Abstract: A selection of a digital content item is received from a client over a network. A license agreement associated with the selected digital content item is identified based on a content ID of the digital content item, where the license agreement is identified by a license ID. The license agreement includes one or more constraints for accessing the digital content item. A tracking code is generated based on the content ID associated with the selected digital content item, the license ID associated with the identified license agreement, and the user ID associated with the client. The tracking code is inscribed on the digital content item to generate a deliverable content file, where the deliverable content file contains the digital content item therein. The deliverable content file is transmitted to the client over the network, where the tracking code is visible or audible when the digital content item is accessed from the deliverable content file.

Abstract: Additional content items that satisfy predefined criteria with respect to a user-selected content item are identified. The predefined criteria may be that the selected and additional content items have particular characteristics that are the same. Information corresponding to the selected and identified content items is presented to a user. Characteristics based on which additional content items may be identified may include data type, source, and absence of content. The information may be presented in a gallery view, which can be a thumbnails gallery for images or a playlist for digital audio or video.

Abstract: A portable device receives an account information request signal from a merchant machine. The portable device transmits a response message to the merchant machine. The response message comprises the account information for a purchase. The portable device transmits a first message to an account server. The first message comprises a request to get information comprising the purchase amount. The portable device receives a second message comprising the information from the account server. The portable device sends the purchase amount to a display.

Abstract: Electronic transactions employing prior art approaches of digital certificates and authentification are subject to attacks resulting in fraudulent transactions and abuse of identity information. Disclosed is a method of improving electronic security by establishing a secure trusted path between a user and an institution seeking an electronic signature to verify a transaction before any request for signature and completing electronic transaction activities occurs. The secure trusted path providing the user with a predetermined portion of the request from the institution for a signature upon a personalized device that cannot be intercepted or manipulated by malware to verify that the request as displayed upon the user's primary computing device is valid.

Abstract: Information distribution relates to a DLNA device (30) involves receiving, at a request server (100) in a global network (20), a media request for a media content having a specific media format from the DLNA device (30) present in a home network (10). The request server (100) processes the media request based on user and media identifiers provided therein and provides a response. This response enables rendering by a DLNA compatible digital media player (200, 400) of response information relating to the media request and being of the specific media format. A user of the DLNA device (30) can therefore be informed of the processing of his media request.

Abstract: A method is presented for rebooting a local data processing entity requiring an access code to boot. The method may include receiving, on a local entity, an access code from a remote entity. The access code may be stored on an auxiliary device coupled to the local entity. The local entity may receive a reboot command from the remote entity and begin rebooting in response thereto. The auxiliary device may provide the access code to the local entity in response to the beginning of the reboot. The access code may then be deleted from the auxiliary device.

Abstract: A system and method for network file filtering to prevent identity theft or misuse by restricting access to files likely to contain sensitive data is disclosed. The file filtering process includes scanning at least one data file for density of a selected pattern. Files identified as containing the selected pattern may be further analyzed to determine the likelihood of the presence of sensitive information. The process may also include restricting access to files that are identified as likely to contain sensitive information.

Abstract: A method and system for performing transactions between a client and a server. The client sends to the server a transaction request for performing a transaction, and receives from the server a transaction policy. The client displays a first representation of the transaction policy depicting transaction policy options for fulfilling the transaction policy. After the user selects a first transaction policy option, the client displays a second representation of the transaction policy, depicting at least one mechanism pertaining to the first transaction policy option for satisfying the requirements of the first transaction policy option. After the user selects a first mechanism, the client depicts evidence options for each requirement of the first transaction policy option. After the user selects an evidence option for each requirement of the first transaction policy option, the client sends to the server transaction enablement information that includes evidence dictated by the selected evidence options.

Abstract: Processes are described for provision of privacy-sensitive sample analysis results to a sample provider. The sample provider generates a cryptographic commitment encoding a secret value, r, and a sample identifier, s, associated with a sample container. The sample provider provides the commitment to an analysis provider in association with the sample container containing a sample for analysis. The analysis provider analyzes the sample to obtain a set of analysis results corresponding to the sample identifier, s, and generates a cryptographic pre-credential, ??, corresponding to the sample identifier, s. The pre-credential, ??, encodes the set of analysis results and the commitment. Completion of the pre-credential, ??, requires knowledge of the secret value, r, in the commitment.

Abstract: A system and method for validation and enforcement of application security, wherein the user credentials and the integrity of a target application are verified before the target application is permitted to execute.

Abstract: A smart card transaction allows a consumer to load value onto a smart card and to make purchases using a smart card with a mobile telephone handset over the telecommunications network. For loading, the system includes: a mobile telephone handset including a card reader; a gateway computer; a funds issuer computer; and an authentication computer. The mobile telephone handset receives a request from a user to load a value onto the smart card. The handset generates a funds request message which includes the value and sends the funds request message to a funds issuer computer. The funds issuer computer debits an account associated with the user. Next, the handset generates a load request message with a cryptographic signature and sends the load request message to an authentication computer which authenticates the smart card. The handset receives a response message which includes a cryptographic signature and an approval to load.

Abstract: Systems and methods for generating payment due notifications are provided. A payor and a payee of the payor may be identified by a payment service provider system. At least one notification control parameter associated with communicating payment due notifications to the payor may be identified. Based at least in part upon evaluating a payment history associated with one or more payments made to the payee on behalf of the payor, a payment frequency pattern may be determined. Based at least in part on a portion of the payment history and the determined payment frequency pattern, a next expected payment date may be calculated. In accordance with the at least one notification control parameter, a payment due notification including an identity of the payee and the next expected payment date may be generated. The payment due notification may be transmitted to the payor.

Abstract: Various embodiments are directed to methods for generating proxy account data for a financial account and authorizing payment from an account of a customer based on proxy account data. Example methods may comprise selecting a serial number for a first customer and storing an association between the serial number and an account of the first customer. The methods may further comprise encrypting the serial number and consolidating the encrypted serial number with checkable data. An association between the encrypted serial number and the checkable data may be stored and the consolidated encrypted serial number and checkable data may be encrypted to generate proxy account data.

Abstract: A content key (CK) to decrypt a piece of encrypted content is obtained encrypted according to a public key of a licensor (PU-L) to result in (PU-L(CK)). (PU-L(CK)) is obscured according to (PU-L) and a value R to result in Obs (PU-L(CK)), and Obs (PU-L(CK)) is sent to the licensor, which applies a private key (PR-L) corresponding to (PU-L) to Obs (PU-L(CK)) to result in Obs (CK) as an obscured version of (CK). Obs (CK) is received from the licensor; and (CK) is obtained from Obs (CK) based on applying R thereto. The licensor cannot identify from Obs (PU-L(CK)) or from Obs (CK) the encrypted content or the content key (CK) from which the encrypted content may be identified.

Abstract: A method and system to transfer payment to a seller of a network-based commerce transaction are described herein. The method includes generating a risk model based on seller-specific criteria, and releasing funds from a holding account to the seller based on the risk model.

Abstract: The disclosed technology can mitigate the risk of infringing a content owner's rights in legally-protectable content by operating as a trusted, third-party license authority between content owners and content users to ensure that a license governing at least some aspects of the protectable content is authentic and thus validly represents the restrictions imposed by content owners pertaining to the use, distribution, modification, combination, interaction, and/or other manipulation of such content. An identifier representative of the protectable content together with a profile of the license (which may include attributes that specify particular restrictions, uses, and interactions pertaining to the protectable content) can serve as a basis for determining the authenticity of the license associated with the protectable content.

Abstract: One embodiment of the present disclosure provides a system and associated processes for sharing cardholder data (CHD) between a merchant that utilizes tokenization and a second merchant that may or may not utilize tokenization. In one embodiment, the merchant, or an employee of the merchant, can use the system and associated processes to reacquire CHD from a tokenization provider system. In one embodiment, the merchant identifies to the tokenization provider system a desire to share CHD, which is associated with a token, with a second merchant. The merchant and/or the tokenization provider system can then invite the second merchant to register with the tokenization provider system. Once registered with the tokenization provider system, the second merchant can access any CHD that the merchant associated with the second merchant.

Abstract: Techniques for enabling performance of a quality control function on the contactless interface while the contactless interface is disabled are provided. The techniques include implementing, on a dual-interface payment device, one or more security mechanisms, wherein the dual-interface payment device comprises a first interface and a second interface, using the one or more security mechanisms to prevent a subset of data corresponding to the first interface from being read using the second interface while allowing data corresponding to the second interface to be read using the first interface, and personalizing the dual-interface payment device and the one or more security mechanisms according to one or more requirements of an issuer of the dual-interface payment device.

Abstract: A client computing system inserts selected advertising into digital content. Ads may be inserted into content based on a dynamic advertising matching process that is securely implemented within a hardware-based root of trust. User profiles used in ad matching may be privacy protected and maintained with confidentiality protection in the client computing system and/or a service provider server, respectively. When a client computing system makes a request to the service provider server for content with specified ad slots, the request may be made with the client's EPID signature, which is inherently privacy protected. The hardware-based root of trust protects insertion of selected ads into the linear rendering flow of the content.

Abstract: Methods of tracking remote software installations at a central server may include receiving an installation message over a network from a user device wherein the installation message indicates an installation of the software at the user device. After receiving the installation message from the user device, an installation code may be created responsive to receiving the installation message, and the installation code may uniquely identify installation of the software at the user device. The installation code may be transmitted over the network to the user device, and the installation code may be stored at the central server. Related systems and computer program products are also discussed.