Abstract: Disclosed are various embodiments for person-based authorization for shared account systems. In one embodiment, a service receives a user request from a client device associated with an account to perform an action using an application. The service then identifies a user originating the user request. The service generates a token that includes an account identifier corresponding to the account and a person identifier corresponding to the user. The service sends the user request and the token to a provider of the application.

Abstract: System and methods validate a tangible financial instrument, such as a paper check, that comprises printed or embedded thereon a readable security graphic. The readable security graphic is decodable to a public key or token for the tangible financial instrument. Each key/token can correspond to a financial instrument of an account of an account holder. A host server can retrieve a private key associated with the first account identifier. The host server can then compare the public key/token with the private key associated with the first account identifier. Upon a determination that the private key associated with the first account identifier is paired with the public key or token, the host system can generate and issue an approval notification for the tangible financial instrument. Conversely, the host system can issue a warning notification for the first tangible financial instrument if there is no match.

Abstract: A voice and dialect matching computing device processes audio signals received from two sources to authenticate and secure information associated with creation of an electronic transaction. This voice based computing device automatically processes audio signals to identify participants based on voice information and/or dialect information. The voice based computing device compares a vocal signal and/or dialect information using an intelligent processing unit (e.g., an artificial intelligence/machine learning based model) and/or using historical information stored in a central dynamic data store. The processed audio signals are decomposed into at least two signals, where a first signal may be used as a trigger to activate processing of an electronic transaction by a smart contract hub computing device. The second signal includes attributes of the electronic transaction which may then be encrypted.

Abstract: A system, method and computer-readable medium for interfacing with an EMV compliant chip card having an embedded microchip. A transaction computer includes a virtual credit card terminal running in a web browser and that is in communication with an EMV card reader having a chip card slot. The virtual terminal defines a first EMV transaction and a second EMV transaction based upon user input. The virtual terminal then causes the embedded microchip of the EMV chip card to generate a first cryptogram associated with the first transaction and a second cryptogram associated with the second transaction during a contact interface session or a contactless interface session. The virtual terminal then authenticates the first and second cryptograms over a computer network with a card issuer. Once authenticated, the virtual terminal completes the first transaction and the second transaction.

Abstract: Systems and methods for fraud detection and prevention is disclosed. The system may receive a transaction request for a first customer including a transaction location, transaction time stamp, and merchant type code. The system may determine whether the transaction location is expected for the first customer. When the transaction location is unexpected, the system may identify a last-known video detection having a last-known time stamp and last-known location. The system may determine a travel time estimate between the last-known location and the transaction location and determine a buffer based on the merchant type code. The system may compare the travel time estimate to an allotted time that includes a difference between the transaction time stamp and last-known time stamp less the buffer. When the travel time estimate exceeds the allotted time, the system may execute one or more fraud prevention steps.

Abstract: Various embodiments are directed to applying, via contactless card authentication, one or more restrictions to a virtual card number and generating the card number for use by a recipient. The one or more restrictions may be specifically personalized to the recipient and may include, for example, a merchant restriction, an amount restriction, a time period restriction, or a location restriction. The generated virtual card number along with the applied one or more restrictions may be consumed in various ways, such as writing the number to a blank card, transmitting the number directly to the recipient's computing device, etc., all via near-field communication.

Abstract: Systems, methods, and computer program products are provided for predicting a specified geographic area of a user. An example system includes a processor configured to determine a verified geographic area associated with each user, and determine a feature vector associated with an account of each user. The processor is also configured to receive transaction data and determine a value of each parameter of the feature vector for each user based on the transaction data to produce a training matrix. The processor is further configured to train and validate a geographic area prediction model based on the training matrix. The processor is further configured to repeatedly generate a prediction that a user will conduct a transaction in a geographic area, communicate an offer to the user based on the prediction, receive new training data, and update the geographic area prediction model based on the new training data.

Abstract: Systems, methods, and apparatuses for providing a customer a central location to manage permissions provided to third-parties and devices to access and use customer information maintained by a financial institution are described. The central location serves as a central portal where a customer of the financial institution can manage all access to account information and personal information stored at the financial institution. Accordingly, the customer does not need to log into each individual third-party system or customer device to manage previously provided access to the customer information or to provision new access to the customer information. A user additionally is able to have user data and third-party accounts of the user deleted from devices, applications, and third-party systems via a central portal. Restrictions on how user data is used by devices, applications, and third-party systems can be imposed via a central portal.

Abstract: A method and an apparatus for tracing a transaction based on a blockchain are provided. The method may include: invoking a smart contract between an upstream node and an intermediate node; encrypting, by using a private key of the intermediate node, transaction details between the upstream node and the intermediate node to generate and write upstream transaction information into the blockchain; encrypting the private key of the intermediate node by respectively using public keys of the upstream node and an end node, and generating and writing secret-key information of the upstream node and the end node into the blockchain; and decrypting the secret-key information of the upstream node and the end node by using the private keys of the upstream node and the end node, and decrypting the upstream transaction information of the intermediate node by using the private key of the intermediate node to obtain the transaction details.

Abstract: Methods and systems for the use of multi-party computation (“MPC”) key systems that involve the use of multiple parties, each of which hold respective private data that may be used to evaluate a computation without ever revealing any of the private data held by each party to perform blockchain operations. Using the MPC key systems, the methods and systems generate secure, encrypted communications across distributed computer networks for authorizing use of cryptography-based digital repositories in order to perform blockchain operations in decentralized applications.

Abstract: An MRI image processing and analysis system may identify instances of structure in MRI flow data, e.g., coherency, derive contours and/or clinical markers based on the identified structures. The system may be remotely located from one or more MRI acquisition systems, and perform: error detection and/or correction on MRI data sets; segmentation; visualization of flow superimposed on anatomical structure, quantification; verification; and/or generation of patient specific 4-D flow protocols. A protected health information (PHI) service is provided which de-identifies medical study data and allows medical providers to control PHI data, and uploads the de-identified data to an analytics service provider (ASP) system. A web application is provided which merges the PHI data with the de-identified data while keeping control of the PHI data with the medical provider.

Abstract: A system to track to model asset states and access by utilizing non-fungible tokens (NFTs). The system includes a data processing system including memory and one or more processors to receive a stating request for an asset, obtain, based on a plurality of control structures, a plurality of NFTs, each of the plurality of NFTs including a link with a metadata object including metadata of a state of the asset, encapsulate the plurality of NFTs within a container, receive, from the remote device, a state request for an asset state corresponding to a first NFT, the state request including a security token, obtain, from the metadata of the first NFT, one or more recorded security tokens, compare the security token to the one or more security tokens, and, in response to the security token matching the one or more security tokens, transmit the first NFT to the remote device.

Abstract: A method includes receiving a request to process, against an electronic wallet, a portion of a transaction, an electronic wallet optionally comprising a sub-wallet, the transaction processed against the wallet and/or sub-wallet. The method further includes identifying one or more electronic value tokens in the e-wallet and/or sub-wallet that, when used together, will cover the portion of the transaction. The method further includes applying the electronic value tokens to the portion of the transaction.

Abstract: A self-custody wallet combination payment card includes an electronic component with storage, a processor, and a near field communications interface. Two programs are stored at the electronic component and, once provisioned, the electronic component stores one or more blockchain addresses and security keys. The two programs can include a payment application which can interface with point of sale terminals (e.g., following EMV specifications) and a crypto application which has the capability to securely store keys and return a signature for blockchain transaction.

Abstract: Systems and methods for blockchain-based asset authentication are described. The disclosed embodiments leverage the traceability and immutability of blockchains (or distributed ledgers, in general) to enable the authentication and ownership of assets, e.g., luxury goods. In an example, this is achieved by first pairing an authentication chip with a physical product, and writing a transaction correlated with the first pairing to a blockchain. The product being acquired (reacquired) results in the blockchain being updated (e.g., an updated transaction being written to the blockchain) and the (subsequent) owner being provided with a digital passport that can be added to the owner's digital Web3 wallet. The described embodiments advantageously enable digital identities to be associated with physical goods, which adds value for customers making a long-term investment in a luxury good, and promotes sustainability and transparency in manufacturing and retail processes.

Abstract: Aspects described herein may use behavioral biometric data to authenticate an individual that requests performance of an action related to a financial account. In response to the request, challenge questions relating to recent transactions conducted with the financial account may be generated. The challenge questions may be provided to the individual and may prompt the individual for audile response and/or touch input responses. Behavioral biometric data may be extracted from the responses and may be used to determine a likelihood the individual is an authorized user of the account.

Abstract: A server computing device receives authentication request messages formatted according to a first message format from a party via a computing device of a user involved in a transaction, translates the messages into modified authentication request messages formatted according to a second message format, and transmits the modified authentication request messages to an authorization computer. The server computing device may augment the modified authentication request messages by including data gathered from the received authentication request messages describing the user, user's computing device, and/or network path between the server computing device and user's computing device, as well as risk scores generated based upon the received authentication request message.

Abstract: An electronic data protection (EDP) computing device for protecting sensitive data of a user during a computer interaction between the user and a business entity computing device associated with a business entity is provided. The EDP computing device is configured to receive interaction data for the computer interaction from the business entity computing device. The interaction data includes an interaction identifier, a business entity identifier, and a user identifier in lieu of a protected data object. The EDP computing device generates a token request message using the interaction data and a request token and transmits the token request message to the user computing device, prompting the user to pick a user account. The EDP computing device receives a response token identifying an account selected to complete the computer interaction, retrieves the protected data object, and completes the computer interaction using the protected data object.

Abstract: Described is a secure WiFi sharing system for use between neighbors or others in like proximity. The system may include a WiFi signal with an established network connection and a user computing device seeking to access the network connection through the WiFi signal. The system allows the user computing device to rent or share the WiFi signal through the system and establish a secure connection between the user computing device and the WiFi network without the need of sharing the SSID and/or the password. Further, the system automatically changes a user computing device to another WiFi signal on the system and in proximity if the signal strength of the connected WiFi signal drops below a minimum threshold.

Abstract: Various embodiments herein each include at least one of systems, methods, and software for biometric authentication of pre-staged self-service terminal transactions. One embodiment in the form of a method includes connecting, wirelessly via a wireless communication device of a mobile device, to a Self-Service Terminal (SST), such as an ATM or self-service checkout terminal. The mobile device then receives, via the wireless communication device from the SST, biometric authentication data to authenticate an account holder. The received biometric data is then compared on the mobile device with biometric data stored on or read by a biometric reader of the mobile device. When the comparing identifies a match between the received biometric data and the biometric data read by or stored on the mobile device, the method then transmits an authentication message via the wireless communication device to the SST indicating the match.