Abstract: A system and method of transferring funds includes a communication module configured to provide a user or automated process with an option of setting up an automatic fund transfer from a first payment channel to a second payment channel.

Abstract: An authentication and encryption computer system is disclosed including processing devices, a network interface, and a data store. The authentication and encryption system is configured to maintain in the data store content common to a plurality of entities and content independently specified by each of the plurality of entities. The system is configured to receive a content request from an application executing on a mobile device, the content request comprising a secure access code corresponding to an entity, and the content request encrypted by the mobile device. An interface, comprising the content common to the plurality of entities, is customized to include content independently specified by the entity, wherein the content independently specified by the entity comprises a token value. A user request for an item presented via the interface is received and the token value is transferred to the entity.

Abstract: Systems and methods for providing services to smart devices connected in an Internet of things (IoT) platform. It detects the user and connected registered smart devices in it's vicinity, authenticates them, and receives and processes various requests from them. The user may also provide inputs in natural language and the invention maps context associated with the user utterance to an intent to utilize the one or more services. It may also generate one or more customized responses for one or more outlier requests based on historical data stored in the database. It may automatically processes payment pertaining to one or more services subscribed by the user, wherein information specific to the payment is obtained based on the configuration preferences stored in a database and the one or more services being analyzed by the Process Orchestration Layer module.

Abstract: Methods, apparatuses, and computer-readable products for selecting tracks. A plurality of request parameters are received from a client device. Based on those request parameters, plurality of bans, history track attributes, and artist identifiers are loaded from a database. A most recent discovery track is calculated based on the plurality of histories and the plurality of artist identifiers. An artist identifier is repeatedly selected from the plurality of artist identifiers along with a track type from a set of track types until a predetermined number of artist identifier and track type pairs have been selected. A plurality of candidate tracks for each selected artist identifier are loaded from a database. One track of the plurality of candidate tracks is repeatedly selected for each artist identifier and track type pair until one track has been selected for each pair of the predetermined number of artist identifier and track type pairs.

Abstract: Disclosed herein are system, method, and computer program product embodiments for issuing assets and/or asset tokens using zero-knowledge proofs (“ZKPs”). An issuance system may receive a command to issue an asset. The issuance system may determine that issuing the assets would not violate administrator-defined or network-defined rules that may govern the types of assets and/or the quantity of assets that the issuance system may issue. The issuance system may then issue the assets and generate a ZKP corresponding to the issuance and indicating adherence to the rules while concealing information related to the asset token, such as the types of assets and/or quantity of assets. The issuance system may publish the ZKP to a blockchain so that verifier nodes may confirm that the issuance system adhered to the rules while still preventing access to the underlying issuance information.

Abstract: Disclosed are systems and methods for authenticating a user and a user device. In one embodiment, a method does not use any stored usernames, passwords, or tokens. In certain embodiments, a when a user requests authentication a server provides variable values to a client device. The client device returns to the server an output based on inputting the variable values into formulas associated with the client device. The server uses the client device generated output to authenticate the client device and the user by, in some embodiments, attempting to decrypt a user ID file associated with the client device. Each time the user requests authentication different variable values are used to prevent prediction and hacking of the system.

Abstract: An example method of operation may include one or more of identifying a number of share chains from a smart contract stored in a blockchain, identifying a contributed block received from a miner entity associated with one of the share chains, determining whether the contributed block is valid for the one share chain, and updating the one share chain based on the contributed block.

Abstract: A computer-implemented method may comprise iteratively receiving a tag selected by a user of the computing device; storing the received tag in a memory of a computing device; associating, by a processor of the computing device, the stored tag with at least one digital asset stored in the computing device or stored in a remote storage of the user that is accessible over a computer network; and generating, by the processor, a graphical representation of the received tag. A search request may then be received, via the user interface, the search request comprising an expression including at least one of the tags stored in the memory of the computing device. The processor may then identify at least one of the user's digital assets that is associated with at least one of the tags in the search request.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for digital transaction signing for multiple client devices using secured encrypted private keys. The system generates, by a device, a private key and public key pair. The key pair is associated with an electronic account. The device also has an associated private key and public key pair. The device generates multiple key shares of the generated private key associated with the electronic account. The device encrypts each of the multiple key shares with the public key of the device thereby creating multiple first or inner layer of encrypted key shares. The device then encrypts each of the multiple first encrypted key shares each with a separate user public key associated with a user thereby creating multiple second or outer layer of encrypted key shares. The double encrypted key shares are then distributed to the respective users having the user public key.

Abstract: A risk assessment (RA) computing device for generating network security campaigns to discover network security gaps. The RA computing device includes at least one processor in communication with a memory and a network. The RA computing device is programmed to generate a tracer file and transmit the tracer file to the network for enabling a verified user to attempt to retrieve the tracer file from the network. The verified user retrieves the tracer file from the network and uploads the tracer file to the RA computing device. The RA computing device performs one or more validations against the tracer file to verify that the tracer file was generated by the verified user.

Abstract: A method of performing a transaction between a first user of a first input device, and a second user of a second input device, the method includes generating, via the first input device, a transaction request with a with a first effort-based identity token associated with first user, receiving a response with the token and a validation key obtained from a validation server via the second input device based on a second effort-based identity token associated with the second user and a second user effort, providing the second user effort and second effort-based identity token to the validation server, receiving a second effort validation key from the validation server, and sending the transaction with the first user and second user identity-based tokens and first and second effort validation keys to the second person to complete the transaction while ensuring both the first and second users are consistent throughout the transaction.

Abstract: The technology described herein relates to an automated marketplace system for exchanging tradeable instrument(s). In particular, the technology described herein relates to an automated exchange system that simultaneously places order objects in multiple order book memories and updates orders that are stored in the multiple order book memories for consistency.

Abstract: An advanced encryption and key exchange (AEKE) algorithm for quantum safe cryptography is disclosed. The AEKE algorithm does not use hard mathematical problems that are easily solvable on a quantum computer with Shor's algorithm. Instead, new encryption algorithm uses simple linear algebra, rank deficient matrix and bilinear equation, which will be easy to understand, fast, efficient and practical but virtually impossible to crack.

Abstract: Methods and systems of the invention provide a variety of techniques for processing microtransactions. In accordance with the invention, the method starts with a customer initiating a purchase through interaction with a merchant. The purchase is associated with purchase information, which includes the particulars of the purchase, such as the purchase price. In the purchase, the customer uses a transaction account, obtained from a payment enabler. The purchase is classified as a microtransaction, if the purchase price is below a predetermined monetary amount. Thereafter, the purchase information is forwarded for processing based on the classifying, i.e., either as a regular transaction or as a microtransaction. Then, upon receipt of the purchase information by an appropriate recipient, such as an interchange entity or an alternate interchange entity, the purchase information is processed to effect the microtransaction, if so classified, between the customer and the merchant.

Abstract: Provided herein are systems and methods for provisioning a gift. The method includes receiving, with at least one processor, a request to provision a gift, the request comprising a uniform resource locator (URL) corresponding to a network location associated with a merchant and/or item, generating, with at least one processor, a modified URL configured to direct a user device to the network location associated with the merchant and/or item, the modified URL based on the original URL, an account identifier, and one or more account limits, and transmitting, with at least one processor, the modified URL to the user device, such that the user device is facilitated to engage in a transaction through the network location associated with the merchant and/or item using a payment account associated with the account identifier.

Abstract: A method of authenticating a mobile pay feature on a mobile device using a smart card is disclosed. The method includes offering a mobile pay functionality to a user on a mobile device and receiving an affirmative user input to enable the mobile pay functionality. A contactless logic disposed in the mobile device receives an encrypted authentication code from a subject smart card and attempts to authorize the mobile device user and the mobile device itself to use the smart card for mobile pay transactions. Once the mobile device and the user are authorized, the mobile pay function is enabled.

Abstract: Methods and systems are described for a power adapter. The power adapter may provide power to a computing device. The power adapter may comprise a wireless access point or other communication system. The computing device may be configured to access the wireless access point or other communications systems in the power adapter.

Abstract: A database client may implement scalable tracking for database updates according to a secondary index. As update requests are generated and sent to a database, tracking attributes may be included in the update requests in order to be inserted into the database with respect to a portion of the database for which the requested update is performed. Tracking attributes may include a sequence number which may be used to determine an order in which the updates are performed at the database. Tracking attributes may also include a bucket identifier, which may categorize or label the portion of data updated as part of an update. These tracking attributes may be replicated to a secondary index maintained for the database. Queries to the secondary index based on the tracking attributes may identify updates performed to the database. Notifications of the identified updates may then be provided.

Abstract: The present disclosure provides for systems and methods for delivering and unlocking restricted media content on physical media. The disclosed methods and systems provide restricted media assets on a physical media. The restricted media assets may be ad-sponsored media content. Restrictions on the restricted media assets may be removed by providing an unlock code, either on an online or offline media player. In the ad-sponsored media context, an unlocked version might comprise an ad-free version.

Abstract: An electronic authorization system comprising a data source system configured to transmit transaction data. A secure data system is coupled to the data source system over an open network, the secure data system is configured to receive the transaction data from the data source system, generate a unique encrypted identifier for the transaction data and to transmit the unique encrypted identifier to the data source system. The data source system is configured to receive the unique encrypted identifier and replace payment card data associated with the transaction data in a database with the unique encrypted identifier.

Abstract: Systems and techniques, including a privacy service, facilitate selecting, defining, controlling, verifying, and auditing privacy-impacting behaviors of devices in alignment with the privacy behavior expectations of individuals and other entities. Techniques and systems are presented to facilitate controlling and verifying the privacy behaviors of privacy-impacting devices. Techniques and systems for defining and sharing individualized privacy behavior preferences are described. Techniques and systems are disclosed for privacy preference resolution protocols that allow for the automated or interactive resolution of conflicts that arise between individuals in multi-actor environments or ambiguous contexts. Accountability and audit mechanisms assist in verifying the control state of devices with respect to their privacy behavior preference inputs.

Abstract: A method may include allocating a number of public keys, where each respective public key is allocated to a respective entity of a number of entities; storing a number of private keys, where each respective private corresponds to a respective public key; storing one or more decryption algorithms, where each respective decryption algorithm is configured to decrypt data previously encrypted using at least one encryption algorithm of the encryption algorithms. Each respective encryption algorithm may be configured to encrypt data using at least one public key. Each respective decryption algorithm may be configured to decrypt data using at least one private key. The method may include receiving encrypted data, where the encrypted data is encrypted using a first public key and a first encryption algorithm, and the encrypted data is provided over a network.

Abstract: Systems and techniques, including a privacy service, facilitate selecting, defining, controlling, verifying, and auditing privacy-impacting behaviors of devices in alignment with the privacy behavior expectations of individuals and other entities. Techniques and systems are presented to facilitate controlling and verifying the privacy behaviors of privacy-impacting devices. Techniques and systems for defining and sharing individualized privacy behavior preferences are described. Techniques and systems are disclosed for privacy preference resolution protocols that allow for the automated or interactive resolution of conflicts that arise between individuals in multi-actor environments or ambiguous contexts. Accountability and audit mechanisms assist in verifying the control state of devices with respect to their privacy behavior preference inputs.

Abstract: There is described a method for a first software application to access a secured software application on a computing device. The first software application is not configured to interface with the secured software application. The computing device includes an interfacing application configured to interface with the secured software application. The method comprises the first software application interfacing with the interfacing application to thereby cause the interfacing application to access the secured software application. The first software application is configured to interface with the interfacing application. There is also described a method of generating an encrypted version of an image using a library of pre-encrypted blocks of data, the same content encryption key having been used to encrypt each of the pre-encrypted blocks of data.

Abstract: A file validation method and system is provided. The method includes retrieving from an authoritative source system, an artifact file. Identification information identifying a requesting user of the artifact file is recorded and associated metadata and a modified artifact file comprising the metadata combined with the artifact file are generated. An encryption key including a first portion and a second portion is generated and the first portion is stored within a central key store database. An encrypted package comprising the modified artifact file and the second portion of the key is generated.

Abstract: Systems and methods are provided for the detection and prevention of intrusions in data at rest systems such as file systems and web servers. The systems and methods regulate access to sensitive data with minimal dependency on a communications network. Data access is quantitatively limited to minimize the data breaches resulting from, e.g., a stolen laptop or hard drive.

Abstract: The number of users viewing a given variable directly affects the rate of change and/or outcome of said variable. In the case of eCommerce, pricing of products and/or services is based upon a user accessing a website on which products and/or services are for sale. An initial price indicia associator associates initial price indicia with the products and/or services files. The initial pricing can be based upon historical indicia or the engine itself. Thereafter, a price indicia adjuster adjusts the pricing responsive to user access of the website or related website. A user interface meter shown on the website indicates to potential buyers how much interest there is in the product and/or service being sold so that peer activity is exhibited to potential buyers to encourage sales and impulsive buying behavior. Pricing is dynamic and adjusts in real-time at a rate determined by the amount of users accessing the website.

Abstract: A method, system, server and computer-readable medium enable verification of a member of an organization and the generation of a session-specific certificate for the member upon receipt of a status report indicating that the member is in good standing with the organization. When the member logs in, the member's credentials are retrieved from an identification server that enables the identification of web services associated with the organization to which the member belongs. The identification server also provides a personal certificate associated with the member to enable the generation of the session-specific certificate.

Abstract: The present invention provides a method of transferring content from a file and a database. In this case, the file includes content instances, each content instance being associated with a respective field, and each field having a respective type. The transfer is achieved by determining the type of each field, and then storing each content instance in a store in accordance with the determined field type of the associated field. Each content instance can then be transferred to the database in accordance with the determined field type. A similar procedure is provided for creating XML files based on content within the database.

Abstract: A method of negotiating memory record ownership between network nodes, comprising: storing in a memory of a first network node a subset of a plurality of memory records and one of a plurality of file system segments of a file system mapping the memory records; receiving a request from a second network node to access a memory record of the memory records subset; identifying the memory record by using the file system segment; deciding, by a placement algorithm, whether to relocate the memory record, from the memory records subset to a second subset of the plurality of memory records stored in a memory of the second network node; when a relocation is not decided, providing remote access of the memory record via a network to the second network node; and when a relocation is decided, relocating the memory record via the network for management by the second network node.

Abstract: A method, article of manufacture, and apparatus for managing data. In some embodiments, this includes determining a usage level of a file, wherein the file is stored in a first storage system, moving the file to a second storage system based on the determined usage level of the file updating location information in a catalog based on the movement of the file, and performing at least a portion of a query on the file after updating location information in the catalog.

Abstract: An electronic media distribution/play system includes a service facility that has a communications network interface and maintains a data file catalog. The catalog is sent over the network to requesting users, and the system processes payments from customers in establishing file access authorizations. Encrypted user-selected files and a player program are transmitted to each customer for metered access to received data files as limited by the authorization, and customers can make additional selections and play the encrypted files freely while the authorization remains established. The system can transmit the data files from local storage, and also provide links to encrypted files that are stored at remote vendor facilities. Authorizations can be for selected portions or class levels of the catalog, and for terms measured as calendar time, play time, and collective number of plays. Also disclosed is a method for facilitating the distribution and accessing of electronic files.

Abstract: In some embodiments, techniques for computer security comprise preventing and/or mitigating identity theft such as phishing.

Abstract: In a method for generating an electronic signature, a web server provides a webpage to be displayed on a touch screen of an electronic device, receives a representative signal of a handwritten signature inputted by a signer and a dynamic image that presents a motion of the signer during signing the handwritten signature captured by the dynamic image capturing module simultaneously with the inputting of the handwritten signature. Afterward, the web server stores the dynamic image as a streaming file, compiles a data file that includes the representative signal and the streaming file, and executes the data file in the webpage as an electronic signature.

Abstract: A method for encrypting data based on all-or-nothing encryption. Data to be encrypted and an encryption key are provided. The data is divided into an odd number of blocks, wherein each of the odd number of blocks has the same size. The blocks are encrypted with the encryption key to obtain an intermediate ciphertext that includes the encrypted blocks. The intermediate ciphertext is linearly transformed based on additive contravalence operations to obtain a final ciphertext.

Abstract: The present invention provides a method of transferring content from a file and a database. In this case, the file includes content instances, each content instance being associated with a respective field, and each field having a respective type. The transfer is achieved by determining the type of each field, and then storing each content instance in a store in accordance with the determined field type of the associated field. Each content instance can then be transferred to the database in accordance with the determined field type. A similar procedure is provided for creating XML files based on content within the database.

Abstract: A method and system for confirming proper receipt of an e-mail file sent by a sending party over a communications network such as the Internet and intended to be received by a target party. The e-mail file sent by the sending party is properly or improperly delivered to a recipient e-mail address and stored in a data storage location of a recipient computer system. When the accessing party, who may or may not be the intended target party, accesses either the e-mail file itself or an e-mail processing program or user account, various recipient information, including identity information associated with the accessing party, is discovered from the recipient computer system and included in a generated confirmation of receipt notice. The confirmation of receipt notice is subsequently and automatically return transmitted to the sending party.

Abstract: A method for providing security vulnerability information is provided. The method may include checking for the security vulnerability information product supplier servers. The method may further include sending alerts to a security vulnerability administrator associated with a client environment. Additionally, the method may include performing a security check on the security vulnerability administrator to authorize the security vulnerability administrator to receive the security vulnerability information. The method may also include authenticating customers associated with the client environment to authorize the customers to receive the security vulnerability information. The method may further include prompting the authorized security vulnerability administrator to acknowledge an information confidentiality reminder. The method may also include sending an audit record to the product supplier server.

Abstract: A method for providing security vulnerability information is provided. The method may include checking for the security vulnerability information product supplier servers. The method may further include sending alerts to a security vulnerability administrator associated with a client environment. Additionally, the method may include performing a security check on the security vulnerability administrator to authorize the security vulnerability administrator to receive the security vulnerability information. The method may also include authenticating customers associated with the client environment to authorize the customers to receive the security vulnerability information. The method may further include prompting the authorized security vulnerability administrator to acknowledge an information confidentiality reminder. The method may also include sending an audit record to the product supplier server.

Abstract: Systems and methods are provided for the detection and prevention of intrusions in data at rest systems such as file systems and web servers. The systems and methods regulate access to sensitive data with minimal dependency on a communications network. Data access is quantitatively limited to minimize the data breaches resulting from, e.g., a stolen laptop or hard drive.

Abstract: System, method, computer program product embodiments and combinations and sub-combinations thereof for hybrid data replication are described. Aspects include identifying a type of database data replication, the type including a combination of replication approaches, and managing replication based on the identified type, including coordinated switching from one replication approach to another automatically with transactional consistency maintained among source and target databases.

Abstract: The present disclosure relates to the authenticating a client against a pool of servers utilizing a secure authentication protocol, and, more specifically, to the authenticating a client against a pool of servers providing a common service, utilizing the Kerberos secure authentication protocol.

Abstract: A method for providing security vulnerability information is provided. The method may include checking for the security vulnerability information product supplier servers. The method may further include sending alerts to a security vulnerability administrator associated with a client environment. Additionally, the method may include performing a security check on the security vulnerability administrator to authorize the security vulnerability administrator to receive the security vulnerability information. The method may also include authenticating customers associated with the client environment to authorize the customers to receive the security vulnerability information. The method may further include prompting the authorized security vulnerability administrator to acknowledge an information confidentiality reminder. The method may also include sending an audit record to the product supplier server.

Abstract: An electronic media distribution/play system includes a service facility that has a communications network interface and maintains a data file catalog. The catalog is sent over the network to requesting users, and the system processes payments from customers in establishing file access authorizations. Encrypted user-selected files and a player program are transmitted to each customer for metered access to received data files as limited by the authorization, and customers can make additional selections and play the encrypted files freely while the authorization remains established. The system can transmit the data files from local storage, and also provide links to encrypted files that are stored at remote vendor facilities. Authorizations can be for selected portions or class levels of the catalog, and for terms measured as calendar time, play time, and collective number of plays. Also disclosed is a method for facilitating the distribution and accessing of electronic files.

Abstract: A method for providing security vulnerability information is provided. The method may include checking for the security vulnerability information product supplier servers. The method may further include sending alerts to a security vulnerability administrator associated with a client environment. Additionally, the method may include performing a security check on the security vulnerability administrator to authorize the security vulnerability administrator to receive the security vulnerability information. The method may also include authenticating customers associated with the client environment to authorize the customers to receive the security vulnerability information. The method may further include prompting the authorized security vulnerability administrator to acknowledge an information confidentiality reminder. The method may also include sending an audit record to the product supplier server.

Abstract: Systems and methods to accelerate transactions made via mobile communications. In one aspect, a system includes: a memory to store transaction records indicating actual amounts of funds collected via a first plurality of premium messages transmitted to a first plurality of phone numbers; and a processor coupled with the memory to transmit, to a second plurality of phone numbers, a second plurality of premium messages to collect payments on behalf of a merchant. Before funds collected via the second premium messages become available, the processor identifies a portion of a total amount of funds charged via the second premium messages, based at least in part on the transaction records stored in the memory, and offers to provide the portion to the merchant.

Abstract: Methods and apparatus for delivering digital goods using an electronic distribution system. Meta-information is generated for a digital product and stored at a fulfillment server. Upon completion of a transaction between a customer and the supplier of a digital product, a download manager installed at the customer's computer communicates with the fulfillment server using a protocol that ensures secure and reliable delivery of the digital product to the customer. In alternative implementations, the customer can be billed before or after successful delivery of the digital product to the customer.

Abstract: A system and method is disclosed for assuring that networked communications between parties playing a game on a network (e.g., the Internet) are not tampered with by either of the parties for illicitly gaining an advantage over the other party. An initial sequence of tokens (e.g., card representations) for playing the game are doubly encrypted using an encryption key from each of the parties. Accordingly, during play of the game neither party can modify the initial sequence of game tokens during the game. At termination of the game, at least one of the parties can fully decrypt the initial sequence of tokens, and thereby, if desired, compare the played token sequence with the corresponding the initial token sequence.

Abstract: According to one aspect there is provided a method and an apparatus for facilitating intellectual property rights compliance that is compliant with a same-origin security policy that prohibits the application from executing application-specific instructions from the first domain that access application-specific instructions from the second domain. The method includes receiving a structured document from a first domain, the structured document having at least one content object, a reference to at least one digital rights compliance (DRC) object located on a second domain and associated with the at least one content object, and application-specific instructions being executable by the application. The at least one DRC object is defined in a non-executable format and contains information indicative of rights associated with the at least one content.

Abstract: In various example embodiments, systems and methods to mine product recommendations from query reformulation is provided. In example embodiments, a search query is mapped to a particular product. Transition data for the particular product is accessed. The transition data includes values reflecting a number of search transitions between the particular product and other products in session sets of previous queries. One or more recommendations based on the transition data is determined and provided to the user.