Abstract: Methods of and systems for securely monitoring a balance of a payment account include storing, in a first database, ledger data and storing, in a second database, wallet data. Wallet data includes a wallet balance value for the payment account. When a transaction is initiated using the payment account, an access operation is performed on the wallet table. Illicit or improper modifications can be detected by deriving a ledger comparison value from the ledger data and comparing the derived ledger comparison value to a wallet comparison value from the wallet data.

Abstract: Functional data of a cash channel is encapsulated by at least two parties in succession to define an at least twice-encapsulated data object. The encapsulation and subsequent de-encapsulation can utilize digital signature systems of the parties that involve a private key for encapsulation and a public key for de-encapsulation. If constructed carefully over a series of rigorous events, the resulting at least twice-encapsulated data object can be practically impossible to counterfeit. In addition, a propagation of rights can be tracked for auditing and rights can be easily terminated or modified.

Abstract: Functional data for use in one or more digital transactions is secured by using an encapsulated security token (EST). In certain embodiments, the EST is created by encapsulating digital data including the functional data using at least two digital signature systems of two parties. The encapsulation and subsequent de-encapsulation can utilize digital signature systems of the parties that involve a private key for encapsulation and a public key for de-encapsulation. If constructed carefully over a series of rigorous events, the resulting EST can be practically impossible to counterfeit. In addition, a propagation of rights can be tracked for auditing and rights can be easily terminated or modified.

Abstract: A method of verifying identity information is performed at a computer server using a social networking application. The computer server receives an identity verification request from a first terminal. The first terminal is associated with a first account of the social networking application and the identity verification request includes information of a verification code and a second account of the social networking application. The computer server then forwards information of the verification code to a second terminal associated with the second account of the social networking application. Upon receipt of a response from the second terminal, the computer server establishes a relationship between the first account and the second account after verification of the response from the second terminal using the verification code such that the second terminal can interact with the first terminal through the social networking application.

Abstract: Making a payment using a payment plug-in is disclosed, including: receiving a payment request from a device; receiving an indication that the payment plug-in is not installed at the device; determining that the device has received the payment plug-in, wherein the payment plug-in is configured to be installed at the device; receiving an activation message from the payment plug-in, the activation message including at least an attribute associated with the device; determining a stored user account that matches the attribute associated with the device; and receiving from the payment plug-in a confirmation to process the payment request based at least in part on the matching user account.

Abstract: Privacy is defined in the context of a guessing game based on the so-called guessing inequality. The privacy of a sanitized record, i.e., guessing anonymity, is defined by the number of guesses an attacker needs to correctly guess an original record used to generate a sanitized record. Using this definition, optimization problems are formulated that optimize a second anonymization parameter (privacy or data distortion) given constraints on a first anonymization parameter (data distortion or privacy, respectively). Optimization is performed across a spectrum of possible values for at least one noise parameter within a noise model. Noise is then generated based on the noise parameter value(s) and applied to the data, which may comprise real and/or categorical data. Prior to anonymization, the data may have identifiers suppressed, whereas outlier data values in the noise perturbed data may be likewise modified to further ensure privacy.

Abstract: A method for two factor authentication is described. The method comprises sending an activation code stored on a mobile device to a server for verification. An encrypted secret key generated by the server using the activation code is received. The secret key is decrypted using the activation code stored on the mobile device. The mobile device encrypts the secret key using a predetermined PIN. As a result of a user inputting the predetermined PIN, the secret key is decrypted, the mobile device generates a first token using the secret key and transmits the first token to the server to authenticate the user. After receiving authentication from the server, the information on the mobile device is synced with the server.

Abstract: A method for identifying web documents for presenting an advertisement. The method comprises receiving an advertisement for members of one or more demographic segment, identifying at least one web document with an editing style of an author from the demographic segment and allowing a presentation of the advertisement to at least one visitor of the at least one identified web document.

Abstract: The systems, apparatus, methods, and computer program products described herein provide the capability for an entity to identify and autonomously contract via a blockchain database with an unknown and anonymous host device for access rights to a high volume raw data stream generated by a sensor of the host device. The systems, apparatus, methods, and computer program products further provide the capability for the entity to push or upload a software module to the host device to allow the entity to process the high volume raw data stream into a low volume data stream directly on the host device, i.e., at the source of the high volume raw data stream.

Abstract: The inventive system provides real-time commercial services to users of mobile communication devices (MCDs) over a wireless communication network utilizing the short message service protocol (SMS). The inventive system establishes a dialog with a user of an MCD utilizing SMS to present the user with commercial service options and to allow the user to quickly and easily purchase the services by sending minimal SMS responses during the dialog process. Preferably, prior to utilization of the inventive system, the user subscribes with a service provider to pre-arrange payment options for purchased services, to provide information helpful in tailoring offered services and service options to the user, and optionally to receive enhanced services (such as discounted and/or last minute offers, etc.). Utilization of the inventive system occurs in three phases: trigger, purchase and claim. During the trigger phase (user or service provider initiated), the service to be purchased is selected.

Abstract: An example device may include one or more processors to receive a request for a service from a requestor user device; provide transaction information associated with the service to a provider user device, where the transaction information may include location information corresponding to a location at which the service may be provided; obtain verification information from the requestor user device based on an interaction associated with the requestor user device or the provider user device at the location, where the verification information may include one or more characteristics of the requestor user device; generate a verification token based on the one or more characteristics of the requestor user device; provide the verification token to the requestor user device; and provide the verification information to the provider user device to permit the provider user device to verify the requestor user device, in connection with performance of the service, based on receiving the verification information and obtai

Abstract: The present invention comprises a system and method for managing an inventory of PINs in a PIN distribution network. The distribution network includes a hub coupled to a one or more servers and each of the servers is coupled to at least one client terminal. The system includes a hub for dynamically allocating PINs of the inventory among the servers so as to substantially maintain a quantity of PINs at each server at a desired level for each server. Additionally, the hub acquires additional PINs in response to at least one PIN in the inventory being distributed to at least one user from at least one of the client terminals. In variations, the hub maintains centralized databases and synchronizes the centralized databases with corresponding databases at each server.

Abstract: A mobile game device and a game console share an image file relating to a game; the mobile game device and the game console are connected so as to be able to transmit data with each other via a wire or wirelessly, and the game console is connected to an image-file-providing server retaining an image file via a network; the game console acquires an image file from the image-file-providing server and the mobile game device acquires an image file from the game console, by which the image file is shared between the game instruments.

Abstract: A media device generates a digital fingerprint of perceptual features of a segment of a work. The segment is less than an entirety of the work and includes at least one of audio or video media content. The media device sends a query to a lookup server for data associated with the work, the query including said digital fingerprint. The media device receives the data associated with said work from said lookup server in response to said query, wherein the data was identified based on a comparison of the digital fingerprint to a collection of digital fingerprints of known works. The media device then processes the received data.

Abstract: A method validates whether a component/device installed within an information handling system (IHS) is an OEM (original equipment manufacturer) programmed device, by: reading identification (ID) data and an identifier code from the target device; generating a unique encrypted sequence using the ID data; providing a unique validation check code based on the ID data; generating a component validation code corresponding to the target device via a decryption process involving the unique encrypted sequence; and comparing the component validation code to the validation check code. The method further includes: in response to the component validation code matching the validation check code, identifying the target device as an OEM programmed device with a valid identifier code stored as the identifier code; and enabling certain processes reserved for only verified OEM programmed devices. The decryption process reverses an encryption process utilized when generating the unique OEM identifier code of the target device.

Abstract: A method includes receiving, by a payment server, a request for a payment from a mobile communication device; and, generating, a request to verify the location of the mobile communication device. In response to receiving the location of the mobile communication device, determining whether or not to authorize the requested payment.

Abstract: Systems and methods are disclosed in which data associated with a transaction are protected with encryption. At an access device, a PIN associated with a payment account may be encrypted with a first key derived from an initial key of the access device and sensitive data associated with the payment account may be encrypted with a second key derived from the initial key. At a secure module associated with a host server encrypted sensitive data of an authorization request message may be decrypted. The secure module associated with the host server can re-encrypt the sensitive data using a zone encryption key associated with a payment processing network. A translated authorization request message including the re-encrypted sensitive data can be transmitted by the merchant server to the payment processing network.

Abstract: This disclosure is directed to, in part, providing a third party with access to at least some information in a user's account maintained by a host. The agent may assist a user in selecting an item, purchasing the item, customizing the item, and/or performing other actions. The agent may interact with the user during the assistance. In various embodiments, the user may provide the agent with a token that allows the agent to gain at least temporary access to at least a portion of the user's account. In some instances, the agent may purchase the item for the user using information in the user's account, such as payment information, shipping address information, and/or other information. The agent may place an item, such as a special order item in a virtual shopping cart or other location, which may be stored with the user's account.

Abstract: Systems, methods, and program products for providing secure authentication for electronic messages are disclosed. A method may comprise generating an asymmetric private key based at least in part upon an invariant biometric feature vector derived from an input biometric reading. The private key may be further based at least in part upon a user password. The resulting private key may not be stored but rather may be generated when required to authenticate an electronic message, at which time it may be used to provide a digital signature for the electronic message. The private key may be deleted after use. The private key may be regenerated by inputting both a new instance of the biometric reading as well as a new instance of the password.

Abstract: A method of providing a mobile application service on a user equipment based on composing a plurality of services supported by service platforms executing in a backend of a communication network. The method comprises receiving a request for a content service from a mobile application executing on a user equipment (UE) by a mobile application framework (MAF) and verifying the request for the content service by the MAF through a communication service provider platform, wherein the communication service provider platform completes verification in part by invoking a service of the MAF. The method further comprises completing a payment transaction for the content service by the MAF through messaging a payment platform, wherein the payment platform iteratively invokes services of the MAF and ordering the content service delivery by the MAF through messaging a content provider platform, wherein the content provider platform iteratively invokes services of the MAF.