Abstract: A method for preventing transmission of malicious data may include receiving transaction data including at least one packet associated with a payment transaction; extracting at least one of network layer data or transport layer data from a header of the at least one packet; determining a first probability indicating that the at least one packet is in a first class based on the at least one of the network layer data or the transport layer data using a classifier. The method may also include determining a second probability indicating that the at least one packet is in a second class based on the at least one of the network layer data or the transport layer data using the classifier; and blocking the at least one packet. A system and a computer program product are also disclosed.

Abstract: Provided is a method for detecting group activities in a network. The method may include receiving interaction data associated with a plurality of interactions. For each account identifier associated with at least one interaction, a value may be determined for each of a first set of categories, and a vector may be generated based on the value for each category. The length of each vector may be determined. At least one relational graph may be generated based on the interaction data. Each relational graph may be associated with a respective category of a second set of categories. At least one cluster of nodes may be determined based on the relational graph(s). A score for each cluster may be determined based on the length of the vector associated with the account identifier of each node of the cluster of nodes. A system and computer program product are also disclosed.

Abstract: A computer-implemented method comprising receiving a transaction request from a merchant server. In response to receiving the transaction request, the method includes requesting authentication from a computing device associated with a user payment account and a requesting that a merchant re-submit the transaction request. The method includes receiving an authentication parameter from the computing device, and determining that the authentication parameter matches an authentication parameter of the user payment account. The method includes receiving a re-submission of the transaction request from the merchant server and, based on the determination that the authentication parameter received from the computing device matches the authentication parameter associated with the user payment account, approving the transaction request.

Abstract: A computer-implemented method including: triggering, with at least one processor, an acoustic wave generator to generate a predefined acoustic wave directed toward a 3-dimensional (3D) layout associated with an entity from plurality of entities, wherein each of the plurality of entities is registered with a corresponding 3D layout embedded with a predefined number of 3D geometric figures; in response to receiving a modified acoustic wave from the 3D layout, comparing, with at least one processor, the modified acoustic wave with a plurality of calibrated acoustic waves associated with the plurality of entities to determine identification details comprising a match between the modified acoustic wave and a calibrated acoustic wave from the plurality of calibrated acoustic waves; and based on the identification details, identifying, with at least one processor, the entity related to the calibrated acoustic wave. A system and medium are also disclosed.

Abstract: A Web site comprise detection method and system are disclosed. The method includes obtaining a resource identifier associated with a remote computer, and then receiving source code associated with the resource identifier. The method also includes parsing the source code, analyzing the source code to determine an indicator of compromise is present in the source code, determining that the indicator of compromise is associated with malware meta-data, and storing the resource identifier associated with the source code associated with the malware meta-data in a database.

Abstract: Systems and methods are disclosed for securely communicating sensitive data (e.g., interaction data) during a process for offline authentication. A data packet may be received by an access device from a user device in a one-way communication. The data packet may be converted to obtain interaction data comprising a digital certificate certified by the certificate authority and a digital signature value generated by the user device. A second public key associated with the user device may be obtained utilizing the digital certificate and the first public key associated with the certificate authority. The validity of the interaction data may be determined based at least in part on the digital signature value and the second public key associated with the user device. When the interaction data is determined to be valid, an identifier of the interaction data may be authorized and access may be provided based on this authorization.

Abstract: A computer-implemented method is provided. The method comprises rendering, by a portable electronic device, a digital good in an augmented reality experience of a physical retail store; enabling, by the portable electronic device, a collection of the digital good in the augmented reality experience; rendering, by the portable electronic device, a plurality of virtual environments available for transfer of the digital good; receiving, by the portable electronic device, a user selection of a virtual environment from the plurality of virtual environments; transmitting, by the portable electronic device, a communication for placement of the digital good in the virtual environment, wherein the communication is indicative of the user selection; and rendering, by the portable electronic device, the virtual environment associated with the user selection, to utilize the digital good within the virtual environment.

Abstract: Systems and methods for secure peer-to-peer communications are described. Devices registered into trusted network may be capable of establishing a shared data encryption key (DEK). In embodiments, each device may be configured to obtain a share of a data encryption key (DEKi) that can be stored locally. The shares may be shares in an M of N Secret Sharing Scheme. This may involve a network that includes an integer, N, devices, and in which M devices may share a secret (i.e. the DEK) during communications, M being an integer less than or equal to N. To obtain the entire DEK during encryption/decryption, a requesting device may send requests to M of N devices for their shares of the DEK. Once M shares are obtained, they may be used generate the DEK for encrypting/decrypting data between the devices.

Abstract: A system includes a processor and a non-transitory computer readable medium coupled to the processor. The non-transitory computer readable medium includes code, that when executed by the processor, causes the processor to receive input from a user of a user device to generate an optimal payment location on an application display, generate a first boundary of the optimal payment location on the application display of the user device based upon a first motion of a payment enabled card in a first direction and generate a second boundary of the optimal payment location on the application display of the user device based upon a second motion of the payment enabled card in a second direction. The first boundary and the second boundary combine to form defining edges of the optimal payment location.

Abstract: A system, apparatus, and method for processing payment transactions that are conducted using a mobile payment device that includes a contactless element, such as an integrated circuit chip. The invention enables one or more of the operations of activation of a payment application, transfer of transaction data, updating of account records, setting or re-setting of a payment application counter or register, or transfer or processing of a script, command, or instruction, with these functions being performed with minimal impact on a consumer. This is accomplished by introducing a pre-tap and/or two-tap operation prior to, or as part of, the transaction flow.

Abstract: A hub computer receives, from a first computer, a sender message comprising a promise corresponding to a transaction comprising a promise type, an amount, a first verification key associated with the first computer, computer code, and a digital signature. The hub computer verifies the promise by at least verifying the digital signature using the first verification key, verifying that the amount is less than a first computer amount, and verifying that the hub computer is able to process the promise type. The hub computer executes the computer code to perform the transaction.

Abstract: Described are a system, method, and computer program product for dynamic node classification in temporal-based machine learning classification models. The method includes receiving graph data of a discrete time dynamic graph including graph snapshots, and node classifications associated with all nodes in the discrete time dynamic graph. The method includes converting the discrete time dynamic graph to a time-augmented spatio-temporal graph and generating an adjacency matrix based on a temporal walk of the time-augmented spatio-temporal graph. The method includes generating an adaptive information transition matrix based on the adjacency matrix and determining feature vectors based on the nodes and the node attribute matrix of each graph snapshot.

Abstract: A method includes forming a communication channel between a user device and an access device. The communication channel is then secured using a user device key pair in the user device and an access device ephemeral key pair in the access device. The access device then generates a session key using at least a private cryptographic key in the access device ephemeral key pair, and a public key in the user device key pair. The access device then uses the session key to secure an ultra-wideband communication channel between the user device and the access device.

Abstract: A method is disclosed. The method includes generating, by a communication device during an interaction with an access device, a cryptogram using transaction level data and interoperability level data; transmitting the transaction level data and interoperability level data to the access device; and transmitting the cryptogram the access device, wherein the access device or a remote server computer in communication with the access device validates the received cryptogram before allowing the transaction to proceed.

Abstract: A system for providing updatable secure content resource. A content server may pay a content resource on the content author for an access by a requester. The content server receives a session request call from the requester prior to accessing the content resource. In response to the session request, the content server generates a session for the requester. The content server generates a payload that includes a location identifying the content resource on the content author and embeds the embedded cryptographic content. The content server transmits the generated payload to the requester. A resource server may receive an authentication access request in response to the embedded cryptographic content. In response to authenticating the authentication access request, the resource server provides the access to the requester.

Abstract: A method is disclosed. The method includes receiving, by a token gateway, a first request message from a token requestor computer. The token gateway determines at least one token service computer from a plurality of token service computers, each token service computer in the plurality of token service computers operating independently of each other. The token gateway transmits at least one second request message to the at least one token service computer and receives, at least one first response message comprising at least one token and/or supplemental data associated with the at least one token from the at least one token service computer. The token gateway transmits a second response message to the token requestor computer, the second response message comprising the at least one token and/or the supplemental data.

Abstract: Techniques for identifying a fraudulent interaction of a user device using time based risk features are described herein. In embodiments, time stamp information provided by an external clock and time units may be maintained by a user device. The user device may include an authentication component that is communicatively coupled to a clock component that generates the time units. In response to conducting an interaction with an access device and user device first time information may be received from the access device. Second time information may be determined based at least in part on the time units from the clock component and the time stamp information. The second time information may be compared to the first time information. An authentication plan for the interaction may be determined based at least in part on the comparison of the second time information to the first time information.

Abstract: Systems and methods of preventing fraud and authenticating users while processing a token on a token provider computer, a token gateway computer, and a mobile device are disclosed.

Abstract: A method for creating a final application includes a computer obtaining an obfuscated SDK binary and an interface source code that comprises one or more functions that call obfuscated functions within the obfuscated SDK. The computer then creates application source code that calls functions in the interface source code. The computer builds an intermediate object comprising the interface source code and the application source code. The computer then creates the final application using the intermediate object and the obfuscated SDK binary.

Abstract: A method includes receiving, by a universal authentication application from a resource provider computer, a user credential verification request message comprising a user identifier, server computer data, and interaction data for an interaction. The universal authentication application transmits the user credential verification request message to a browser that invokes the authenticator to verify biometric information of a user. The universal authentication application receives a user credential verification response message from the authenticator. The user credential verification response message includes signed interaction data. The universal authentication application sends the user credential verification response message to the resource provider computer. The resource provider computer provides at least the signed interaction data to a plurality of server computers to retrieve a plurality of portable device credentials respectively associated with the plurality of server computers.