Abstract: A method for using multiple channels to access a resource, wherein a first user requests a resource that requires an indication of approval from a second user, a token value is transmitted to the first user on the first channel, and the second user transmits the token value and a second authentication parameter over a second channel. The token value is used to associate the first authentication parameter to the second authentication parameter, whereby the first user is allowed access to the resource on the first. The first and second user may be independently authenticated in some implementations and not independently authenticated in other implementations.

Abstract: A method for using multiple channels to authenticate a user, wherein a first authentication parameter from a first device associated with a user is received over a first channel, a token value is transmitted to the user on the first channel, and the user transmits the token value and a second authentication parameter over a second channel. The token value is used to associate the first authentication parameter to the second authentication parameter, whereby the user is authenticated on the first channel.

Abstract: Described are methods, systems, and apparatus, including computer program products for providing authentication for service provisioning. At least a first and a second executable authentication rule are provided. One or both of the first and second executable authentications are for determining access by a user to a service. The first executable authentication rule is selected when a lifecycle state associated with the user is in a first state. The second executable authentication rule is selected when the lifecycle state is in a second state. A rules credential is generated. The rules credential includes the selected executable authentication rule.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for detecting fraudulent activity. A computing device in a second network receives a plurality of interactions between data centers in a first network and one or more devices, remote from the data centers, of a user, the interactions forming an aggregate user session representing the user's activity over a period of time with the data centers via the devices. The computing device monitors data transaction requests of the interactions and is configured to respond to each request with a response that appears as if the request was executed. If the interactions are harmful, the computing device interdicts the interactions from execution by the data centers and allows the devices to submit additional interactions. If unable to determine whether the subsequent interactions are harmful, the computing device transmits the interactions to the data centers for execution and marks the interactions.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for subscribing to data feeds on a network. An user utilizes a transmitting device to transmit data packets that are split between a plurality of data centers for processing. The data packets are captured at the data centers. The data packets are recombined. The recombined data can be analyzed for fraud detection, marketing analysis, network intrusion detection, customer service analysis, and/or performance analysis. If fraudulent activity is detected, then the user can be interdicted to prevent further fraudulent activity.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for detecting fraudulent activity on a network. A user utilizes a transmitting device to transmit user requests that are split between a plurality of data centers for processing. The user requests are captured at the data centers. The user requests are unified into a user session. The user session can be analyzed for fraud detection, marketing analysis, network intrusion detection, customer service analysis, and/or performance analysis. If fraudulent activity is detected, then the user can be interdicted to prevent further fraudulent activity.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for detecting and interdicting fraudulent activity on a network. An user utilizes a transmitting device to transmit user requests that are split between a plurality of data centers for processing. The user requests are captured at the data centers. The user requests are unified into an user session. The user session can be analyzed for fraud detection, marketing analysis, network intrusion detection, customer service analysis, and/or performance analysis. If fraudulent activity is detected, then the user can be interdicted to prevent further fraudulent activity.

Abstract: A bug proof bag for containing luggage or other items has a plurality of sides such that the sides are non-porous so as to prevent ingress of bugs into the bag and are smooth so as to offer substantially no harborages to bugs. A zipper in a closed state prevents ingress of bugs into the bag, and the zipper in an opened state permits access to an interior of the bag. The zipper, for example, has a slider and first and second locking strips. The bug proof bag may, if desired, also include a seal that seals ends of the first and second locking strips to the bag.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for detecting and interdicting fraudulent activity on a network. An user utilizes a transmitting device to transmit user requests that are split between a plurality of data centers for processing. The user requests are captured at the data centers. The user requests are unified into an user session. The user session can be analyzed for fraud detection, marketing analysis, network intrusion detection, customer service analysis, and/or performance analysis. If fraudulent activity is detected, then the user can be interdicted to prevent further fraudulent activity.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for subscribing to data feeds on a network. An user utilizes a transmitting device to transmit data packets that are split between a plurality of data centers for processing. The data packets are captured at the data centers. The data packets are recombined. The recombined data can be analyzed for fraud detection, marketing analysis, network intrusion detection, customer service analysis, and/or performance analysis. If fraudulent activity is detected, then the user can be interdicted to prevent further fraudulent activity.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for detecting fraudulent activity on a network using stored information. An user utilizes a transmitting device to transmit user requests that are split between a plurality of data centers for processing. The user requests are captured at the data centers. The user requests are unified into an user session. The user session can be analyzed for fraud detection, marketing analysis, network intrusion detection, customer service analysis, and/or performance analysis. If fraudulent activity is detected, then the user can be interdicted to prevent further fraudulent activity.

Abstract: Described are methods, systems, and apparatus, including computer program products for providing customizable authentication for service provisioning. A first user is enabled to customize an authentication system associated with a service type. Customizing the authentication system includes defining one or more authentication rules for determining access for a second user to a service for the service type.

Abstract: Described are methods, systems, and apparatus, including computer program products for providing authentication for service provisioning. At least a first and a second executable authentication rule are provided. One or both of the first and second executable authentications are for determining access by a user to a service. The first executable authentication rule is selected when a lifecycle state associated with the user is in a first state. The second executable authentication rule is selected when the lifecycle state is in a second state. A rules credential is generated. The rules credential includes the selected executable authentication rule.

Abstract: Described are methods, systems, and apparatus, including computer program products for providing authentication for service provisioning. An executable authentication rule is provided for determining access by a user to a service. A request for the service is received at an enforcement point from the user. It is determined if the user satisfies the executable authentication rule. Access is provided by the user to the service if the user does not satisfy the executable authentication rule.

Abstract: Described are methods, systems, and apparatus, including computer program products for providing authentication for service provisioning. One or more executable authentication rules are provided for determining access by a user to one or more services. A request is received from the user. The request is for a first service from the one or more services at an enforcement point. It is determined, at the enforcement point, if at least a first executable authentication rule from the one or more executable authentication rules applies to the user. The first executable authentication rule is for determining access by the user to the first service, wherein determining if the first executable authentication rule applies includes determining if one or more triggers specified by the first executable authentication rule are triggered.

Abstract: Described are methods, systems, and apparatus, including computer program products for providing authentication for service provisioning. One or more executable authentication rules are provided for determining access by a user to one or more services. At least a first executable authentication rule is selected from the one or more executable authentication rules. The first executable authentication rule is for determining access by the user to at least a first service from the one or more services, wherein selecting the first executable authentication rule is based on: a characteristic of the user, a characteristic of a request, a characteristic of an acquisition point, or any combination thereof. A rules credential is generated. The rules credential includes the first executable authentication rule.

Abstract: Described are methods, systems, and apparatus, including computer program products for providing customizable authentication for service provisioning. A first user is enabled to customize an authentication system associated with a service. Customizing the authentication system includes defining a first executable authentication rule for a second user and a second executable authentication rule for a third user. The second executable authentication rule is different from the first executable authentication rule. The second user is different from the third user. The first executable authentication rule is employed for determining access by the second user to the service. The second executable authentication rule is employed for determining access by the third user to the service.

Abstract: A method for using multiple channels to authenticate a user, wherein a first authentication parameter from a first device associated with a user is received over a first channel, a token value is transmitted to the user on the first channel, and the user transmits the token value and a second authentication parameter over a second channel. The token value is used to associate the first authentication parameter to the second authentication parameter, whereby the user is authenticated on the first channel.

Abstract: A method for using multiple channels to access a resource, wherein a first user requests a resource that requires an indication of approval from a second user, a token value is transmitted to the first user on the first channel, and the second user transmits the token value and a second authentication parameter over a second channel. The token value is used to associate the first authentication parameter to the second authentication parameter, whereby the first user is allowed access to the resource on the first. The first and second user may be independently authenticated in some implementations and not independently authenticated in other implementations.