Abstract: In a first party mode, a peer-to-peer transfer application: authenticates the party to an identity server; obtains an amount of funds to be transferred; causes the identity server to establish a session for storing information relating to the transaction; provides the amount to the identity server; provides account information for the party to the identity server; obtains a token unique to the transaction; obtains contact information for the counterparty; and provides a message including the token to the counterparty to indicate the transaction has been initiated. In a second counterparty mode, the application: receives a message including a token for a transaction from a first party; authenticates the counterparty; determines the counterparty wishes to complete the transaction; and uses the token to provide account information for the counterparty to the identity server for storing in association with an established session and to enable the identity server to complete the transaction.

Abstract: There is presented a method, a computing device and a computing system for establishing secure communication between computing devices. A method for a first computing device to establish trusted communication with a second computing device comprises the first computing device sending a request to create a secure channel to the second computing device, the request comprising a first cryptographic element and a device identifier. The first computing device receives a channel identifier from the second computing device in response to the request, and a notification over a secure channel using the device identifier, the notification comprising a channel identifier and a second cryptographic element.

Abstract: The invention provides a user input mechanism for reordering of items displayed on a display in which the user is focused on item order, not item position as in the case of a drag and drop operation. The user selects one or more GUI elements displayed on a display of a data processing device in a desired order, where the time between each adjacent selected GUI element is less than a threshold time. Upon detection that no further selection has been made within the threshold time, the data processing device interprets the user as having completed their selection. At this point the selected one or more GUI elements are reordered based on the order that they were selected by the user, with any unselected GUI elements being placed before or after the reordered GUI elements as appropriate. The user is now free to make further selections if necessary.

Abstract: There is presented a method, a computing device and a biometric matching service, for the biometric authentication of a user. The method comprises capturing a biometric sample from a user and obtaining information to identify data sources relevant to the user. The method further comprises using the data sources relevant to the user to obtain a plurality of biometric samples potentially captured from the user. The method further comprises matching the captured biometric sample against the plurality of potentially captured biometric samples to determine whether the captured biometric sample represents the user.

Abstract: FIDO (“Fast IDentity Online”) authentication processes and systems are described. In an embodiment, a FIDO (“Fast IDentity Online”) authentication process includes a FIDO information systems (IS) computer system receiving a FIDO authentication request for a transaction from a user device, the FIDO authentication request including user data and user device authenticator data, then verifying the user data and user device authenticator data, selecting a FIDO-certified server based on a list of authorized authenticators, business rules and the user device authenticator data, and transmitting the FIDO authentication request to the selected FIDO server. The process also includes the FIDO IS computer system receiving an authentication result from the FIDO-certified server, and transmitting the authentication result to the user device.

Abstract: A computer-implemented method for integrity control of a financial transaction application is provided. The financial transaction application is associated with an authorizer, for providing a corresponding authorization response to an authorization request. There is also a validation application, associated with an integrity controller for generating an expected authorization response to the forwarded authorization request. An application integrity detector is provided for determining a degree of similarity between the forwarded authorization response and the expected authorization request. By providing the validation application, the integrity controller may regularly check for acceptable operation. The lowest degree of similarity that is considered acceptable may be determined by the integrity controller, considering parameters such as how the validation application is being used.

Abstract: There is presented a method, a computing device and a computing system for establishing secure communication between computing devices. A method for a first computing device to establish trusted communication with a second computing device comprises the first computing device sending a request to create a secure channel to the second computing device, the request comprising a first cryptographic element and a device identifier. The first computing device receives a channel identifier from the second computing device in response to the request, and a notification over a secure channel using the device identifier, the notification comprising a channel identifier and a second cryptographic element.

Abstract: A method for biometry based signing of documents. In an embodiment, the method includes receiving, on a terminal, a signature request associated to a document from a requester, and displaying the document to the user on the user terminal. The process also includes requesting at least once a biometric identification of the user to create at least one signing receipt, associating the signing receipt to the document, and transmitting the document and/or the signing receipt from the user terminal to the requester.

Abstract: Systems and methods are provided for use in processing transactions to payment accounts by transacting users, based on authentication of designated users associated with the payment accounts. One exemplary method includes receiving, at a computing device, a message associated with a transaction to a payment account where the transaction is initiated by a first user, and retrieving an authorization profile for the payment account based on a primary account number for the payment account. The authorization profile includes an indication of a communication device associated with a second, designated user also associated with the payment account. The method also includes soliciting, by the computing device, from the first user, a selection of the communication device and then, in response, transmitting an authentication request for the transaction to the second user at the communication device, thereby permitting the second user to grant permission for the transaction to the payment account.

Abstract: A payment-enabled mobile device is operable in a first operating mode and a second operating mode. The first mode is an online operating mode. The second mode is an offline operating mode. The payment-enabled mobile device operates in the second operating mode to replicate a screen display sequence presented by the payment-enabled mobile device in the first operating mode.

Abstract: Systems and processes for automatically configuring user authentication rules for each of a plurality of users for use in transactions. A neural network engine receives first party preferences data from a first party computer that includes user authentication requirement criteria associated with a plurality of transaction types, and receives at least two of user behavior data, user historical data, authenticator data associated with a mobile device of the user, and mobile device metadata. The neural network engine then generates an output value based on this data, transmits the output value to a score comparator for comparison to a required score specified by the first party, and receives feedback data from the score comparator when the output value is not within a tolerance of the required score. When the output value is within the tolerance, then the neural network engine generates user authentication rules recommendations and transmits them to the first party computer.

Abstract: Method for individualized data routing in a network, the method comprising the steps of initiating, on a user terminal, an enrolment process for registering a user of the user terminal for individualized data routing services, generating during the enrolment process, at a routing client application, a personal routing template, the template including at least individual routing parameters and user authentication information, prompting, on the user terminal by the routing client application, authentication of the user, selecting, on the user terminal by the routing client application, a personal routing template based on the user authentication information stored in the template, encapsulating, by the routing client application on the user terminal, a data package to be routed based on the information stored in the personal routing template by associating the individual routing parameters to the data package; and transmitting, by the routing client application, the encapsulated data package to a core network.

Abstract: FIDO (“Fast IDentity Online”) authentication processes and systems are described. In an embodiment, a FIDO (“Fast IDentity Online”) authentication process includes a FIDO information systems (IS) computer system receiving a FIDO authentication request for a transaction from a user device, the FIDO authentication request including user data and user device authenticator data, then verifying the user data and user device authenticator data, selecting a FIDO-certified server based on a list of authorized authenticators, business rules and the user device authenticator data, and transmitting the FIDO authentication request to the selected FIDO server. The process also includes the FIDO IS computer system receiving an authentication result from the FIDO-certified server, and transmitting the authentication result to the user device.

Abstract: FIDO (“Fast IDentity Online”) authentication processes and systems are described. In an embodiment, a FIDO information systems (IS) computer system receives a FIDO authentication request for a transaction from a user device, which includes user data and user device authenticator data. The FIDO IS computer system then verifies the user data and user device authenticator data, selects a FIDO-certified server, transmits the FIDO authentication request to the selected FIDO server, and receives a challenge message from the selected FIDO-certified server. The FIDO IS computer system next transmits the challenge message to the user device, receives a FIDO authentication response, transmits the FIDO authentication response to the selected FIDO-certified server, receives an authentication result from the FIDO-certified server, and transmits the authentication result to the user device.

Abstract: A call managing computer system for managing at least one communication session in an enterprise is disclosed. The call managing computer system includes a monitoring module for monitoring context of the at least one communication session. The system further includes a strategy generation module for generating the at least one strategy based on the monitored context of the at least one communication session and one or more performance indicators. The system further includes a validation module for validating the at least one generated strategy. The system further includes an agent selection module for executing the at least one validated strategy to select at least one agent for the at least one communication session.

Abstract: A payment-enabled mobile device is operable in a first operating mode and a second operating mode. The first mode is an online operating mode. The second mode is an offline operating mode. The payment-enabled mobile device operates in the second operating mode to replicate a screen display sequence presented by the payment-enabled mobile device in the first operating mode.

Abstract: FIDO (“Fast IDentity Online”) authentication processes and systems are described. In an embodiment, a FIDO information systems (IS) computer system receives a FIDO authentication request for a transaction from a user device, which includes user data and user device authenticator data. The FIDO IS computer system then verifies the user data and user device authenticator data, selects a FIDO-certified server, transmits the FIDO authentication request to the selected FIDO server, and receives a challenge message from the selected FIDO-certified server. The FIDO IS computer system next transmits the challenge message to the user device, receives a FIDO authentication response, transmits the FIDO authentication response to the selected FIDO-certified server, receives an authentication result from the FIDO-certified server, and transmits the authentication result to the user device.

Abstract: Systems and processes for automatically configuring user authentication rules for each of a plurality of users for use in transactions. A neural network engine receives first party preferences data from a first party computer that includes user authentication requirement criteria associated with a plurality of transaction types, and receives at least two of user behavior data, user historical data, authenticator data associated with a mobile device of the user, and mobile device metadata. The neural network engine then generates an output value based on this data, transmits the output value to a score comparator for comparison to a required score specified by the first party, and receives feedback data from the score comparator when the output value is not within a tolerance of the required score. When the output value is within the tolerance, then the neural network engine generates user authentication rules recommendations and transmits them to the first party computer.

Abstract: In a first party mode, a peer-to-peer transfer application: authenticates the party to an identity server; obtains an amount of funds to be transferred; causes the identity server to establish a session for storing information relating to the transaction; provides the amount to the identity server; provides account information for the party to the identity server; obtains a token unique to the transaction; obtains contact information for the counterparty; and provides a message including the token to the counterparty to indicate the transaction has been initiated. In a second counterparty mode, the application: receives a message including a token for a transaction from a first party; authenticates the counterparty; determines the counterparty wishes to complete the transaction; and uses the token to provide account information for the counterparty to the identity server for storing in association with an established session and to enable the identity server to complete the transaction.

Abstract: There is presented a method, a computing device and a biometric matching service, for the biometric authentication of a user. The method comprises capturing a biometric sample from a user and obtaining information to identify data sources relevant to the user. The method further comprises using the data sources relevant to the user to obtain a plurality of biometric samples potentially captured from the user. The method further comprises matching the captured biometric sample against the plurality of potentially captured biometric samples to determine whether the captured biometric sample represents the user.