Abstract: Methods and systems for deploying intrusion detection system (IDS) policies to IDS programs are disclosed. Each IDS instance can monitor a data feed (e.g., comprising computer network traffic) in accordance with a set of “signatures” or “rules” associated with its policy, and can issue alerts if any elements of that network traffic match those signatures or rules. An intrusion signature management module can receive IDS signatures from one or more signature sources and store those signatures in a filesystem. The intrusion signature management module can produce rule files based on these IDS signatures, e.g., containing subsets of the received IDS signatures. These rule files can be provided to a version control server, and can later be accessed by an orchestration module. The orchestration module can deploy these rule files to their respective IDS programs, enabling those IDS programs to monitor their respective data feeds in accordance with the rule files.

Abstract: A method is disclosed. The method includes receiving, from a receiver institution computer, an interaction request message for an interaction with a sender identifier associated with a sender and interaction details. The method also includes transmitting a plurality of notifications comprising the sender identifier to a plurality of sender institution computers. The method also includes receiving a plurality of responses from the plurality of sender institution computers, one or more responses indicating that the sender identifier is stored at the sender institution computers, and then providing the interaction details and/or additional interaction details to one or more of the sender institution computers that store the sender identifier.

Abstract: A method is disclosed. The method comprises receiving, by a digital tag computer from a receiver user device a transfer request comprising a digital tag associated with the receiver, a digital tag associated with a sender, and a transfer amount. The method then generates an identifier to be associated with the received transfer request. The digital tag computer then transmits the transfer request to a sender user device associated with the second user, where the transfer request includes the identifier associated with the request. After transmitting the transfer request, the digital tag computer receives a transfer message relating to the transfer request. Then, after receiving the transfer message, the digital tag computer transmits the transfer message.

Abstract: A method of rapidly onboarding a user for access to trade on a cryptocurrency exchange via a payment network is disclosed herein. The method can include receiving an application program interface (“API”) call including a request to authenticate the user for access to trade on the cryptocurrency exchange, wherein the request includes information associated with an account of the user, transmitting the request to an issuer system associated with the account, receiving a verification result from the issuer system, wherein the verification result is based on user identifying information previously authenticated by the issuer system in association with the account, wherein the verification result is indicative of an authenticity status of the user, and responding to the request by transmitting an indication of the verification result to the cryptocurrency exchange.

Abstract: Systems and methods for classifying gaps in network activity as normal or anomalous are disclosed. A computer system can identify time gaps between successive network events, which can comprise communications or interactions between entities or devices on a network. The computer system can identify network event data records corresponding to network events that occurred both before and after the identified time gaps. The computer system can use data contained in network event data records corresponding to these network events to derive data features that can be used to train a machine learning to classify time gaps based on those features. After training the machine learning model, the computer system can then extract data features corresponding to unlabeled time gaps, and input those data features into the trained machine learning model in order to classify those time gaps as normal or anomalous.

Abstract: A system and method may retrieve transaction data for a plurality of electronic payment system transactions. The transaction data may describe a plurality of electronic payment transactions between a payment network system and a plurality of merchants. The transaction data may include a transaction location and a merchant store number. The system and method may parse the transaction data to identify the transaction location and the merchant store number and analyze the retrieved and parsed transaction data to identify one or more centroids for at least a portion of the retrieved and parsed transaction data. The one or more centroids may correspond to a merchant location for each transaction of the retrieved and parsed transaction data. The system and method may then clean the retrieved and parsed transaction data having a transaction location outside a threshold distance from the one or more centroids to include accurate merchant store number data.

Abstract: A methods and system of hosted thin-client payment authorization and authentication services for processing payments for value-added service (VAS) providers is described. A method, performed by a host server operating a thin-client device, includes receiving transaction request data at a host server computer from a thin-client device, where the transaction request data can include financial account data and biometric data. The host-server transmits a verification request message to a VAS provider and receives an indication that it is a valid merchant. The host-server transmits an authorization request message comprising the biometric data to a payment processing network (PPN), where the PPN communicates with an authentication server computer to validate the biometric data, sends the authorization request message to an issuer and receives an authorization response message from the issuer.

Abstract: A method includes receiving a first data set comprising embeddings of first and second types, generating a fixed adjacency matrix from the first dataset, and applying a first stochastic binary mask to the fixed adjacency matrix to obtain a first subgraph of the fixed adjacency matrix. The method also includes processing the first subgraph through a first layer of a graph convolutional network (GCN) to obtain a first embedding matrix, and applying a second stochastic binary mask to the fixed adjacency matrix to obtain a second subgraph of the fixed adjacency matrix. The method includes processing the first embedding matrix and the second subgraph through a second layer of the GCN to obtain a second embedding matrix, and then determining a plurality of gradients of a loss function, and modifying the first stochastic binary mask and the second stochastic binary mask using at least one of the plurality of gradients.

Abstract: A method performed by a computer is disclosed. The method comprises receiving interaction data between electronic devices of a plurality of entities. The interaction data is used to form an entity interaction vector containing a number of interactions between the electronic devices of a chosen entity and an entity time series containing a plurality of metrics per unit time of the interactions. An interaction encoder of the computer can generate an interaction hidden representation of the entity interaction vector using embeddings of the plurality of entities. A temporal encoder of the computer can generate a temporal hidden representation of the entity time series. The interaction hidden representation and the temporal hidden representation can be used to generate a predicted scale and a shape estimation of a target interaction metric. The computer can then generate an estimated interaction metric of a time period using the predicted scale and the shape estimation.

Abstract: An entity may generate digital account credentials when a new account is approved for generation by an authorizing entity that controls or issues new accounts. A user may contact an authorizing entity to open a new account with the authorizing entity. The authorizing entity may authenticate the user and may approve a new account to be generated for the user. The user may wish to conduct transactions immediately upon approval. However, the authorizing entity may not immediately generate a physical identification device along with an actual account identifier associated with the new account. An intermediary entity may generate digital account credentials for the new account immediately after the authorizing entity approves generation of the new account, provide the digital account credentials to the account holder, and process transactions using the digital account credentials.

Abstract: Embodiments of the invention are directed to systems and methods for conducting a transaction utilizing a cryptocurrency. The user may fund a cryptocurrency account with his pre-existing cryptocurrency. An issuer may purchase cryptocurrency within a cryptocurrency exchange. The user may then utilize a payment device (e.g., a Crypto Debit Card) that is associated with a cryptocurrency balance to conduct a transaction with a merchant for goods and/or services. An authorization request message may be transmitted to the authorizing entity computer. The authorizing entity computer may determine a cryptocurrency amount corresponding to the fiat currency transaction amount of the authorization request message. A sell request message may be transmitted to an exchange that facilitates the sale of the cryptocurrency amount.

Abstract: A method is disclosed. The method includes transmitting, by a user device to an access device, a digital certificate and a seed. The access device encrypts the seed and a first access device key with a public key from the digital certificate to form encrypted data. The method also includes receiving from the access device, the encrypted data, decrypting the encrypted data using a private key corresponding to the public key to obtain the seed and the first access device key, verifying that the seed received from the access device matches the seed sent to the access device, encrypting a secret or derivative thereof with the first access device key to form an encrypted secret or derivative thereof, and transmitting to the access device, the encrypted secret or derivative thereof.

Abstract: Provided is a system that includes at least one processor programmed or configured to receive an XML data file, wherein the XML data file includes data associated with one or more input parameters of a machine learning model, generate a code generation template based on the data associated with one or more input parameters of the machine learning model included in the XML file, where the code generation template includes one or more keys associated with one or more parameters of a transaction aggregate for an account of a user, and generate a file of executable code based on the code generation template, wherein the file of executable code includes instructions that, when executed by at least one processor, causes at least one processor to retrieve transaction aggregate data associated with the transaction aggregate for the account of the user. A method and computer program product are also provided.

Abstract: An event driven system and method for traveler thematic destination segmentation are disclosed. The event driven system includes a processor and a memory coupled to the processor to store machine instructions executable by the processor. When executed by the processor the machine instructions cause the processor to extract clearance and settlement transaction data from a database, prepare the clearance and settlement transaction data, clean geo-data associated with the clearance and settlement transaction data, enrich and standardize the geo-data, scrape theme data associated with a trip from a public network, verify the relevant theme data associated with the trip, enrich and standardize geo-data associated with the relevant theme data associated with the trip, and map the enriched and standardized geo-data associated with the clearance and settlement transaction data to the enriched and standardized geo-data associated with the relevant theme data associated with the trip.

Abstract: The disclosure relates to a real-time merchandising system for the communication of offers and the acceptance or rejection of the communicated offers. The offers communicated may be based on the location of the merchandising system, the time of day and the user device that is in proximity of the system. The merchandising system may require no, or a minimum of, user interaction for an offer to be accepted or rejected or for the offer to expire. It may also be configured to track and analyze offer campaign effectiveness.

Abstract: A method is disclosed. The method includes receiving, by a processing network computer from a relying party computer associated with a relying party, a request for data associated with a user operating a user device. The processing network computer may retrieve first encrypted data of the user having a user-layer of encryption. The processing computer can then generate a second symmetric key to add a relying party-layer of encryption to the first encrypted data using a stream cipher. The doubly encrypted data may be transmitted to a user device that removes the user-layer of encryption on the first doubly encrypted data, and then adds a second relying party-layer of encryption to form second doubly encrypted data. The second doubly encrypted data may be transmitted to the relying party computer, which can remove both relying party-layers of encryption to gain access to the data associated with the user.

Abstract: A method is disclosed. The method comprises transmitting, by an access device to a communication device, a resource provider certificate and an access device certificate. Then, establishing a secure channel between the access device and the communication device using data from the resource provider certificate and the access device certificate. Then, transmitting to or receiving data from the communication device using the secure channel.

Abstract: In some embodiments, a method includes receiving, from a user of a user device, a request for an authorization-by-proxy payment on delivery (POD); requesting, at the user device, the user identify an authorized proxy for the authorization-by-proxy POD; generating an authorization-by-proxy code based upon buyer-controlled payment control parameters; and using the buyer-controlled payment parameters to control processing of a payment for the authorization-by-proxy POD. In some embodiments, the method further includes pre-authorizing, at shipment time of merchandise associated with the authorization-by-proxy POD, a hold on a monetary amount associated with an order of the merchandise associated with the authorization-by-proxy POD.

Abstract: The present disclosure relates to Application Programming Interface (API) framework that discloses a computer implemented method, polling service system, and non-transitory computer readable medium for providing dynamic endpoints for performing data transactions with a corresponding candidate application server. The method has two phases: a polling phase and a transaction phase. In the polling phase, the polling service system receives a first API request from one or more source devices and provides a dynamic endpoint for the one or more source devices to interact with the corresponding candidate application server of their requirement. In the transaction phase, the corresponding candidate application server receives a second API request from the one or more source devices through the dynamic endpoint generated during the polling phase, and performs data transactions.

Abstract: Provided herein is a computer-implemented method for provisioning a token to an appliance. The method includes registering an original account identifier to an appliance, wherein the original account identifier is not associated with any user, associating a device token to the original account identifier, wherein the device token is stored by the appliance, associating a user account identifier for a user to at least one of the device token and the original account identifier, receiving, from the appliance, a transaction request for a transaction, the transaction request including the device token, identifying the user account identifier based on the device token, determining that the transaction is authorized based at least partially on the user account identifier and the original account identifier registered to the at least one appliance, and in response to determining that the transaction is authorized, processing the transaction. A system and appliance are also disclosed.