Abstract: Systems and methods for providing access to an information account stored in a central data repository. The information account is associated with a consumer and is subject to the consumer's control and management. Consumer authentication information is input by the consumer in connection with a first request for access to the information account via a first web-site. Responsive to authentication of the consumer, a single sign-on feature may be activated for automatically managing subsequent authentications of the consumer so that the consumer will not be required to again input the consumer authentication information upon initiating a second request for access to the information account while interacting with a subsequent web-site that is configured to provide access to the information account upon authentication of the consumer. The single sign-on function may be deactivated upon the occurrence of a terminating event, such as the expiration of a time-out interval.

Abstract: A system for transferring digital rights managed (DRM) files from a first seller device to a buyer device involves a buyer device configured to receive a file package having the DRM file. Some file packages may also have a DRM file access key. The system also has a first seller device having the DRM file stored thereon and configured to receive a request to purchase the DRM file (the request having a DRM file identifier); receive a buyer identifier associated with the request; transfer the file package to a buyer device to the buyer device; detect through a network connection, a digital rights management server; and send, responsive to detecting the digital rights management server, a sale record to the digital rights management server, where the sale record includes the DRM file identifier and the buyer identifier.

Abstract: Embodiments of the present invention can be directed to systems, apparatuses, and methods for performing transactions through mobile communication devices using either telecommunications networks or proximity near-field communications systems. Embodiments may be directed to a mobile communication device displaying an application authentication element. The application authentication element may include a pre-selected authentication element and transaction data associated with a transaction conducted by a mobile communication device. The mobile communication device may obtain the pre-selected authentication element by either transmitting a request to a server computer or retrieving the pre-selected authentication element from a secure memory in the mobile communication device. A user authentication token may be received by the mobile communication device from the user. The mobile communication device may generate a secret token that is derived from the user authentication token.

Abstract: Proposed are a key protection method and system. The method comprises: a: receiving by a mobile terminal a registration instruction, generating a user's public key and private key, and sending the user's public key to a third-party e-business verification server, if the mobile terminal respectively passes identity verifications of the mobile bank server and a comprehensive pre-position bank server; b: performing a verification by the mobile bank server on user's trade information, and performing a trade by the comprehensive pre-position bank server if the verification is successful; c: generating by the mobile terminal an updated parameter for protecting a private key after the trade is performed, sending to the mobile bank server, receiving a successful updating result from the mobile bank server and encrypting and storing the user's private key. The present invention can increase the difficulty of an attack, and improve security.

Abstract: A server is operable to receive a media device identifying number (ID) and establish an association between a media device and a payment account and, in one embodiment, supports at least one of payment authorization and payment clearing based at least in part on the media device ID and the payment account. A network and system includes a payment card processor server that is operable to receive a payment authorization request and to determine if an authorized media device generated a purchase selection message and to determine to approve a received payment authorization request based, in part, if the media device was authorized for the purchase selection based upon a received media device ID.

Abstract: Techniques for transferring secured data from a vending device to a portable data storage device are described herein. The vending device receives a request from a user of the portable data storage device for digital contents to be stored on the portable data storage device and requests for a payment for the requested digital contents to be paid by the user. The vending device locates a first portable storage identification (PSID) parameter unique to the portable data storage device, and then generates a rights object including a second PSID parameter that is equal to the first PSID parameter to prevent the digital contents from being accessed at a data storage medium other than the portable data storage device. It is to be appreciated some or all of the above processing can be completed by a back-end device separate from the vending device.

Abstract: Techniques are described for managing software whose use is restricted in one or more manners. In some situations, the software components are fee-based components that are made available by providers of the components for use by others in exchange for fees defined by the components providers, and the software components may also have various other non-price conditions related to their use. The described techniques facilitate use of a software component on a computing node by configuring a virtual computer port or other virtual interface on the computing node, to enable the software component to make a request via the provided virtual interface regarding whether a current use of the software component is authorized. A trusted source receives and responds to the use authorization request in a manner configured by the provider of the software component, such as by a node manager module of a program execution service.

Abstract: Systems and methods enable the real-time authorization of payment transactions initiated by personal and mobile computing devices. In one embodiment, a financial account server associated with a payment recipient, or payee, is configured to receive a payment data envelope from a payee computing device. The payment data envelope can originate from a payer computing device and include transaction information obtained from an identity management service associated with the payer. The payment data envelope can further include information that allows for the authentication of the payee and payer identities as well as payment instructions. The payee financial account server processes the payment data envelope and transmits the envelope to a financial account server associated with the payer.

Abstract: Some embodiments provide an end-to-end federated CDN solution that assimilates a transparent caching server that is operated by a transparent caching server operator into a CDN that independently operates CDN caching servers. Specifically, the logs from the transparent caching server are assimilated into the CDN by aggregating the logs from the transparent caching server and processing the transparent caching server logs to identify network usage for content of a CDN content provider customer that is delivered by the transparent caching server. The network usage is then combined with the network usage that tracked by the CDN caching servers in order to provide comprehensive report metrics for the content provider customer and to bill the content provider customer for all network usage related to delivering the content provider customer's content irrespective of whether the content was delivered by a transparent caching server or a CDN caching server.

Abstract: A financial institution and a payment initiator may exchange public keys to enable the secure exchange of data. A business wishing to collect payment can provide its account information to the payment initiator. A customer wishing to pay can instruct the payment initiator to encrypt the business's account information along with details for a particular invoice and transmit the information to the financial institution. The financial institution can decrypt the information and initiate a transfer of money from the customer to the business. The financial institution may present the information about the transaction to the customer for modification or confirmation before initiating the transfer. The information may be sent from the payment initiator to the financial institution via the customer. After the payment has been initiated by the financial institution, a confirmation may be sent to the customer, the payment initiator, the business, or any suitable combination thereof.

Abstract: Apparatus, method, and media for controlling utilization of content. An exemplary method comprises associating one or more usage rights with content, wherein the usage rights are based at least in part on a usage rights grammar, and wherein each of the usage rights corresponds to a permitted utilization of the content and one or more conditions which must be satisfied in order for the respective usage right to be exercised, receiving from an external computing device external, a request to access the content, the request corresponding to a utilization of the content, determining whether the requested utilization corresponds to at least one of the usage rights associated with the content, and transmitting to an external a computing device, at least one of the usage rights based at least in part on a determination that the requested utilization corresponds to at least one of the usage rights.

Abstract: Systems and methods to provide and maintain secure financial transaction conducted with a credit card or other cashless payment mechanism at a vending machine or other potentially unattended vending or point of sale device. Encapsulated card readers providing end-to-end encryption capabilities encrypt transaction data for secure transmission to a transaction host or server. Pre-authorization transaction data checking maintains account numbers in a secure encrypted format further enhancing security. Protection mechanisms that guard against, and provide warnings of equipment tampering, while also providing a visual indication to customers regarding the security of the system.

Abstract: Apparatus, method, and media for permitting use of content. An exemplary method comprises associating a transfer right with content, the transfer right specifying that the content is permitted to be transferred from a first computing device to a second computing device, transferring the content from the first computing device to the second computing device in accordance with the transfer right, updating information associated with the transfer right based on the transfer of the content from the first computing device to the second computing device, and associating a usage right with the content, the usage right corresponding to a utilization of the content, wherein the first computing device includes at least a server mode of operation, and wherein the second computing device includes both a requester mode of operation and a server mode of operation.

Abstract: Some embodiments include a hot wallet service system including: a manager server configured to receive a cryptocurrency transaction request identifying at least a hot wallet accountholder identifier and to determine a first set of authentication servers to authenticate the cryptocurrency transaction request; the authentication servers, each configured to independently authenticate the cryptocurrency transaction request by verifying a requester of the cryptocurrency transaction request against an accountholder profile associated with the hot wallet accountholder identifier; wherein the authentication servers are configured to approve, independently from each other, the cryptocurrency transaction request by cryptographically signing approval messages to send to an aggregation server using respective private authentication keys stored respectively in the authentication servers when the requester is verified; and the aggregation server configured to aggregate cryptographic signatures of the cryptocurrency transac

Abstract: A facility for provisioning and managing registered applications is described. Registered applications can be downloaded to a mobile device from an application provisioning server. When the download is complete, the mobile device may begin execution of the registered application. However, at least portions of the registered application cannot be executed by the mobile device without first passing control to an application provisioning server via a network connection. Upon receiving temporary control of the registered application, the application provisioning server can perform tasks such as license verification and other tasks before turning control of the application back to the mobile device.

Abstract: A method, device, and system for conducting trusted payment transactions including establishing a trust relationship between a first mobile computing device and a second mobile computing device. The first mobile computing device may initiate a payment transaction with a point-of-sale device, communicate with the second mobile communication device to retrieve payment information from the second mobile communication device, and complete the payment transaction with the point-of-sale device using the payment information. The second mobile computing device is configured to verify the user and identity of the first mobile computing device prior to providing the payment information. Communications between the mobile computing devices may be encrypted using pre-determined encryption techniques.

Abstract: Music is blanket transmitted (for example, via satellite downlink transmission) to each customer's user station where selected music files are recorded. Customers preselect from a list of available music in advance using an interactive screen selector, and pay only for music that they choose to playback for their enjoyment. An antipiracy WID tag” is woven into the recorded music so that any illegal copies therefrom may be traced to the purchase transaction. Music is transmitted on a fixed schedule or through an active scheduling process that monitors music requests from all or a subset of satellite receivers and adjust scheduling according to demand for various CD's. Receivers store selections that are likely to be preferred by a specific customer. In those instances where weather conditions, motion of atmospheric layers or dish obstructions result in data loss, the system downloads the next transmission of the requested CD and uses both transmissions to produce a “good copy”.

Abstract: One embodiment of the present disclosure relates to a computer-implemented method that includes sending, by a mobile wallet server, an identification number that is part of a substitute card number to be used by a mobile device as a mobile wallet, determining an actual card number based on the substitute card number and sending the actual card number and the identification number for processing a payment.

Abstract: Devices and methods for securely upgrading devices, such as field upgradeable units, are disclosed. In response to receiving an update object, a device may determine whether a predefined location of memory includes a predetermined value. Based on the value in the predefined location, the device may store the received update object in a verification portion of the memory. After verifying the authenticity of the update object, the device may copy the update object from the verification portion of the memory to an inactive portion. The inactive portion of the memory can be swapped with an active portion of the memory, such that the inactive portion becomes active.

Abstract: A PIN server system interacts with one or more financial institutions to authenticate a mobile phone and-or a user thereof. The PIN server provides to the mobile phone one or more PIN numbers to use in financial transactions involving the one or more financial institutions, and also provides the one or more PIN numbers to the financial institutions in a manner that results in the one or more PIN numbers being associated with one or more accounts of the mobile phone user with the one or more financial institutions.