Abstract: A user computing device generates a token while the user computing device is in an offline mode and not connected to an external network. The token includes information of an amount of cryptocurrency to be transferred from a user account to a receiving account and information of a first password for enabling the transfer. The token is signed by the user computing device with a private key while in the offline mode and the signed token is stored by the user computing device on a portable device. A receiving device receiving the signed token from the portable user storage device, authenticates a user corresponding to the user account based on the signed token, receives a second password, compares the first and second passwords for enabling the transfer, and transfers the amount of cryptocurrency from the user account to the receiving account based on the information included in the token.

Abstract: Blockchain-based systems and methods related to creating and distributing cryptographically secure, digital tokens representing equity in assets corresponding to loan agreements. The system may comprise a transaction interface portal configured to collect and manage information pertaining to the origination of a loan agreement or a token transaction agreement. The system may include an underwriting smart contract configured to autonomously verify the value of an asset corresponding to a loan origination based at least partially on information not originating on the blockchain. The system may deliver tokens through a programmable escrow wallet configured to deliver tokens to buyers upon the satisfaction of encoded regulatory criterion. The system may be configured to determine the price of one or more tokens before delivery and adjust the price based at least on the appreciating value of the assets corresponding to the loan agreements and the number of tokens retired by the system.

Abstract: Embodiments of the invention provision multiple payment tokens on a communication device. The communication device may be provisioned with multiple limited use keys (LUK), each LUK being associated with a specific type of transaction. When the communication device is used for a transaction, the communication device automatically determines a type of the transaction and selects an appropriate LUK based on the determined transaction type. The selected LUK may be used to create a cryptogram, which can be used to verify the transaction.

Abstract: A payment reader and a POS terminal may communicate over a wireless connection. The methods and systems include monitoring one or more parameters corresponding to a payment reader and another device in proximity to POS terminal. The POS terminal, through a set of customized instructions, determines whether behavior of the second device substantially corresponds to the first device, in order to detect suspected hardware or software intrusion associated with the secure device. On successful detection of a suspected intrusion, the POS terminal generates an alert for a user of the first device if illegal intrusion is suspected by the processor.

Abstract: A method for dynamically evaluating a resource value is described. Data encoding one or more parameters related to the resource value is accessed, where the one or more parameters are monitored by a plurality of sensors that form an Internet of Things (IoT) and then released by the IoT of the plurality of sensors on a blockchain network. At least one parameter from the data is compared with a predetermined threshold value or a predetermined threshold range. In response to determining that the at least one parameter has exceeded the predetermined threshold value or the predetermined threshold range, a calculation of the resource value is triggered according to evaluation logic described by a smart contract released on the blockchain network in association with the one or more parameters being monitored, such that a consensus is reached on the blockchain network regarding the resource value that has been calculated.

Abstract: Embodiments are directed to a method comprising, obtaining, by a first device, a first token, the first token associated with an amount of funds and a funds availability starting date. After the first token is obtained by the first device, the first device generates a second token linked to the first token and second token generation data. The second token generation data may include evidence that the second token was generated by the first device, and not another device. The second token generation data could be a first device identifier and the second token generation details, or could be a hashed value of the first device identifier and the second token generation details. The method also includes provisioning, by the first device, the second token and the second token generation data to the second device.

Abstract: The present invention provides a method, Web server and computer system for converging a desktop application and a Web application. The method may comprise: in response to a request from a client user for using a target desktop application, starting a desktop application initialization process on the Web server and determining an appropriate corresponding hosting server for the user; preparing and provisioning desktop application environment on the corresponding hosting server and starting the target desktop application; transmitting the corresponding hosting server's address to the client so as to make desktop application interaction between the client and the corresponding hosting server; and in response to the completion of the desktop application interaction, stopping and exiting the target desktop application on the corresponding hosting server.

Abstract: A Point-Of-Sale (POS) terminal is equipped to process crypto currencies for transactions. The POS terminal generates a transaction-based digital wallet for a given transaction to receive a crypto currency payment for that given transaction. The transaction-based digital wallet, funded with the crypto currency for the given transaction, is transferred to a retailer's server where the crypto currency is transferred from the transaction-based digital wallet to a retailer's digital wallet for eventual exchange to a government issued currency.

Abstract: A message processing server includes a message processor, a network interface, and a memory storing a token database of multi-layer tokens. Each token in the database includes a plurality of encrypted data layers. The message processor receives, via the network interface, at least one authorization message that identifies one of the tokens, derives a first decrypted data layer from the first encrypted data layer of the token, and extracts from the first decrypted data layer a second pointer to a secondary database that stores a predetermined data value. The message processor excises the predetermined data value from the secondary database.

Abstract: A method includes sending an encrypted first hash value set to a data provider; receiving an encrypted second hash value set and a double-encrypted first hash value set from the data provider; re-encrypting the received encrypted second hash value set to obtain a double-encrypted second hash value set; calculating an intersection of the double-encrypted first hash value set and the double-encrypted second hash value set to determine one or more shared users shared with the data provider; and recommending or providing a service to the one or more shared users.

Abstract: A soft card provisioning application is instantiated on a device with wireless communications capabilities. A card number for a soft card desired to be provisioned on the device is obtained from a user of the device. An issuer identification number retrieved from the card number is communicated to a provisioning configuration server over an air interface. A provisioning issuer server network address is obtained from the provisioning configuration server based on the issuer identification number. Card issuer specific challenges are presented to the user, and the user's responses to the challenges are received. The challenge responses are communicated to the provisioning issuer server. Soft card image data and personalization data, where the personalization data includes personalized embossed and pre-printed data, are received from the provisioning issuer server over the air interface. The soft card is provisioned for use on the device based on the data received over the air interface.

Abstract: A method for generating transaction credentials for a user in a transaction, comprising: storing in a mobile device, an encrypted session key, and an encrypted user authentication credential; receiving an authorisation request; initiating a user authorisation process wherein in the event that the user is an authenticated user, the method comprises: decrypting the encrypted session key and encrypted user authentication credential; generating a transaction cryptogram in dependence on the user authentication credential and the session key; transmitting the transaction cryptogram and a user authentication status to a transaction processing entity for use in a transaction.

Abstract: A system and methods include a negative certificate authority for distributed management of negative certificates. An authorization restriction is associated with an untrusted user. A negative certificate generated for the untrusted user includes a public key associated with the untrusted user and an authorization restriction. The authorization restriction includes at least one global restriction, which is applicable to each consortium member that subscribes to the negative certificate. The authorization restriction includes at least one local restriction, which allows individual consortium members to further define their own locally applicable restrictions using the negative certificate authority. The negative certificate is accessible to each member of the consortium to enforce the authorization restriction against a transaction request. A secure contributor record including a unique cryptographically generated address is generated for each contributor.

Abstract: A software license and a software installation process are managed. A status of the license can be one of at least a third party reserved status, a requester reserved status, a requester allocated status, and an available status. A first module can be operative to change the status of the license from the third party reserved status to the requester allocated status in response to receiving a mode selection. The mode selection can correspond to one of one or more modes. The modes can comprise a reserve license mode, a remove reserve mode, a request license allocation mode, a return excess license to inventory mode, an ordering mode, and an add license to inventory mode. The first module can be operative in at least one of the modes.

Abstract: Means and a computerized method for recommending items such as books and audio compact disks. For each item, a user profile includes ratings provided by users of the system. Unlike present recommendation systems, the user profiles do not include pre-computed similarity factors measuring similarity between users. Rather, when an advisee requests a recommendation, similarity measures are computed comparing the advisee to other users, and the similarity measures are associated with the other users. A subset of the users is selected, where the subset includes the users most similar to the advisee. A recommendation is made based on the ratings by the members of the selected subset.

Abstract: The invention relates to systems and methods for providing modular and configurable smart contracts for blockchain applications. The smart contracts may be utilized to retain all transaction attribute values in a world state database of the blockchain-implemented ledger. The systems and methods can further provide for dynamically configurable validation metadata and validation rules for transaction attributes recorded on a blockchain transaction log. The validation metadata and validation rules corresponding to the transaction attributes can be dynamically updated and applied to the transaction attributes to validate or invalidate a transaction.

Abstract: The invention relates to systems and methods for providing modular and configurable smart contracts for blockchain applications. The smart contracts may be utilized to retain all transaction attribute values in a world state database of the blockchain-implemented ledger. The systems and methods can further provide for dynamically configurable validation metadata and validation rules for transaction attributes recorded on a blockchain transaction log. The validation metadata and validation rules corresponding to the transaction attributes can be dynamically updated and applied to the transaction attributes to validate or invalidate a transaction.

Abstract: To authorize a transaction between a host and a server, a token is operationally connected to the host. The host receives an identification credential of a user. The identification credential is verified by the token and/or by the server. If the token detects a prescribed human action, the token generates token authentication data and the host sends the token authentication data to the server. Upon receiving the authentication data, the server authenticates the transaction. A device for authenticating a transaction includes a device interface for interacting with a host, a connector for reversibly operationally connecting the device to the host, and a controller that authenticates the transaction only once, contingent on detecting a prescribed anonymous human action. One such human action is providing one or more inputs at the host's user interface synchronously with outputs at the device's user interface.

Abstract: Systems and methods enable members of a secure transaction network to readily identify the appropriate trusted service manager (TSM) to support a particular transaction. A global directory of TSM providers is provided that a secure service provider can use for determining which TSM provider is the authorized manager of a security domain for the particular transaction. In aspect the directory of TSM providers may be stored within a mobile device secure element. In another aspect, the directory of TSM providers may be stored in a central TSM repository. In a further aspect, the directory of TSM providers may be distributed among a number of secondary TSM repositories. The appropriate TSM may be identified based upon a secure element identifier and an application identifier provided by a secure element as part of the transaction. Communication of the identifiers from mobile devices may be via cellular or near field communication links.

Abstract: Embodiments of the invention provide systems and methods for applying a patch or a change to a set of binary modules executing on and used by resources of a computing cluster while reducing the downtime of those resources. According to one embodiment, applying a patch to a plurality of binary modules on a computing cluster can comprise identifying resources on one or more of a plurality of nodes of the cluster. Additionally, each of the plurality of binary modules on one or more of the nodes of the cluster can be identified. A graph can be generated logically representing the cluster. Groups within the binary modules and resources can be identified based on the graph. Patches can be applied to the binary modules based on the identified groups. Patching binary modules based on the identified groups can comprise patching all of the binary modules of an identified group together.