Abstract: Embodiments of the present invention can be directed to systems, apparatuses, and methods for performing transactions through mobile communication devices using either telecommunications networks or proximity near-field communications systems. Embodiments may be directed to a mobile communication device displaying an application authentication element. The application authentication element may include a pre-selected authentication element and transaction data associated with a transaction conducted by a mobile communication device. The mobile communication device may obtain the pre-selected authentication element by either transmitting a request to a server computer or retrieving the pre-selected authentication element from a secure memory in the mobile communication device. A user authentication token may be received by the mobile communication device from the user. The mobile communication device may generate a secret token that is derived from the user authentication token.

Abstract: Techniques are described for managing software whose use is restricted in one or more manners. In some situations, the software components are fee-based components that are made available by providers of the components for use by others in exchange for fees defined by the components providers, and the software components may also have various other non-price conditions related to their use. The described techniques facilitate use of a software component on a computing node by configuring a virtual computer port or other virtual interface on the computing node, to enable the software component to make a request via the provided virtual interface regarding whether a current use of the software component is authorized. A trusted source receives and responds to the use authorization request in a manner configured by the provider of the software component, such as by a node manager module of a program execution service.

Abstract: A facility for provisioning and managing registered applications is described. Registered applications can be downloaded to a mobile device from an application provisioning server. When the download is complete, the mobile device may begin execution of the registered application. However, at least portions of the registered application cannot be executed by the mobile device without first passing control to an application provisioning server via a network connection. Upon receiving temporary control of the registered application, the application provisioning server can perform tasks such as license verification and other tasks before turning control of the application back to the mobile device.

Abstract: Music is blanket transmitted (for example, via satellite downlink transmission) to each customer's user station where selected music files are recorded. Customers preselect from a list of available music in advance using an interactive screen selector, and pay only for music that they choose to playback for their enjoyment. An antipiracy WID tag” is woven into the recorded music so that any illegal copies therefrom may be traced to the purchase transaction. Music is transmitted on a fixed schedule or through an active scheduling process that monitors music requests from all or a subset of satellite receivers and adjust scheduling according to demand for various CD's. Receivers store selections that are likely to be preferred by a specific customer. In those instances where weather conditions, motion of atmospheric layers or dish obstructions result in data loss, the system downloads the next transmission of the requested CD and uses both transmissions to produce a “good copy”.

Abstract: Devices and methods for securely upgrading devices, such as field upgradeable units, are disclosed. In response to receiving an update object, a device may determine whether a predefined location of memory includes a predetermined value. Based on the value in the predefined location, the device may store the received update object in a verification portion of the memory. After verifying the authenticity of the update object, the device may copy the update object from the verification portion of the memory to an inactive portion. The inactive portion of the memory can be swapped with an active portion of the memory, such that the inactive portion becomes active.

Abstract: A PIN server system interacts with one or more financial institutions to authenticate a mobile phone and-or a user thereof. The PIN server provides to the mobile phone one or more PIN numbers to use in financial transactions involving the one or more financial institutions, and also provides the one or more PIN numbers to the financial institutions in a manner that results in the one or more PIN numbers being associated with one or more accounts of the mobile phone user with the one or more financial institutions.

Abstract: A system and method for registering a mobile computing device for a data service on a wireless network is described. The method comprises receiving a request from a user to initiate a program on the mobile computing device which requires a network connection for a data service. The method comprises checking if a wireless account for the data service has been activated for the mobile computing device, and, if a wireless account for the data service has not been activated, transmitting to a network node a serial number of the mobile computing device and a key which is based on an encryption of the serial number. The method further comprises receiving a message indicating a wireless network connection is granted.

Abstract: A forward proxy can perform identity substitutions and related services. The user provides the forward proxy with identity information, and the forward proxy presents itself to remote Internet sites on behalf of the user in the guize of the specified identity. From the remote site's point of view, the forward proxy is the machine being used by the user; the identity of the actual user machine can be hidden. Cookies are thus stored and updated at the forward proxy instead of being stored and updated at the user computer as they would be if a conventional forward proxy had been used. This helps preserve user privacy. The use of group identities, which are shared by multiple users, are also facilitated.

Abstract: Method and server in a business intelligence analysis system for building a response to a client request. The response includes information regarding the response in an updated server context. The updated server context is round tripped to the client and included in a subsequent request. After being received from the client, the subsequent request is optimized based on the included updated server context.

Abstract: A user may select or create a PIN at a non-secure input device, such as a web-enabled personal computer. PINs are stored at a financial host in encrypted form, as PIN offsets. The user selected PIN and a corresponding account number are sent in clear text form to the host, which selects a base PIN offset corresponding to the PIN. A host security module within the host converts the base PIN offset to an actual PIN offset using the actual account number. The actual PIN offset (corresponding to the new PIN and the account number) is then stored at the financial host.

Abstract: A method and apparatus for third party control of a device have been disclosed. By utilizing a third party to control a device, view and control of a device may be separated.

Abstract: User profile information for a user may be determined by (a) determining initial user profile information for the user, (b) inferring user profile information for the user, and (c) determining the user profile information for the user using both the initial user profile information and the inferred user profile information. Initial user profile information for the user may be determined using past search queries submitted by the user, and/or past document selections by the user. User profile information for the user may be inferred by (a) defining a node for each of a number of documents and the user, (b) adding edges between nodes if there is an association between the nodes to define a graph, and (c) inferring user profile information for the user using a topology of the graph and user profile information of other documents.

Abstract: A method for sharing applications (APPI, APP2, APPx; APP4) being stored in a source mobile communication device (MOx; MOI) with a destination mobile communication device (MO1; MOx) comprises: transmitting a sharing request (SR) from the source mobile communication device (MOx; MO1) to a Trusted Service Manager (TSM) with information about the application and the destination mobile communication device (MO1; MOx); at the Trusted Service Manager (TSM), retrieving the Service Provider (SP1, SP2, SPx) that has provided said application and sending a query (QU) to it; at the Service Provider (SP1, SP2, SPx), sending an installation request (INST) to the Trusted Service Manager (TSM) with an adapted version (APPx?) of the application and update instructions (UPD) for the source mobile communication device (MOx; MO1); at the Trusted Service Manager (TSM), getting the adapted application (APPx?) installed in the destination mobile communication device (MO1; MOx) and updating the source mobile communication device (MO

Abstract: A portable storage device includes a mechanism for receiving a value of an identification parameter from a receiving device, a non-volatile memory for storing digital content, a licensing policy, and a license for viewing the digital content on the receiving device as identified by the identification parameter, and a controller that is operative, in response to the identification parameter and the license, to provide a controlled feeding of at least a portion of the digital content to the receiving device, in accordance with the licensing policy.

Abstract: A method and apparatus for third party control of a device have been disclosed. By utilizing a third party to control a device, view and control of a device may be separated.

Abstract: A copyright server receives a copyright request from a requester, such as a portal server. The copyright request corresponds to a user requesting a particular content to be transcoded. The copyright server identifies content copyright permissions associated with the requested content that indicate whether it is permissible to transcode the requested content. If the copyright server does not locate content copyright permissions associated with the requested content, the copyright server identifies the owner of the content and sends a message to the content owner requesting content copyright permission. The copyright server receives a response from the content owner, stores the response on a local storage area, and forwards the response to the requester. The content copyright permissions may include an amount of a transcoding fee that the content owner requires in order to transcode the requested content.

Abstract: Methods and systems for carrying out financial transactions include creating unique aliases for payment instrument having associated identification numbers, associating the created aliases to the payment instruments and enabling consumer use of the aliases to carry out financial transactions. Various special point-of-sale devices may be employed to carry out the financial transactions.

Abstract: A merchant conducting a transaction on an account forms transaction data with a sensitive data field. To obscure the account prior to transmitting information about the transaction, for each character in the sensitive data field, a combined character is formed with a character of a generated pad. A replacement character is formed by a modulus operation on the combined character and is stored in the corresponding position in the sensitive data field. A transmission containing the sensitive data field with replacement characters is delivered to the merchant's acquirer.

Abstract: A mobile computing device is adapted to transmit to a scoring server URLs of websites browsed using the device. The scoring server can compare these URLs against a merchant URL obtained within a preselected time period from transaction data resulting from a transaction involving a payment product of the device user. A score can be calculated based on the similarity between each URL obtained from the device and the URL from the transaction data. The score represents the likelihood that a website browsed using the device and, as a result, the transaction, is fraudulent. The browsed URLs can also be scored against a database of known fraudulent websites. A notification concerning the legitimacy of the transaction based on the score can be generated and sent to the mobile device in real-time. On receiving the notification, the device can be used to either accept or decline the transaction in real-time.

Abstract: A data distribution system has a portable user terminal, which sends a portable terminal ID or memory card ID and electronic money are sent to a store-based terminal (10) and receives data content, a store-based terminal (11), which receives the portable terminal ID or memory card ID and electronic money from the portable user terminal (10), and which sends these to a billing center (12), along with a content ID and a store-based terminal ID, a billing center (12) that receives the content ID, the portable terminal ID or memory card ID, the store-based terminal ID, and the electronic money from the store-based terminal (11), and a content center (13), which receives the content ID, the portable terminal ID or memory card ID, and the store-based terminal ID, and which distributes data content, via the store-based terminal (11), to the portable terminal (10).