Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authenticate device identity and authorize exchanges of data in real-time based on dynamically generated cryptographic data. For example, an apparatus may receive a first signal that includes a first cryptogram associated with a client device, and may perform operations that authenticate an identity of the client device based on a comparison of the received first cryptogram and a second cryptogram generated by a computing system associated with an application program executed by the client device. In response to the authenticated identity, the apparatus may load profile data associated with the client device from a storage unit, and perform operations consistent with the profile data in accordance with the authenticated identity.

Abstract: The disclosure generally describes computer-implemented methods, software, and systems, including a method for placing a card into a usable state. A biometric input is received for a user to which a card has been issued by an entity. The card has an operational mode of an unusable state that has been previously identified by the entity for a particular PAN. The particular PAN is invalidated for use in further data exchanges using the card. The biometric input is received by an electronic controller embedded in the card. A determination is made that the biometric input matches one of one or more stored biometric profiles of users authorized to use the card. Based on the determining, a new PAN is activated for the card. The new PAN is usable in further data exchanges of the card. The operational mode of the card is modified to a usable state by the electronic controller.

Abstract: The disclosed exemplary embodiments include computer-implemented devices, apparatuses, and processes that, among other things, perform dynamic biometric authentication based on distributed ledger data. For example, a device may compute a first hash value based on first biometric data captured by a sensor unit, and may transmit a request to, and receive a response from, a computing system across a communications network via the communications unit. The request may cause the computing system to execute instructions maintained within the distributed ledger data, and to extract second biometric data maintained within an element of the distributed ledger data. The second biometric data may include a second hash, which the computing system may incorporate into the response. The device may authenticate an identity associated with the device when the first hash value corresponds to the second hash value incorporated within the response.

Abstract: Computer-implemented methods and systems reliant on establishing a common session key between an electronic device and a computer server are disclosed. The method and systems may be for processing de-tokenization requests in payment transaction processing and for preparing an electronic device to perform payment transactions. During such a transaction, the server may perform a method that includes receiving a de-tokenization request including a payment token and a cryptogram generated by the electronic device using a session key generated by the electronic device based on a fingerprint of the electronic device, a secret value previously shared with the electronic device, the payment token, and a transaction counter; retrieving the fingerprint, the secret value, and the transaction counter and generating the session key based on the same; verifying the cryptogram using the session key; retrieving an associated account number; and sending response to the request including the account number.

Abstract: An apparatus for use in a digital messaging system includes a storage device and a processor coupled to the storage device. The storage device storing software instructions for controlling the processor that when executed by the processor configured the processor to: generate a master private and public key pair; associate the master private and public key pair with a first certificate; and derive at least one domain-specific key from the one of the master private and public key pair. The first certificate is registered to a group comprising a plurality of domains. The domain-specific key is associated with one of the plurality of domains.

Abstract: There is provided a gesture-based GUI (system, method, etc.) to facilitate input of numerical data using a continuous swipe gesture. A gesture-based I/O device displays a GUI presenting a gross number and a gross number control to initially define a specific number for further defining with specificity. In response to a first gesture (hard click or pause) interacting with the gross number control, the specific number is initially defined as the gross number and a finer number control is presented to refine the specific number. In response to a continuous swipe gesture continuing from the first gesture and interacting with the finer number control, the interface further defines the specific number with finer specificity where a quantum varies in response to a direction and distance of the continuous swipe. Successive finer number controls may be also be presented to refine the specific number by continuing the swipe.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data based on tokenized data characterized by a limited temporal or geographic validity. For example, an apparatus may receive a first signal that includes first information identifying a first geographic position of a client device. The apparatus may also obtain a digital token representative of a pre-authorization of a data exchange between the client device and a terminal device during a corresponding temporal interval. The terminal device may, for example, be disposed within a geographic region that includes the first geographic position of the client device. The apparatus may generate and transmit a second signal that includes the digital token to the client device. In some examples, the apparatus may transmit the second signal being through a programmatic interface associated with an application program executed by the client device.

Abstract: A scent dispenser may comprise a vial retaining mechanism, a heating element, vial sensor, and a controller. The vial retaining mechanism includes a vial coupling that removeably retains a vial containing a scented solution. The includes a wick extending from a cavity of the vial through an opening of a neck of the vial. The heating element is shaped to receive and heat the wick of the vial. The vial sensor includes an array of sensor pads that are arranged in alignment with the vial retained by the vial coupling. The controller is electrically coupled to the heating element and electrically coupled to the array of sensor pads. The controller regulates a temperature level of the heating element, and receives signals from the array of sensor pads and processing the signals to determine a fluid level of the vial.

Abstract: The disclosed exemplary embodiments include computer-implemented devices, apparatuses, and processes that, among other things, perform dynamic biometric authentication based on distributed ledger data. For example, a device may compute a first hash value based on first biometric data captured by a sensor unit, and may transmit a request to, and receive a response from, a computing system across a communications network via the communications unit. The request may cause the computing system to execute instructions maintained within the distributed ledger data, and to extract second biometric data maintained within an element of the distributed ledger data. The second biometric data may include a second hash, which the computing system may incorporate into the response. The device may authenticate an identity associated with the device when the first hash value corresponds to the second hash value incorporated within the response.

Abstract: Computer-implemented methods and systems reliant on establishing a common session key between an electronic device and a computer server are disclosed. The method and systems may be for processing de-tokenization requests in payment transaction processing and for preparing an electronic device to perform payment transactions. During such a transaction, the server may perform a method that includes receiving a de-tokenization request including a payment token and a cryptogram generated by the electronic device using a session key generated by the electronic device based on a fingerprint of the electronic device, a secret value previously shared with the electronic device, the payment token, and a transaction counter; retrieving the fingerprint, the secret value, and the transaction counter and generating the session key based on the same; verifying the cryptogram using the session key; retrieving an associated account number; and sending response to the request including the account number.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data in real-time based on dynamically generated tokenized data. For example, an apparatus may receive first positional data identifying a first geographic position of a client device and based on the first positional data, the apparatus may determine a value of a parameter characterizing an exchange of data between the client device and a terminal device disposed proximate to the client device during a temporal interval. The apparatus may transmit data requesting a pre-authorization of the data exchange to a computing system, which perform operations that pre-authorize the data exchange in accordance with the parameter value and transmit a digital token representative of the pre-authorized data exchange to the terminal device. The digital token may be valid during the temporal interval and may include a cryptogram associated with the client device.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data based on tokenized data characterized by a limited temporal or geographic validity. For example, an apparatus may receive a first signal that includes first information identifying a first geographic position of a client device. The apparatus may also obtain a digital token representative of a pre-authorization of a data exchange between the client device and a terminal device during a corresponding temporal interval. The terminal device may, for example, be disposed within a geographic region that includes the first geographic position of the client device. The apparatus may generate and transmit a second signal that includes the digital token to the client device. In some examples, the apparatus may transmit the second signal being through a programmatic interface associated with an application program executed by the client device.

Abstract: A system, method and computer readable medium provide a gesture-based graphical user interface to determine allocation information to instruct an allocation. A gesture-based I/O device displays a graphical user interface having: an amount region configured to define an allocation amount; a plurality of source regions each configured to define an allocation source; and a plurality of destination regions each configured to define an allocation destination. Input is received via the gesture-based I/O device as a swipe gesture having at least two directions, the swipe gesture interacting with the amount region to define the allocation amount and interacting with at least one of a source region of the plurality of source regions and a destination region of the plurality of destination regions to define an allocation source and an allocation destination for the allocation amount.

Abstract: A computer system provides a user interface efficient in its use of screen space allowing values to be provided for attributes. The computer system comprises a processor and a display, an input interface, and a memory coupled to the processor. The memory stores instructions that, when executed by the processor, cause the computer system to: display, within a first region of the display, a plurality of icons corresponding to a plurality of attributes; receive, via the input interface, input corresponding to a drag-and-drop operation wherein a particular one of the plurality of icons is dragged to and then dropped at a drop position within a second region of the display; and assign a value to an attribute corresponding to the particular one of the plurality of icons based on a location of the drop position within the second region. Related methods and computer-readable media are also disclosed.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data in real-time based on dynamically generated tokenized data. For example, an apparatus may receive first positional data identifying a first geographic position of a client device and based on the first positional data, the apparatus may determine a value of a parameter characterizing an exchange of data between the client device and a terminal device disposed proximate to the client device during a temporal interval. The apparatus may transmit data requesting a pre-authorization of the data exchange to a computing system, which perform operations that pre-authorize the data exchange in accordance with the parameter value and transmit a digital token representative of the pre-authorized data exchange to the terminal device. The digital token may be valid during the temporal interval and may include a cryptogram associated with the client device.

Abstract: A method for authenticating a wearable device is disclosed. The method includes: receiving, from a tokenization service provider (TSP), a signal representing a first code derived by the TSP from decrypting a security token previously provisioned in the computing device, wherein the security token was received at a terminal from the computing device and transmitted to the TSP; obtaining, based on the received signal representing the first code, a device identifier of the computing device and an identifier of an account; querying a device database to verify that the computing device is associated with a first status; verifying that the account is enabled for an operation initiated using the computing device; and transmitting an authorization message to the terminal, the authorization message authorizing the operation.

Abstract: The present disclosure involves systems, software, and computer implemented methods for providing user interface (UI)-based modifications to adjust and interact with data exchange splits. An example client device can include can identify a data exchange (DE) associated with at least three entities, the DE associated with a total value. A visualization representing the DE can be presented via a UI and can include a chart comprising the total value of the DE exchange divided into value areas that are each associated with a particular entity. In response to a detection of input associated with a selection of an edge between a first and second value area, the combined value area associated with the first and second value areas can be locked. In response to detected movement input associated with the edge, the relative values of the first and second inside the combined value area can be adjusted in the visualization.

Abstract: A computer system provides a user interface efficient in its use of screen space allowing values to be provided for attributes. The computer system comprises a processor and a display, an input interface, and a memory coupled to the processor. The memory stores instructions that, when executed by the processor, cause the computer system to: display, within a first region of the display, a plurality of icons corresponding to a plurality of attributes; receive, via the input interface, input corresponding to a drag-and-drop operation wherein a particular one of the plurality of icons is dragged to and then dropped at a drop position within a second region of the display; and assign a value to an attribute corresponding to the particular one of the plurality of icons based on a location of the drop position within the second region. Related methods and computer-readable media are also disclosed.

Abstract: The disclosed embodiments include processes that securely approve and execute exchanges of data between systems, apparatuses, and devices in a computing environment. For example, a terminal device may establish communications with a client device across a direct channel of communication, and may initiate an exchange of data with that additional device across the direct communications channel. The initiated data exchange may be characterized by a value of a data-exchange parameter, and the terminal device may determine to authorize the current data exchange in real-time based on cryptographically secure distributed ledger data maintained by the client device and provided to the terminal device across the direct communications channel. Further, and based on transmitted confirmation data, the client device may generate additional, cryptographically secure of the distributed ledger data to reflect the authorized data exchange.

Abstract: The disclosed embodiments include computerized systems and methods that generate secured distributed storage ledger structures, such as block-chain-based ledger structures, that facilitate event-based control of tracked assets. In one embodiment, an apparatus associated with a centralized authority of the secured distributed storage ledger may detect an occurrence of a triggering event, and may access and decrypt a set of rules hashed into the secured distributed storage ledger using a confidentially-held master cryptographic key. The apparatus may identify a rule associated with the detected event, and perform one or more operations consistent with the rule and involving at least one of assets tracked within the secured distributed storage ledger or an owner of a portion of the tracked assets.