Abstract: Means and a computerized method for recommending items such as books and audio compact disks. For each item, a user profile includes ratings provided by users of the system. Unlike present recommendation systems, the user profiles do not include pre-computed similarity factors measuring similarity between users. Rather, when an advisee requests a recommendation, similarity measures are computed comparing the advisee to other users, and the similarity measures are associated with the other users. A subset of the users is selected, where the subset includes the users most similar to the advisee. A recommendation is made based on the ratings by the members of the selected subset.

Abstract: The invention relates to systems and methods for providing modular and configurable smart contracts for blockchain applications. The smart contracts may be utilized to retain all transaction attribute values in a world state database of the blockchain-implemented ledger. The systems and methods can further provide for dynamically configurable validation metadata and validation rules for transaction attributes recorded on a blockchain transaction log. The validation metadata and validation rules corresponding to the transaction attributes can be dynamically updated and applied to the transaction attributes to validate or invalidate a transaction.

Abstract: The invention relates to systems and methods for providing modular and configurable smart contracts for blockchain applications. The smart contracts may be utilized to retain all transaction attribute values in a world state database of the blockchain-implemented ledger. The systems and methods can further provide for dynamically configurable validation metadata and validation rules for transaction attributes recorded on a blockchain transaction log. The validation metadata and validation rules corresponding to the transaction attributes can be dynamically updated and applied to the transaction attributes to validate or invalidate a transaction.

Abstract: Systems and methods enable members of a secure transaction network to readily identify the appropriate trusted service manager (TSM) to support a particular transaction. A global directory of TSM providers is provided that a secure service provider can use for determining which TSM provider is the authorized manager of a security domain for the particular transaction. In aspect the directory of TSM providers may be stored within a mobile device secure element. In another aspect, the directory of TSM providers may be stored in a central TSM repository. In a further aspect, the directory of TSM providers may be distributed among a number of secondary TSM repositories. The appropriate TSM may be identified based upon a secure element identifier and an application identifier provided by a secure element as part of the transaction. Communication of the identifiers from mobile devices may be via cellular or near field communication links.

Abstract: A system and method for facilitating a secured value transfer. A first user and the system obtain a pair of encryption and decryption apparatuses. The first user creates a request including his unique identifier and a value to be transferred. The first user encrypts the request using the encryption apparatus and sends it to the second user. The second user sends to the system the request and the second user's unique identifier. The system uses the decryption apparatus to decrypt the request. The system checks the usage of the request against a threshold limit. After a successful usage check, the system then transfers the value from the first user to the second user. The system may comprise (a) a plurality of system server for exchanging data with users' personal computing devices, registering users, and conducting transactions, and (b) data storages storing user accounts and other persistent data.

Abstract: Different adapters and applications may publish information on the messaging bus and retrieve information from the bus simultaneously in a manner that does not cause interference or problems in the publication or retrieval. Meter data is cleaned, validated and estimated by separate applications using the above-described application and retrieval processes via the message bus for flexible and efficient processing.

Abstract: A mobile device of a consumer can have a mobile-based credential stored in a secure memory thereof and an associated alias. Techniques for conducting a transaction with the mobile device may involve receiving a request for the mobile-based credential from a remotely accessible server in response to a requestor device receiving the alias from the consumer. The mobile-based credential can be accessed from the secure memory and transmitted to the remotely accessible server. The mobile-based credential is then usable at the remotely accessible server in combination with a server-based credential stored thereat for obtaining payment credentials to complete the transaction.

Abstract: Methods and systems are provided for managing a mobile wallet. In some embodiments, a user may request re-provisioning of the payment instruments in a single user interaction. In accordance with embodiments of the invention, a method of managing a mobile wallet includes providing a downloadable application for enabling a mobile wallet on a user computing device, transmitting the application to the user computing device, receiving a request to enroll a plurality of payment instruments in the mobile wallet enrolling, the plurality of payment instruments in the mobile wallet, receiving a re-provisioning request, and re-provisioning at least a first group of the plurality payment instruments.

Abstract: A system for and method of performing a transaction between a consumer (105) and a business entity (110). The method comprising the acts of priding transaction data from a submitter (105) to a transaction facilitator (120), generating a token (130) that identifies the transaction data, storing the transaction data and the token at the transaction facilitator (120), providing the token to the submitter (105), returning the token (130) to the transaction facilitator, obtaining the stored transaction data identified by the token, and using at least a portion of the obtained transaction data to implement the transaction.

Abstract: Method and Apparatus for access secured electronic data are disclosed. According to one aspect, an off-line access mechanism in a client machine is activated to facilitate those users on the go to access secured electronic data. When a user decides to be away from a network premises or on a business trip, an off-line access request may be generated by the off-line access mechanism and forwarded to a server. In response, the server may grant the off-line access request to the user as well as the client machine from which the user will access the secured electronic data off-line. Depending on implementation, the AC may provide amended or tentative access rules, access privileges or user keys that will automatically expire when a predetermined time ends or become invalid the next time the client machine is connected to the server.

Abstract: A method and apparatus for conducting a commercial transaction over the Internet or other network connection are provided. Random numbers, which are unique for each user session, are pre-loaded onto a handheld, portable device, or token The random numbers are generated by external systems and delivered to the token for storage an internal memory and to a database accessible by an authentication system. The random numbers are dispensed by the token to a user by pressing a button on the token or otherwise signaling the token. A dispensed number is cross referenced, by the authentication system, to the database. The dispensed number authenticates the user or transaction.

Abstract: Methods, systems, and engines are presented for synchronizing contents of removable storage devices with a multimedia network. In one implementation, a change in status of a connection between a removable storage device and a multimedia network is detected. A network inventory list of recordings is updated, triggered by the change in connection status. A change in the recording content, associated metadata, or digital rights of a recording may also trigger an update of the network inventory list. A network scheduler can use the updated network inventory list to accurately reflect those recordings actually available to the multimedia network for playback and recording, or available to an unauthorized user for purchase, including the recordings on removable storage devices.

Abstract: A mobile device includes a wireless transceiver, a host processor, a secure element (SE), and a near field communication (NFC) system having an NFC transceiver and an NFC controller implementing a contactless front end. The contactless front end routes a near field communication related to a payment transaction between the NFC system and the SE without going to or from the host processor. The contactless front end routes a near field communication not related to a payment transaction, but requiring a security function, between the NFC system and the SE without going to or from the host processor. The contactless front end routes a near field communication not related to a payment transaction, and not requiring a security function, between the NFC system and host processor without going to or from the SE.

Abstract: The invention creates a data carrier, in particular chip card, in particular smart card, having a device for generating one-time passwords and having a display for displaying generated one-time passwords. Preferably the data carrier is a Eurocheque card or credit card with the integrated function of an electronic purse (cash card function) and the generated one-time password is a transaction number (TAN) for acknowledging a secure electronic payment transaction.

Abstract: An audio object (AOB) for which corresponding rights management information (RMI) has been generated by a license management apparatus, and an AOB for which RMI does not exist are written into a recording medium for use in an SDMI system which includes the license management apparatus. Each AOB is put in correspondence with a migration permission flag (MPF). When the corresponding AOB is the AOB for which RMI does not exist, the relevant MPF is set to on so as to show that a migration procedure is permitted. When the corresponding AOB is the AOB for which RMI has been generated by the license management apparatus, the relevant MPF is set to off so as to show that a migration procedure is not permitted.

Abstract: Methods, systems, and machine-readable media are disclosed for handling information related to a financial transaction including utilizing dynamic cryptograms. According to one embodiment, a method of processing a financial transaction related to a financial account can comprise detecting initiation of the transaction with a device used as a presentation instrument in the transaction. A Dynamic Transaction Cryptogram (DTC) and a dynamic PAN can be generated at the device. The DTC can be used to authenticate the transaction and the dynamic PAN can comprise an encrypted form of a real PAN of the financial account that is valid for a single transaction. The DTC and the dynamic PAN can be provided by the device for use in the transaction.

Abstract: Systems and methods for providing access to an information account stored in a central data repository. The information account is associated with a consumer and is subject to the consumer's control and management. Consumer authentication information is input by the consumer in connection with a first request for access to the information account via a first web-site. Responsive to authentication of the consumer, a single sign-on feature may be activated for automatically managing subsequent authentications of the consumer so that the consumer will not be required to again input the consumer authentication information upon initiating a second request for access to the information account while interacting with a subsequent web-site that is configured to provide access to the information account upon authentication of the consumer. The single sign-on function may be deactivated upon the occurrence of a terminating event, such as the expiration of a time-out interval.

Abstract: An apparatus, system, and method are disclosed for checking the health of encryption key managers (EKM). An identification module identifies an EKM of a plurality of EKMs. A communication module establishes communication with the EKM. A request module requests an encryption key from the EKM. A verification module verifies that there is a valid encryption key path to the EKM. In one embodiment, the verification module validates that the EKM can exchange encryption keys with a tape drive. The verification module may also validate that the EKM can certify the authenticity of a tape drive.

Abstract: A system and method of using Electronic Funds Transfer (EFT) to complete payment for goods and services. An example method of operating a transaction terminal includes identifying items selected by a customer for purchase, determining a required payment amount for the items, obtaining identification information from the customer, obtaining contact information and payment information, including bank account information and bank routing number information, from a customer profile associated with the identification information, creating a check image, sending a request for payment message providing access to the check image and the payment information to a mobile communication device of the customer using the contact information in the customer profile, and receiving a reply message from the mobile communication device authorizing payment for the items via electronic funds transfer and including a 2D barcode containing the check image and the payment information.

Abstract: An optimized server for streamed applications provides a streamed application server optimized to provide efficient delivery of streamed applications to client systems across a computer network such as the Internet. The server persistently stores streamed application program sets that contain streamed application file pages. Client systems request streamed application file pages from the server using a unique set of numbers common among all servers that store the particular streamed application file pages. A license server offloads the streamed application server by performing client access privilege validations. Commonly accessed streamed application file pages are stored in a cache on the streamed application server which attempts to retrieve requested streamed application file pages from the cache before retrieving them from persistent storage. Requested streamed application file pages are compressed before being sent to a client as well as those stored in the cache.