Abstract: Systems, methods, and apparatuses for isolating information from a cloud services provider hosting an enterprise application software, using a distributed ledger. For example, according to one embodiment there is a system having at least a processor and a memory therein executing within a host organization to host an enterprise application software for an enterprise, receive information input from a customer of the enterprise at a user interface for the enterprise application software, transfer the customer-provided information to a distributed ledger accessible to the system, receive information input from the enterprise at an enterprise interface for the enterprise application software, transfer the enterprise-provided information to the distributed ledger accessible to the system, but maintain no copy of the customer-provided information nor copy of the enterprise-provided information in a permanent store accessible to the system and the host organization.

Abstract: A method and apparatus for performing privacy preserving fraud detection in network based transactions are described. The method may include receiving a fraud detection message during a transaction between a user system and a merchant system, the message having a set of cryptographically transformed universal resource locator (URL) components generated from a URL of a web page of the merchant system on which the transaction is to occur. The method may also include generating one or more secure and anonymous fraud detection features, each fraud detection feature comprising a select subset of the cryptographically transformed URL components. The method may also include performing fraud detection for the web page using the one or more secure and anonymous fraud detection features to determine a likelihood that fraud is occurring in the transaction.

Abstract: An example operation includes one or more of monitoring, by a transport exterior a location, an exchange performed in an interior of the location by a recent occupant of the transport, and completing, by the transport, the exchange.

Abstract: Embodiments of the invention are directed to systems and methods of securely transmitting account credentials, such as a token. A user device and application can initially select an account, and then obtain a transaction identifier associated with the account. The user device can provide the transaction identifier to a resource provider, which can then directly exchange the transaction identifier for the account credentials.

Abstract: In some embodiments, a method includes storing data associated with fungible assets in a distributed ledger database. The method includes dividing fungible tokens into a first set of groups of fungible tokens based on the data and sending, via the distributed ledger-based network and based on an asymmetric cryptography key pair, each group of fungible tokens from the first set of groups of fungible tokens to a communication device from the first set of communication devices to cause the second plurality of communication devices to send, to a designated recipient communication device, non-fungible tokens for each group of fungible tokens from the second set of groups of fungible tokens. The first set of groups of fungible tokens is divided into a second set of groups of fungible tokens and received at a second set of communication devices.

Abstract: Systems and methods for establishing and fulfilling a smart contract between users and service providers are disclosed. A method includes creating, by one or more nodes in a computer network, a smart contract in response to a request from a user for services and providing the smart contract to a blockchain. The method then includes notifying service providers of the smart contract and receiving responses to the notifications from the service providers. Then the method includes identifying one or more service providers that can complete the service. The method then includes updating the smart contract to include data about the identified service providers. The updated smart contract includes account information for a user account of the user, and account information for service provider accounts of the identified service providers. Then a value interaction is initiated that pushes value from the user account to the service provider accounts.

Abstract: This disclosure describes systems and methods related to utilizing hardware assisted protection for media content. In some embodiments, a provided method comprises: receiving, from a content server and by a computing device processor of a secure enclave of a device, first encrypted media content; decrypting, by the computing device processor, the first encrypted media content using a first decryption key; generating, by the computing device processor, a second decryption key; encrypting, by the computing device processor, the first decrypted media content using the second key, thereby resulting in second encrypted media content; and sending, by the computing device processor and to one or more graphical processing units (GPUs) comprised in a graphics component of the device, the second encrypted media content and the second decryption key.

Abstract: A method may include receiving at a receiving system an electronic request to transfer assets, included in an account of a user at a delivering system, to the receiving system; generating an electronic transaction record, the electronic transaction record identifying the user, the assets, and transfer information related to the assets; adding the electronic transaction record to a shared ledger data structure; in response to the adding: transmitting an indication to the delivering system that the electronic transaction record was added; and transmitting a notification to computing nodes associated with the shared ledger data structure that the shared ledger data structure was updated; after transmitting the indication, receiving confirmation from a third-party system that the assets were successfully transferred; and in response to the confirmation, updating an account database at the receiving system indicating a transfer of the assets.

Abstract: A method includes receiving an asset freeze service request having an authentication token by a service computing system from a user computing system. The method further includes retrieving a recorded user identifier and a recorded asset identifier by the service computing system from an asset control system that facilitates access of the virtual asset within a virtual environment. The method further includes comparing the user identifier with the recorded user identifier or the asset identifier with the recorded asset identifier by the service computing system. The method further includes the service computing system generating a key associated with the virtual asset and sending the key and the asset freeze service request to the asset control system. The method further includes service computing system generating an asset freeze protocol defining access to the virtual asset. The asset freeze protocol includes receiving a level one first trigger by the service computing system.

Abstract: A control method including: receiving first transaction data including a first electronic signature from the a home of a first user; verifying whether the received first electronic signature included in the first transaction data is valid; verifying validity of the received first transaction data; when the first electronic signature and the validity of the first transaction data are verified successfully, executing a first consensus algorithm for the first transaction data; and when the validity of the first transaction data is verified according to the first consensus algorithm, recording a block including the first transaction data in a distributed ledger. The first electronic signature is a group signature assigned to a group to which the first user belongs.

Abstract: Systems and methods are disclosed for device movement-based authentication. One method comprises receiving contextual data from one or more sensors of a user device and determining a device movement pattern based on the received contextual data. The determined device movement pattern is compared with a device movement-based signature associated with a user of the user device. If the determined device movement pattern matches the device-movement based signature within a predetermined threshold, the user is authenticated for an electronic transaction. If the determined device movement pattern does not match the device-movement based signature, a notification indicating authentication failure is sent to the user device.

Abstract: Methods and systems related to authoring and acquiring digital rights management (DRM) licenses are disclosed. For example, a computing device may generate or author a digital rights management license for a content asset that includes one or more usage restriction rules. A usage restriction may limit the maximum display resolution for a content asset. Another device may then receive the license and process the one or more usage restrictions prior to presentation of the content asset to a user.

Abstract: Example methods, apparatuses, and systems are presented that allows a user to make a secure purchase online, directly through accessing an online advertisement and without being redirected to multiple, cumbersome webpages to process different pieces of information to complete the transaction, while still leveraging existing e-commerce entities, such as existing payment platforms and existing ad/content networks. The present system includes a commerce ads engine (CA engine) that interfaces with the user through an app associated with the CA engine, a tokenization platform for authentication of the user, and a merchant providing relevant offer and check out information about a product being advertised in an online ad.

Abstract: Methods and systems for provisioning a secure element of a digital device with financial credentials of a consumer are disclosed. In an embodiment, an external entity computer receives from one of a merchant computer or a manufacturer computer, a consumer order for a digital device that includes a secure element (SE). The external entity computer then obtains, based on the digital device information setup data of a digital device which fulfills the order, and transmits a financial account provisioning request including the setup data and the consumer account information to a token service provider (TSP) computer. The process also includes the external entity computer receiving provisioning data including a personalization script which includes financial account token credentials of the consumer from the TSP computer, and then personalizes the ordered digital device with the financial account token credentials.

Abstract: The disclosure describes a campaign director (CD) system associated with a financial institution and an associated campaign manager (CM) unit executing on a mobile device used to facilitate behavior based allocation of payment tokens and activation of payment transactions based on the tokens. The CM unit of the mobile device may be programmed by the CD system at the financial institution to generate tokens according to a token generation model that is a function of financial behavior history associated with a credit card account. When a credit card is used to initiate a payment transaction with a merchant, the CM unit of the mobile device may generate a token for the payment transaction and send the token to the CD system at the financial institution. The CD system then determines whether to activate the payment transaction based on the token and merchant data associated with the payment transaction.

Abstract: Systems and methods for facilitating transfer of ownership of tokens between users on a decentralized database stores a registry of assets and transactions are disclosed. Exemplary implementations may: store, on electronic storage, a set of code executable by the decentralized database to manifest individual tokens on the decentralized database; and record the set of code on the decentralized database such that the set of code is accessible at a creator address that is associated with the creator of the set of code. Using the functions defined by the set of code, an owner of an individual token can offer to sell the individual token, and a buyer can accept this offer to buy the individual token, at an agreed-upon price.

Abstract: Systems and methods of securing, distribution and enforcing for-hire vehicle operating parameters are described whereby a first computer system maintaining the parameters generates a data packet that is distributed to a second computer system which acts as a meter (such as a taximeter, limousine meter or shuttle meter) for the for-hire vehicle. The first computer system may secure or encrypt the data packet according to a security protocol associated with the second computer system. Once the second computer system receives the data packet, it may validate and extract the operating parameters contained within it. The second computer system may then store the operating parameters and operate according to the parameters by, for example, calculating fares for passengers that make use of the for-hire vehicle associated with the second computer system.

Abstract: A transaction system avoids the storage of any single information item that can be used to provide access to sensitive information. To gain access to the sensitive information, information elements from at least two different databases must be provided, none of the information elements being sufficient to gain access to the sensitive information. In an example embodiment, a payment company encrypts the sensitive information, then partitions the encrypted information into at least two parts. These at least two parts are stored in at least two databases, each database being controlled by a different entity. To gain access to the sensitive information, each of the different entities must provide their part of the encrypted information. Absent any one of the parts of the encrypted information, it is virtually impossible to access the sensitive information.

Abstract: A method for generating payment credentials in a payment transaction includes storing, in a memory, at least a card master key associated with a transaction account. The method also includes generating, by a processing device, a first session key based on at least the stored card master key; generating, by the processing device, a second session key; generating, by the processing device, a first application cryptogram based on at least the first session key; generating, by the processing device, a second application cryptogram based on at least the second session key; and transmitting, by a transmitting device, at least the first application cryptogram and second application cryptogram for use in a payment transaction.

Abstract: A contactless payment device including a wireless communication device; a power source; a processor coupled to the power source; an accelerometer communicatively coupled to the processor and the power source; and an actuator communicatively coupled to the wireless communication device and the processor. The actuator is configured to activate the wireless communication device when the actuator is set in a closed state, and deactivate the wireless communication device when the actuator is set in an open stat. The processor is configured to receive an incoming signal from the accelerometer; determine whether the incoming signal corresponds to a pre-programmed signal corresponding to an enabling gesture; and set the actuator in the dosed state for a time interval, when the incoming signal corresponds to the enabling gesture.