Abstract: Provided are systems that include a processor to receive a training dataset including a plurality of data records, calculate feature projection errors and classification scores for the plurality of data records using a machine learning model, determine a distribution of features according to feature projection error, apply a downscaling function to each feature value of a feature in a false positive classification distribution to provide a downscaled set of feature values, apply an upscaling function to each feature value of a feature in a false negative classification distribution to provide an upscaled set of feature values, combine the downscaled set of feature values and the upscaled set of feature values with the training dataset to provide an updated training dataset, and train the machine learning model using the updated training dataset to provide an updated trained machine learning model. Methods and computer program products are provided.

Abstract: Embodiments of the present disclosure are directed to methods for multi-party fixed point multiplication. The methods can include replicated methods for multi-party fixed point multiplication where the inputs and output are represented using replicated secret sharing. One replication method can require only a single round of communication in the online phase and is secure against a semi-honest adversary. Another replication method can require may include an additional key to identify any malicious communicating parties. The methods can also include a Shamir sharing fixed point multiplication method and an additive secret sharing fixed point multiplication method.

Abstract: Embodiments extend protocols for secure communication between two parties to allow a party to securely communicate with multiple parties using a single message. For example, the sending party can determine a unique shared secret for each recipient and encrypt data for a recipient using a session key generated from the corresponding shared secret. The encrypted data can be combined into a single message, and each recipient can decrypt only the subset of the message that it is authorized to.

Abstract: A system and computer-implemented method for authenticating digital transactions. The method includes receiving a device registration request and a device attestation response including at least a device integrity status from a device. In response to the device registration request, the method includes providing a device registration response to the device, based on validation of the device integrity status. Further, the method includes receiving a first payment transaction request and an enrolment request from the device via an application to authenticate a second payment transaction request using a first type of authentication technique. Finally, the method includes enrolling the device to the first type of authentication technique and providing a second token to the device based on a result of the first payment transaction request, wherein the second token is used for authenticating the second payment transaction request.

Abstract: A method includes a full node storing a blockchain and being one of a plurality of full nodes forming a blockchain network receiving a message comprising update image data and a smart contract identifier from a first user device. The full node can then determine stored image data associated with the smart contract identifier. The full node can also determine whether or not image comparison data based on received image data and stored image data is consistent with a smart contract associated with the smart contract identifier and can then generate an entry for a block of the blockchain, comprising at least the smart contract identifier, the updated image data, and image comparison data. The full node can generate the block of the blockchain and transmit the block to the plurality of full nodes. The plurality of full nodes respectively verify the block.

Abstract: Provided are systems for ensemble learning with machine learning models that include a processor to receive a training dataset of a plurality of data instances, wherein each data instance comprises a time series of data points, add an amount of time delay to one or more data instances to provide an augmented training dataset, select a first plurality of supervised machine learning models, select a second plurality of unsupervised machine learning models, train the first plurality of supervised machine learning models and the second plurality of unsupervised machine learning models based on the augmented training dataset, generate an ensemble machine learning model based on outputs of the supervised machine learning models and unsupervised machine learning models, and generate a runtime output of the ensemble machine learning model based on a runtime input to the ensemble machine learning model. Methods and computer program products are also provided.

Abstract: A method includes receiving historical interaction data, which includes a plurality of historical interactions. Each historical interaction is associated with a plurality of data fields. The method includes assigning a plurality of weights to the plurality of data fields, generating a neural network using the plurality of weights and the plurality of data fields, identifying a first plurality of feature indicators indicative of a first class, the first class being different from a second class; receiving a second plurality of feature indicators derived from data relating to compromised accounts, updating, a probability distribution component using the first plurality of feature indicators and the second plurality of feature indicators, and receiving current data for an interaction. The method also includes applying the probability distribution component to the current data, and scoring the interaction using the probability distribution component.

Abstract: One embodiment of the invention is directed to a system comprising a server and a consumer device in operative communication with the server. The server comprises a processor and a computer readable medium coupled to the processor. The computer readable medium comprises computer readable program code embodied therein. The computer readable program code is adapted to be executed by the processor to receive an authorization request message for a transaction conducted by a consumer with a merchant, send the authorization request message to an issuer, modify an authorization response message to include receipt preference data, and send the authorization response message comprising the receipt data to the merchant, wherein the merchant generates a receipt for the consumer according to the receipt preference data.

Abstract: A method includes receiving, from a first transfer application on a first user device associated with a first user, a transfer request message for a transfer transaction. The transfer request message comprises a digital tag associated with a second user and a transaction amount. The method includes generating and transmitting a code to a second transfer application on a second user device, and receiving a confirmation message that the second user wants to conduct the transfer transaction and is sharing the code with the first user. The method includes transmitting the code to the first transfer application on the first user device. The first transfer application compares the code received from the digital tag computer with the code received from the second user and initiates the transfer transaction if the code received from the digital tag computer with the code received from the second user match.

Abstract: The disclosed system and method provides a display on the representation of the electronic transaction account and the display may display information about the electronic transaction account or other data desired to be displayed by the consumer.

Abstract: Methods for updating an application programming interface (API) field of a transaction message may include receiving, with at least one processor, a payment transaction message, wherein the payment transaction message comprises data associated with a payment transaction; determining, with at least one processor, one or more API fields of the payment transaction message based on the data associated with the payment transaction; and modifying, with at least one processor, one or more API fields of the payment transaction message. Methods may also include transmitting, with at least one processor, a modified payment transaction message based on modifying the one or more API fields of the payment transaction message. Systems and computer program products are also disclosed.

Abstract: A method, system, and computer program product for identifying a malicious user obtain a plurality of service requests for a service provided by a processing system, each service request of the plurality of service requests being associated with a requesting user and a requesting system, and a plurality of service responses associated with the plurality of service requests, each service response of the plurality of service responses being associated with the processing system; and identify the requesting user as malicious based on the plurality of service requests and the plurality of service responses.

Abstract: A system, method, and computer program product for incorporating knowledge from more complex models in simpler models. A method may include obtaining first training data associated with a first set of features and second training data associated with a second set of features different than the first set of features; training a first model based on the first training data and the second training data; and training a second model, using a loss function that depends on an output of an intermediate layer of the first model and an output of the second model, based on the second training data.

Abstract: Provided are computer-implemented methods for generating embeddings for objects which may include receiving heterogeneous network data associated with a plurality of objects in a heterogeneous network; selecting at least one pattern of objects; determining instances of each pattern of objects based on the heterogeneous network data; generating a pattern matrix for each pattern of objects based on the instances of the pattern of objects; generating pattern sequence data associated with a portion of each pattern matrix; generating network sequence data associated with a portion of the heterogeneous network data; and combining the pattern sequence data and the network sequence data into combined sequence data. In some non-limiting embodiments or aspects, methods may include generating a vector for each object of the plurality of objects based on the combined sequence data. Systems and computer program products are also provided.

Abstract: Described are a system, method, and computer program product for breach detection using convolutional neural networks. The method includes receiving transaction data associated with a plurality of transactions completed in a first time period. The method also includes identifying a set of suspected fraudulent transactions of the plurality of transactions based on inputting at least one parameter of the transaction data into a fraud evaluation model. The method further includes generating an image comprising a field of points, wherein each point is associated with at least one transaction of the set of suspected fraudulent transactions, and wherein an x-axis position in the image of each point in the field of points is associated with a time subperiod of the first time period in which the at least one transaction occurred. The method further includes detecting a breach event by processing the image with a convolutional neural network (CNN) model.

Abstract: Methods and systems for analyzing request to access resources and determining a resource access policy are provided. The resource access system can train, store, evaluate, and deploy machine learning models that learn to output a trust score associated with a resource access request, the trust score relating to the request's legitimacy. A resource access system can receive a request for a resource from a requesting entity. The resource access system can determine an entity profile using request data in the request. The resource access system can request data from the request to determine whether the request is normal or anomalous. Using a policy engine, the resource access system can determine a resource access policy, such as allowing or denying access to the resource.

Abstract: A computerized method for providing an interactive graphical user interface (GUI) to a user on a display of a mobile device. The method interacts with the user to obtain information about a first payment account and a second payment account. The method aggregates parameters of the first payment account and the second payment account on a unified GUI on the mobile device. The method further monitors transactions of the first payment account and the second payment account. When a particular transaction conducted by the first payment account includes parameters associated with the second payment, the method identifies that particular transaction and presents a confirmation GUI screen to the user to confirm using the second payment account instead.

Abstract: A method is disclosed. The method includes receiving, by a second entity computer associated with a second user from a first entity computer associated with a first user, a push transaction message comprising a value and link data for a transaction. The method also comprises transmitting, by the second entity computer to a directory computer in communication with a database storing supplemental data associated with the transaction and other transactions, a request for the supplemental data associated with the transaction, the request comprising link data. The method also includes receiving, by the second entity computer, the supplemental data from the directory computer, and providing, by the second entity computer to the second user via a second user device, the supplemental data along with a notification of an action caused by the push transaction message.

Abstract: Systems and methods for classifying gaps in network activity as normal or anomalous are disclosed. A computer system can identify time gaps between successive network events, which can comprise communications or interactions between entities or devices on a network. The computer system can identify network event data records corresponding to network events that occurred both before and after the identified time gaps. The computer system can use data contained in network event data records corresponding to these network events to derive data features that can be used to train a machine learning to classify time gaps based on those features. After training the machine learning model, the computer system can then extract data features corresponding to unlabeled time gaps, and input those data features into the trained machine learning model in order to classify those time gaps as normal or anomalous.

Abstract: A method is disclosed. The method comprises receiving, by a digital tag computer from a receiver user device a transfer request comprising a digital tag associated with the receiver, a digital tag associated with a sender, and a transfer amount. The method then generates an identifier to be associated with the received transfer request. The digital tag computer then transmits the transfer request to a sender user device associated with the second user, where the transfer request includes the identifier associated with the request. After transmitting the transfer request, the digital tag computer receives a transfer message relating to the transfer request. Then, after receiving the transfer message, the digital tag computer transmits the transfer message.