger record are satisfied by a current transaction being processed by the transaction handler; and
in response to the current transaction of a user processed by the transaction handler satisfying the conditions specified in the trigger record,
generating, by the message broker, a message in accordance with the trigger record, wherein the message relates to the offer; and
transmitting, by the message broker using a communication reference associated with an account identifier of the user in the data warehouse, to a device of the user, the message including a code to be entered at a point of sale terminal causing a recalculation of a transaction at the point of sale terminal.

US Pat. No. 9,864,993

ACCOUNT AUTHENTICATION SERVICE WITH CHIP CARD

Visa International Servic...

1. A method of authenticating a cardholder during an online transaction for a requesting party, said method comprising:
receiving, at a trusted party access control server, a cardholder authentication request originating from a merchant computer
said cardholder authentication request including a cardholder account identifier and being routed to the trusted party access
control server from the merchant computer via the cardholder computer;

sending a chip authentication request from said trusted party access control server to said cardholder computer in response
to receipt of the cardholder authentication request at the trusted party access control server;

receiving a chip authentication response from said cardholder computer at said access control server that includes a cryptogram
and a cardholder authentication password, said cryptogram being generated by a chip card and application in communication
with said cardholder computer;

generating a second cryptogram at said access control server and comparing said second cryptogram to said cryptogram;
determining, by said access control server, that said cardholder authentication password matches a stored password that corresponds
to said cardholder account identifier based on a first comparison;

determining that said cryptograms match based on a second comparison; and
responsive to the first and second comparisons, sending, via said cardholder computer, a cardholder authentication response
from said trusted party access control server to said merchant computer indicating that said chip card and said cardholder
authentication password are authentic, whereby said access control server authenticates said cardholder for said requesting
party during said online transaction.

US Pat. No. 9,773,212

SECURE ANONYMOUS TRANSACTION APPARATUSES, METHODS AND SYSTEMS

VISA INTERNATIONAL SERVIC...

1. A secure anonymous transaction processor-implemented method, comprising:
obtaining an anonymous user transaction authorization request at a computing device, to process a purchase order;
generating dynamically, via a processor and an associated one-time anonymous card generation component of a pay network server,
one-time anonymous card data for processing the purchase order in real-time, using the anonymous user transaction authorization
request by generating random numeric or alphanumeric sequences for each field of the one-time anonymous card data;

generating, by the pay network server, an anonymized card authorization request for processing the purchase order with an
anonymized address;

providing, by the pay network server to a merchant computer, the anonymized card authorization request for processing the
purchase order;

obtaining, by the pay network server, notification of a shipment related to the anonymized purchase order to the anonymized
address; and

providing, by the pay network server to a shipper, an anonymized identifier to facilitate generating a shipment order to re-route
the shipment from the anonymized address to an actual shipment address of the user,

wherein the shipment order is a shipment request provided to the shipper of purchase order items and wherein the shipment
order includes the anonymized identifier associated with the anonymized card authorization request and anonymized card data,
and wherein the anonymized identifier may be used by the shipper to obtain the actual shipment address, wherein the shipper
may use the anonymized identifier to request the actual shipment address using an encrypted request message that is verified
by the processor.

US Pat. No. 9,672,511

LOCATION DEPENDENT COMMUNICATIONS BETWEEN MOBILE DEVICES AND TRANSACTION TERMINALS TO ORDER MOBILE DEVICE PAYMENT ACCOUNTS

VISA INTERNATIONAL SERVIC...

1. A mobile device, comprising:
a position determination device configured to determine a location of the mobile device;
a transceiver configured to communicate with a transaction terminal via near field communication;
a communication device configured to communicate with at least one server over internet;
a memory storing a plurality of data items and a set of instructions of a mobile application; and
at least one microprocessor coupled with the memory to execute the instructions of the mobile application configured to:
prior to a communication session with the transaction terminal via near field communication,
communicate the location of the mobile device, using the communication device, to the at least one server over internet;
receive, from the at least one server and as a response of communicating the location of the mobile device to the at least
one server, a category associated with the location of the mobile device; and

determine, based on the category received from the at least one server in response to the communicating of the location of
the mobile device to the at least one server, an order of the data items; and

during the communication session communicate, using the transceiver via near field communication, with the transaction terminal
in accordance with the order of the data items.

US Pat. No. 9,582,267

METHODS AND SYSTEMS FOR PARTIAL PERSONALIZATION DURING MOBILE APPLICATION UPDATE

Visa International Servic...

1. A method for updating personalization information associated with an update of a mobile application on a communication
device managed by an application provider computer, the method comprising:
receiving, by a server computer, a migration notification from the application provider computer, the migration notification
including device identification information, applet identification information identifying an applet of the mobile application,
and application version information for the mobile application installed on the communication device by the application provider
computer;

identifying, by the server computer, an account associated with the migration notification using the device identification
information and the applet identification information;

validating, by the server computer, the migration notification by comparing the received application version information with
stored application version information associated with the identified account;

identifying, by the server computer, a current personalization profile associated with the mobile application using the received
application version information;

identifying, by the server computer, an updated personalization profile associated with the update of the mobile application;
determining, by the server computer, partial personalization information associated with a difference between the current
personalization profile and the updated personalization profile;

generating partial personalization scripts including the partial personalization information for updating the personalization
information stored in the mobile application of the communication device, the partial personalization scripts generated without
including duplicate personalization information for the applet that is the same across the update of the mobile application
and a previous version of the mobile application installed on the communication device, wherein the duplicate personalization
information is retained at the communication device during update of the personalization information; and

providing, by the server computer, the partial personalization scripts to the application provider computer for installation
on the communication device to update the personalization information of the applet identified by the applet identification
information.

US Pat. No. 10,115,087

EVENT-TRIGGERED BUSINESS-TO-BUSINESS ELECTRONIC PAYMENT PROCESSING APPARATUSES, METHODS AND SYSTEMS

VISA INTERNATIONAL SERVIC...

1. A business-to-business transaction processing processor-implemented method, comprising:obtaining, by a processor, a purchase payment request having a processor-executable link from a user triggering event indication, said user triggering event indication being received upon user instantiation of a web-enabled device at a B2B/Pay platform of a first business entity, said user triggering event indication comprises a business-to-business payment event indication, said first business entity being different from the user, said web-enabled device providing user interface elements for the user to interact with user interface elements provided by the B2B/Pay platform;
determining, by the processor, in response to executing the processor-executable link a second business entity sponsoring the purchase payment request in response to parsing the purchase payment request, said second business entity being different from the first business entity and the user, said determining comprises receiving an instruction in response to a selection from the user for the second business entity on the web-enabled device;
obtaining, by the processor, purchase sponsoring instructions provided by the second business entity, said obtained purchase sponsoring instructions comprising verifying payment eligibility data of the user;
determining, by the processor, a payment sponsoring amount from the second business entity to the first business entity in response to the obtained purchase sponsoring instructions and the purchase payment request;
generating, by the processor, a business-to-business financial transaction request for the second business entity to transfer the determined payment sponsoring amount to the first business entity;
initiating, by the processor, a business-to-business financial transaction between the second business entity to the first business entity in response to the received user triggering event indication by sending the generated business-to-business financial transaction request to the second business entity;
receiving, by the processor, a payment amount adjudication indication from the second business entity;
retrieving, by the processor, account details of a first bank account of the first business entity and a second bank account of the second business entity, said first bank account being different from the second bank account and being different from a user bank account of the user; and
transacting, by the processor, the adjudicated payment amount from the second bank account of the second business entity to the first bank account of the first business entity.

US Pat. No. 10,089,609

SYSTEM AND METHODS FOR ONLINE/OFFLINE SYNCHRONIZATION

VISA INTERNATIONAL SERVIC...

1. A method comprising:determining, by a central server, a total virtual currency balance associated with a user profile, wherein the user profile is associated with a first user device and a second user device;
allocating and communicating a first portion of the total virtual currency balance to the first user device;
allocating and communicating a second portion of the total virtual currency balance to the second user device,
wherein the first portion of the total virtual currency balance is stored locally on a memory of the first user device as a first balance and the second portion of the total virtual currency balance is stored locally on a memory of the second user device as a second balance;
retrieving, by the central server, current state of the first portion and the second portion of the total virtual currency balance from the first user device and the second user device, respectively;
synchronizing, by the central server, the total virtual currency balance stored at the central server with the current state of the first portion and the second portion stored at the first user device and the second user device, respectively, the synchronizing including:
updating, by the central server, the total virtual currency balance associated with the user profile based on the retrieved current state,
monitoring, by the central server, usage of the first user device to determine actual usage data associated with the first user device; and
dynamically adjusting, by the central server, a value of the first portion of the total virtual currency balance allocated to the first user device based on the determined actual usage data associated with the first user device.

US Pat. No. 10,049,353

EMBEDDING CLOUD-BASED FUNCTIONALITIES IN A COMMUNICATION DEVICE

Visa International Servic...

1. A portable communication device comprising:a processor device;
a contactless transceiver coupled to the processor device;
a memory including multiple memory regions and storing a first application and an application agent, wherein the multiple memory regions comprising a first memory region and a second memory region,
wherein the application agent receives, from the application executing in the first memory region, a cryptogram key generated by a remote computer, stores the cryptogram key in the second memory region, receives a request to conduct a transaction from the application, generates a transaction cryptogram using the cryptogram key, accesses the contactless transceiver, and transmits the transaction cryptogram to an access device via the contactless transceiver, and
wherein the application agent sends a replenishment request for a second cryptogram key to the first application, the replenishment request including transaction log information derived from a transaction log stored in the second memory region, receives the second cryptogram key from the first application when the transaction log information in the replenishment request matches transaction log information at the remote computer, and stores the second cryptogram key in the second memory region.

US Pat. No. 9,825,897

GENERAL PURPOSE MESSAGING

VISA INTERNATIONAL SERVIC...

1. A method comprising:
building, by a user device, a first message request to be sent to a messaging server computer, the first message request including
data elements corresponding to message parameters specified by a user of the user device, the first message request configured
to cause the messaging server computer to send the user device a first set of pending messages designated for the user and
satisfying the message parameters, wherein building the message request comprises

obtaining, by the user device, the message parameters,
converting, by the user device, the message parameters into the data elements, and
embedding, by the user device, the data elements in the first message request;
sending, from the user device to the messaging server computer, the first message request having embedded therein the data
elements corresponding to the message parameters, wherein the first message request having the data elements embedded therein
enables the messaging server computer to identify and send back to the user device pending messages satisfying the user's
message parameters;

receiving, by the user device, a first response message, including the pending messages satisfying the user's message parameters;
retrieving, by the user device, a message sequence number from the first response message;
generating, by the user device, a second message request including the message sequence number;
sending, from the user device to the messaging server computer, the second message request, wherein the messaging server computer
determines that the message sequence number matches a stored message sequence number; and

receiving, by the user device, a second response message, the second response message including a second set of pending messages.

US Pat. No. 9,665,862

CONDUCTING COMMERCE BETWEEN INDIVIDUALS

Visa International Servic...

1. A method of integrating the shipping of goods with the purchase of the goods on an auction site, the method comprising:
facilitating a transaction between an individual seller and an individual buyer on a transaction server connected to a network,
the transaction server recording a purchase price of the goods, a first account for the buyer and a second account for the
seller, wherein the individual buyer and the individual seller participate in an online auction;

receiving an indication of a chosen shipping method by which to ship the goods from the seller to the buyer;
receiving information regarding the goods to be shipped;
calculating a shipping price for the goods based on the chosen shipping method and the received information regarding the
goods to be shipped; and

debiting the first account of the buyer and crediting the second account of the seller to complete the purchase transaction,
wherein the method further comprises

creating a transaction record for the transaction, the transaction record including a weight of the goods.

US Pat. No. 9,603,023

SYSTEM AND METHOD FOR IDENTITY PROTECTION USING MOBILE DEVICE SIGNALING NETWORK DERIVED LOCATION PATTERN RECOGNITION

VISA INTERNATIONAL SERVIC...

1. A method for detecting fraud of an entity based on an entity's wireless device location obtained from a communications
network, comprising:
obtaining first data from a home location register associated with a home network pertaining to the entity's wireless device
based upon a unique identifier of the entity's wireless device, the unique identifier comprising a directory number of the
entity's wireless device;

obtaining second data from a visitor location register associated with a visited network pertaining to the entity's wireless
device based upon the unique identifier of the entity's wireless device, the first data and second data comprising a combination
of location data and subscriber data associated with the entity's wireless device, the location data comprising a country
code identifier of the directory number; and

generating a pattern value based on the first data, based on the second data, and based on a time that at least one of the
first data or the second data was obtained, wherein the generated pattern value indicates a likelihood of fraud.

US Pat. No. 9,589,268

INTEGRATION OF PAYMENT CAPABILITY INTO SECURE ELEMENTS OF COMPUTERS

Visa International Servic...

1. A method comprising:
receiving, at a computer comprising a secure element, a real account number, wherein the secure element is immune from being
hacked by computer viruses installed on the computer, wherein the secure element comprises a processor, a memory coupled to
the processor, and an input/output controller coupled to the processor, and wherein the memory of the secure element stores
a unique identifier identifying the secure element;

obtaining the unique identifier identifying the secure element from the memory of the secure element;
encrypting, the unique identifier identifying the secure element using an encryption key stored in the secure element, prior
to sending the obtained unique identifier to a remote server;

sending the real account number, and the encrypted unique identifier identifying the secure element to the remote server;
receiving, in response to sending the real account number, and the encrypted unique identifier identifying the secure element
to the remote server, a pseudo account number from the remote server, the received pseudo account number being different from
the real account number and having the same form as the real account number; and

storing, in the memory of the secure element, the received pseudo account number.

US Pat. No. 9,558,489

SMART CARD LOADING TRANSACTIONS USING WIRELESS TELECOMMUNICATIONS NETWORK

Visa International Servic...

1. A method for loading value on a user account of a smart card using a system, the system including a mobile handset with
a SIM card and a smart card reader, and a processing gateway that is connected by a plurality of networks between the mobile
handset and a plurality of financial institutions, the financial institutions including an issuer system of an issuer of the
smart card and a bank system that controls the user account, the method comprising:
receiving at the processing gateway a load message and a cryptographic signature S1 generated by the smart card using a first
cryptographic key shared between the smart card and the issuer of the smart card;

responsive to data in the load message, sending from the processing gateway a funds request to the bank system and a load
request to the issuer system, the load request including the S1 signature;

receiving, at the processing gateway, a funds request response from the bank system and a load request response from the issuer
system, the load request response including a cryptographic signature S2 using a second cryptographic key shared between the
smart card the issuer of the smart card;

determining at the processing gateway that the funds request response and the load request response are approvals;
responsive to the approvals, sending an approval response message with the S2 signature from the processing gateway to the
SIM card of the mobile handset;

sending the approval message and the S2 signature from the SIM card to the smart card; and
loading a value amount from the approval message onto the smart card.

US Pat. No. 9,544,134

SEARCHABLE ENCRYPTED DATA

Visa International Servic...

1. A data encryption computer comprising:
a processor; and
a non-transitory computer-readable storage medium, comprising code executable by the processor for implementing a method comprising:
receiving a plurality of data records;
identifying one or more searchable fields for the data records;
generating a searchable field index for each of the one or more searchable fields based on which one of at least three sensitivity
levels that each searchable field corresponds to,

wherein when the searchable field corresponds to a first sensitivity level, the searchable field index is in a plain text
format, when the searchable field corresponds to a second sensitivity level, the searchable field index is a hash value, and
when the searchable field corresponds to a third sensitivity level, the searchable field index is an encrypted hash value;

encrypting the data records using at least one database encryption key; and
providing a searchable encrypted database comprising the searchable field indices and the encrypted data records to a database
access server, wherein the plurality of client computers are operable to obtain the data records from the database access
server using the database encryption key.

US Pat. No. 9,537,847

IMAGE BASED KEY DERIVATION FUNCTION

VISA INTERNATIONAL SERVIC...

1. A computing device comprising:
a processor; and
a non-transitory computer-readable medium comprising code executable by the processor for implementing a method comprising:
determining an image-based derived key using an image-based derived key function,
wherein the image-based derived key is generated from a selection of authentication images displayed on a user interface and
chosen by a user, and image identifiers of the authentication images are concatenated to form an image value that is used
as an image input value to the image-based derived key function,

wherein each image identifier is unique to the corresponding authentication image, and each image identifier being concatenated
has a value that is independent of where the corresponding authentication image is displayed on the user interface, and

wherein the image-based derived key is further generated based on:
an adjustable iteration count value being an input to the image-based derived key function indicating a number of repetitions
that the image-based derived key function is performed to generate the image-based derived key;

an adjustable key length indicating a length of the image-based derived key; and
a salt value that includes a user identifier identifying the user;
encrypting data using the image-based derived key; and
transmitting the encrypted data.

US Pat. No. 9,489,674

FREQUENCY-BASED TRANSACTION PREDICTION AND PROCESSING

VISA INTERNATIONAL SERVIC...

1. A method of determining a likelihood of an occurrence of a second transaction involving a consumer, the method comprising:
receiving, by a computer, data associated with first transactions previously performed by the consumer as received from a
plurality of access devices associated with a plurality of merchants at a plurality of locations, wherein each transaction
of the first transactions involves authorization request and authorization response messages, and clearing and settlement
processes, and wherein the first transactions are stored in a transaction database in communication with the computer;

associating, by the computer, one or more keys with each transaction of the first transactions and the second transaction;
determining, by the computer, a plurality of correlated pairs of the first transactions, wherein a correlated pair of first
transactions includes an initial transaction associated with an initial key and a final transaction associated with a final
key that occurs after the initial transaction;

for each correlated pair of the first transactions, identifying, by the computer, one or more key pairs associated with the
correlated pair;

providing, by the computer, a particular set of counters for a particular key pair having a particular initial key and a particular
final key, wherein each counter in the particular set of counters is associated with a different time range, wherein the different
time ranges do not overlap, wherein the particular set of counters are stored in a local memory of the computer, the local
memory storing a plurality of tables of counters, each table corresponding to a different key pair;

after determining the plurality of correlated pairs of the first transactions, for each correlated pair associated with the
particular key pair:

determining, by the computer, a respective time interval between the final transaction and the initial transaction of the
correlated pair, wherein the respective time interval depends on the correlated pair of first transactions;

selecting, by the computer, a respective counter of the particular set of counters for the particular key pair having a corresponding
time range that includes the respective time interval; and

increasing, by the computer, the respective counter of the particular set of counters for the particular key pair, wherein
each counter in the particular set of counters is increased for each correlated pair having the respective time interval within
the corresponding time range; and

determining, by the computer, the likelihood of the occurrence of the second transaction involving the consumer by:
querying, by the computer, the plurality of tables stored in the local memory to obtain the particular set of counters of
the particular key pair;

determining, by the computer, a second time interval between the second transaction associated with the particular final key
of the particular key pair and another transaction associated with the particular initial key of the particular key pair,
the other transaction occurring prior to the second transaction;

determining, by the computer, which time range of the different time ranges of the particular set of counters includes the
second time interval;

comparing, by the computer, a value of the counter associated with the determined time range with one or more values of one
or more other counters of the particular set of counters for the particular key pair; and

determining, by the computer, the likelihood of the occurrence in the determined time range of the second transaction involving
the consumer based on the comparison, wherein a higher value for the counter associated with the determined time range relative
to the one or more other counters indicates a higher likelihood than a lower value for the counter associated with the determined
time range relative to the one or more other counters; and

when the likelihood is higher than a threshold value, either authorizing the second transaction by sending a communication
over a network to a device for authorization or sending an incentive to the consumer based on the queried particular set of
counters and the determined time range based on the likelihood.

US Pat. No. 10,134,039

SPEECH TRANSACTION PROCESSING

Visa International Servic...

1. A method for authenticating a user for a transaction, comprising:transmitting, by a communication device associated with a user and to a server computer, a communication indicative of the communication device entering a location within a virtual perimeter, the virtual perimeter comprising a geofence, wherein in response to receiving the communication, the server computer retrieves a reference for accessing a voice model associated with the user and stored in a database before the transaction is initiated by the user using the communication device, wherein the reference is a pointer to a storage address within the database;
receiving, at the communication device, a voice segment from the user to initiate the transaction after the voice model has been retrieved; and
transmitting, by the communication device and to the server computer, the received voice segment, wherein the server computer uses the reference to access the voice model stored in the database, and wherein the server computer compares the received voice segment to the voice model to determine whether the user is authenticated for the transaction,
wherein the voice model is accessed before receiving the voice segment from the user and before the transaction is initiated with.

US Pat. No. 10,108,957

METHOD AND SYSTEM FOR USING PAYMENT HISTORY FOR CONDUCTING COMMERCIAL TRANSACTIONS

VISA INTERNATIONAL SERVIC...

1. A method comprising:receiving, by a transaction processing system, transaction data relating to a plurality of commercial transactions conducted by a plurality of buyers and sellers conducting commercial transactions using the transaction processing system comprising a server computer, wherein the transaction processing system is coupled to a payment processing system which is adapted to process credit and debit transactions, wherein at least some of the plurality of commercial transactions involve the buyers supplying physical products to the sellers;
receiving, by the transaction processing system, a request for transaction information relating to the received transaction data from a financing bank computer after the financing bank computer is notified of a commercial transaction between a buyer and a seller that has a contract payment due date;
determining and providing, by the transaction processing system, the transaction information to the financing bank computer, wherein, upon receiving the transaction information from the transaction processing system, the financing bank computer offers a delayed payment to the buyer for the commercial transaction;
after the financing bank computer accepts the delayed payment for the commercial transaction from the buyer and on the contract payment due date, transmitting, by the transaction processing system, a communication to the payment processing system to initiate a transfer of funds from the financing bank computer to a seller bank computer associated with the seller;
receiving, by the payment processing system, the communication to initiate the transfer of funds from the transaction processing system;
initiating, by the payment processing system, the transfer of funds by sending an authorization request message requesting authorization for the transfer of funds to the financing bank computer;
receiving, by the payment processing system, an authorization response message from the financing bank computer indicating an approval of the transfer of funds; and
after receiving the authorization response message, performing, by the payment processing system, a clearing and settlement process between the financing bank, the seller bank, and the payment processing system for the transfer of funds associated with the authorization request and response messages, and
wherein an account of the buyer is debited after the contract payment due date in response to the offer and acceptance of delayed payment.

US Pat. No. 9,953,352

THIRD PARTY MERCHANT-FUNDED REWARDS ACCRUAL AND REDEMPTION NETWORK

Visa International Servic...

1. A method comprising:receiving, by a rewards administering entity server computer, from a computer system of a payment processing network, first transaction data indicating details about a first transaction processed by the payment processing network based on communicating with a first issuer computer of a first issuing entity, wherein the first transaction is conducted, using a payment device that is issued by a first issuing entity, with a first acquirer system for a first merchant of a plurality of merchants;
determining, by the rewards administering entity server computer, whether the payment device is enrolled in a rewards program, wherein determining whether the payment device is enrolled in the rewards program includes querying a device enrollment database to identify a first association between the payment device and a rewards administration entity that operates the rewards administering entity server computer;
receiving, by the rewards administering entity server computer, from the computer system of the payment processing network, second transaction data indicating details about a second transaction processed by the payment processing network based on communicating with the first issuer computer, wherein the second transaction is conducted, using the payment device, with a second acquirer system of a second merchant of the plurality of merchants;
upon determining that the payment device is enrolled in the rewards program based on the first association between the payment device and the rewards administration entity, determining, by the rewards administering entity server computer, whether transactions conducted using the payment device qualify for a reward for use of the payment device with any of the plurality of merchants, wherein the transactions include the first transaction conducted with the first acquirer system and the second transaction conducted with the second acquirer system;
determining, by the rewards administering entity server computer, a reward value for the transactions upon determining that the transactions conducted using the payment device qualify for the reward for use of the payment device with any of the plurality of merchants;
identifying, by the rewards administering entity server computer, a rewards payment token on or in a form of a device associated with the payment device that is enrolled in the rewards program, wherein identifying the rewards payment token associated with the payment device includes:
identifying a second association between account information associated with the rewards payment token and account information associated with the payment device;
identifying, by the rewards administering entity server computer, using the second association, a second issuing entity as an issuer of the rewards payment token, wherein the second issuing entity is different from the first issuing entity; and
sending, by the rewards administering entity server computer, to a second issuer computer system operated by the second issuing entity, an authorization message indicating an instruction to the second issuer computer system operated by the second issuing entity to load the reward value determined, based on the second association, for the transactions in the rewards payment token on or in the form of the device, wherein the instruction causes the second issuer computer system operated by the second issuing entity to store the reward value in the rewards payment token on or in the form of the device, wherein the instruction includes an identifier of the rewards payment token, wherein the identifier is determined using the second association, and wherein the rewards payment token is configured for the reward value loaded in the rewards payment token to be redeemable at one or more merchants.

US Pat. No. 9,953,378

SOCIAL CHECKOUT WIDGET GENERATION AND INTEGRATION APPARATUSES, METHODS AND SYSTEMS

VISA INTERNATIONAL SERVIC...

1. A processor-implemented social widget checkout integration code generation method, comprising:obtaining, via one or more processors, a plurality of social widget customization parameters from a user;
selecting, via the one or more processors, from a social widget template database, a social widget code template for a social media application, wherein selection of the social widget code template is based on the capabilities supported by the social media application;
applying, via the one or more processors, the social widget customization parameters to the social widget code template to create a customized widget code template;
storing, via the one or more processors, the customized widget code template in the social widget template database;
generating, using the customized widget code template, executable social widget launch code via the one or more processors;
injecting, via the one or more processors, the social widget launch code into the social media application; and
executing, via the one or more processors, the social widget launch code;
in response to execution of the social widget launch code, modifying the social media application, wherein modifying the social media application includes launching an integrated checkout interface for display on a user device.

US Pat. No. 9,846,879

BANK ACCOUNT NUMBER VALIDATION

VISA INTERNATIONAL SERVIC...

1. A method comprising:
receiving, at a primary server computer over a network via a first communication channel, first information for a transaction,
the first information being provided by a user of a first user device, the transaction involving communications between a
website and the first user device;

receiving, at the primary server computer via a second communication channel over the network, data representing a value token
from a second user device of the user, the data comprising second information for the transaction, the second communication
channel being different than the first communication channel and the second user device being different than the first user
device;

analyzing, by the primary server computer, the data representing the value token to obtain the second information;
correlating, by the primary server computer, the first information and the second information to the transaction, wherein
the first information and the second information each comprise payment information;

determining, by the primary server computer, whether the first information and the second information match or do not match,
wherein determining whether the first information and the second information match comprises:

comparing characters of the first information and characters of the second information, and
determining that the first information and the second information match within a predefined error tolerance, wherein the predefined
error tolerance specifies a number of characters that can be different between the first information and the second information;

validating, by the primary server computer, the first information and the second information in response to the determination
that the first information and the second information match or replacing the first information with at least one of the second
information and information stored at the primary server computer in response to the determination that the first information
and the second information do not match;

submitting, by the primary server computer, the validated or replaced first information to an authorization network for settlement
or authorization; and

receiving, by the primary server computer, from the authorization network, an authorization response message based on the
settlement or authorization.

US Pat. No. 9,830,328

MULTI-SOURCE, MULTI-DIMENSIONAL, CROSS-ENTRY, MULTIMEDIA MERCHANT ANALYTICS DATABASE PLATFORM APPARATUSES, METHODS AND SYSTEMS

VISA INTERNATIONAL SERVIC...

1. A merchant analytics platform processor-implemented method for reduced transaction wait processing requirements through
the use of customized transaction parameters based on a distributed linking node mesh, comprising:
obtaining, by a pay network server, a hypertext transfer protocol (HTTP) GET message from a merchant server, the HTTP GET
message including a request for a merchant analytics recommendation including a user identifier;

parsing, by the pay network server, the HTTP GET message to extract the user identifier;
upon obtaining the HTTP GET message and extracting the user identifier, querying, by the pay network server, a distributed
linking node mesh for entities correlated with the user identifier, wherein the distributed linking node mesh includes a graph
data structure that contains nodes for entities and edges that represent the associations between the nodes;

receiving, by the pay network server, aggregated user entity correlation data;
generating, by the pay network server, a user behavior profile based on the aggregated user entity correlation data;
determining, by the pay network server, a product or service using the user behavior profile;
based on the determination of the product or service, generating, by the pay network server, an HTTP POST message including
an indication of the product or service; and

providing, by the pay network server, the HTTP POST message to the merchant server in response to the request for the merchant
analytics recommendation;

wherein the distributed linking node mesh includes a node representing an observable entity, a node representing a deduced
entity derived through aggregating information associated with the user, and a node representing a meta concept derived through
identifying sentiment words in associated information.

US Pat. No. 9,830,595

SYSTEM AND METHOD OF PROVIDING TOKENIZATION AS A SERVICE

Visa International Servic...

17. A system comprising:
at least one client device;
a first entity server of a first entity, in communication with the at least one client device, wherein the first entity server
is programmed to receive a request from the at least one client device to initiate a transaction on behalf of at least a second
entity via a webpage of the first entity server;

a merchant service provider server comprising a token data store, a token request authorization module, and a token verification
module, wherein the merchant service provider server is programmed to receive order information from the first entity server
for the transaction to be fulfilled by the second entity and payment data from the at least one client device, generate a
payment token that represents the payment data, and transmit a copy of the payment token to the first entity server, wherein
the payment data is received by the merchant service provider server from the at least one client device through an interaction
between the at least one client device and the webpage of the first entity server;

a second entity server of the second entity, in communication with the first entity server and the merchant service provider
server, wherein the second entity server is programmed to receive the copy of the payment token from the first entity server;
and

wherein the merchant service provider server is further programmed to receive, from the second entity server, the copy of
the payment token and a request to complete the transaction initiated between the at least one client device and the first
entity server;

wherein the merchant service provider server is further programmed to receive, from the first entity server, data describing
a trust relationship between the first entity and the second entity, and

wherein the token request authorization module is programmed to authorize the request to complete the transaction, received
from the second entity server, based on the trust relationship.

US Pat. No. 9,741,030

SYSTEMS AND METHODS TO IDENTIFY MERCHANTS

VISA INTERNATIONAL SERVIC...

1. A computing system, comprising:
at least one microprocessor; and
memory coupled with the at least one microprocessor and storing instructions configured to instruct the at least one microprocessor
to at least:

communicate, via a portal, with a mobile application executing in a mobile device, the mobile application configured to:
receive a merchant identifier from a merchant;
authenticate the merchant represented by the merchant identifier;
provide the merchant identifier from the mobile application to the portal;
cause the portal to identify an account number for initiation of a transaction on a transaction terminal of the merchant;
and

obtain the account number from a communication from the portal to the mobile application, wherein the communication is performed
using a communication channel outside of an electronic payment processing network having a transaction handler and the transaction
is initiated on the transaction terminal using the account number;

associate, in a data warehouse coupled with the portal and the transaction handler:
the account number provided by the portal to the mobile application in the communication, and
the merchant identifier provided by the mobile application;
communicate with the transaction handler of the electronic payment processing network to identify, based at least in part
on the account number identified in the communication between the portal and the mobile application, the transaction initiated
on the transaction terminal in the electronic payment processing network;

extract, from a record of the transaction initiated on the transaction terminal using the account number, terminal information
configured to identify the transaction terminal in records of transactions initiated on the transaction terminal, wherein
the record of the transaction includes the account number; and

associate, in the data warehouse coupled with the portal and the transaction handler, based on association of the account
number and the merchant identifier in the data warehouse and association of the terminal information and the account number
included in the record of the transaction:

merchant information corresponding to the merchant identifier, and
the terminal information extracted from the record of the transaction initiated using the account number identified in the
communication between the portal and the mobile application.

US Pat. No. 9,665,863

CONDUCTING COMMERCE BETWEEN INDIVIDUALS

Visa International Servic...

1. A method of integrating the shipping of goods with the purchase of the goods, the method comprising:
recording, by a transaction server, a purchase price of the goods, a first account for an individual buyer and a second account
for an individual seller, the seller and the buyer connecting to the transaction server over a network;

receiving an indication of a chosen shipper by which to ship the goods from the seller to the buyer;
receiving a tracking number identifying the goods to be shipped by the shipper; and
receiving a notification from the shipper regarding a status of the goods associated with the tracking number.

US Pat. No. 9,577,987

DIGITAL BROADCAST METHODS USING SECURE MESHES AND WAVELETS

Visa International Servic...

1. A method comprising:
receiving, by a server, image data indicative of an image;
isolating, by the server, sections of the image into a plurality of image sub-components, wherein the plurality of image sub-components
includes light sources and camera angles;

converting, by the server, the isolated image sub-components into securely managed intermediate wavelets;
generating, by the server, a plurality of wavelet mesh components using the securely managed intermediate wavelets, each wavelet
mesh component representing a 3-dimensional shape that is defined by vertices and connections between the vertices;

merging, by the server, the plurality of wavelet mesh components into a wavelet mesh data stream; and
transmitting, using the server and a transmitter, the wavelet mesh data stream to a target device if the target device satisfies
risk requirements,

wherein converting the isolated image sub-components into securely managed intermediate wavelets comprises encrypting a portion
of the intermediate wavelets corresponding to the light sources or the camera angles to form encrypted intermediate wavelets,
wherein a light source or a camera angle is changed or removed in the encrypted intermediate wavelets such that at least a
portion of the image generated on the target device from the wavelet mesh data stream is distorted or unviewable while the
encrypted intermediate wavelets remain in an encrypted state.

US Pat. No. 9,552,431

UNIFIED ONLINE CONTENT MANAGER APPARATUSES, METHODS, AND SYSTEMS

Visa International Servic...

1. A processor-implemented method for securely displaying content through a network, the method comprising:
indexing disparately owned content via a multi-content owner spider indexing engine;
generating a disparately owned content index from the indexing engine;
receiving, by a first server, a request to access secure content through a network, the request including user profile information;
automatically constructing a query based on the user profile information contained in the request rather than based on and
without input from the user and further without having to provide a structured database query, wherein automatically constructing
the query without input from the user includes the user not being required to enter search terms, click a link, or take any
other action;

providing the constructed query to the search engine and running the constructed query against the index;
trimming the results to remove content that the user is not authorized to access before placing the results into a multi-source
owner template interface, wherein trimming the results includes comparing user security attributes in a user profile with
content security attributes associated with the requested content;

constructing a display by placing the trimmed results of the query sent from the search engine within the multi-source owner
template interface; and

providing the multi-source owner template interface to a request for display.

US Pat. No. 9,495,690

SYSTEMS AND METHODS TO PROCESS TRANSACTIONS AND OFFERS VIA A GATEWAY

VISA INTERNATIONAL SERVIC...

1. A computer-implemented method, comprising:
providing a computing apparatus having:
a data warehouse configured to store data associating an offer with an account of a user;
a gateway coupled with the data warehouse; and
a transaction handler configured in an electronic payment processing network and further coupled with the gateway, wherein
the computing apparatus has instructions configured to instruct at least one microprocessor of the computing apparatus to
perform operations of the method;

storing, in the data warehouse of the computing apparatus, the data associating the offer with the account of a user;
after the data associating the offer with the account of the user is stored in the data warehouse, receiving, via the gateway
using a communication channel outside the electronic payment processing network, in the transaction handler of the computing
apparatus and from a transaction terminal of a merchant, an authorization request transmitted without going through an acquirer
processor of the merchant for a transaction in the account of the user, wherein the acquirer processor is connected in the
electronic payment processing network;

in response to the authorization request received in the gateway, determining, by the computing apparatus, whether a benefit
of the offer is applicable to the authorization request; and

in response to a determination that the benefit of the offer is applicable to the authorization request,
applying by the computing apparatus the benefit of the offer to the authorization request prior to providing an authorization
response for the authorization request;

providing, from the gateway of the computing apparatus to the transaction terminal via the communication channel outside the
electronic payment network, the authorization response responsive to the authorization request, wherein the authorization
response is configured to indicate the benefit of the offer applied to the authorization request; and

in response to the authorization request, transmitting, by the transaction handler of the computing apparatus using the electronic
payment processing network, a transaction message to the acquirer processor to credit funds to an account of the merchant.

US Pat. No. 9,460,436

SYSTEMS AND METHODS TO APPLY THE BENEFIT OF OFFERS VIA A TRANSACTION HANDLER

VISA INTERNATIONAL SERVIC...

1. A computing apparatus having at least one processor and memory storing instructions configured to instruct the at least
one processor to perform operations, the computing apparatus comprising:
a data warehouse configured to store
first data associating a communication reference with an account of a user; and
second data associating an offer with the account, the second data including:
a trigger record identifying the offer and a first set of conditions; and
a second set of conditions which when satisfied by a transaction render the transaction eligible to a benefit of the offer,
a transaction handler configured in an electronic payment processing network connecting separate computers, including
transaction terminals configured to initiate transactions of payments in the electronic payment processing network using account
information identifying consumer accounts;

first computers controlling the consumer accounts from which the payments are made in the electronic payment processing network;
second computers controlling merchant accounts into which the payments are provided in the electronic payment processing network;
and

the transaction handler configured to use the trigger record to detect, during processing of payment transactions in the electronic
payment processing network, an authorization request for a first transaction from a transaction terminal when the first transaction
satisfies the first set of conditions specified in the trigger record, wherein the authorization request identifies the account
and wherein in response to the authorization request being detected via the trigger record, the computing apparatus identifies
the offer based on the trigger record and

determines whether the second set of conditions is satisfied in view of the first transaction requested by the authorization
request, wherein if the second set of conditions is satisfied, the transaction handler is further configured to, in response
to the authorization request:

communicate with a sponsor processor of the benefit for authorization of the benefit to obtain a first authorization response
from the sponsor processor,

communicate with an issuer processor of the account for authorization in the account to obtain a second authorization response
from the issuer processor,

combine the first authorization response from the sponsor processor and the second authorization response from the issuer
processor to generate a third authorization response; and

transmit the third authorization response to the transaction terminal as a response to the authorization request detected
via the trigger record; and

a portal configured to transmit a notification to a user device identified by the communication reference about application
of the offer to the first transaction, concurrently with transmission of the third authorization response.

US Pat. No. 10,074,106

MOBILE LOCATION NOTIFICATIONS SYSTEM AND METHOD

VISA INTERNATIONAL SERVIC...

1. A method, performed at least by a mobile access device associated with a mobile merchant, the method comprising:electronically receiving data from a client device by the mobile access device of the mobile merchant;
after receiving the data from the client device, determining geographic location data, wherein the geographic location data is determined utilizing one or more of global positioning system (GPS) data, cellular phone tower triangulation data, cellular phone tower signal strength data, wireless access point location data, or internet protocol (IP) address data; and
electronically transmitting transaction data including the geographic location data to a server computer, wherein the server computer:
determines a first location of the mobile merchant based the geographic location data in the transaction data; and
performs further processing based on the first location of the mobile merchant;
when the first location of the mobile merchant and a second location of the client device are within a threshold distance, a notification message is generated by the server computer that includes a graphical indication of the first location of the mobile merchant.

US Pat. No. 9,996,838

CLOUD SERVICE FACILITATOR APPARATUSES, METHODS AND SYSTEMS

VISA INTERNATIONAL SERVIC...

1. A processor-implemented method of refund apportionment, comprising:receiving, via a processor at a cloud service facilitator (CSF) server, a unique purchase record key and a provisioning notice from a merchant server, wherein the provisioning notice indicates usage of a cloud-based product or service that was provisioned by the merchant server to a user computing device, the cloud-based product or service corresponding to the unique purchase record key;
receiving, via a processor at the CSF server, an application store user refund request for an application store purchase of the cloud-based product or service, the application store refund request received from the user computing device via the merchant server, wherein the application store refund request includes the unique purchase record key;
obtaining, via a processor at the CSF server, an application store purchase record of the application store purchase using the unique purchase record key;
retrieving, via a processor, threshold refund rules for the application store purchase record of the application store purchase, wherein the threshold refund rules specify a variation of refund based on one or more of a time since the cloud-based product or service was provisioned by the merchant server to the user computing device and a usage of the cloud-based product or service by the user computing device indicated by the provisioning notice;
determining, via a processor, using information in the application store purchase record of the purchase and the threshold refund rules, an amount of the refund;
providing the user computing device with a confirmation of refund request form including the refund amount;
obtaining the confirmation of refund request from the user computing device;
transmitting the unique purchase record key to the participating merchant;
receiving from the merchant a usage reporting message along with the unique purchase record key; and
issuing the refund to the user computing device.

US Pat. No. 9,983,982

TESTING SOFTWARE CODE IN A PRODUCTION ENVIRONMENT

VISA INTERNATIONAL SERVIC...

1. A method comprising performing, by a computer system:receiving, from a requesting server computer over a first network, a request message at a front-end computing device, the front-end computing device executing a first version of a software code;
generating, by the front-end computing device, a request payload using the request message, the request payload having a plurality of request-payload fields;
transmitting, by the front-end computing device, the request payload to a processor computer over a second network;
receiving, by the front-end computing device, from the processor computer over the second network, a response payload;
generating, by the front-end computing device, a reply message using the response payload for sending to the requesting server computer, the reply message having a plurality of reply-message fields;
providing, by the front-end computing device to a validation computing device executing in coordination with the front-end computing device, the request message, the request payload, and the response payload, the validation computing device executing a second version of the software code;
generating, by the validation computing device, a modified request payload using the request message, the modified request payload having a plurality of modified request-payload fields;
comparing the plurality of modified request-payload fields of the modified request payload with the plurality of request-payload fields of the request payload to identify discrepancies between the modified request payload and the request payload corresponding to potential errors in the second version of the software code;
generating, by the validation computing device, a modified reply message using the response payload, the modified reply message having a plurality of modified reply-message fields; and
comparing the plurality of modified reply-message fields with the plurality of reply-message fields to identify discrepancies between the modified reply message and the reply message corresponding to potential errors in the second version of the software code.

US Pat. No. 9,953,309

THIRD PARTY INTEGRATED SECURITY SYSTEM

Visa International Servic...

1. A method that utilizes payment data stored on a third party payment system, the method comprising:accessing a user account with a mobile device through a first interface of the mobile device in communication with a first communication channel, where the user account is stored on a database coupled to a third party server of the third party payment system, where the third party server is a merchant server, and where the user account is associated with at least one payment account registered with the user account, the at least one payment account comprising a first payment account;
selecting the first payment account registered with the user account stored on the database coupled to the third party server of the third party payment system;
loading payment data associated with the first payment account received from the database of the third party server onto a memory of the mobile device, where the payment data comprises a primary account number and a card verification value;
transmitting the loaded payment data from the mobile device to an access device through a second short range communication channel that conducts a transaction, where the mobile device provides the payment data for the transaction directly from the memory of the mobile device instead of the payment data being provided by the third party server; and
automatically erasing, by a removal engine in the mobile device, from the memory of the mobile device the payment data after a predetermined time, where the predetermined time includes a time period after a predetermined number of transactions have been conducted using the mobile device with the payment data stored thereon, where the predetermined number of transactions is greater than one.

US Pat. No. 9,864,987

ACCOUNT PROVISIONING AUTHENTICATION

Visa International Servic...

1. A method comprising:
transmitting, by a communication device, account details to a wallet provider server computer, wherein the wallet provider
server computer generates a service provider request message, which is transmitted by an access control server;

receiving, by the communication device, an authentication request message from the access control server;
transmitting, by the communication device, an authentication response message to the access control server, wherein the access
control server thereafter generates and sends a service provider response message to the wallet provider server computer,
which transmits an activation request message to a trusted service manager system; and

receiving, from the trusted manager system, an account identifier in a provisioning process.

US Pat. No. 9,867,043

SECURE DEVICE SERVICE ENROLLMENT

Visa International Servic...

1. A method for enrolling a mobile device for services, the method comprising:
receiving, by the mobile device, an application package including a verification agent and a first application used for accessing
a first service via the mobile device;

determining, by the mobile device executing the verification agent received as part of the application package, a first application
authenticity and a first application integrity of the first application;

determining, by the mobile device executing the verification agent received as part of the application package, a first device
integrity of the mobile device for the first application, wherein the first device integrity for the first application is
determined over a first set of components of the mobile device by generating a digital fingerprint that includes a concatenation
of an attestation value corresponding to a security policy enforced by the mobile device and two or more attestation values
selected from a first attestation value corresponding to a hardware component of the mobile device, a second attestation value
corresponding to a firmware component of the mobile device, or a third attestation value corresponding to an operating system
of the mobile device;

in response to determining that the first application is authentic and unaltered, and that the mobile device is in a trusted
state for the first application, generating, by the mobile device executing the verification agent received as part of the
application package, a message digest associating the first application, the mobile device, and user identifying information
of a user of the mobile device;

sending, by the mobile device, the message digest to a server associated with a service provider to enroll the mobile device
for the first service;

receiving, by the mobile device, the first service;
receiving, by the mobile device, a second application used for accessing a second service over the network;
determining, by the mobile device, that the verification agent received as part of the application package for the first application
is compatible with the second application; and

determining, by the mobile device, that a second device integrity of the mobile device for the second application is to be
determined over a second set of components of the mobile device that includes at least one component that is different than
the first set of components based on a manifest of the second application indicating the second application has a different
security sensitivity requirement than the first application;

determining, by the mobile device, the second device integrity, wherein the second device integrity is used for enrolling
the mobile device for the second service; and

receiving, by the mobile device, the second service.

US Pat. No. 9,858,517

PAYMENT CARD SYSTEM AND METHOD

Visa International Servic...

1. A card comprising:
a first layer;
a second layer adjacent to the first layer and comprising a composite, wherein the composite comprises a polymer and metal
in the form of metal particles, and wherein the metal in the form of metal particles comprises about 15 to 50 volume % of
the composite, thereby resulting in the composite being less susceptible to electrostatic buildup; and

one or more of a magnetic stripe or a contactless element, wherein the magnetic stripe and the contactless element store bank
account information, or credit or debit card number information,

wherein the card is a payment card, and wherein the payment card has an appearance and feel of metal.

US Pat. No. 9,852,479

MECHANISM FOR REPUTATION FEEDBACK BASED ON REAL TIME INTERACTION

VISA INTERNATIONAL SERVIC...

1. A method comprising:
sending, by a mobile device, to a first computer, a request from a user for permission to submit feedback associated with
a resource provider, wherein the request is sent after and authorization request message associated with an interaction between
the user and the resource provider was sent to a second computer different from the first computer;

receiving, at the mobile device, from the first computer, permission to submit feedback associated with the resource provider
after the first computer sends a transaction confirmation request message to the second computer and subsequently after the
first computer receives a confirmation from the second computer that the user has interacted with the resource provider;

receiving, at the mobile device, from the user, feedback associated with the resource provider; and
sending, by the mobile device, the feedback to the first computer.

US Pat. No. 9,691,085

SYSTEMS AND METHODS OF NATURAL LANGUAGE PROCESSING AND STATISTICAL ANALYSIS TO IDENTIFY MATCHING CATEGORIES

VISA INTERNATIONAL SERVIC...

20. A non-transitory computer storage medium storing instructions which when executed on a computing apparatus, cause the
computing apparatus to perform a method, the method comprising:
receiving, in the computing apparatus, a plurality of sets of itemized data, wherein each respective set of the itemized data
includes a plurality of data fields containing an item description of a product purchased by a customer from a merchant;

performing, by the computing apparatus, natural language processing on item descriptions in the itemized data;
classifying, by the computing apparatus, items described by the item descriptions into item tiers based on the natural language
processing, including:

determining presence of predetermined keywords in the item descriptions, and
scoring the item tiers of the items based on predetermined weights of the predetermined keywords; and
generating, by the computing apparatus, profiles of merchants and profiles of customers based at least in part on the item
tiers classified from the natural language processing of the itemized data, wherein the merchants and the customers are identified
in the itemized data.

US Pat. No. 9,686,235

MOBILE BANKING SYSTEM WITH CRYPTOGRAPHIC EXPANSION DEVICE

Visa International Servic...

1. A method for conducting a mobile banking transaction using a mobile device, the method comprising:
establishing, at a secure gateway device, a secure communication channel with the mobile device, the secure communication
channel being established by:

receiving a predetermined sequence of network messages having a predetermined order of port identifiers, wherein at least
two of the network messages have different port identifiers that are respectively received on different ports of the secure
gateway device, and wherein the secure gateway device refrains from responding to a network message until the predetermined
sequence of network messages has been received;

receiving, at the secure gateway device, a transaction request message originating from the mobile device on the secure communication
channel for conducting a mobile banking transaction, wherein the transaction request message is encrypted by a cryptographic
expansion device attached to a communication component of the mobile device;

decrypting, by the secure gateway device, the transaction request message originating from the mobile device; and
forwarding the transaction request message to a server for processing.

US Pat. No. 9,596,359

MOBILE COMMUNICATION DEVICE CONFIGURED FOR TRANSIT APPLICATION

Visa International Servic...

1. A mobile communication device comprising:
a display;
a processor; and
a computer readable medium coupled to the processor, wherein the computer readable medium comprises code for performing operations
comprising:

transferring user data to a first access device at a first transit location to grant a user access to a transit system, wherein
the first access device prevents and grants physical access to the transit system;

receiving a first identifier of a first transit location from the first access device indicating that the user has been granted
access to the transit system at the first transit location; and

after receiving the first identifier of the first transit location from the first access device indicating that the user has
been granted access to the transit system, but before the user has exited a second access device at a second transit location:

displaying, via the display, a plurality of possible destination location options of the transit system;
receiving, from the user, a selection of the second transit location of the plurality of possible destination location options
as a destination for a journey of the user;

determining a transit fare for the journey from the first transit location to the second transit location;
initiating a sending of an authorization request message to an issuer associated with the mobile communication device to authorize
a payment of the transit fare for the journey, during the journey from the first transit location to the second transit location;
and

receiving an indication of an authorization response message indicating that the authorization of the payment of the transit
fare was approved,

wherein the indication is thereafter sent to the second access device at the second transit location to actuate the second
access device and allow the user to exit the transit system.

US Pat. No. 9,582,801

SECURE COMMUNICATION OF PAYMENT INFORMATION TO MERCHANTS USING A VERIFICATION TOKEN

Visa International Servic...

1. A validation entity computer comprising a first data processor and a computer program product embodied on a tangible computer-readable
medium coupled to the first data processor to implement a method comprising:
directing the first data processor to receive identification information of a portable consumer device read and sent by a
verification token over a communications network with a second data processor in a user computer, the second data processor
disposed between the verification token and the communications network, the verification token being coupled to the second
data processor in the user computer by way of a peripheral interface of the user computer

directing the first data processor to apply at least one validation test on a piece of information sent by the verification
token, the validation test producing a result of pass or fail; and

directing the first data processor to send, if the result of the at least one validation test is pass, data representative
of at least a portion of the received identification information to a merchant computer.

US Pat. No. 9,569,775

METHODS AND SYSTEMS FOR PERFORMING AUTHENTICATION IN CONSUMER TRANSACTIONS

VISA INTERNATIONAL SERVIC...

1. A method comprising:
receiving, at an authentication system, transaction type information indicative of a type of transaction engaged in between
a consumer and a merchant;

determining, at the authentication system, the type of transaction engaged in between the consumer and the merchant based
on the received transaction type information;

communicating, from the authentication system, an authentication prompt for authenticating an identity of the consumer based
on the type of transaction engaged in between the consumer and the merchant;

in response to communicating an authentication prompt, receiving, at the authentication system, authentication information
for authenticating the consumer; and

authenticating the consumer based on the received authentication information.

US Pat. No. 9,558,502

SYSTEMS AND METHODS TO REWARD USER INTERACTIONS

Visa International Servic...

1. A computer-implemented method, comprising:
providing a computing device having:
a portal; and
a data warehouse coupled with the portal and storing
an identifier of an advertisement, wherein
the advertisement is configured to be present in a web page by a media channel separate from the portal when a browser loads
the web page, and

the advertisement includes a reference to the portal;
a cookie identifier provided by the portal in the browser to identify a user of the browser; and
transaction data of the user identified by the cookie identifier;
responsive to the browser loading the advertisement in a form of a banner that appears to be a single image occupying a predefined
region of the web page, receiving in the portal a request for a resource of the advertisement in accordance with the reference
to the portal configured in the advertisement provided by the media channel, wherein the single image of the advertisement
includes

a first portion associated with a first uniform resource locator configured to direct the browser to visit a website at the
first uniform resource locator when the first portion of the advertisement is selected;

responsive to the request for the resource of the advertisement, during the loading of the advertisement for a presentation
of the single image of the advertisement in the web page by the media channel, and prior to the user interacting with the
advertisement,

determining, by the computing device, an account identifier of the user based on the cookie identifier
determining, by the computing device, whether the user identified by the account identifier is qualified to receive an offer
for a reward based at least in part on the transaction data of the user;

configuring, by the computing device, the resource based on a result of the determining of whether the user identified by
the account identifier is qualified to receive the offer, including

in response to a determination that the user is qualified for the offer, providing first content in the resource to cause
the browser to add to the single image of the advertisement rendered in the browser a user interface element, the user interface
element including

a second portion of the advertisement showing a message inviting the user to select the second portion of the advertisement,
and,

a second uniform resource locator linked to the second portion of the advertisement, wherein when the second portion of the
advertisement is selected the browser visits the second uniform resource locator, and

in response to a determination that the user is not qualified for the offer, providing second content in the resource to cause
the browser to render the advertisement without the second portion that would be rendered if the user were determined to be
qualified for the offer;

communicating, by the portal to the browser, the resource configured based on the result of the determining of whether the
user identified by the account identifier is qualified to receive the offer; and

in response to the second portion of the advertisement being selected in the browser, tracking, by the computing device, interactions
of the user with the advertisement and determining whether the user is qualified for the reward, wherein the tracking and
the determining are performed by:

redirecting the browser from the portal to an offeree website separate from the portal; and
after the user interacting with the offeree website, receiving a notification from the browser, wherein a determination of
whether the user is qualified for the reward is based on the notification.

US Pat. No. 9,552,581

SECURE COMMUNICATION OF PAYMENT INFORMATION TO MERCHANTS USING A VERIFICATION TOKEN

Visa International Servic...

1. A validation entity computer comprising a first data processor and a computer program product embodied on a tangible computer-readable
medium coupled to the first data processor to implement a method comprising:
directing the first data processor to receive identification information of a portable consumer device read and sent by a
verification token over a communications network with a second data processor in a user computer, the second data processor
disposed between the verification token and the communications network, the verification token being coupled to the second
data processor in the user computer by way of a peripheral interface of the user computer

directing the first data processor to apply at least one validation test on a piece of information sent by the verification
token, the validation test producing a result of pass or fail; and

directing the first data processor to send, if the result of the at least one validation test is pass, data representative
of at least a portion of the received identification information to a merchant computer.

US Pat. No. 9,542,675

ALERT ARCHITECTURE

VISA INTERNATIONAL SERVIC...

1. A method comprising:
receiving, by a server computer, first transaction data comprising a first account identifier;
determining, by the server computer that the first account identifier is present in a first enrollment database comprising
a group of account identifiers, wherein the server computer and the first enrollment database are in a payment processing
network;

sending, by the server computer, the first transaction data to a notification computer, which is in communication with a second
enrollment database comprising at least the group of account identifiers, the sending based on a determination that the first
account identifier is present in the first enrollment database, wherein the notification computer thereafter sends an alert
message to a user device and wherein the notification computer and the second enrollment database are in a communication network
distinct from the payment processing network;

receiving, by the server computer, second transaction data comprising a second account identifier;
determining, by the server computer, that the second account identifier is not present in the first enrollment database comprising
the group of account identifiers; and

transmitting, by the server computer, an authorization response message associated with the second transaction data to a merchant
without sending the second transaction data to the notification computer, the transmitting based on a determination that the
second account identifier is not present in the first enrollment database,

wherein the first enrollment database and second enrollment database are linked with a synchronization link that stores a
portion of data from the second enrollment database in the first enrollment database at predetermined times such that the
first enrollment database acts as a thin database with respect to the second enrollment database.

US Pat. No. 9,542,687

SYSTEMS AND METHODS FOR VISUAL REPRESENTATION OF OFFERS

VISA INTERNATIONAL SERVIC...

1. A method comprising:
receiving, by a processor, transaction data associated with an account of a consumer;
determining, by the processor, from the transaction data, an occurrence of an event to trigger an offer, the event being a
completion of a transaction;

generating, by the processor, the offer upon detection of the occurrence of the event, the offer targeted to the consumer,
wherein the offer is generated using historic payment data that was generated in response to past transactions conducted by
the consumer with a plurality of different merchants, wherein the historic payment data includes previous purchases made using
a portable consumer device associated with the consumer, wherein the portable consumer device comprises a data space configured
to store operating parameters, wherein the data space is one of a secure data space and a physically separate data space,
wherein the historic payment data is collected by a payment processing network, and wherein the payment processing network
is configured to receive authorization request messages from acquirers associated with the plurality of different merchants,
send the authorization request messages to an issuer associated with the consumer, receive authorization response messages
from the issuer associated with the consumer, and send authorization response messages to the acquirers associated with the
plurality of different merchants;

determining, by the processor, a geographic location for redeeming the offer by
sending, by the processor, a request to a merchant system for one or more redemption locations affiliated with a merchant,
receiving, by the processor, from the merchant system identification data for the one or more redemption locations, and
determining, by the processor, the geographic location for redeeming the offer using the identification data;
generating, by the processor, a notification message including the offer, which is triggered by the completion of the transaction,
and a graphical depiction of the geographic location for redeeming the offer, the graphical depiction of the geographic location
generated by

selecting, by the processor, a map portion encompassing the geographic location, and
modifying, by the processor, the map portion by overlaying an indicator icon identifying the geographic location; and
sending, by the processor, the notification message to a notification device operated by the consumer, wherein the graphical
depiction of the offer is displayed on a map on the notification device;

determining, by the processor, a plurality of redemption actions available for redeeming the offer;
providing, by the processor, to the notification device an indication of the plurality of redemption actions available;
receiving, by the processor, a selection of one of the plurality of redemption actions from the notification device;
providing, by the processor, a message to the merchant system for completing the selected redemption action; and
receiving, by the processor, prior to arrival of the consumer at the geographic location, a confirmation message from the
merchant system indicating that the selected redemption action is confirmed.

US Pat. No. 10,140,615

SECURE MOBILE DEVICE CREDENTIAL PROVISIONING USING RISK DECISION NON-OVERRIDES

VISA INTERNATIONAL SERVIC...

1. A method, comprising:receiving, at a server computer, a provisioning request to provision a credential to a user device, wherein the credential is associated with an account of a user, and wherein the provisioning request includes a first risk level indicating a first perceived risk of provisioning the credential to the user device, wherein the first risk level is determined based on a first set of information;
determining, by the server computer, that the provisioning request includes a non-override condition, wherein the non-override condition recommends setting the first risk level as a final risk decision value;
determining, by the server computer, additional information associated with the user device or the account of the user available to the server computer, wherein the additional information is different than the first set of information;
generating, by the server computer, a second risk level associated with the provisioning request based on the additional information, wherein the second risk level indicates a second perceived risk of provisioning the credential to the user device different than the first perceived risk;
comparing, at the server computer, the first risk level to the second risk level;
when the first risk level is lower than the second risk level:
setting, by the server computer, the second risk level as the final risk decision value even when the non-override condition exists; and
preventing, by the server computer, the credential from being provisioned onto the user device without further authentication, wherein the user device is not capable of initiating a transaction using the account when the credential is prevented from being provisioned onto the user device;
when the first risk level is higher than the second risk level:
setting, by the server computer, the first risk level as the final risk decision value;
causing, by the server computer, one or more scripts to be executed on the user device thereby provisioning the credential onto the user device; and
converting, by the server computer, the user device into a payment device capable of initiating the transaction using the account.

US Pat. No. 10,115,099

OVER THE AIR MANAGEMENT OF PAYMENT APPLICATION INSTALLED IN MOBILE DEVICE

Visa International Servic...

1. A computer-implemented method of controlling use of a payment application installed on a mobile device comprising a processor and a contactless element coupled to the processor, the method comprising:receiving, by a server computer, a request to enable or disable user access to features or functions of the payment application;
generating, by the server computer, a command message responsive to the request, the command message comprising control data that when executed by the processor, permits or denies access to the features or functions of the payment application, so that the mobile device including the payment application can only be used to conduct only certain types or amounts of purchases; and
transmitting, by the server computer, the generated command message to the mobile device over a wireless network, wherein the processor executes the control data causing the payment application in the mobile device to permit or deny access to the features or functions of the payment application, so that the mobile device including the payment application can only be used to conduct only certain types or amounts of purchases at a terminal comprising a contactless reader in short range communication with the mobile device,
wherein the control data includes one or more of an access control indicator, an alphanumeric data string, or a set of data values; and
wherein the mobile device is configured to extract the control data from the command message and store the control data in a secure data storage of the mobile device.

US Pat. No. 10,110,621

SYSTEMS AND METHODS FOR SECURING ACCESS TO RESOURCES

VISA INTERNATIONAL SERVIC...

1. A method for securing access to a resource, the method comprising performing, by a computer system:determining a first set of previous access requests from a plurality of previous access requests, each previous access request of the first set including one or more parameters that involve one or more conditions of a potential access rule;
determining a total predictive percentage for the potential access rule based on validity information corresponding to each previous access request of the first set of previous access requests, the validity information indicating whether each access request of the plurality of previous access requests is valid or invalid;
segmenting the first set of previous access requests into a plurality of time-based subsets of access requests;
determining a predictive percentage for each of the plurality of time-based subsets based on the validity information corresponding to each previous access request of the time-based subsets;
determining a detection stability rating of the potential access rule by comparing the plurality of predictive percentages; and
selecting the potential access rule to be a candidate access rule for use in an operational set of access rules based on the detection stability rating of the potential access rule compared to detection stability ratings of other access rules, wherein the candidate access rule is included in the operational set of access rules, the operational set of access rules is loaded into a system memory, a plurality of real-time access requests are received over a network from a plurality of devices, the system memory is accessed to obtain the operational set of access rules when one of the plurality of real-time access requests is received from a first device of the plurality of devices, the operational set of access rules is used to determine an access request outcome for the one real-time access request, and access to the resource is provided based on the access request outcome.

US Pat. No. 10,095,276

INFORMATION ACCESS DEVICE AND DATA TRANSFER

Visa International Servic...

1. A method comprising:receiving, at a remote server, via a communication network, first physical interaction data from a mobile device comprising a first processor, a first accelerometer coupled to the first processor, and a first application that is operable to connect the mobile device to the remote server via the communication network, wherein the first physical interaction data represents a first external force acting on the mobile device and comprises first accelerometer data, first location data, and first time data;
receiving, at the remote server, via the communication network, second physical interaction data from an information terminal comprising a second accelerometer, a second processor coupled to the second accelerometer, and a second application that is operable to connect the information terminal to the remote server via the communication network, wherein the second physical interaction data represents a second external force acting on the information terminal and comprises second accelerometer data, second location data, and second time data;
responsive to receiving first and second interaction data, determining, by a pairing algorithm in the remote server that the mobile device interacted with the information terminal by comparing the first physical interaction data and the second physical interaction data, wherein the pairing algorithm compares the first and second location data before comparing the first and second accelerometer data, and wherein the first and second physical interaction data being compared by the pair algorithm comprises, respectively, a first duration of time when the mobile device is still and a second duration of time when the information terminal is still;
receiving, by the remote server, consumer-provided information from the mobile device;
after the pairing algorithm determines that the mobile device interacted with the information terminal, sending, by the remote server, the consumer-provided information to the information terminal;
receiving, by the remote server, merchant-provided information sent by a merchant in response to the receipt of the consumer-provided information; and
after the pairing algorithm determines that the mobile device interacted with the information terminal, sending, by the remote server, the merchant-provided information to the mobile device.

US Pat. No. 10,043,186

SECURE AUTHENTICATION SYSTEM AND METHOD

Visa International Servic...

1. A method comprising:receiving, a Purchase Authentication Page by a computer from a control server over a communications network, the Purchase Authentication Page having a user response posting field to receive a response from a user to authenticate the user; and
providing, a returned Purchase Authentication Page by the computer to the control server over the communications network, the returned Purchase Authentication Page having a user response disposed in the user response posting field and a secure datum received from a verification token associated with the computer, wherein the control server thereafter
compares at least a portion of the received user response to a stored user response to make a first determination of whether a match exists,
compares the received secure datum to a stored secure datum to make a second determination of whether a match exists, and
generates a Payer Authentication Response message based on at least the first and second determinations.

US Pat. No. 10,037,523

OVER THE AIR UPDATE OF PAYMENT TRANSACTION DATA STORED IN SECURE MEMORY

VISA INTERNATIONAL SERVIC...

1. A data processing device, comprising:a processor;
a memory; and
a set of instructions stored in the memory, which when executed by the processor implement a method to:
receive first data for a first payment transaction on a prepaid account associated with a mobile device from a first point of sale terminal, wherein at least some of the first data is provided to the first point of sale terminal by the mobile device which communicates with the first point of sale terminal using a contactless device, wherein the mobile device stores transaction data in a memory of the mobile device, wherein the mobile device further stores an accumulator in the memory, wherein the stored transaction data includes first information received from the first point of sale terminal using the contactless device, wherein the first information includes a first initial transaction amount of the first payment transaction, and wherein the mobile device adjusts the accumulator from an original accumulator value to a first accumulator value based on the first initial transaction amount;
receive second data for a second payment transaction on the prepaid account from a second point of sale terminal, wherein at least some of the second data is provided to the second point of sale terminal by the mobile device which communicates with the second point of sale terminal using the contactless device, wherein the second data includes an actual transaction amount for the second payment transaction, wherein the mobile device stores second information received from the second point of sale terminal using the contactless device, wherein the second information received by the mobile device from the second point of sale terminal includes a second initial transaction amount of the second payment transaction, wherein the second initial transaction amount received by the mobile device from the second point of sale terminal is different from the actual transaction amount received from the second point of sale terminal, wherein the mobile device adjusts the accumulator from the first accumulator value to a second accumulator value based on the second initial transaction amount;
process the second received data to generate a record of the second payment transaction, wherein the record of the second payment transaction includes the actual transaction amount for the second payment transaction;
determine a valid mobile gateway for communicating with the mobile device based on transaction information associated with the second payment transaction, wherein the valid mobile gateway is one of a plurality of mobile gateways configured to interface with a wireless communication system; and
synchronize the accumulator stored in the mobile device by providing the record of the second payment transaction including the actual transaction amount to the valid mobile gateway, thereby causing the record of the second payment transaction to be provided to the mobile device over the wireless communication system, wherein the mobile device adjusts the accumulator from the second accumulator value to a third accumulator value based on the difference between the actual transaction amount of the second payment transaction and the second initial transaction amount of the second payment transaction.

US Pat. No. 9,996,815

VERTICAL NETWORK COMPUTING INTEGRATION, ANALYTICS, AND AUTOMATION

VISA INTERNATIONAL SERVIC...

1. A method comprising:receiving, at a payment processing network comprising a file and data conversion module, purchase data as part of a payment authorization associated with a product and a merchant, wherein the purchase data comprises product identifiers and wherein the purchase data is received in an authorization request message which also includes an account number and expiration date, wherein the payment processing network is configured to process credit and debit transactions, wherein the file and data conversion module with the payment processing network is configured to convert the authorization request message from a first format to a second format;
converting the authorization request message by the file and data conversion module from the first format to the second format;
transmitting, by the payment processing network comprising an authorization module, the authorization request message in the second format to an issuer that issued the account number, wherein the authorization module is configured to process authorization request messages and determine a destination for the authorization request messages;
receiving an authorization response message from the issuer;
transmitting the authorization response message to the merchant;
communicating the purchase data received at the payment processing network to an analysis computer;
receiving, at the analysis computer, the purchase data that is associated with the product and the merchant;
receiving, at the analysis computer, inventory data that is associated with the product and a supplier;
analyzing, by the analysis computer, the purchase data and the inventory data to generate analytics that predict demand or suggest future purchase orders based on inventory and sales history data; and
communicating, by an inventory shortage alert module at the analysis computer, an alert message based on the analytics.

US Pat. No. 9,953,311

SYSTEMS AND METHODS FOR INCORPORATING QR CODES

Visa International Servic...

1. A method for facilitating a transaction, comprising:scanning, via a communication device, a first machine readable code encoding first data generated by an access device to form encoded information, wherein the first data comprises at least a random number unique to the transaction and a transaction amount for the transaction;
decoding the encoded information to obtain the random number unique to the transaction and the transaction amount;
generating, via the communication device, a cryptogram by encrypting the random number, the transaction amount, device specific information for the communication device, and a location associated with the communication device with an encryption algorithm;
obtaining, via the communication device, financial credentials data from a payment application being executed on the communication device;
generating, via the communication device, a second machine readable code encoding second data comprising the financial credentials data and the cryptogram; and
displaying on a display of the communication device the second machine readable code, wherein the second machine readable code is scanned and decoded by the access device, the access device thereafter generating an authorization request message including at least the financial credentials data, the random number, and the cryptogram to an issuer computer for authorization.

US Pat. No. 9,922,338

SYSTEMS AND METHODS TO APPLY BENEFIT OF OFFERS

Visa International Servic...

1. A computer-implemented method, comprising:
providing a computing apparatus in an electronic payment processing system having:
a first electronic payment processing network having:
a first transaction handler configured to route authorization requests for payment transactions made in first payment accounts
in the first electronic payment processing network to first issuer processors of the first payment accounts, and

a data warehouse coupled with the first transaction handler and storing data associating offers associating payment accounts;
a second electronic payment processing network having a second transaction handler configured to route authorization requests
for payment transactions made in second payment accounts in the second electronic payment processing network to second issuer
processors of the second payment accounts;

a plurality of transaction terminals configured to initiate payment transactions in the first electronic payment processing
network and in the second electronic payment processing network, wherein an authorization request initiated by a transaction
terminal for a transaction in a payment account in the second electronic payment processing network is required to be handled
by the second transaction handler; and

the computing apparatus coupled to the first electronic payment processing network, the second electronic payment processing
network, and the transaction terminal;

receiving, by the computing apparatus from the transaction terminal, the authorization request for authorization of the transaction
in the payment account, wherein the payment account identified in the authorization request requires that the authorization
request be processed by the second transaction handler in the second electronic payment processing network;

determining, by the computing apparatus, whether the transaction is relevant to benefit redemption of the offers identified
in the data warehouse of the first transaction handler in the first electronic payment processing network;

determining, by the computing apparatus, whether to route the authorization request to the first electronic payment processing
network or the second transaction handler, based on whether or not the transaction is relevant to benefit redemption of the
offers identified in the data warehouse of the first transaction handler in the first electronic payment processing network;
and

in response to a determination that the transaction is relevant to benefit redemption of a first offer in the offers,
transmitting, by the computing apparatus, the authorization request to the first transaction handler in the first electronic
payment processing network, the authorization request identifying the payment account in the second electronic payment processing
network, wherein the authorization request causes the first transaction handler to:

identify a benefit of an offer stored, in the data warehouse, in association with an identifier of the payment account;
apply the benefit of the offer to the transaction to generate a modified transaction in the payment account;
obtain authorization for the modified transaction from the second transaction handler in the second electronic payment processing
network; and

generate an authorization response to the authorization request and provide in the authorization response offer information
identifying the benefit applied to the transaction;

receiving, by the computing apparatus from the first transaction handler configured in the first electronic payment processing
network, the authorization response for the authorization request, the authorization response including the offer information
provided by the first transaction handler; and

providing, by the computing apparatus to the transaction terminal, the authorization response as a response to the authorization
request received from the transaction terminal.

US Pat. No. 9,912,483

SYSTEMS AND METHODS TO SECURE USER IDENTIFICATION

Visa International Servic...

1. A method, comprising:
receiving, with a server from a user device, a communication including:
a digital signature;
user information of a user of the user device; and
a first user identifier configured to identify the user of the user device among a plurality of first users of the server,
wherein the first user identifier is generated by a computing device, separate from the server and the user device, based
on a combination of:

the user information of the user that is received in the computing device from the user device before the communication is
received in the server; and

a second user identifier of the user configured to identify the user of the user device among a plurality of second users
of the computing device;

extracting the second user identifier from the first user identifier; and
validating an integrity of the communication based on the first user identifier, the second user identifier extracted from
the first user identifier, and the user information of the user received in the communication, wherein validating the integrity
of the communication comprises:

combining, with the server, the second user identifier extracted from the first user identifier and the user information of
the user received in the communication with a secret shared between the server and the computing device,

generating, with the server, a combined dataset based on combining the second user identifier and the user information of
the user with the secret,

applying, with the server, a hash function to the combined dataset,
generating, with the server, a hash result based on applying the hash function to the combined dataset, and
comparing, with the server, the hash result to the digital signature, and
determining, with the server, whether the hash result matches the digital signature based on comparing the hash result to
the digital signature; and

determining to grant access to a service associated with the server based on validating the integrity of the communication.

US Pat. No. 9,904,919

VERIFICATION OF PORTABLE CONSUMER DEVICES

Visa International Servic...

1. A method comprising:
receiving, from a user computer at a server computer over a communications network, a request for a verification value associated
with a portable consumer device associated with a user, and an encrypted message encrypted using a key stored in a security
module of a verification token, the verification token in communication with the user computer, the request comprising identification
information pertaining to the portable consumer device;

applying, by the server computer, at least one validation test pertaining to the received request, wherein the validation
test comprises validating the encrypted message from the user computer; and

sending, by the server computer to the user computer over the communications network, after the at least one validation test
is passed, a verification value to the verification token or to an entity configured to forward the verification value to
the verification token.

US Pat. No. 9,853,993

SYSTEMS AND METHODS FOR GENERATION AND SELECTION OF ACCESS RULES

VISA INTERNATIONAL SERVIC...

1. A method for securing access to a resource, the method comprising performing, by a computer system:
storing a plurality of previous access requests and parameters of the plurality of previous access requests;
storing validity information corresponding to the plurality of previous access requests, the validity information indicating
whether each access request of the plurality of previous access requests is valid or invalid;

generating a potential access rule including one or more conditions;
determining a first set of previous access requests of the plurality of previous access requests, each previous access request
of the first set including one or more parameters that involve the one or more conditions of the potential access rule;

determining a total predictive percentage for the potential access rule based on the validity information corresponding to
each previous access request of the first set of previous access requests;

segmenting the first set of previous access requests into a plurality of time-based subsets of access requests;
determining a predictive percentage for each of the plurality of time-based subsets based on the validity information corresponding
to each previous access request of the time-based subsets;

determining a detection stability rating of the potential access rule by comparing the plurality of predictive percentages;
selecting the potential access rule to be included in an operational set of access rules based on the detection stability
rating of the potential access rule compared to detection stability ratings of other access rules;

loading the operational set of access rules into a system memory;
receiving, over a network from a plurality of devices, a plurality of real-time access requests;
accessing the system memory to obtain the operational set of access rules when one of the plurality of real-time access requests
is received from a first device of the plurality of devices;

using the operational set of access rules to determine an access request outcome for the one real-time access request; and
providing access to the resource based on the access request outcome.

US Pat. No. 9,846,862

MULTI-DIRECTIONAL WALLET CONNECTOR APPARATUSES, METHODS AND SYSTEMS

VISA INTERNATIONAL SERVIC...

1. A user-merchant reference linking processor-implemented method, comprising:
receiving, via a processor, a wallet credential log-in request;
creating a user-merchant relationship identifier, wherein the user-merchant relationship identifier is merchant specific;
storing user-merchant actions and associating the user-merchant actions with the user-merchant relationship identifier;
associating non-merchant specific user history with a user history identifier, wherein the user history identifier is related
to the user-merchant relationship identifier;

performing a user-merchant action to obtain a wallet user interface;
mapping the wallet user interface into a native wallet user interface of a native wallet application; and
generating a native wallet user interface widget for extension of the native wallet application.

US Pat. No. 9,838,872

SYSTEM AND METHOD FOR MOBILE IDENTITY PROTECTION FOR ONLINE USER AUTHENTICATION

Visa International Servic...

1. A method for detecting fraud using a wireless device of an entity, the method comprising:
obtaining, by an authentication application, data regarding an application access event from a data network, the application
access event being an attempt to access an application by the entity, and wherein the application access event is automatically
invoked when the wireless device of the entity is proximate to a mobile access point associated with the application;

obtaining, by the authentication application, a unique identifier representing the entity;
obtaining, by the authentication application, a location of the application access event from the mobile access point;
obtaining, by the authentication application, a location of the wireless device;
generating, by the authentication application, an authentication result based on at least the location of the application
access event and a time that the location of the application access event was obtained, and the location of the wireless device;
and

allowing or not allowing the entity to access the application based upon the authentication result.

US Pat. No. 9,818,118

TRANSACTION AGGREGATOR

Visa International Servic...

1. A method for deriving aggregated transaction data comprising:combining information requests from a plurality of information requesters into a transaction data inquiry using an aggregator
server, the information requests including at least one request for aggregated transaction data comprising information about
a plurality of transactions or a plurality of accounts of a user;
sending the transaction data inquiry from the aggregator server to a transaction database;
receiving a transaction data response file from the transaction database at the aggregator server, wherein the transaction
data response file comprises raw transaction level data of transaction details for each of a plurality of individual transactions
conducted on each of one or more of the plurality of accounts of the user;

parsing the transaction data response file according to a plurality of model transaction aggregates using the aggregator server,
the plurality of model transaction aggregates including at least a first model transaction aggregate being a first type of
transaction information over a first time period, a second model transaction aggregate being a second type of transaction
information over a second time period that is different than the first time period, and a third model transaction aggregate
being a ratio of a third type of transaction information over a third time period to the third type of transaction information
over a fourth time period;

determining the aggregated transaction data from the parsed transaction data using the aggregator server; and
generating a report file including the aggregated transaction data using the aggregator server and sending the report file
from the aggregator server to one or more of the information requesters, wherein the report file sent to at least one information
requester includes unsolicited aggregated transaction data about the user that the at least one information requester did
not request, the user being a different entity than the at least one information requester.

US Pat. No. 9,773,246

PRE-AUTHORIZATION OF A TRANSACTION USING PREDICTIVE MODELING

VISA INTERNATIONAL SERVIC...

1. A method of using an electronic device storing an authorization for a specific future transaction by a consumer, the method
comprising:
performing a plurality of previous transactions using the electronic device;
receiving, by the electronic device from an authorization server via a network, a first electronic message that includes an
authorization token for authorization of a specific future transaction, wherein the authorization is for a time when the specific
future transaction is predicted to be likely based on the previous transactions, wherein the authorization token is received
prior to initiation of the specific future transaction, and wherein the specific future transaction is identifiable by one
or more keys that characterize the specific future transaction; and

providing, with the electronic device, a second electronic message including the authorization token stored on the electronic
device to a merchant device at the time when the specific future transaction is predicted to be likely, wherein the time when
the specific future transaction is predicted to be likely is a time window, wherein the authorization token conveys the time
window within which the authorization token is valid, where the authorization token is valid only within the time window,
wherein the authorization token is operable to be used during a process for authorizing a transaction that is initiated using
the electronic device and that matches the one or more keys, the authorization token authorizing payment from one or more
accounts of the consumer.

US Pat. No. 9,754,258

SPEECH TRANSACTION PROCESSING

Visa International Servic...

1. A method of authenticating a user for a transaction, the method comprising:
receiving, at a server computer, a communication indicative of the communication device associated with the user entering
a location within a virtual perimeter;

in response to receiving the communication and prior to receiving a voice segment from the user, retrieving, via the server
computer, a reference for accessing a voice model associated with the user, wherein the voice model is stored in a database,
wherein the reference is a pointer to a storage address within the database;

using, at the server computer, the reference to access the voice model stored in the database;
comparing, at the server computer, the received voice segment to the voice model;
determining, at the server computer, whether the user is authenticated for the transaction based at least in part on comparing
the received voice segment to the voice model; and

transmitting, via the server computer and to a merchant computer, a result of the determining step.

US Pat. No. 9,660,814

PROVIDING DIGITAL CERTIFICATES

Visa International Servic...

1. A method for providing digital certificates, conducted at a remotely accessible server and comprising the steps of:
receiving, by a remotely accessible server and from a communication device, a request for a digital certificate, the request
including an identifier associated with a certificate store module of a mobile device, the certificate store module including
a database configured to store a plurality of digital certificates;

obtaining, by the remotely accessible server, a communication address of the mobile device associated with the identifier,
wherein the certificate store module is in or coupled to the mobile device;

transmitting, by the remotely accessible server, a request for a digital certificate to the certificate store module via the
mobile device, wherein the certificate store module is configured to prompt a user thereof, via the mobile device, for a passcode
before releasing the certificate;

receiving, by the remotely accessible server, the digital certificate from the certificate store module via the mobile device
in response to entry of a passcode into the certificate store module which corresponds to an offset stored in the certificate
store module; and,

transmitting, by the remotely accessible sever, the digital certificate to the communication device for use in digitally signing
or encrypting a data message,

wherein the step of obtaining the communication address of the mobile device associated with the identifier includes:
extracting, by the remotely accessible server, the identifier from the request,
wherein the step of extracting the identifier from the request includes extracting the identifier from a path portion of a
uniform resource locator (URL) submitted to the remotely accessible server by the communication device, and wherein the identifier
is an alphanumeric sequence uniquely associated with the certificate store module.

US Pat. No. 9,654,977

CONTEXTUALIZED ACCESS CONTROL

VISA INTERNATIONAL SERVIC...

1. A method comprising:
automatically receiving, at a mobile device via sensors included in the mobile device, contextual information associated with
the mobile device, the contextual information related to a physical environment surrounding the mobile device, wherein the
contextual information is used in different authentication techniques;

accessing, at the mobile device, an access control policy associated with an application;
comparing the contextual information to behavioral patterns associated with a user of the mobile device;
determining, at the mobile device, a level of access for the application and the user based on the comparison of the contextual
information associated with the mobile device to the behavioral patterns and the access control policy associated with the
application, wherein the level of access is selected from multiple levels of access available to the user for the application,
wherein the different authentication techniques are associated with different levels of access of the multiple levels of access,
the multiple levels of access comprising at least full access and partial access;

receiving an indication that an action has been performed with respect to the mobile device that meets the determined level
of access; and

providing, by the mobile device, access to the application based on the indicated action.

US Pat. No. 9,648,013

SYSTEMS, METHODS AND DEVICES FOR PERFORMING PASSCODE AUTHENTICATION

VISA INTERNATIONAL SERVIC...

1. A method of performing passcode authentication, the method being conducted at a mobile device and comprising the steps
of:
receiving, by the mobile device, an authentication request from a security gateway;
receiving, by the mobile device, a passcode entered by a user of the mobile device;
comparing the entered passcode to a passcode offset securely stored in a hardware security module (HSM) within or attached
to the mobile device, the HSM comprising a processor having a cryptographic arithmetic logic unit that is optimized for performing
cryptographic functions and a secure storage for passcode offsets;

if the entered passcode corresponds with the passcode offset, generating, by the HSM, a secure authentication confirmation
message and transmitting the confirmation message to the security gateway; and,

if the entered passcode does not correspond with the passcode offset, generating, by the HSM, a secure authentication denial
message and transmitting the authentication denial message to the security gateway,

wherein the steps of generating a secure authentication confirmation message or a secure authentication denial message include
digitally signing the secure authentication confirmation message or secure authentication denial message,

wherein the method includes a step of establishing encrypted communication between the mobile device and the security gateway
to transmit the secure authentication confirmation message or secure authentication denial message.

US Pat. No. 9,672,508

OVER THE AIR UPDATE OF PAYMENT TRANSACTION DATA STORED IN SECURE MEMORY

VISA INTERNATIONAL SERVIC...

1. An apparatus for facilitating payment transactions between a plurality of consumers and a plurality of merchants, comprising:
a processor;
a memory; and
a set of instructions stored in the memory, which when executed by the processor, cause the processor to:
generate a first pair of encryption keys, the first pair of encryption keys including a first encryption key and a second
encryption key;

distribute the first encryption key to a first mobile gateway that processes a first set of payment transactions;
generate a second pair of encryption keys, the second pair of encryption keys including a third encryption key and a fourth
encryption key;

distribute the third encryption key to an issuer computer, wherein the issuer computer generates a first device key using
the third encryption key and distributes the first device key to a first mobile device, wherein the first mobile device receives
the first device key from the issuer computer, wherein the first mobile device conducts a transaction with a device reader,
wherein the device reader provides transaction data for the transaction to the issuer computer, wherein the issuer computer
generates updated transaction data for the transaction;

generate a first session key for encrypting the updated transaction data using the second encryption key;
generate the first device key using the fourth encryption key;
encrypt the first session key using the first device key to create a first encrypted session key; and
distribute the first encrypted session key to the first mobile device via the first mobile gateway, wherein the first mobile
device decrypts the first encrypted session key using the first device key that the first mobile device previously received
from the issuer computer, wherein the first mobile gateway encrypts the updated transaction data using the first session key
and transmits the encrypted updated transaction data to the first mobile device, wherein the first mobile device decrypts
the encrypted updated transaction data using the first session key.

US Pat. No. 9,665,722

PRIVACY FIREWALL

Visa International Servic...

1. A method comprising:
receiving, by a privacy computer located within a secure area, a message directed at a recipient computer located outside
the secure area, wherein the message includes sensitive data;

identifying, by the privacy computer, the sensitive data using a plurality of privacy rules;
anonymizing, by the privacy computer, the sensitive data according to the plurality of privacy rules to generate anonymized
data, wherein anonymizing the sensitive data according to the plurality of privacy rules includes:

removing unnecessary sensitive data,
masking the sensitive data to maintain format,
separating the sensitive data into associated data groupings, and
de-contexting the sensitive data;
generating, by the privacy computer, a hidden record including the anonymized data; and
forwarding the hidden record and the message including the anonymized data to the recipient computer located outside the secure
area.

US Pat. No. 9,613,354

DEVICE, SYSTEM AND METHOD FOR REDUCING AN INTERACTION TIME FOR A CONTACTLESS TRANSACTION

VISA INTERNATIONAL SERVIC...

1. A method comprising:
sending from a reader to a payment device a terminal unpredictable number and a transaction amount;
receiving from the payment device a message with a dynamic signature generated based on an application transaction counter
(ATC), the terminal unpredictable number, and the transaction amount, the dynamic signature sent with an application file
locator (AFL); and then

transmitting from the reader to the payment device a command message to request one or more records indicated in the AFL from
the payment device;

receiving at the reader from the payment device the requested one or more records requested by the command message, wherein
the one or more records requested by the command message is received at the reader within 500 milliseconds of the reader sending
the terminal unpredictable number and the transaction amount to the payment device; and

causing a recalculation of the dynamic signature in order to authorize a transaction if the dynamic signature received from
the payment device matches the recalculated dynamic signature.

US Pat. No. 9,582,799

TOKEN BASED TRANSACTION AUTHENTICATION

Visa International Servic...

1. A method comprising:
receiving, by a server computer, a consumer payment nickname from a client computer;
receiving, by the server computer, a payment reference identifier from the client computer, wherein the payment reference
identifier was previously generated by the server computer;

analyzing, by the server computer, the received payment reference identifier;
determining, by the server computer, that the received payment reference identifier matches the previously generated payment
reference identifier to determine an authentication thread;

analyzing, by the server computer, the consumer payment nickname;
determining, by the server computer, an account identifier associated with the consumer payment nickname;
determining, by the server computer, an authorization computer from the account identifier;
generating, by the server computer, a message comprising the payment reference identifier and the account identifier;
sending, by the server computer, the message comprising the payment reference identifier and the account identifier associated
with the consumer payment nickname to the authorization computer; and

receiving, from the authorization computer, the payment reference identifier and an authentication address, which is forwarded
to the client computer and is used to authenticate a user that holds an account associated with the account identifier.

US Pat. No. 9,552,573

INTEROPERABLE FINANCIAL TRANSACTIONS VIA MOBILE DEVICES

Visa International Servic...

1. A method comprising:
receiving, at a data converter associated with a first server computer associated with a first entity, a set of data elements
in a non-financial transaction message format to transfer funds from the first entity operating a mobile communication device
to a second entity via a communications network, wherein the set of data elements comprises a mobile communications device
identifier used by the second entity, a second entity identifier, and an amount associated with the funds to be transferred;

generating, by the data converter associated with the first server computer, a transaction request message in a financial
transaction message format that is configured to pass through a payment processing network from the set of data elements in
the non-financial transaction message format, wherein the transaction request message comprises a transaction type indicator,
the amount, and a primary account number (PAN) comprising the mobile communication device identifier and the second entity
identifier;

transmitting, by the first server computer, the transaction request message to a second server computer associated with the
second entity, via the payment processing network;

receiving, by the first server computer, a transaction response message from the second server computer via the payment processing
network, wherein the transaction response message indicates that the transfer of funds is approved; and

wherein in response to receiving the transaction response message indicating that the transfer of funds is approved, the funds
are transferred between a first account associated with the first server computer and a second account associated with the
second server computer.

US Pat. No. 9,477,967

SYSTEMS AND METHODS TO PROCESS AN OFFER CAMPAIGN BASED ON INELIGIBILITY

VISA INTERNATIONAL SERVIC...

1. A method, comprising:
providing a computing apparatus comprising:
a transaction handler configured in an electronic payment processing network in which the transaction handler interconnects
issuer processors controlling consumer accounts from which payments are made and acquirer processors controlling merchant
accounts to which the payments are made;

a communication portal coupled with the transaction handler and configured to communicate with computing devices outside the
electronic payment processing network, the communication portal further configured to provide a user interface to merchants
for creating offer campaigns, wherein the user interface is configured to receive a computing action specified by one of the
merchants to invoke when an event satisfying requirements of a record is detected;

a rule engine configured to receive, from the communication portal, a set of records for an offer campaign specified by a
merchant computing device, each record specifying requirements for an event and a computing action to be performed in response
to an account holder meeting the requirements for the event, wherein each record in the set of records identifies a set of
conditions to match an event to be completed by the account holder participating in the offer campaign, wherein the set of
records includes a first record identifying a first event, and a second record identifying a second event corresponding to
an occurrence of ineligibility of the account holder to complete the first event, wherein events relevant to the offer campaign
include purchases by consumers, and the transaction handler is configured to detect the purchases;

a data warehouse, coupled with the transaction handler and the rule engine, configured to store:
the set of records,
communication references in connection with identifiers of the consumer accounts, wherein authorization communications within
the electronic payment processing network for the payments identify the consumer accounts using the identifiers of the consumer
accounts, the data warehouse further storing transaction data recording the payments processed by the transaction handler
in the electronic payment processing network, and

account data identifying a plurality of account features of the consumer accounts, each respective account feature of the
plurality of account features to provide a respective benefit to a holder of a respective consumer account; and

monitoring, by the transaction handler, communications in the electronic payment processing network for the payments in the
consumer account to obtain first transaction data;

based at least in part on the first transaction data, monitoring, by the rule engine, occurrences of events relevant to the
offer campaign to detect events completed by the account holder in accordance with the set of records;

detecting, by the rule engine in accordance with the second record, the occurrence of ineligibility of the account holder
to complete the first event; and

in response to the detection by the rule engine of the occurrence of ineligibility of the account holder to complete the first
event:

instructing, by the rule engine, the communication portal to communicate with a computing device of the account holder using
a communication reference that is associated with an identifier of the account holder in the data warehouse, including providing,
by the communication portal outside the electronic payment processing network, to the computing device of the account holder
with a notification to be generated, wherein the notification is configured to present a user interface to display the notification,
and

instructing, by the rule engine, the data warehouse to store data indicating completion of the second event by the account
holder.

US Pat. No. 10,096,043

SYSTEMS AND METHODS TO FORMULATE OFFERS VIA MOBILE DEVICES AND TRANSACTION DATA

VISA INTERNATIONAL SERVIC...

1. A method, comprising:providing a computing apparatus having:
a data warehouse storing information about products available from merchants and transaction data of users;
an artificial intelligence engine; and
a portal;
receiving, via the portal over a communication connection from a mobile device positioned in a retail location, identification information of a product disposed in the retail location;
determining, by the computing apparatus, a list of retail prices at a plurality of merchants for the product based on the information about products stored in the data warehouse;
communicating, by the computing apparatus via the portal to the mobile device, the list of retail prices to cause the mobile device to present the list to a user of the mobile device;
determining, by the computing apparatus based on the transaction data stored in the data warehouse, whether the mobile device is used to purchase the product from the retail location;
in response to a determination that the mobile device is not used to purchase the product from the retail location and a determination that the mobile device is leaving the retail location,
generating, by the computing apparatus, an offer according to the identification information of the product;
communicating, by the computing apparatus, the offer to the mobile device to cause the mobile device to present the offer to the user of the mobile device; and
virtually representing, by the artificial intelligence engine, a merchant of the retail location in negotiating with the user of the mobile device according to best practices of deal negotiation and iteratively identifying, by the artificial intelligence engine according to rules specified for the offer, increases of the benefit of the offer provided to the user, wherein each iteration of the iteratively identifying of the increases includes:
receiving data indicating further actions of the user detected via the mobile device, the data comprising a number or type of products scanned by the user that are related to the product;
calculating intensity of interest of the user in the product;
calculating, under a condition that the offer is improved, a confidence level of the user of the mobile device purchasing the product from the retail location based on the data indicating further actions of the user detected via the mobile device; and
computing a corresponding one of the further increases in response to the further actions of the user and based on:
the intensity of interest of the user in the product; and
the likelihood confidence level of the user of the mobile device purchasing the product from the retail location;
communicating, by the portal, the increases of the benefit to the mobile device;
storing, in the data warehouse coupled with a transaction handler of an electronic payment processing network, the offer in association with a payment account of the user; and
transmitting to the mobile device a real-time message about the offer, in response to authorization of a transaction, to which the offer is applicable, being processed by the transaction handler, wherein the real-time message is configured to arrive at the mobile device substantially at a same time when an authorization response for the transaction arrives at a transaction terminal at the retail location.

US Pat. No. 9,852,476

CASE MANAGEMENT INTERFACE

VISA INTERNATIONAL SERVIC...

1. A method comprising:
receiving, at a computer system, a request for visualization of a plurality of transaction orders;
obtaining, by the computer system, transaction data associated with the plurality of transaction orders from a database communicatively
coupled to the computer system, each transaction order composed of data elements;

determining, by the computer system, a set of the transaction orders in the plurality of transaction orders as being correlated
based on one or more common data elements in the transaction data associated with the set of the transaction orders;

displaying, by the computer system on a display screen, data objects that correspond to the set of transaction orders and
data objects that correspond to the one or more common data elements;

displaying, by the computer system on the display screen, the set of the transaction orders as being correlated by showing
visual connections between the data objects that correspond to the set of transaction orders and the data objects that correspond
to the one or more common data elements;

receiving, via a pointing device on the display screen, a selection of one or more of the data objects that correspond to
the set of transaction orders in the plurality of transaction orders;

providing, by the computer system, a menu with a plurality of options for the transaction orders corresponding to the selected
one or more data objects;

receiving, by the computer system, a selection of an option from the plurality of options; and
initiating, by the computer system, an action associated with the transaction orders corresponding to the selected one or
more data objects based on the selection of the option.

US Pat. No. 9,847,997

SERVER BASED BIOMETRIC AUTHENTICATION

Visa International Servic...

1. A method for biometric authentication, comprising:
receiving, by an identity (ID) manager computer and from a resource providing entity computer, user identifying information
associated with a user;

transmitting, by the ID manager computer, the user identifying information to an ID splitting computer;
in response to transmitting the user identifying information to the ID splitting computer, receiving, by the ID manager computer
and from the ID splitting computer, a first user identifier and a second user identifier, wherein the first user identifier
and the second user identifier are associated with the user identifying information;

transmitting, by the ID manager computer, the first user identifier to a first template storage computer, wherein the first
template storage computer matches the first user identifier to a first fragment of a biometric template associated with the
user and transmits the first fragment of the biometric template to a matcher computer;

transmitting, by the ID manager computer, the second user identifier to a second template storage computer, wherein the second
template storage computer matches the second user identifier to a second fragment of the biometric template associated with
the user and transmits the second fragment of the biometric template to the matcher computer, wherein matching the first user
identifier to the first fragment of the biometric template is based at least in part on a first random number associated with
both the first user identifier and the first fragment of the biometric template, wherein matching the second user identifier
to the second fragment of the biometric template is based at least in part on a second random number associated with both
the second user identifier and the second fragment of the biometric template, and wherein the first random number is different
than the second random number; and

wherein the matcher computer combines the first fragment of the biometric template and the second fragment of the biometric
template to determine whether biometric data provided by the user, received by the matcher computer and from the resource
providing entity computer, matches the combined biometric template.

US Pat. No. 9,846,861

UPSTREAM AND DOWNSTREAM DATA CONVERSION

Visa International Servic...

1. A method comprising:
receiving via a network, at a broker computer that includes a server computer with an interface for receiving and transmitting
order messages, a second order message comprising an order and an account token, wherein the second order message is received
from a merchant ordering system, and wherein a first order message is received at the broker computer that originates from
an upstream trading partner computer prior to receiving the second order message from the merchant ordering system at the
broker computer;

initiating, at the broker computer, a detokenization process to detokenize the account token and to form an account identifier;
generating, by the broker computer, a third order message with the order and the account identifier in response to receiving
the second order message; and

transmitting, by the broker computer to a downstream trading partner computer, the third order message, wherein the downstream
trading partner computer initiates a payment transaction by transmitting the account identifier to an authorization computer
for authorization in response to receiving the third order message.

US Pat. No. 9,846,873

TRUSTED INTERNAL INTERFACE

Visa International Servic...

1. A method, comprising:
receiving, at a payment module installed on a payment device, payment data and value-add data associated with a user of the
payment device;

receiving, at the payment module, via an interface that couples the payment module to an application that is installed on
the payment device and that is configured to enable mobile payments, a request to facilitate a payment transaction between
the user of the payment device and a merchant; and

transmitting, by the payment module, to a point-of-sale device of the merchant the payment data and the value-add data that
is associated with the user of the payment device.

US Pat. No. 9,846,878

PAYMENT ACCOUNT IDENTIFIER SYSTEM

Visa International Servic...

1. A method comprising:
receiving, by a token service computer, a first request comprising a primary account identifier from a token requestor computer;
determining, by the token service computer, a transactable payment token and a non-transactable payment account identifier
associated with the primary account identifier;

transmitting, by the token service computer, the transactable payment token and the non-transactable payment account identifier
to the token requestor computer,

wherein the transactable payment token and the non-transactable payment account identifier are subsequently provided to one
or more entities to conduct a first payment transaction;

receiving, by the token service computer, a second request comprising the non-transactable payment account identifier from
an entity of the one or more entities;

determining, by the token service computer, information associated with the non-transactable payment account identifier; and
transmitting, by the token service computer, the information associated with the non-transactable payment account identifier
to the entity.

US Pat. No. 9,846,905

GATEWAY ABSTRACTION LAYER

Visa International Servic...

1. A computer-implemented method comprising:
establishing, by a merchant or acquirer computer, communication with a gateway server;
transmitting, from the merchant or acquirer computer to the gateway server, a service request message including service request
data or transaction authorization request data, wherein the service request message is intended for a service provider or
a payment network, wherein the service request message is transmitted according to a first format over a first application
platform interface (API) regardless of communication standard requirements of the service provider or the payment network,
wherein the gateway server thereafter:

parses the service request data from the service request message, the service request data including a service provider identifier
indicating the service provider;

accesses an abstraction layer database to determine the service provider using the service provider identifier;
translates, using the abstraction layer database, at least a portion of the service request data into a second data format
to communicate with the service provider, the second data format being different from the first data format, the second data
format satisfying the communication standard requirements of the service provider;

transmits a service call message to the service provider over a second API, the service call message including the translated
service request data in the second data format;

parses the transaction authorization request data from the service request message, the transaction authorization request
data including a payment network identifier indicating a payment network;

translates, using the abstraction layer database, at least a portion of the transaction authorization request data into a
third data format to communicate with the payment network, the second data format being different than the third data format,
the third data format satisfying communication standard requirements of the payment network;

transmits a transaction authorization request message to the payment network, the transaction authorization request message
including the translated transaction authorization request data in the third data format; and

manages changes to the communication standard requirements of the service provider and the payment network such that the second
format complies with the communication standard requirements of the service provider and the third format complies with the
communication standard requirements of the payment network.

US Pat. No. 9,842,336

RISK ASSESSMENT RULE SET APPLICATION FOR FRAUD PREVENTION

VISA International Servic...

1. A computer-implemented method for determining and for denying the authorization of fraudulent financial transactions, the
method comprising:
receiving, via a communication network, by one or more processors, a request to authorize a transaction between a merchant
and an account holder on an account issued by an issuer, wherein the transaction includes associated transaction data;

generating, via the one or more processors, a data structure defining a hyper-rectangle enclosing a multi-dimensional space
defined by a plurality of edges, said data structure including data fields storing data for each of the plurality of edges
of the hyper-rectangle, said plurality of edges representing a plurality of variable values;

retrieving, via the one or more processors, a target optimization variable associated with a data set;
in response to the determination that a number of points within the hyper-rectangle is greater than a minimum support parameter,
concurrently removing, via the one or more processors, a first plurality of the points proximal to the plurality of edges;

in response to the determination that the mean value of the target optimization variable is maximized, adding, via the one
or more processors, a second set of data fields representing a second plurality of points proximal to the plurality of edges;

bounding, via the one or more processors, the hyper-rectangle within a minimum bounding box, wherein one or more authorization
business rules define the minimum bounding box, wherein the minimum bounding box defines a subspace defined by only those
dimensions involved in the removing and the adding;

determining, via the one or more processors, a plurality of fraud prevention boundary limits based on the determined minimum
bounding box;

determining, via the one or more processors, whether the transaction is fraudulent based on the application of the plurality
of fraud prevention boundary limits on the received transaction data; and

in response to the determination that the transaction is fraudulent, transmitting, via the one or more processors, via the
communication network, a denial response to the request to authorize the transaction.

US Pat. No. 9,838,480

SYSTEMS AND METHODS IMPLEMENTING A COMMUNICATION PROTOCOL FOR DATA COMMUNICATION WITH A VEHICLE

Visa International Servic...

1. A method, comprising:
providing, at a first location on a pathway for vehicles, a beacon device connected via a data communication network to a
computing device disposed at a second location remote from the first location;

detecting, by the beacon device, presence of a vehicle on the pathway; and
in response to the presence of the vehicle being detected on the pathway:
communicating, by the beacon device, with an infotainment system of the vehicle on the pathway, causing the infotainment system
to scan wireless signals in the vehicle to determine identities of mobile devices in the vehicle;

determining, by the beacon device, an identity of the vehicle on the pathway from the communicating with the infotainment
system of the vehicle;

determining, by the beacon device based on the identity of the vehicle and via the communicating with the vehicle, identification
information of at least one mobile device carried in the vehicle; and

transmitting, by the beacon device, the identification information to the computing device disposed at the second location
remote from the first location, causing the computing device to establish a communication connection between the computing
device and the mobile device identified by the identification information, wherein the mobile device is further connected
via wireless signals to the infotainment system of the vehicle to provide a communication channel between the computing device
and the infotainment system, and wherein the computing device:

customize content based on the identities of the mobile devices, an identity of the beacon device, and the identity of the
vehicle; and

presents the content on the infotainment system using the communication channel between the computing device and the infotainment
system provided via the communication connection between the computing device and the mobile device.

US Pat. No. 9,824,352

AUGMENTED SMART TAG SECURITY APPARATUSES, METHODS AND SYSTEMS

VISA INTERNATIONAL SERVIC...

1. A processor-implemented method for qualifying a terminal device prior to an interaction between the terminal device and
a mobile device, the method comprising:
collecting, at the mobile device, media information of the terminal device, the media information corresponding to an identity
of the terminal device;

receiving from the mobile device, the media information associated with the terminal device;
determining a data source associated with the terminal device using the media information;
receiving, from the data source, validation information regarding trustworthiness of the terminal device based on the media
information;

generating a message based on the validation information, the message for use in determining whether to begin an interaction
with the terminal device;

transmitting the message to the mobile device; and
determining, at the mobile device responsive to receiving the message, to begin the interaction with the terminal device.

US Pat. No. 9,807,066

SECURE DATA TRANSMISSION AND VERIFICATION WITH UNTRUSTED COMPUTING DEVICES

Visa International Servic...

1. A method utilizing a secure module on a computing device with an operating system, the method comprising:
causing, by the secure module, a user interface to be presented to a user by providing obfuscated user interface data to the
operating system that does not reveal meaningful elements that are part of the user interface;

receiving, by the secure module from the operating system, a notification that the user has provided an input value via the
user interface to the computing device, wherein the notification does not include the input value and the operating system
is not aware of the input value;

responsive to said receiving the notification, identifying an obfuscated user input value that represents the input value;
de-obfuscating, by the secure module, the obfuscated user input value to yield the input value;
receiving, by the secure module, one or more additional notifications that data representing the input value has been processed
by one or more respective software or hardware modules of the computing device; and

updating, by the secure module, a measured value for information flow tracking in response to the one or more additional notifications,
wherein the measured value identifies the one or more software or hardware modules that have processed the data representing
the input value.

US Pat. No. 9,792,782

SYSTEMS AND METHODS FOR TRANSFERRING RESOURCE ACCESS

Visa International Servic...

1. A method comprising:
receiving, at a server computer, a first request to transfer access to a resource from a sender to a recipient, the first
request including an account identifier associated with the sender and a recipient identifier, wherein the account identifier
is associated with a sender code;

generating, by the server computer, a token corresponding to the account identifier and a recipient code associated with the
sender code;

sending, by the server computer, the token and the recipient code to the recipient using the recipient identifier;
receiving, by the server computer, a second request to access the resource, the second request including the token and the
recipient code;

translating, by the server computer, the token into the account identifier and the recipient code into the sender code; and
processing, by the server computer, the second request using the account identifier and the sender code.

US Pat. No. 9,715,681

VERIFICATION OF PORTABLE CONSUMER DEVICES

Visa International Servic...

1. A method comprising:
receiving, at a server, a request for a device verification value for a portable consumer device associated with a user;
obtaining, by the server, from the received request, a unique identification code assigned to the user;
obtaining, by the server, an account record that contains the obtained unique identification code, the account record associating
a consumer account of a portable consumer device with the obtained unique identification code, the consumer account having
an account number associated with the consumer account that identifies the consumer account, the obtained unique identification
code being different from the account number of the consumer account of the obtained account record;

obtaining, by the server, a datum indicative of a device verification value for the consumer account of the obtained account
record, wherein the device verification value is valid for a predetermined amount of time or for a plurality of transactions;

sending, by the server, the obtained datum indicative of the device verification value to at least one of a phone number or
network address of a personal communication device associated with the consumer account of the obtained account record;

receiving, by the server and from a computer, an authorization request including the device verification value, the authorization
request requesting authorization for a transaction;

determining, by the server, that the device verification value in the authorization request is valid; and
transmitting, by the server, an authorization response to the computer indicating that the transaction is authorized after
determining that the device verification value is valid.

US Pat. No. 9,706,354

IN-VEHICLE ACCESS APPLICATION

Visa International Servic...

1. An in-vehicle computing system comprising:
a user interface;
a processor;
a non-transitory computer readable medium coupled to the processor and storing a set of computer executable instructions including
an in-vehicle access application having a proximity mode of operation and a tolling mode of operation, wherein when executed
by the processor, the set of computer executable instructions causes the in-vehicle computing system to:

receive a vehicle status signal from a vehicle communication bus of a vehicle;
determine, based on a first state of the vehicle status signal at a first point in time, that the vehicle is in a stopped
position;

responsive to determining that the vehicle is in the stopped position, activate the proximity mode of operation of the in-vehicle
access application, wherein in the proximity mode of operation, the in-vehicle access application detects an access device
in proximity to the vehicle, and establishes a wireless communication channel between the in-vehicle computing system and
the access device using an integrated wireless transceiver that is part of the vehicle;

determine, based on a second state of the vehicle status signal at a second point in time, that the vehicle is moving; and
responsive to determining that the vehicle is moving, activate the tolling mode of operation of the in-vehicle access application.

US Pat. No. 9,652,765

SYSTEM AND METHOD FOR IMPLEMENTING FINANCIAL ASSISTANCE PROGRAMS

Visa International Servic...

1. A restricted use account transaction processor-implemented method for a government sponsored financial assistance program
including at least two different government agencies, wherein each of the at least two different government agencies provides
a plurality of benefits to a cardholder, the method comprising:
receiving, at a payment processing network server system, a payment transaction request from a merchant server for a purchase
transaction upon engagement of a consumer portable device having a restricted use account, wherein the payment processing
network server system is in communication via a shared network with an issuer server system and the merchant server system,

the consumer portable device carrying information including:
identifying information of the cardholder of the consumer portable device; and
a pre-deposited amount associated with the consumer portable device; generating, by at least one processor of the merchant
server system, an issuer authorization request for the purchase transaction based on the received payment transaction request;

transmitting the generated issuer authorization request to the issuer server system, wherein the issuer server system includes
a processor and a memory subsystem that stores an entry identifying the cardholder, the plurality of benefits of the cardholder
being provided by the at least two different government agencies, and a list of restrictions on each of the benefits;

processing, by the issuer server system processor, the generated issuer authorization request to identify a particular one
of the benefits to be used to fund the purchase transaction and determining that at least one item associated with the payment
transaction request violates at least one of the restrictions for the particular benefit by comparing the at least one item
to the list of restrictions for the particular benefit;

in response to a violation determination, generating, by the issuer server system processor, a distinguishable transaction
suspension response message based on the violation; and,

sending the distinguishable transaction suspension response message from the issuer server system to the merchant server system,
said distinguishable transaction suspension response including indicia of a reason for suspending the purchase transaction,
and required adjustments of a purchase item included in the purchase transaction based on the at least one of the restrictions;
and

conditionally resuming the purchase transaction via the merchant server system upon fulfillment of said required adjustments.

US Pat. No. 9,633,098

SYSTEM AND METHOD FOR MAINTAINING DEVICE STATE COHERENCY

VISA INTERNATIONAL SERVIC...

1. A method for maintaining coherency, the method comprising:
automatically detecting by a processor of a user device, a removal of a wallet application at the user device, wherein the
removal of the wallet application changes functional code of the user device, and wherein the processor of the user device
automatically detects the removal of the wallet application at the user device by identifying a change in state between a
persistent storage at the user device and a system memory at the user device;

initiating a transmission of a synchronization message by the user device to a second entity to apply a coherency protocol
for synchronizing end states in the second entity with data in the user device;

in response to the automatically detecting the removal of the wallet application, receiving an instruction from the second
entity to delete persistent sensitive data associated with the wallet application;

in response to the automatically detecting the removal of the wallet application, deleting the persistent sensitive data associated
with the wallet application, wherein the persistent sensitive data being deleted is data that the wallet application uses
when the functional code associated with the wallet application is executed,

wherein the second entity is configured to synchronize the data in the second entity with the data in the user device based
upon a predetermined policy with high level of privilege, the predetermined policy specifying a condition to synchronize the
second entity and the user device if the second entity and the user device share a common state and the change is due to a
reconfiguration of the user device; and

if there is discrepancy in the end states, the second entity and the user device resolve the discrepancy either by committing
to a new state or aborting and rolling back to a previous state so that the end states are coherent.

US Pat. No. 9,634,988

EXPANSION DEVICE PLACEMENT APPARATUS

Visa International Servic...

1. An apparatus comprising:
a retaining structure comprising a plurality of retaining elements, the retaining structure cooperatively structured with
and configured to receive an integrated circuit card and an adhesive circuit structure comprising a circuit structure and
an adhesive on the circuit structure;

an opening in a retaining element in the plurality of retaining elements;
and
a cover portion coupled to the retaining structure, wherein the cover portion comprises a protruding portion that is at an
underside of the cover portion and faces inwardly with respect to the retaining structure, the protruding portion configured
to apply pressure to attach and bond the adhesive circuit structure to the integrated circuit card.

US Pat. No. 9,626,678

SYSTEMS AND METHODS TO ENHANCE SECURITY IN TRANSACTIONS

VISA INTERNATIONAL SERVIC...

1. A computer-implemented method, comprising:
providing a computing apparatus having:
a transaction handler configured on an electronic payment processing network connecting separate computers, including:
transaction terminals, in response to receiving account identifiers of payment accounts, generating transactions of payments
in the electronic payment processing network, wherein each of the transaction terminals includes:

an input device capable of obtaining the account identifiers from account identification devices; and
a digital camera;
first computers controlling the payment accounts from which the payments are made in the electronic payment processing network;
second computers controlling merchant accounts associated with the transaction terminals in which the payments are received
via the electronic payment processing network; and

the transaction handler connecting the first computers and the second computers in the electronic payment processing network;
a data warehouse storing a communication reference in association with account information identifying a payment account in
the electronic payment processing network;

a portal coupled with the transaction handler and communicating using a communication channel outside the electronic payment
processing network;

receiving, in the transaction handler in the electronic payment processing network from a transaction terminal, an authorization
request for a transaction in the payment account, wherein:

the authorization request is generated by the transaction terminal in response to the input device of the transaction terminal
obtaining, from an account identification device, account information identifying the payment account, and

in response to the input device of the transaction terminal obtaining, from the account identification device, the account
information of the payment account, the transaction terminal automatically captures, using the digital camera of the transaction
terminal at a time of the authorization of the transaction in the electronic payment processing network, an image of a user
using the account identification device to make the transaction at the transaction terminal;

retrieving, by the transaction handler from the data warehouse, the communication reference that is stored in the data warehouse
in association with the account information identified in the authorization request;

providing, by the transaction handler, the communication reference in an authorization response to the authorization request,
wherein the authorization response is configured to instruct the transaction terminal receiving the authorization response
to transmit, to a user device identified by the communication reference, a notification of the transaction, including the
captured image of the user who is using the account identification device to make the transaction at the transaction terminal;

receiving, by the portal via the communication channel outside the electronic payment processing network from the user device
identified by the communication reference, the image of the user automatically captured by the digital camera of the transaction
terminal and provided in the notification of the transaction; and

storing, by the portal in the data warehouse, the image of the user in association with a transaction record of the transaction
authorized by the authorization request.