Abstract: Systems and methods enhanced authentication techniques using virtual persona. An example method includes receiving a request associated with authorization of a user. Information identifying a virtual persona associated with the user is accessed, the virtual persona comprising meshes. Confidence measures associated with the user's identity are determined based on the meshes. The request is responded to based on the confidence measures.

Abstract: A method of providing information for display, from a portable electronic device, includes displaying information on a display of the portable electronic device, identifying a portion for redacting from the information displayed on the display of the portable electronic device, extracting the portion from the information to provide redacted information and an extracted portion, storing the redacted information, protecting and storing the extracted portion in association with a location identification in a file, and sending the redacted information and sending the file including extracted portions associated with the location identifiers.

Abstract: Replicating data using inferred trust, including: receiving, by a first storage system from a computing device, data encrypted using a first encryption key; decrypting, by the first storage system, the encrypted data using the first encryption key; encrypting, by the first storage system, the decrypted data using a second encryption key; storing, on the first storage system, the data encrypted using the second encryption key; sending, from the first storage system to the second storage system, the data; and servicing, by the second storage system, an input/output (‘I/O’) operation directed to the data.

Abstract: An electronic device is provided for control of an execution of a third-party application based on a blacklisting function. The electronic device includes circuitry that executes a monitor application that is a part of an operating system rooted onto the electronic device. The monitor application has system privileges to examine the code and execution of the third-party application installed on the electronic device. The circuitry identifies, by the monitor application, one or more requests to access a network resource from a runtime code of the third-party application. The circuitry extracts, by the monitor application, one or more first network resource identifiers associated with the network resource from the one or more requests. The circuity compares, by the monitor application, the first network resource identifiers with the blacklist associated with the monitor application. The circuitry controls, by the monitor application, the execution of the third-party application based on the comparison.

Abstract: Techniques are disclosed in which a computer system receives a transaction request and uses a federated machine learning model to analyze the transaction request. A server computer system may generate a federated machine learning model and distribute portions of the federated machine learning models to other components of the computer system including a user device and/or edge servers. In various embodiments, various components of the computer system apply transaction request evaluation factors to the portions of the federated machine learning model to generate scores. The server computer system uses the scores to determine a response to the transaction request.

Abstract: A computer-implemented method is disclosed. The method includes: receiving, via a computing device in a locked state, input of a first PIN; determining that the first PIN is associated with a first cryptographic key that is stored in a memory; responsive to determining that the first PIN is associated with the first cryptographic key, retrieving, from the memory, an encrypted form of a first credential that is associated with the first cryptographic key; recovering the first credential from the encrypted form using the first cryptographic key; and causing the computing device to be unlocked using the recovered first credential.

Abstract: Non-transitory computer readable storage mediums have instructions executed by processors to access a first random data element at a first computing device. A first vector and a second vector are generated at a second computing device. A communication channel is utilized to execute a secure multiparty computation protocol between the first computing device and the second computing device. The first computing device alternately identifies a polynomial relations satisfied state and a polynomial relations unsatisfied state. A first selected instruction set is executed at the first computing device in response to the polynomial relations satisfied state. A second selected instruction set is executed at the first computing device in response to the polynomial relations unsatisfied state.

Abstract: Device identification scoring systems and methods may be provided that can increase the reliability and security of communications between devices and service providers. Users may select and configure additional identification factors that are unique and convenient for them. These factors, along with additional environmental variables, feed into a trust score computation that weights the trustworthiness of the device context requesting communication with a service provider. Service providers rely on the trust score rather than enforce a specific identification routine themselves. A combination of identification factors selected by the user can be aggregated together to produce a trust score high enough to gain access to a given online service provider. A threshold of identification risk may be required to access a service or account provided by the online service provider.

Abstract: A device includes a bottom housing that includes a printed circuit board, a processor formed on the printed circuit board, a probe tip coupled to the processor, and a first wall. The first wall includes a front side surface, a backside surface, and an opening extending from the front side surface to the backside surface. The printed circuit board is coupled to the front side surface of the first wall. The printed circuit board includes a plurality of electrical contacts located on the back surface and coupled to the processor. The electrical contacts on the backside surface of the printed circuit board are visible through the opening formed in the first wall of the bottom housing. The electrical contacts are sealed from fluid penetration and can connect to the electrical contacts of a battery connected to the device.

Abstract: A method for remotely verifying a non-resident alien's identity, includes: receiving a request to establish a communication session from a user device; analyzing the request to determine whether the user device is compromised; in response to determining that the user device is not compromised, providing a page flow to the user device to solicit information from the non-resident alien, the information including identity information associated with a local foreign government identification document (ID), and other information not shown on the local foreign government ID; querying one or more foreign governmental data stores to identify foreign data associated with the non-resident alien based on a unique identifier associated with the local foreign government ID; comparing the information with the foreign data; and verifying an identity of the non-resident alien based on the comparing, wherein the verifying includes determining that at least one of the other information matches the foreign data.

Abstract: An encryption device includes one or more hardware processors functioning as the following units. A unit acquires, as a public key, n-variable indeterminate equations X having coefficients with a predetermined degree of a univariate polynomial ring Fp[t] on a finite field Fp. A unit embeds a plaintext m into coefficients of n-variable plaintext polynomial factors m having coefficients with a predetermined degree of the Fp[t]. A unit generates an n-variable plaintext polynomial M by multiplying the n-variable plaintext polynomial factors mi whose number is one or more. A unit randomly generates n-variable polynomials sk (k=1, 2), n-variable polynomials rk, and noise polynomial ek, each having coefficients with a predetermined degree of the Fp[t]. A unit generates a ciphertext ck by executing an operation including at least one of adding, subtracting, and multiplying the sk, the rk, the ek, and the X to, from, or by the M.

Abstract: A system for phishing domain detection receives a communication associated with a particular domain. The system extracts a first set of features from the communication, the first set of features including a name of the sender, a name of the domain, a time of receipt, a sentiment message, and attachment file associated with the communication. The system compares the first set of features with a second set of features associated with a historical communication labeled with a phishing domain. In response to determining that the first set of features corresponds to the second set of features, the system determines that the particular domain is the phishing domain.

Abstract: An electronic device includes a communication module, a processor, and a memory storing instructions, and the processor executes instructions to implement operations including: receiving a request to update first user information from an external electronic device through the communication module, identifying a processing order of the update of the first user information for the plurality of service servers, based on the stored relationship information, and transmit the request for processing the first user information to at least a first service server from among the plurality of service servers through the communication module, based on the identified processing order.

Abstract: A method for providing identification using an endpoint device is disclosed. The endpoint device may include an electronic identity that is unique and can be securely stored. The electronic identity may be passed to an access device along with signed interaction data and a cryptogram. The access device may generate an authorization request with the cryptogram and may send it to a remote server computer for further processing.

Abstract: A method is provided that permits user to submit a password to the private key that is to be used to decrypt files either at the time of user account setup or at the time of submitting the files. The password is stored securely in the system, permanently or temporarily, and is used later to decrypt the files right before the system is ready to process the files.

Abstract: Security can be improved in a business application, such as an enterprise resource planning (“ERP”) system, by verifying and testing transports within the system or between systems. In one embodiment, a transport is verified by a transport profiler to ensure proper functioning and compliance. In one embodiment, the transport profiler may include visualization functionality for visualizing the transport between systems.

Abstract: Real-time data transfer from a device is secured by: receiving data items from a data source, buffering and continually sending same to a data collector; generating by a root of trust a cryptographically verifiable integrity claim based on current hardware and software configuration of the apparatus; forming second data by combining at least the cryptographically verifiable integrity claim and an amount of the data items; forming a hash from at least the second data; obtaining a stamp; causing the root of trust circuitry to form a first signature from at least the hash; forming third data by combining at least the second data, the hash and the first signature; and providing the data collector with a secured transmission comprising the third data.

Abstract: An information handling system may include a processor, a memory coupled to the processor, a storage resource, and a basic input/output system (BIOS). The BIOS may be configured to, while the information handling system is in a pre-boot environment and prior to initialization of an operating system of the information handling system: establish a communication session with a remote information handling system; and in response to authentication of the communication session, transmit data to the remote information handling system that is operable to expose a partition of the storage resource to the remote information handling system.

Abstract: Biometrically-enhanced verifiable credentials of an individual. In one embodiment, an electronic device including a biometric capture circuitry, a memory, and an electronic processor. The biometric capture circuitry configured to capture one or more biometrics of an individual. The memory storing a digital identity application. The electronic processor, when executing the digital identity application, is configured to receive the one or more biometrics of the individual that are captured by the biometric capture circuitry, generate a biometric token of the individual based on the one or more biometrics, receive identity information of the individual, generate biometrically-enhanced verifiable credentials including the identity information and the biometric token, and control the memory to store the biometrically-enhanced verifiable credentials.

Abstract: A method including determining, by a virtual private network (VPN) server providing VPN services to one or more user devices, an average threshold level associated with an aggregate amount of VPN data communicated with a host device during a reference period; determining, by the VPN server, an observed average aggregate amount of VPN data communicated with the host device during an operation period; comparing, by the VPN server, the observed average aggregate amount with the average threshold level; and selectively transmitting, by the VPN server, a notification to the one or more devices indicating that the one or more user devices is to manage transmission of data from the one or more user devices based at least in part on a result of comparing the observed average aggregate amount with the average threshold level. Various other aspects are contemplated.