Abstract: Various embodiments herein each include at least one of systems methods, software, and data structures for electronic lock control and audit. The various embodiments, although widely applicable, are well suited for retail use where higher-value and access-controlled merchandise is stored in locked cages, closets, rooms, and cabinets to prevent theft. One method embodiment includes receiving, via a network from a mobile device app, an unlock request including an employee identifier and a lock identifier to unlock a secured resource of the lock identifier. The method proceeds in processing the request by validating the employee identifier is authorized to unlock the lock of the lock identifier at a current date and time and retrieving a key-code that will unlock the lock of the lock identifier. The method then proceeds with transmitting the key-code to the mobile device app to enable unlocking of the lock.

Abstract: A dual-control security procedure is initiated, and a first person is identified for the procedure. The first person is authenticated and a remote agent that is remotely located is requested to participate in the procedure. Actions/behaviors of at least the first person are monitored from the video in accordance with the procedure and provided in real-time to the remote agent. An audit log is written to upon the conclusion of the procedure. The audit log at least comprising: identifiers for the first person and the remote agent, a procedure identifier for the procedure, an asset/area identifier associated with the procedure, a zone identifier for a location within an establishment, action identifiers for the actions, behavior identifiers for the behaviors, violation identifiers for any violations detected during the procedure, and a link to a video clip from the video that corresponds to at least the first person performing the procedure.

Abstract: A user is identified within an establishment. An identity associated with an account of the user with the establishment is determined. Various transactions of the user are monitored. Moreover, actions and behaviors of the user are monitored through video. A current perceived state of the user is calculated based on the monitoring of the various transactions, actions, and behaviors. The state is compared to a threshold value and a response action is automatically processed based on one or more rules. In an embodiment, custom logs are retained for a period of time that the user was in the establishment and custom aggregations of the logs are sent to one or more external systems.

Abstract: Image analysis is performed on a user at a transaction terminal. Based on behaviors, expressions, and activities of the user, fraud or potential fraud is flagged. When fraud is flagged, the transaction terminal stops processing an active transaction on behalf of the user and alerts are sent. When potential fraud is flagged, images/video associated with the active transaction are sent for review and the active transaction may be suspended or permitted to proceed at the transaction terminal. In an embodiment, a same user conducting multiple transactions with different accounts at a same transaction terminal or multiple different transaction terminals within a configured period of time is automatically identified as fraud based on a fraud rule.

Abstract: An identity of a customer within an establishment is authenticated using a variety of captured biometric features obtained from sensors and/or video. Video capturing movements/interactions of the customer is analyzed in real time to identify the customer's behavior and actions. Any staff of the establishment who interact with the customer are identified from the video. Transaction data and other data retained for the customer by the establishment are aggregated and linked with the video and the customer identity. The linked data is analyzed in combination with the customer behavior and actions to determine responses within the establishment to customer-initiated transactions. In an embodiment, the customer is authorized to perform at least one transaction within the establishment based on the authenticated identity and linked data without a presentation by the customer of an identification card, a Personal Identification Number (PIN), a password and/or verification by a staff member.

Abstract: An Internet-of-Things (IoT)-enabled lock is provided to control access to a secure physical asset. Disparate authorized systems make requests for an access and receive authorization to access the asset. An authorized user with an authorized mobile device is dispatched to the asset pursuant to a request. Proximity-based mobile device authentication is performed when the mobile device is in a configured proximity of the asset and the mobile device establishes a wireless connection to the lock. A second factor authentication is performed on the user that operated the mobile device. A One-Time Code (OTC) is generated and provided to either the lock or the mobile device for access to the asset. Access events and service information for the asset are stored in a shared data repository. Each system has access through to the shared data repository to all auditing information associated with the asset.

Abstract: Multiple cameras capture videos within a secure room. When individuals are detected as entering the room, identities of the individuals are resolved. When an asset is exposed in a field of view of one of the cameras, the individuals' eye and head movements are tracked from the videos with respect to one another and the asset. Additionally, touches made by any of the individuals on the asset are tracked from the videos. The eye and head movements are correlated with the touches or lack of touches according to a security policy for the asset. Any violations of the security policy are written to a secure audit log for the room and the asset.

Abstract: A monitoring project is defined interactively through an interface. Resources needed for the project are obtained, configured, arranged, and verified within a target area. Video and audio feeds are captured and analyzed during a project period within the target area and customer interactions and intentions are derived from detected customer behaviors within the feeds. The intentions and behaviors are indexed with aggregated metrics within a data store. The interface provides custom queries, reports, interactive graphics, and real-time notifications from the data store that depict the custom aggregated metrics for the intentions and behaviors of the monitoring project.

Abstract: Cameras capture time-stamped images of predefined areas (zones) and assets (objects). Behaviors and actions of persons are tracked in the images with respect to the zones and the objects based on rules. Persons are identified when the behaviors or actions indicate that the persons are attempting to access a particular zone or a particular object. Multifactor authentication is performed on the persons based on the rules and access to the particular zone or the particular object is granted or denied. All access attempts along with the corresponding images associated with the access attempts are logged for auditing.

Abstract: A natural-language voice chatbot is initiated and a voice session is established between the chatbot and a customer while the customer is operating a vehicle device within a vehicle. A pre-staged order is taken from a customer during the session and the session is suspended until the customer arrives at a store associated with the pre-staged order. A location-based trigger is raised when the customer is detected as being present at a transaction terminal of a store; the session is resumed on the transaction terminal and/or the vehicle device. The pre-stage order is confirmed during the resumed session and payment is obtained from the customer for the order when payment was not already obtained from the customer. The order is sent to a fulfillment station and, in an embodiment, the items associated with the order are delivered to the customer while the customer remains at the terminal.

Abstract: Multiple cameras capture videos within a secure room. When individuals are detected as entering the room, identities of the individuals are resolved. When an asset is exposed in a field of view of one of the cameras, the individuals' eye and head movements are tracked from the videos with respect to one another and the asset. Additionally, touches made by any of the individuals on the asset are tracked from the videos. The eye and head movements are correlated with the touches or lack of touches according to a security policy for the asset. Any violations of the security policy are written to a secure audit log for the room and the asset.

Abstract: A consumer is identified engaged in an activity at a specific physical location. A context is formulated for the consumer based on the activity, the location, preferences associated with the consumer, and a history associated with the consumer. A natural language voice-based assistance session is initiated with the consumer. The session follows the consumer as the consumer travels and remains engaged in the activity. In an embodiment, the session is seamlessly maintained and is seamlessly transferred from a plurality of different devices as the consumer is engaged in the activity and travels. In an embodiment, the session is initiated without the consumer requesting the session.

Abstract: A consumer is identified at a transaction terminal. A natural-language voice chatbot is initiated for the transaction. The chatbot is configured with store information for a store associated with the terminal and, optionally, with preferences registered to the consumer. A natural language voice dialogue using, at least the store information, is initiated between the chatbot and the consumer while the consumer is at the terminal and during the transaction. The consumer may order store items from the store and pay for the items through the dialogue. In an embodiment, the items ordered are delivered to the terminal where the consumer is located.

Abstract: A pre-staged or in-person provided order is received from a customer location. Order details are sent to a fulfillment terminal and items associated with the order are prepared or collected. The items are loaded into an autonomous device. The autonomous device plans a route from its current location to the customer location and the autonomous device navigates from its current location to the customer location using the route. The customer is verified at the autonomous device and a secure bin is unlocked by the autonomous device. The customer removes the items associated with the order from the unlocked secure bin, and the autonomous device navigates back to its original location within an enterprise.

Abstract: Cameras capture time-stamped images of predefined areas (zones) and assets (objects). Behaviors and actions of persons are tracked in the images with respect to the zones and the objects based on rules. Persons are identified when the behaviors or actions indicate that the persons are attempting to access a particular zone or a particular object. Multifactor authentication is performed on the persons based on the rules and access to the particular zone or the particular object is granted or denied. All access attempts along with the corresponding images associated with the access attempts are logged for auditing.

Abstract: Multiple cameras capture videos within a secure room. When individuals are detected as entering the room, identities of the individuals are resolved. When an asset is exposed in a field of view of one of the cameras, the individuals' eye and head movements are tracked from the videos with respect to one another and the asset. Additionally, touches made by any of the individuals on the asset are tracked from the videos. The eye and head movements are correlated with the touches or lack of touches according to a security policy for the asset. Any violations of the security policy are written to a secure audit log for the room and the asset.

Abstract: A dual-control security procedure is initiated, and a first person is identified for the procedure. The first person is authenticated and a remote agent that is remotely located is requested to participate in the procedure. Actions/behaviors of at least the first person are monitored from the video in accordance with the procedure and provided in real-time to the remote agent. An audit log is written to upon the conclusion of the procedure. The audit log at least comprising: identifiers for the first person and the remote agent, a procedure identifier for the procedure, an asset/area identifier associated with the procedure, a zone identifier for a location within an establishment, action identifiers for the actions, behavior identifiers for the behaviors, violation identifiers for any violations detected during the procedure, and a link to a video clip from the video that corresponds to at least the first person performing the procedure.

Abstract: Cameras capture time-stamped images within predefined areas (zones). Behaviors and actions of persons are tracked in the images with respect objects (assets) located within the zones based on rules. A risk assessment is dynamically adjusted based on the behaviors, actions, and the rules. An automated action is processed based on the risk assessment. A current risk score drives reporting, notifications, auditing, and security processes based on the rules. In an embodiment, a variety of sensors are located within the zones and provide real-time events with respect to some actions of a person or persons present within the zones.

Abstract: A user makes a request from a requesting device for access to a secure operation associated with a network-based service. A first biometric authentication is processed for the request and at least one second scope-based authentication is processed for the request based on an analysis of a physical environment for the requesting device. A determination is made based on at least the first biometric authentication and the scope-based authentication whether the secure operation can be: processed on behalf of the user by the network-based service, not processed at all, or processed only if requested from a specific medium/channel associated with a specific device, which may or may not be the requesting device.

Abstract: An Internet-of-Things (IoT)-enabled lock is provided to control access to a secure physical asset. Disparate authorized systems make requests for an access and receive authorization to access the asset. An authorized user with an authorized mobile device is dispatched to the asset pursuant to a request. Proximity-based mobile device authentication is performed when the mobile device is in a configured proximity of the asset and the mobile device establishes a wireless connection to the lock. A second factor authentication is performed on the user that operated the mobile device. A One-Time Code (OTC) is generated and provided to either the lock or the mobile device for access to the asset. Access events and service information for the asset are stored in a shared data repository. Each system has access through to the shared data repository to all auditing information associated with the asset.