Abstract: A method of securing a digital signature in a networked computer system. A user having a user private key and a user public key obtains a digital certificate from a certificate authority. The user takes an overt action showing the intent to sign an artifact initiating a signing ceremony. The user signs the artifact using the user private key. The digital certificate is attached to the artifact after signing by the user. The user private key is programmatically destroyed upon completion of the signing ceremony.

Abstract: A method, software and apparatus facilitates one or more third-party agents to securely access a customer's or other first party's private personal and financial data or other such confidential information from a second party, preferably on the Internet. A security document or ticket is presented to the second party for verifying the customer's consent to grant such access to the third party. The second party only communicates such confidential information to the third party if the security document is found to be valid. The security document, which can be at least partially encrypted, can also include a preselected expiration time, beyond which it is not valid.

Abstract: A method, software and apparatus facilitates one or more third-party agents to securely access a customer's or other first party's private personal and financial data or other such confidential information from a second party, preferably on the Internet. A security document or ticket is presented to the second party for verifying the customer's consent to grant such access to the third party. The second party only communicates such confidential information to the third party if the security document is found to be valid. The security document, which can be at least partially encrypted, can also include a preselected expiration time, beyond which it is not valid.

Abstract: A system for automated cryptographic key management comprises a key control system, a key management agent system, and a key system application program interface. A method for automated cryptographic key management is also disclosed. The method comprises the automatic generation of cryptographic keys by the key control system and distribution of such keys by the key control system to the key management agent system.

Abstract: A system such as in a networked computer system comprising a user, an application server, a gatekeeper server and an authentication server. Communication within the system is managed by the gatekeeper server, wherein the user communicates with the authentication server and the application server through the gatekeeper server. Once the user has been initially authenticated by the authentication server, the user may request application services from a plurality of application servers within the networked computer system without having to be re-authenticated.

Abstract: A system is comprised of a user and a group, wherein the group is comprised of a group leader and a group of M members where M is equal to or greater than one. The group leader generates a group public key and a group leader “master” private key. The group leader creates a personalized watermarked or decryption key, also referred to as an individual private key, for each group member. The individual private key uniquely identifies each group member. The group leader distributes the individual private keys to each of the group members. Each group member receives from a user a message encrypted using the group public key. Each of the group members uses its individual private key to decrypt the encrypted message sent by the user to the group.

Abstract: A system for securely storing application keys is comprised of a database system, a peripheral hardware security module and cryptographic keys, wherein cryptographic keys comprise application keys, intermediate keys and a master key. Application keys are grouped according to characteristic and are associated with a particular intermediate key, which is utilized to scramble and descramble application keys within the associated group. Intermediate keys are associated with the master key, which is utilized to scramble and descramble the intermediate keys. Scrambling and descrambling of keys is performed within the peripheral hardware security module.

Abstract: A system such as in a networked computer system comprising a user, an application server, a gatekeeper server and an authentication server. Communication within the system is managed by the gatekeeper server, wherein the user communicates with the authentication server and the application server through the gatekeeper server. Once the user has been initially authenticated by the authentication server, the user may request application services from a plurality of application servers within the networked computer system without having to be re-authenticated.

Abstract: A random number generator includes one or more pseudorandom data sources that generate pseudorandom data, a randomness accumulation facility that receives pseudorandom data from the one or more pseudorandom data sources, a storage facility that stores a random value generated by the randomness accumulation facility, and an application programming interface (“API”), operating independently from the operation of the randomness accumulation facility, that retrieves, upon request by a software application, the random value currently stored in the storage facility and provides a random number to the software application. The pseudorandom data is hashed with a previously-stored random value and a first counter value and may be encrypted before storing in the storage facility. Likewise, the API hashes the current random value with a second counter value before outputting the random number thus generated, decrypting the current value first if necessary.

Abstract: A method and apparatus for processing a plurality of financial documents, comprising, a document processor, wherein, for each financial document, the document processor captures data encoded on the financial document and an image of the financial document during a prime pass, and assigns a prime pass sequence number to each financial document. The apparatus includes a computer database in which the prime pass data and image is stored in association with the prime pass sequence number for the financial document. The document processor is adapted to determine whether the financial document should be rejected because the data and document image needs to be repaired or the data only needs to be repaired. If the data and image needs to be repaired, the document processor, or a desktop scanner/reader, recaptures the data and image, assigns a recapture sequence number to the financial document, and the recaptured data and image is stored in the computer database in association with the recapture sequence number.

Abstract: A method for updating detecting and loading CD volume indexes from a multiple-CD set to a cumulative volume table contained in a computer memory. The method employs an volume index file on each intermediate CD of the set along with a dual index file feature on the last CD of the set. The second index file on the last CD is a cumulative file of all the index files contained on all the CDs of the set. The cumulative index file on the last CD is compared to the cumulative volume table to generate a list of missing volumes which have not already been loaded into computer memory. The method permits determining whether a given CD is a single CD or a CD that is one of a multiple-CD set by detecting the presence of a second volume index file on the CD.

Abstract: A method for providing user access to a selected group of document images. A user-selected set of image properties may be specified so that each image in the group of images is presented for viewing with a particular orientation. The method is particularly adapted for viewing large numbers of financial document images to include check images.

Abstract: An apparatus and method for high volume, and high speed, financial image creation and manipulation. Images of cleared checks are captured and combined with MICR data and customer supplied account history. A customer additional data field is incorporated to facilitate searching and retrieval of checks and electronic transactions. Check images are delivered in multiple media, e.g., CD-ROM, microfilm, as pre-selected by bank customer. Image workstation allows customers to relate specific issue data to paid check data captured by the bank. Cumulative transaction item index covers multiple accounting periods. Front and back of image of cleared checks can be manipulated on screen, and exported to other applications. Graphical user interface trilogy of screens--search, results and display, facilitate usage by customer.