Abstract: A token generating organization may include distributed tokenization systems for generating tokens corresponding to sensitive information. Sensitive information may include sensitive numbers such as social security numbers, credit card numbers or other private numbers. A tokenization system may include multiple physically distinct hardware platforms each having a tokenization server and a database. A tokenization server may run portions of a sensitive number through a predetermined number of rounds of a Feistel network. Each round of the Feistel network may include tokenizing portions of the sensitive number using a fractional token table stored an associated database and modifying the tokenized portions by reversibly adding portions of the sensitive number to the tokenized portions. The fractional token table may include partial sensitive numbers and corresponding partial tokens.

Abstract: A computer system accesses a database to retrieve account balance information for an account held by a user at a financial institution. The computer system generates a screen display to present to the user via a mobile device. The screen display shows the account balance information. The computer system receives, via the mobile device, an indication from the user that the user wishes to perform a mobile wallet transaction to transfer funds to a recipient. The computer system transmits the funds to the recipient responsive to receiving the indication.

Abstract: Methods, apparatus and computer software are provided for authorizing an EMV transaction between a user device and a point of sale terminal, particularly, but not exclusively, in situations where a secure element is not made available for the deployment of a payment application on the user device. The payment application is instead deployed to a processing environment that is outside of any secure element on the user device. The payment application is associated with a certificate and a corresponding hash. The hash is adapted to be generated on the basis of an application expiration date parameter, which is adapted to comprise data indicative of an expiration date of day level granularity associated with the certificate. During processing of the EMV transaction, the point-of-sale terminal verifies the hash, thereby establishing the authenticity of the application expiration date, and hence the validity of the certificate.

Abstract: Methods and apparatus to enable a distinction between “new” and “used” digital content and to enable a market in used digital content files between mobile phone terminals and an electronic store, securely, by means of a wireless telephony network and a server complex to handle contents right management, transaction reporting, inventory, content delivery, payment, and billing. A server receives a signal generated by a wireless user device that was sent over a wireless telephony network. The signal indicates an election for returning at least one previously purchased digital content item. The server deletes user rights for the at least one digital content item identified by the received signal and sends information to the user device that generated the signal. Access to the associated digital content item at the user device is removed according to the sent information.

Abstract: A system for digitally verifying credential sets and its method of use are provided. A credentials set is made up of a number of credentials, each linked to a particular Entity. If all of the credentials are validated and verified, then the credentials' status identifier will be set to a value. If the various status identifiers meet a predetermined value, the set will be verified and digitally signed.

Abstract: An identity system for the Internet of Things (IOT) that enables users and machines to identify, authenticate and interact with products and collectibles without relying on a third-party-controlled authentication service. The system includes wireless tamperproof tags coupled to products and an open registry database where a chain of ownership of the items is able to be stored. The open registry enables public access to the item identity and data combined with item registration anonymity.

Abstract: A provisioning system is provided for terminals such as point of sale terminals. An interface device interfaces with a smart card and a provisioning server, providing initialization keys and security codes that are stored on the smart card. At a terminal, an initialization key from the smart card may be provided to the terminal if a correct security code is entered at the terminal. The terminal may then provide a terminal authorization package to the smart card. The terminal authorization package is stored on the smart card. At the interface device, the terminal authorization package is provided to the provisioning server. The terminal may then securely communicate transactions with an issuer server.

Abstract: A computer system receives an indication from a user that the user wishes to perform a mobile wallet transaction to transfer funds to a recipient using a mobile device. The transaction is authenticated by the computer system. The authentication includes receiving login credentials manually entered by the user and determining that the login credentials match stored login credentials for the user. The authentication further includes determining that the mobile device has a device token stored thereon that matches a device token stored in a database of the computer system. The device token uniquely identifies the mobile device in the computer system. The authentication further includes determining that the mobile device has a customer token stored thereon that matches the customer token stored in the database. The customer token uniquely identifying the customer in the computer system. The computer system transmits the funds to the recipient responsive to the authenticating step.

Abstract: A computer system accesses a database to retrieve account balance information for an account held by a user at a financial institution. The computer system generates a screen display to present to the user via a mobile device. The screen display shows the account balance information. The computer system receives, via the mobile device, an indication from the user that the user wishes to perform a mobile wallet transaction to transfer funds to a recipient. The computer system transmits the funds to the recipient responsive to receiving the indication.

Abstract: A motion picture distribution system, the system including a central computer, an exhibitor computer, a communication channel, and a back channel. The central computer is located at a central site and configured to distribute a digital version of the motion picture. The exhibitor computer is located at an exhibitor location that is remote from the central site. The exhibitor computer is configured both to receive the digital version of the motion picture from the central computer, and to display the motion picture. The communication channel is configured to facilitate the electronic transfer of the digital version of the motion picture from the central computer to the exhibitor computer. The back channel is coupled between the central computer and the exhibitor computer, and configured to allow for the transfer of information between the exhibitor computer and the central computer.

Abstract: The present disclosure relates to the field of Internet. Disclosed are resources dispensing device and resources dispensing methods. The system including: a sender client, a server cluster and at least one receiver client; the sender client is to generate n virtual packages through interacting with the server cluster, each virtual package is to distribute part of resources to be dispensed to the receiver client, wherein n is an integer larger than 1; the sender client is further to provide a pick-up message of the n virtual packages to the receiver client; the receiver client is to display at least two virtual packages of the n virtual packages in a user interface according to the pick-up message of the n virtual packages; the receiver client is further to pick up a target virtual package from the at least two virtual packages through interacting with the server cluster according to a pick-up operation received.

Abstract: Embodiments of the present invention provide a system for real-time resource account verification processing for authentication of a user. The system provides a communication linkage between entities that are real-time payment network enabled participates to communication and confirm account verification. As such, via RFI messaging an entity may request verification of user resource accounts. The system may identify the entity associated with the resources, deploy a secure communication via the RFI messaging platform, and receive a verification in real-time. The system allows for performance of this communication on a backend secure RFI messaging center without third party knowledge of account verification processing. Thus limiting verification, disruption, and processing lag.

Abstract: An electronic device may attempt to provision an unprovisioned credential, such as a payment instrument, by providing a message with information specifying the unprovisioned credential to a first computer. This first computer may be associated with a first region in which: a first provisioned credential of a user is supported, the user has registered, and the user can conduct transactions based on the first provisioned credential. However, the unprovisioned credential may be supported in or otherwise associated with a second region. Consequently, the electronic device may receive, from the first computer, redirect information that specifies a second computer associated with the second region. In response, the electronic device can provide the message to the second computer. Further, the electronic device can communicate provisioning information for the unprovisioned credential with the second computer, so the credential can be provisioned.

Abstract: A model-based system, method, and computer program product are provided for detecting at least potentially unwanted activity associated with confidential data. In use, behavior information associated with use of confidential data is identified, based on predetermined parameters. Additionally, a model is created utilizing the behavioral information. Furthermore, at least potentially unwanted activity associated with the confidential data is detected utilizing the model.

Abstract: The present disclosure pertains to a method for providing digital goods using a URL coupon. The method includes: generating a digital goods provision URL containing information on digital goods; generating a URL coupon containing the digital goods provision URL; providing the URL coupon; receiving a digital goods provision request at the digital goods provision URL; authenticating a user; and transmitting an information processing request containing authenticated user information and digital goods identification information to a digital goods managing server. The method makes it possible to provide digital goods in an easy and safe manner.

Abstract: An inter-vehicle wireless payment method employing 5G communication network comprises a requesting vehicle sending a payment request to a base station; the base station retrieving vehicle information of a friend vehicle of the requesting vehicle based on the payment request; the base station encrypting request information with the vehicle information and broadcasting it; vehicles in coverage of the base station decoding broadcast information with respective vehicle information, and upon successful decoding, the friend vehicle as a responding vehicle acquiring the request information; the responding vehicle generating payment information based on the request information and sending it to the base station, the base station sending the payment information to a payment platform, and the payment platform returning a payment result to the responding vehicle; and the base station allocating a D2D communication channel to the requesting and responding vehicles, and the responding and requesting vehicles communicating

Abstract: Computer software product management systems that operate in a networked computing environment and including a computer database, an intermediate publishing service and spoke computing systems. The database includes an entitlement-monetization data model that includes an entitlement definition and a monetization definition that are inextricably tied to each other in the entitlement-monetization data model. The entitlement-monetization data model is published to spoke computing systems for runtime processing of customer requests made through a customer facing application concerning a computer software product configured according to the entitlement-monetization data model.

Abstract: In the present disclosure, systems and methods are described for video gaming in a controlled environment facility. A video game server allows tenants of a controlled environment facility to play video games that are served and monitored by the video game server. In embodiments, users may initiate a game session to play games in a single player mode, competitive multiplayer or cooperative multiplayer mode depending on the game being played. The video game server maintains block lists for each user such that those users may not initiate or engage in the same game sessions with each other. In game sessions with two or more users, the video game server allows users to communicate via audio or text communications. The video game server may monitor those communications for potential security concerns. Users may also view videos of previously completed or live game sessions, subject to similar security monitoring measures.

Abstract: A software product server, such as an application server or application store, can receive a purchase request for an application from a remote device. In response to a received request, the software product server is configured to provide an application to a remote device. The remote device receives the application and determines whether the received application is compatible with the remote device. The remote device is configured to generate a verification signal about the compatibility and provide the verification signal to a verification module coupled to the software product server. The verification signal is used to update a user account debit status. For example, a user account is debited when the verification signal indicates the received application is compatible with the remote device.

Abstract: The systems described herein are configured to generate an auditable digital certificate upon receiving a request for user information associated with a user of the plurality of users and determining that authorization from the user is required The digital certificate comprises: a unique identifier associated with the requester, a context of the request, and a date and time associated with the request. The system then sends an authorization request that includes: a request for consent to grant the request from the requester, and a request for identity verification evidence. Upon receiving the consent and identity verification evidence, the system adds to the digital certificate: a unique identifier associated with the user, the consent, and a date and time associated with receipt of the consent. Finally, the system closes and tamperproofs the digital certificate before storing the digital certificate in a certificate database.