Abstract: A method comprises receiving a request to add a stored-value card to an electronic wallet via interpreting an intelligent code which directs a user to a URL for an electronic wallet website; prompting a user for credentials to enter the electronic wallet website; determining whether the stored-value card already exists in the electronic wallet; and adding the stored-value card to the electronic wallet. A system comprises a computer device to receive a request to add a stored-value card to an electronic wallet via interpreting an intelligent code which directs a user to a URL for an electronic wallet website; to prompt a user for credentials to enter the electronic wallet website, to determine possession of the stored-value card, to determine whether the stored-value card already exists in the electronic wallet, and to add the stored-value card to the electronic wallet.

Abstract: Disclosed is a conversation management system that manages conversations about a content using blockchain technology. The content management system can use the blockchain technology to validate the conversations, and provide a content provider of the content a secured access to the validated conversations. The validation of the conversations can ensure that the conversations are not fake, e.g., provided by real people and not generated using bots. A conversation about the content is added as a block to the blockchain upon validation, and once added may not be modified, and therefore, the content provider may be assured that the conversation is secure and genuine. The content provider can use the knowledge obtained from the validated conversations in making future content.

Abstract: Systems, methods, and computer-readable storage media of exchanging digital assets using a public key cryptography framework. One method includes storing a plurality of digital assets on an internal ledger, and receiving a signed exchange request signed by a private key of a public and private key pair associated with a digital asset on the internal ledger, wherein the signed exchange request includes a destination address of an inter-provider ledger. The method further includes providing, to the inter-provider ledger, a public key of the public and private key pair based on interfacing with the destination address of the inter-provider ledger via a first API, and determining, from the inter-provider ledger, the signed exchange request was verified. The method further includes updating the internal ledger by removing the public and private key pair, and updating a central ledger by interfacing with a central address of the central ledger via a second API.

Abstract: A method and system for provisioning access data in a second application on a mobile device using a first application on the mobile device. Authentication data may be input into the first application, and an authentication code may be requested from a remote server. After the authentication code is received by the first application in the mobile device, it can pass the authentication code to a second application that initiates an access data provisioning process.

Abstract: A payment system implemented on a mobile device authorizes and processes transactions. The mobile device generates a public-private key pair and receives payment information. The private key and the payment information are split into a local and a remote fragment. The public key, a private key fragment, and a payment information fragment are sent to a secure payment system, and the other fragments are stored on the mobile device. When a transaction is received by the mobile device to authorize, the mobile device sends a payment fragment to the secure payment system and receives a private key fragment from the secure payment system. The mobile device authorizes the transaction using the private key, recovered from the private key fragments. The secure payment system verifies the transaction using the public key and processes the transaction using the recovered payment information. Additional techniques to process transactions using data splitting are disclosed.

Abstract: A computer-implemented method for improving the security of a data record distribution process using a blockchain having a group of input nodes and a group of output nodes, each group having a private-public key pair, but wherein the nodes only have a key share of their respective private key and no node has a full private key. Using threshold signature scheme, secret share joining, and stealth addresses, data records from the input nodes are pooled at a stealth address determined through collaborative action of the input nodes, requiring cooperative determination of their public key, a shared secret, and the stealth address. The public key is copied into the transaction. The output nodes locate the transaction and extract the public key, collaboratively verify its authenticity, and collaboratively determine the shared secret. Having done so, the output nodes may, collectively, sign a second transaction for distributing data records from the stealth address to the output addresses.

Abstract: A method and system for awarding blocks in a blockchain for mining based on commitment to a blockchain network. The method includes receiving, by a receiver of a processing server, a plurality of mining bids, where each mining bid is submitted by a blockchain node in a blockchain network and includes at least a declaration, the declaration being a period of time in which the blockchain node agrees to defer spending an earned mining fee; selecting, by a processor of the processing server, a winning bid of the plurality of mining bids based on at least the declaration included in each of the plurality of mining bids; and transmitting, by a transmitter of the processing server, a notification message to a winning blockchain node that submitted the winning bid.

Abstract: A non-transitory computer readable medium may include executable instructions which, when executed by a processor, cause the processor to provide for a non-destructive testing (NDT) ecosystem. The NDT ecosystem includes a repository of digital content, and a store configured to sell the digital content to a customer, wherein the digital content is executable by a NDT device and wherein the digital content is created by a plurality of entities.

Abstract: A system, apparatus, method, and machine readable medium are described for secure authentication. For example, one embodiment of a system comprises: an authenticator on a client device to securely store one or more private keys, at least one of the private keys usable to authenticate a block of a blockchain; and an attestation module of the authenticator or coupled to the authenticator, the attestation module to generate a signature using the block and the private key, the signature usable to attest to the authenticity of the block by a device having a public key corresponding to the private key.

Abstract: The invention relates to systems and methods for distributing market data. In one implementation, the system may generate a new encryption key at each market data update, and use that key to encrypt each market participant's data in that update before it is sent. Among other factors, characteristics of modern computer networks may cause participants to be sent (and to receive) their encrypted data in that update at different times. After the participants have all been sent their data in that update the system may then simultaneously transmit to those participants the key that will enable them to decipher their data. In an implementation, the key may be transmitted via a multicast transport protocol which can be used to ensure all recipients receive it at the same time. In this manner the invention may ensure that although participants receive their data in a given update at different times, they are unable to decipher that data until substantially the same time.

Abstract: Examples implementations relate to payment tokens. An example includes a customer computer creating a first data buffer, with a set of customer-specified parameters, signing the first data buffer with a customer private key, associating a customer public key to the signed first data buffer to create a first data record that is communicated to a service provider. The service provider computer creates a second data buffer with a set of service provider-specified parameters, signs the second data buffer with a first private key of the service provider, associates a first public key of the service provider to the signed second data buffer to create a second data record, combines the first and second data records, signs the combined data record with a second private key of the service provider, and associates a second public key of the service provider to the combined data record.

Abstract: A method for proximal distance and usage pattern access management includes identifying a first trigger event based on a financial device profile indicating a first proximal distance threshold is exceeded for a first device relative to a second device, where the first device is capable of executing financial transactions. The method further includes querying one or more network devices in the vicinity of the first device to validate the first trigger event. The method further includes responsive to receiving a first validation of the first trigger event from at least one network device from the one or more network devices, applying a first temporal lock on the first device preventing future executions of financial transactions. The method further includes responsive to validating a user associated with the second device, updating the financial device profile based on at least on the first trigger event and a location for the trigger event.

Abstract: Embodiments of the present invention relate to systems and methods for implementing a mobile tokenization hub with a common tokenization capabilities (CTC) module that may provide tokenization for various entities in various contexts. For example, the CTC module can provide and store tokens for mobile payment transactions, transit transactions, digital wallet applications, merchant point of sale (POS) applications, personalization services, and the like.

Abstract: A method can include generating a cryptogram by encrypting, by a hardware security module (HSM), a keyed-hash message authentication code (HMAC) key by a master key encryption key (MK); transmitting, a database server, the cryptogram; destroying the cryptogram at the HSM, in response to the transmitting the cryptogram to the database server; receiving, from the database server, the cryptogram and an ID generated by the database server; generating a wallet password based on the ID and the cryptogram; generating a data encryption key (DK) retrievable via the wallet password; transmitting, to the database server, the DK without the wallet password; destroying the wallet password in response to the transmitting the DK to the database server; decrypting the cryptogram into a decrypted HMAC key; regenerating the wallet password using the ID and the decrypted HMAC key; encrypting the regenerated wallet password; transmitting, to the database server, the encrypted regenerated wallet password.

Abstract: Systems, methods, and articles of manufacture for secured account provisioning and payments using user computing devices are provided. One such method comprises obtaining an account payload by the user computing device, wherein the account payload comprises a payment credential associated with a transaction account of a user of the user computing device; generating a storage encryption (ENC) key and a storage message authentication code (MAC) key based on at least a device fingerprint of the user computing device and a storage root key; encrypting, the account payload with the storage ENC key to form an encrypted account payload; generating a digital signature of the encrypted account payload using the storage MAC key; and storing the encrypted account payload and the digital signature in a secured database of the user computing device.

Abstract: Systems and methods for using a device wallet identifier are disclosed. In one embodiment, in an information processing apparatus comprising at least one computer processor, a method for generating a device wallet identifier may include: (1) receiving a wallet identifier for an electronic wallet or payment application executed by an electronic device; (2) retrieving an issuer identifier for a customer associated with the electronic wallet or payment application; (3) generating a device wallet identifier; and (4) storing a mapping of the device wallet identifier to the issuer identifier for the customer.

Abstract: Technologies are shown for buyer initiated automatic seller account generation where a buyer client receives an identification of a purchase item, generates an item token corresponding to the purchase item, and provides the item token to a seller client. The seller client authenticates a seller user with an authentication service, such as a biometric authentication service, receives an authentication token corresponding to the seller user, and sends an account creation request with the item token and the authentication token to an account creation service. The account creation service receives the account creation request, sends a user information request to the authentication service with the authentication token and receives seller information for the seller user from the authentication service. The account creation service creates a seller user account using the seller information, commits a purchase transaction for the purchase item, and sends an item purchase confirmation to the buyer client.

Abstract: Embodiments of the invention involve using biometric templates to wirelessly authenticate individuals. In one embodiment, a mobile device may generate a first biometric template and a first public value from a first biometric sample of a user and generate a first cryptographic key by passing the first biometric template to a fuzzy extractors generate function. An access device may generate a second biometric template from a second biometric sample of the user, generate a second secret cryptographic key by passing the second biometric template and the first public value to the fuzzy extractors reproduce function, encrypt the second biometric template with the second secret cryptographic key, and broadcast the encrypted template to a plurality of nearby mobile devices including the mobile device. If the mobile device is able to decrypt the encrypted template with the first cryptographic key, the access device can associate the user with the mobile device.

Abstract: A payer transaction device enables secure offline transactions using a secure element providing a secure payer account database, a secure ledger database, and a wallet application. While the payer transaction device is not connected to the Internet, the wallet application receives a payee identifier and a transaction amount and verifies that the transaction amount is less than an available payer account balance in the secure payer account database. In response, the wallet application creates a digital token that allocates the transaction amount from the payer account balance to the payee identifier, and records the digital token in a payer secure ledger in the secure ledger database, which reduces the available payer account balance by the transaction amount. The wallet application then transfers the digital token to a payee transaction device over a peer-to-peer wireless connection and, subsequently, the digital token is synchronized with a ledger tracking system through the Internet.

Abstract: An automated voting platform can allow a user to register to vote, view information about candidates, and submit votes in an election using his or her own personal computing device. To minimize the likelihood of voter fraud, the automated voting platform can implement an authentication process that requires the user to submit biometric or other identification information prior to being enabled to access the user's account with the automated voting platform. This authentication process can also require the user to repeatedly submit biometric information thereby ensuring that the same user continues to use the computing device while accessing the user's account.