Abstract: A method including receiving a first application user credential associated with a user profile; comparing, for a first match, the first application user credential with a stored second application user credential, wherein the stored second application user credential is associated with a user identity; and responsive to finding a first match, verifying the user identity by performing the following: communicating with a card using near field communication; receiving a public key of a key pair of the card and cardholder identification information of an account holder of the card; instructing the card to generate a digital signature; receiving the digital signature from the card; verifying the digital signature using the public key; and comparing, for a second match, at least a portion of the user identity with at least a portion of the cardholder identification information.

Abstract: Apparatuses, methods, and systems pertaining to the verification of portable consumer devices are disclosed. In one implementation, a verification token is communicatively coupled to a computer by a USB connection so as to use the computer's networking facilities. The verification token reads identification information from a user's portable consumer device (e.g., credit card) and sends the information to a validation entry over a communications network using the computer's networking facilities. The validation entity applies one or more validation tests to the information that it receives from the verification token. If a selected number of tests are passed, the validation entity sends a device verification value to the verification token, and optionally to a payment processing network. The verification token may enter the device verification value into a CVV field of a web page appearing on the computer's display, or may display the value to the user using the computer's display.

Abstract: A transaction instrument comprising a metal-filled biodegradable polymer. The biodegradable polymer is a plant-based polymer, a protein-based polymer, or a combination thereof. The metal of the blended composite of metal and biodegradable polymer is a heavy-gravity compound. The transaction instrument is biodegradable in whole or in part. A method(s) for making a transaction instrument comprising a blended composite of metal and a biodegradable polymer is also provided.

Abstract: In various example embodiments disclosed herein, a Dynamic Security Architecture Environment (DSAE) security architecture is provided in an externally connectable endpoint device (the security device), which can be connected to an existing host endpoint device, such as a computer, laptop, tablet, phone, vehicle, medical device, Industrial Control System (ICS), or other electronic or Internet connected device. The example embodiments can implement the DSAE security architecture in the security device that connects to a host endpoint device to make the host endpoint device more secure by enabling the security device to combat cyber attacks targeted toward the host device. The example embodiments described herein also provide details for creating a security device that leverages the DSAE architecture, wherein the security device is configured to connect via a wired or wireless medium for data communication with a host endpoint device to make the host device more secure.

Abstract: Embodiments of the present invention provide a system and method for an access point providing client to point-of-sale communication over a network, comprising: receiving credentials from the point-of-sale; sending at least one beacon message; receiving a probe request from a client; sending a probe response to the client; authenticating a connection with the client; exchanging capabilities with the client; performing a security handshake with the client; assigning at least one dynamic IP address to the client; and establishing an https session between the client and the point-of-sale over the network.

Abstract: Systems and methods for processing payment requests via a series of matching operations are described. Rules that compensate for incomplete or inaccurate information are applied to customer requests and stored merchant information to create identifiers, or “tokens.” Tokens can be searched for, compared, and matched with confirmed merchant information, allowing for the identification of merchants known to financial institutions despite erroneous or missing information in the customer request.

Abstract: A transform-enabled integrated circuit is provided with a combined transformation/hashing block, such as for cryptographic proof-of-work systems. The transform-enabled integrated circuit embeds components for a transformation function among hashing function components within the cryptographic datapath of the transform-enabled integrated circuit. The combined transformation/hashing block may be configured after the manufacture of the integrated circuit to embody as circuitry any one of a plurality of mathematical transformation functions, thus enabling a user to systemically modify the cryptographic operations performed by the integrated circuit while retaining the high performance and efficiency characteristics of application specific integrated circuits. Embodiments modify the internal intermediate state variables of the hashing function to transform and hash an input message. Method and computer program product embodiments are also provided.

Abstract: There are provided systems and methods for shared authentication for limited use of an associated account based on user location and connected devices. A user may own a location where another user may visit or rent. The user may have a payment account that may be used with merchants to purchase items that are associated with the location or offered with use of the location. The user may set up the payment account to have a shared authentication mechanism with other users that utilize the location to allow the other users to pay for items using the payment account. The authentication mechanism may be a credential that may be pushed to a device of one or more of the other users when the other users are at or nearby the location or may be information of the other users that may be matched during transaction processing.

Abstract: A system, apparatus, method, and machine readable medium are described for performing client risk assessment for authentication. For example, one embodiment of an apparatus comprises: a client risk assessment agent to perform an assessment of client configuration data to determine a risk level associated with a client device; and an authentication engine to performing authentication for a particular transaction in accordance with the risk level.

Abstract: A system and associated methods provide digital identity and strong authentication management services for Internet users. The system includes a central, cloud-based, online service, referred to as a central service, which can manage user accounts. The system also includes dedicated, always-on, always-connected, cryptographically unique devices, referred to as beacons, located within the physical residences of its users. The central service associates each beacon with the residence address of its user by physically sending a unique address verification code by postal mail to the user's residence. The user presents the unique code to the beacon, and the beacon cryptographically confirms its identity and the unique code sent to the residence address back to the central service. The beacons can attest to users' identities and provide seamless strong authentication to third-party online service providers on behalf of those users.

Abstract: A system and method and enables using a mobile number in conjunction with a non-telephony internet connected device. The system also facilitates SMS communication with Internet of Things devices and SMS communication in conjunction with over-the-top (OTT) services.

Abstract: A computer-implemented method of providing enriched transaction data for a transaction requiring an authorization is provided, the transaction performed using a computer system having a processor and a memory device. The method includes storing transaction data received from an input channel, the transaction data including a transaction identifier. An execution plan is retrieved based at least in part on the transaction identifier. The transaction data is processed across an enrichment processor based on the execution plan to generate at least one fraud score for the transaction. The transaction data is enriched to include at least one of the fraud score and an enriched data object. The enriched data is transmitted to an authorizing party for authorization.

Abstract: Methods and apparatuses allow an insurance agency to track their current performance in managing existing customers and bringing in new customers. A tool may obtain information from a user regarding characteristics of the user's agency and/or agency goals. The tool may use this information to determine an agency's business efficiency. The tool may also provide advice regarding marketing spending and/or additional human resources needed. The tool may benchmark an insurance agency against other agencies in the market. The tool may also display how generated leads are converted to new business and/or income for an agency.

Abstract: A method of using image comparison techniques to identify locations to be visited by an officer during a guard tour is disclosed. A reference image is created for each location to be visited by the officer during the guard tour. When the officer is at a location to be visited during a guard tour, the officer utilizes a portable wireless device, such as a smartphone, to display the reference image of the location and the live preview image of the location produced by the smartphone superimposed on one another. Image comparison software analyzes the live preview image being produced by the smartphone relative to the reference image.

Abstract: An electronic apparatus includes a transmitter circuitry, receiver circuitry, and controller circuitry. The transmitter circuitry is configured to transmit a first wireless signal for a wireless communication to a first terminal via a first frequency. The receiver circuitry is configured to receive a second wireless signal for the wireless communication from the first terminal via the first frequency. The controller circuitry is configured to detect position information of the first terminal based on the second wireless signal and form a beam pattern of radio waves of a second frequency different from the first frequency based on the position information, the beam pattern having directivity to the first terminal. And the transmitter circuitry is further configured to wirelessly supply power to the first terminal via the second frequency during the wireless communication with the first terminal.

Abstract: A method and system of providing verification of information of a user relating to an attestation transaction is provided, and includes sending a request for information of the user, wherein the information has been previously attested to in an attestation transaction stored within a centralized or distributed ledger at an attestation address; receiving at a processor associated with a verifier the information of the user; sending a cryptographic challenge nonce; receiving at the processor associated with the verifier the cryptographic challenge nonce signed by the user's private key; verifying user identity with the cryptographic challenge nonce signed by the user's private key; deriving a public attest key by using the information of the user; deriving an attestation address using the public attest key; and verifying the existence of the attestation transaction at the attestation address in the centralized or distributed ledger.

Abstract: Objects of the present invention are to provide a player tracking device main body which can be stably located in various postures inside of a housing of a gaming machine; and a player tracking device which includes said player tracking device main body. A PTS main body 1700b includes a magnet cover 1801 formed as a protruding portion on a central upper side of a base panel 1803. Inside of the magnet cover 1801, magnets (1810, 1811, and 1812) which are sandwiched between the magnet cover 1801 and a base stopper 1815 are located.

Abstract: Devices, such as hardware security modules, are provided as a service. A customer of a computing resource provider is able to request the addition of a device to a network of the customer hosted by the computing resource provider. The computing resource provider reconfigures a set of computing resources so that the devices of the customer are able to communicate with the device as if the device was in the customer's own network.

Abstract: A system and method are provided for the secure sharing of information across and open network and for performing management of keys used for encrypting and decrypting data.

Abstract: The present invention is directed to solve a problem that time is required for a process related to verification of a public key certificate of a message sender. An in-vehicle device mounted on a vehicle has a memory for holding information of a device which failed in verification of a public key certificate. At the time of performing communication between vehicles or between a vehicle and a roadside device, a check is made to see whether or not information of a device included in a message transmitted matches information of a device which failed and held in the memory. When the information matches, verification of a public key certificate is not performed.

Abstract: A method includes verifying the identity of an individual. A virtual passport for the individual is created upon verifying the identity of the individual. The virtual passport uniquely identifies the individual. A public/private key pair associated with the individual is generated. The virtual passport is signed with the private key. The signed virtual passport is entered in a public block chain. The signed virtual passport may be retrieved from the public block chain. The authenticity of the signed virtual passport may be determined via the public key.

Abstract: A transform-enabled integrated circuit for use in cryptographic proof-of-work systems is provided. The transform-enabled integrated circuit includes a transformation block embedded among other circuitry components within the cryptographic datapath of the transform-enabled integrated circuit. The transformation block may be configured at a time subsequent to the manufacture of the integrated circuit to embody as circuitry any one of a plurality of mathematical transformation functions, thus enabling a user to systemically modify the results of cryptographic operations performed by the integrated circuit while retaining the high performance and efficiency characteristics of application specific integrated circuits.

Abstract: Method and system are provided for authentication for pairing of a smart pen with a computing device. The method, which is carried out at a smart pen, may include: sensing a signature event carried out by a user writing with the smart pen on an input user interface of the computing device; recording a signature resulting from the signature event; authenticating the signature by comparing to a stored previously recorded signature at the smart pen. If the authenticating is successful, the method activates connection of the smart pen with the computing device using a communication channel. A corresponding method is carried out at the computing device at which the signature event is carried out.

Abstract: A method is disclosed. The method includes interacting with a gate access device that is capable of preventing access to a location, where the gate access device subsequently sends an authorization request message to an issuer for approval, the authorization request message including a request to charge a predetermined amount of money to pay for access to a location, and entering the location if the gate access device receives an authorization response message indicating that the charge is authorized.

Abstract: Method and system are provided for authentication for pairing of a smart pen with a computing device. The method, which is carried out at a smart pen, may include: sensing a signature event carried out by a user writing with the smart pen on an input user interface of the computing device; recording a signature resulting from the signature event; authenticating the signature by comparing to a stored previously recorded signature at the smart pen. If the authenticating is successful, the method activates connection of the smart pen with the computing device using a communication channel. A corresponding method is carried out at the computing device at which the signature event is carried out.

Abstract: Novel tools and techniques are provided for implementing blockchain transactions, and, more particularly, to methods, systems, and apparatuses for securing a blockchain with proof-of-transactions. In various embodiments, the blockchain system utilizes a proof-of-transactions approach that is based on a multi-player voting system and that is not susceptible to a free-rider problem that affects many other cryptocurrencies. The proof-of-transactions approach allows the cryptocurrency network to divide revenue between the nodes in the peer-to-peer network that provides bandwidth and connectivity and a set of other nodes that solve computational puzzles that safeguard the security of the blockchain system.

Abstract: A method, a terminal device, and a cloud server includes using a first account by a first terminal to log into a cloud server, acquiring schedule information stored in the cloud server, where the schedule information is information that is created by a second user who registers a second personal account and is transmitted to the cloud server by a second terminal that logs in, by using the second personal account, to the cloud server, when reminder time of the schedule information arrives, acquiring a biometric characteristic information of a first user who is using the first terminal, and when the biometric characteristic information is authenticated, presenting reminder information of the schedule information.

Abstract: A non-repudiable transaction protocol system includes a memory, at least one processor in communication with the memory, an operating system executing on the at least one processor, a resource manager configured to manage a storage system, and a transaction manager. The transaction manager is configured to provide NRO-W evidence of a work request from a client to the resource manager and provide NRR-W evidence to the client that the resource manager has completed initial work for the work request. Additionally, the transaction manager is configured to provide NRO-C evidence to the resource manager that the client requested completion of the initial work and NRR-C evidence to the client that the resource manager promised to execute the completion. Each of the NRO-W evidence, the NRR-W evidence, the NRO-C evidence, and the NRR-C evidence are exchanged to prevent either one of the client and the resource manager from gaining an advantage.

Abstract: A communication network comprises an access network, a subsystem and a gateway computer that bridges the access network and the subsystem. A plurality of client applications of a single user may connect to services provided by the subsystem. The gateway registers the user in the subsystem and associates all communication of the plurality of instances with a unique identifier that identifies the combination of the user and the gateway thus reducing the number of user registrations in the subsystem.

Abstract: A method of issuing blockchain-based digital certificates including receiving from a user hashed user identification information and object information, recording to a digital certificate smart contract deployed at a digital certificate smart contract address on a blockchain network the hashed user identification information and object information and a timestamp of when the hashed user identification information and the object information were received, defined as a received timestamp, signing the digital certificate smart contract with an issuer signature, performing a user identity verification process to confirm a user identity, the user identity verification process, and upon confirming the user identity, generating a combination certificate configured to verify the user's ownership of an object associated with the object information.

Abstract: The invention is directed to a wallet vault in communication with a financial payment network and a wallet in a customer device. Token information is generated and stored and corresponds to customer information and a payment product of the customer. The token information is output in an encrypted format from the wallet to a merchant website loaded on the customer device or a merchant application installed on the customer device, and then routed to the wallet vault. The token information may ultimately be routed to a financial entity to process the transaction. In such manner, a transaction may be authorized but the merchant does not receive the customer's unencrypted payment product information for such authorization.

Abstract: This application relates to systems, methods, and apparatus for using a computing device to perform payment transactions while the computing device is operating in a low power wallet mode during a low battery state of the computing device. During a low power wallet mode, various subsystems are prevented from receiving current from a battery of the computing device, while a near field communication (NFC) system of the computing device is provided with an operating current for detecting target systems. A target system and the NFC system can communicate during the low power wallet mode of the computing device, thereby allowing a user of the computing device to conduct payment transactions when the computing device is in a low power wallet mode. Such payment transactions can be useful if the user is ever stranded without enough power to fully operate the computing device and needs to pay for transportation.

Abstract: Mobile transfers of mobile payments are bound by an electronic gaming machine (EGM) in a gaming system. The EGM receives, from the mobile device, a unique mobile device identifier and a cash out request to receive winnings resulting from one or more game wins of an event, wherein the event is a gaming event resulting from the placement of the one or more wagers at the EGM. The EGM verifies the unique mobile device identifier, received from the mobile device, is stored at a host device in order to approve and transfer the winnings resulting from one or more game wins of the event to the mobile device. The EGM transfers, to the mobile device, a mobile payment of the winnings resulting from one or more game wins of the event after verifying the unique mobile device identifier is stored at the host device.

Abstract: A network service operates to initialize and link a card instrument to a merchant or merchant location, so that the merchant can receive funds the service. One or more requests are detected to use the card instrument for one or more transactions, where each transaction involves a corresponding customer who has registered a customer funding account with the network service. For each of the transactions, a merchant account is funded using a funding account of the card instrument.

Abstract: The disclosure relates to a process for performing transactions among a number of participants, in which every participant has a unique pseudonym assigned to him and the assignment of a pseudonym to a participant and the participant's transaction data are stored on a notary server.

Abstract: A communications system and method by which information is transmitted and received bi-directionally between digital signage and individuals viewing scenes displayed on digital signage. The digital signage transmits and receives information via an RFID reader and the individual transmits and receives information via an RFID tag. The system and method are useful in providing subscribers to a product/service information database with individually customized information about products and services based on the personal profiles of the individual subscribers.

Abstract: Systems, methods, and devices for authenticating a user are provided. A device includes one or more processors configured to determine if a requested service requires high quality authentication, generate a request for high quality authentication if the requested service requires high quality authentication, and generate a request for low quality authentication if the requested service requires low quality authentication. The device also include a network interface component coupled to a network, the network interface component configured to: receive the request for the service requiring authentication, and a memory, the memory storing high quality authentication information and low quality authentication information for authenticating the user.

Abstract: A system for optimized configuration of an adaptive authentication service is disclosed that automatically generates one or more risk score thresholds. The system generates a risk score threshold or thresholds for an upcoming time period such that the business damages estimated to occur during the upcoming time period are minimized. The business damages estimated to occur during the upcoming time period may include business damages resulting from false negative authentication determinations, which incorrectly indicate that a fraudulent authentication request is legitimate, and false positive authentication determinations, which incorrectly indicate that a legitimate authentication request is fraudulent, and may be offset by the beneficial value of the enhancement to an organization's reputation resulting from true positive authentication determinations, which correctly indicate that an authentication request is fraudulent.

Abstract: In a method for initializing at least one network segment of a network for the wireless location of movable locating objects arranged in a limited space using pulsed radio signals, wherein the at least one network segment in the limited space has at least two spaced apart reference nodes which form a chain-shaped communication network and which are autarkic in terms of communication, wherein a locating object arranged in the limited space is able to be located using one of the distance-based trilateration carried out by at least three reference nodes, and wherein general information is communicated by broadcast channels, the reference nodes listen to the broadcast channels in a standby position until initial information about their active participation in the communication network is received.

Abstract: An item categorization service is described that automatically categorizes items of interest to a user. The user may possess an item that they wish to offer for sale using a network-based service. The user may submit item information to the item categorization service to categorize the item of interest. Upon receipt, the categorization service may assess the relevance of the item information to hierarchically organized categories maintained by the network-based service. Categories having the highest relevance may be identified as first category candidates. The deepest common ancestor of the first category candidates may be identified the first category. One or more categories, representing sub-categories of the first category, may be identified as and subjected to relevance assessment. Those sub-categories having the highest relevance may be identified as second category candidates. The deepest common ancestor of the second category candidates may be identified as a second category for the item of interest.

Abstract: A method of issuing blockchain-based digital certificates comprising receiving from a user hashed user identification information and object information, recording to a digital certificate smart contract deployed at a digital certificate smart contract address on a blockchain network the hashed user identification information and object information and a timestamp of when the hashed user identification information and the object information were received, defined as a received timestamp, signing the digital certificate smart contract with an issuer signature, performing a user identity verification process to confirm a user identity, upon confirming the user identity, generating a combination certificate configured to be shared by the user to verify the user's ownership of an object associated with the object information, and sending the combination certificate to the user.

Abstract: A “trusted service” establishes a trust relationship with an identity provider and interacts with the identity provider over a trusted connection. The trusted service acquires a token from the identity provider for a given user (or set of users) without having to present the user's credentials. The trusted service then uses this token (e.g., directly, by invoking an API, by acquiring another token, or the like) to access and obtain a cloud service on a user's behalf even in the user's absence. This approach enables background services to perform operations within a hosted session (e.g., via OAuth-based APIs) without presenting user credentials or even having the user present.

Abstract: Methods and systems consistent with the present invention overcome the shortcomings of existing trading systems by providing an invoiceless trading system that creates incentives for customers to pay suppliers within a predetermined period of time, such as a settlement period. Specifically, the invoiceless trading system enables a customer to obtain a discount on orders placed with suppliers in return for an immediate payment (e.g., within 24 hours) by the customer. The supplier receives payment within the predetermined period of time, and the customer receives additional cash benefits by providing an early payment to the supplier. To communicate with and transfer funds between customers and suppliers, the invoiceless trading system may use an electronic gateway and a settlement bank. In addition to creating an incentive to embrace e-commerce, both customers and suppliers avoid the need to manually process orders and use invoices to complete transactions.

Abstract: Techniques are disclosed for accelerating online certificate status protocol (OCSP) response distribution to relying parties using a content delivery network (CDN). A certificate authority generates updated OCSP responses for OCSP responses cached in the CDN that are about to expire. In addition, the certificate authority pre-generates cache keys in place of CDNs generating the keys. The certificate authority sends the OCSP responses and the cache keys in one transaction, and the CDN, in turn, serves requests for the OCSP responses using the cache keys. For new certificates, a private CDN is pre-populated with an OCSP response for a certificate concurrent with that certificate being issued. Doing so effectively uses the PCDN as an origin server for OCSP responses, reducing CA infrastructure needs.

Abstract: A method of issuing blockchain-based digital certificates comprising receiving from a user hashed user identification information and object information, recording to a digital certificate smart contract deployed at a digital certificate smart contract address on a blockchain network the hashed user identification information and object information and a timestamp of when the hashed user identification information and the object information were received, defined as a received timestamp, signing the digital certificate smart contract with an issuer signature, performing a user identity verification process to confirm a user identity, upon confirming the user identity, generating a combination certificate configured to be shared by the user to verify the user's ownership of an object associated with the object information, and sending the combination certificate to the user.

Abstract: A system and process for coordinating streaming content or messages is provided. A network-connected server maintains a database containing media content-related data, such as the text of a message, accompanying media, time of airing, payment and related comments. A user can view these feeds or streams of these consciousness messages by downloading a mobile application or browsing to a website. The application can also be used to create, schedule and pay for a media content message.

Abstract: A payment system that uses replacement account identifiers is disclosed. An encrypted primary account number (PAN) may be received by a secure computer from a data entry device. The encrypted PAN may be decrypted by the secure computer and the secure computer may transmit a zero, nominal or no dollar authorization request to an issuer. Using the zero, nominal or no dollar authorization request, the issuer may verify the account. If the account is verified, then a replacement account identifier can be issued at a later time. The replacement account identifier may be used instead of the actual PAN to conduct payment transactions.

Abstract: A method of performing a fund transfer at an ATM includes receiving an active authentication transaction key at an ATM from a mobile financial transaction instrument via a wireless communication protocol, generating a PIN at the ATM, and storing the PIN in a machine readable storage medium. An authorization request message is transmitted to a financial institution identified by the active authentication transaction key. The authorization request message includes the PIN and at least a portion of the active authentication transaction key. The PIN is received from a user of the mobile financial transaction instrument, and the funds are dispensed in response to receiving the PIN.

Abstract: A computer implemented system/method carried out over one or more networks for consolidating retirement accounts owned by an owner, comprising: receiving an electronic data record from a first record keeper for a first retirement account owned by the owner; searching databases and/or sending search requests to one or more account record keepers including said first record keeper for one or more other retirement accounts owned by the owner; and consolidating the first retirement account into the one or more other retirement accounts upon finding the one or more other retirement accounts account.

Abstract: A method for implementing a host card emulation (HCE) service in a remote near field communication (NFC) device is provided. In the method, a first command application protocol data unit (APDU) is received at the remote NFC device from an NFC reader. A first response to the first command APDU is computed. A second command APDU from the NFC reader is predicted that is likely to follow receipt of the first command APDU from the NFC reader. A second response to the predicted second command APDU is computed. A third command APDU is received from the NFC reader. It is determined if the prediction of the second command APDU matches the third command APDU. If the second and third command APDUs match, then the computed second response is send directly to the NFC reader without having to traverse a NFC stack.