Abstract: A reader device may include a midrange wireless transceiver, a controller coupled to the midrange wireless transceiver, and a memory coupled to the controller. The memory may store executable code, which when executed by the controller, causes the reader device to implement various operations including maintaining a transaction service attributes database in the memory. The operations may also include broadcasting a beacon including a transaction service indicator at a periodic interval using the midrange wireless transceiver, receiving a connection request from a communication device, and establishing a wireless connection with the communication device. The operations may further include performing an application selection process with the communication device, performing application data processing with the communication device, and performing authorization request processing for the communication device.

Abstract: The disclosed embodiments include computerized systems and methods that generate secured blockchain-based ledger structures that facilitate event-based control of tracked assets. In one embodiment, an apparatus associated with a centralized authority of the secured blockchain-based ledger may detect an occurrence of an event, and may access and decrypt a set of rules hashed into the secured blockchain-based ledger using a confidentially-held master cryptographic key. The apparatus may identify a rule associated with the detected event, and perform one or more operations consistent with the rule and involving at least one of assets tracked within the secured blockchain-based ledger or an owner of a portion of the tracked assets. By way of example, the detected event may triggering a sale, transfer, and/or re-allocation of an ownership interest in a tracked asset, and the identified rule may specify a distribution of proceeds derived from the sale, transfer, and/or re-allocation.

Abstract: A system and method for securely and reliably depositing with a Trusted Repository System an authoritative information object executed, using a third, party electronic signing system, or maintained in an intermediary third party storage system having received the original information object from a third, party electronic signing system, such that the TRS may subsequently facilitate electronic transmission, storage, and retrieval of verifiable copies of the stored authenticated authoritative information object without the TRS relinquishing control of the authenticated authoritative information object.

Abstract: A recording device may record information continuously. Particular events which occur during recording may be of interest for review (e.g. audit, inspection). Events may be audited to ensure that the data gathered is not tampered with or corrupted and to provably establish an evidence chain of custody. Metadata may mark recorded data of an event, in whole or in part, for later review. Metadata may be identified as an audit tag which may identify particular occurrences during an event. An audit tag may be urgent or non-urgent. Notice of an urgent audit tag may be sent to a server prior to sending the recorded data associated with the audit tag. Recorded data may be cryptographically signed to protect the recorded data from tampering.

Abstract: A method of using a distributed ledger maintained solely in a computer network. Wage payment information is received from an employer regarding an employee. A copy of a digital public key uniquely associated with the employee is received. A transaction is issued to the distributed ledger at a time of wage issuance, along with identity data encrypted with the digital public key, the identity data uniquely associated with the employee, the identity data being multi-level identity data based on levels of data sensitivity, and the identity data including information controllable by the employee to designate which level of the multi-level identity data can be accessed using a data level code and a digital signing key belonging to the employee. A level of the multi-level identity data can be made available to a third party upon being identified with the data level code and upon being decrypted with the digital signing key.

Abstract: Techniques for obfuscating and deploying digital assets (e.g., mobile applications) are provided to mitigate the risk of unauthorized disclosure. An asset can be received that is to be deployed to a plurality of mobile devices, each of the mobile devices associated with a corresponding account having account attributes. A deployment group of one or more mobile devices for deploying the asset can be identified based on a set of one or more obfuscation parameters, comprising account attributes shared among the one or more mobile devices within the deployment group. A customized obfuscation scheme to be applied to the asset can be determined based at least in part on the set of obfuscation parameters. The customized obfuscation scheme can be applied to the asset to generate an obfuscated asset. The obfuscated asset can be transmitted and/or updated over a network to the one or more mobile devices within the deployment group.

Abstract: Methods, media, and systems directed to a platform for determining, processing, storing, and analyzing authentication data from various internal and external systems within an authentication ecosystem, and from other authentication systems providing authentication services.

Abstract: The present disclosure relates to a method for providing a payment agency service and a server using same, and a method for registering an authentication certificate, a method for providing a payment agency service, a card company server, and a payment agency server. The method comprises steps of a payment agency server: (a) delivering identity authentication information and a first push token ID delivered from a user terminal to a card company server; (b) delivering a successful authentication result to the user terminal to support generating and saving a public key and a private key of the user; and (c) managing the first push token ID or a second push token ID as an integrated push token ID when the first push token ID and the second push token ID match, and saving registration information including the integrated push token ID and the public key.

Abstract: A method for secure usage of a gift card via blockchain includes: storing a blockchain including a specific data value related to a gift card that includes a gift card number and a first recipient address; receiving a transfer request including the gift card number, a first digital signature, and a device identifier; verifying the first recipient address based on the first digital signature; generating a new data value comprising the gift card number, the device identifier, and a second recipient address; transmitting the generated new data value to a node associated with the blockchain; receiving a redemption request from a second computing system including the gift card number, a second digital signature, and a submitted device identifier; verifying the second recipient address and submit device identifier based on the second digital signature and the device identifier, respectively; and transmitting a result of the verification to the second computing system.

Abstract: A system is configured to perform operations that include receiving a purchase request to use a consumer digital wallet account of a user to pay for an item sold by a merchant, the consumer digital wallet account being included as a payment method in a merchant digital wallet account provided by the merchant to the user. The operations further include generating a single-use payment token based on a non-transactable token. Additionally, the operations include transmitting, to an existing card payment network, a card transaction message that includes the single-use payment token, the single-use payment token causing the existing card payment network to route the card transaction message back to the system. The operations also include causing payment to be remitted from the user to the merchant using a payment method included in the consumer digital wallet account.

Abstract: Systems and methods are provided for managing digital identities associated with users. One exemplary method includes receiving, at a computing device, an encrypted message from a communication device associated with a user where the messaging includes a changed attribute for the user. The method also includes generating a hash of a digital identity for the user with the changed attribute, generating a hash of the digital identity of the user stored in a ledger data structure, and transmitting a request for the user to attest to the changed attribute when the generated hashes do not match. The method then further includes broadcasting a pending status of the digital identity of the user to a relying party for the digital identity, and storing a certification of the changed attribute, received from the relying party in response to the pending status, based on verification of the changed attribute by the relying party.

Abstract: A method for utilizing data analytics to identify unauthorized consumption of content comprises obtaining social network activity data from one or more social networks. The obtained social network activity data is analyzed to identify one or more users involved with content associated with a content provider. A determination is made as to whether or not the one or more users are authorized to access the content based at least in part on the analysis.

Abstract: An automatic website login and security payment method is provided. The method includes the steps of: utilizing a mobile device to transmit transaction authentication program information to a computer device via near-field communication, wherein the transaction authentication program information includes a database file and a transaction authentication program; detecting at least one website that is being visited by the computer device via the transaction authentication program; when the database file includes user information corresponding to the at least one website, inputting the user information in the database file into the at least one website; and when the database file does not include the user information corresponding to the at least one website, capturing the user information that is input on the at least one website via the transaction authentication program.

Abstract: A method involves performing a mathematical estimation operation identifying a risk score threshold. The operation identifies the risk score threshold as a point on a curve rather than a value of a particular risk score. Such a curve approximates the distribution of risk score values output over a time interval and represents a function embodied by a plot of risk score percentile vs. risk score value. The risk engine, rather than selecting a particular risk score, selects a curve from a family of curves that is known to accurately represent such risk score distributions. For example, the risk engine may choose the curve that provides the best fit to the previous week's risk scores over the family of curves. The risk engine identifies the risk score threshold by finding a risk score value such that the function evaluated at that risk score value produces a specified risk score percentile.

Abstract: Various examples described herein are directed to systems and methods for executing a mobile wallet element at a mobile computing device. For example, an executable active element may send a first element message to a mobile wallet application. The first element message may include a subsidiary element request. The mobile wallet application may send to an operating system a request comprising the subsidiary element request. The operating system may send the subsidiary element request to an issuer system. Subsidiary element data describing a subsidiary element may be sent to a second mobile wallet application.

Abstract: Delegated administration of permissions using a contactless card. In one example, a permissions module may receive a request from a first account to grant a second account access to a computing resource. The permissions module may receive permissions data of the first account from a contactless card and encrypted data generated by the contactless card. The permissions module may transmit the permissions data and the encrypted data to an authentication server, which may verify the encrypted data based at least in part on the private key, and determine, based on the permissions data, that the first account has permissions to grant access to the computing resource. The permissions module may receive, from the authentication server, an indication of the verification of the encrypted data and a permissions vector associated with the second account, the permissions vector reflecting the grant of access to the computing resource to the second account.