Abstract: Methods, systems, apparatus and computer programs for enabling access to data by a requesting party. A plurality of sets of data are generated. A one one-way function is then used to generate a plurality of keys each associated with a respective one of the plurality of sets. Information associated with the data in a given set is used as an input to the one-way function when generating the key for that set. The keys are distributed to requesting parties. Subsequently, a requesting party may make a data access request using the received key. Upon receipt of a key, access may be enabled to the data. The requesting party may then generate validation data from information associated with at least a part of the received data and validating the received data by comparing the validation data to data derived from the received key.

Abstract: Systems and methods for use in verifying a request for access to data in a system comprising a first module having access to a first trusted indicator of time, a second module having access to an untrusted indicator of time and a computing device having access to a second trusted indicator of time. The first module generates a password using at least the first trusted indicator of time. The second module receives a password associated with the request for access to data and validates the received password using at least the untrusted indicator of time. The second module then causes a message to be transmitted to the computing device, the message comprising data indicative at least of the untrusted indicator of time used to validate the received password. The computing device then generates data indicative of a comparison between the untrusted indicator of time and the second trusted indicator of time, and uses the generated data to provide said access to data.

Abstract: Embodiments of the present disclosure comprise methods, apparatus and computer readable instructions for establishing a relationship between user accounts. A first account association request message in relation to a first user account in an account based system is received. A first source account identifier which corresponds to the first user account and a first target account identifier which corresponds to the second user account are identified. A second account association request message in relation to the second user account is received. Based on the second account association request message, a second source account identifier which corresponds to the second user account and a second target account identifier which corresponds to the first user account are identified. Responsive to a determination of whether the source account identifiers and target account identifiers relate to the same user account, a relationship is established between the first user account and the second user account.

Abstract: Embodiments of the present disclosure comprise methods, apparatus and computer readable instructions for establishing a relationship between user accounts. An account association request message in relation in relation to a first user account and a second user account is received. The account identifier for the first user account and the account identifier for the second user account is determined based on the account association request message. A profile information message is transmitted on the basis of the account identifier for the second user account and in response, a profile information response message is received. A relationship between the first user account and the second user account is established least in response to receipt of the profile information response message.

Abstract: Methods, systems, apparatus and computer programs for enabling access to data by a requesting party. A plurality of sets of data are generated. A one one-way function is then used to generate a plurality of keys each associated with a respective one of the plurality of sets. Information associated with the data in a given set is used as an input to the one-way function when generating the key for that set. The keys are distributed to requesting parties. Subsequently, a requesting party may make a data access request using the received key. Upon receipt of a key, access may be enabled to the data. The requesting party may then generate validation data from information associated with at least a part of the received data and validating the received data by comparing the validation data to data derived from the received key.

Abstract: Measures, including methods, apparatus and computer software are provided for processing electronic tokens. An authorization request is received in relation to processing of an electronic token. An identifier for a user terminal associated with the electronic token, and an account, are determined on the basis of the authorization request. In some arrangements, a location query for the user terminal is performed on the basis of the determined identifier, whereby to determine a location of the user terminal on the basis of a proximity of the user terminal to one or more base stations in a cellular telecommunications network. In some arrangements, a challenge message is sent to the user terminal, to establish a confidence that the transacting user terminal is the designated user terminal. Processing of the electronic token in relation to the account is selectively authorized on the basis of the result of the location query or challenge response.

Abstract: Systems, methods and apparatus for enabling access to secure data. A first module is arranged to generate a limited use passcode and make the passcode available to a user. A second module and a third module are arranged to communicate whereby to enable detection of the third module being in proximity to the second module. A fourth module is arranged to receive a passcode via user input. The apparatus is arranged to enable access to secure data in dependence on the fourth module receiving a valid passcode generated by the first module and the third module being in proximity to the second module.

Abstract: Systems, methods and computer programs for transferring data in a communication system are described. The communication system has a first node arranged to send data to a plurality of second nodes using a first protocol. The first protocol allows the transfer of data of a first type. At least one of the second nodes additionally requires data of a second type, which is not included in the data sent according to the first protocol. First data, of the first type, is transferred to a plurality of the second nodes using the first protocol. Second data, of the second type, is stored in a memory. Subsequently, in response to a request, access to the second data is provided to the second node.

Abstract: Systems and methods for use in verifying a request for access to data in a system comprising a first module having access to a first trusted indicator of time, a second module having access to an untrusted indicator of time and a computing device having access to a second trusted indicator of time. The first module generates a password using at least the first trusted indicator of time. The second module receives a password associated with the request for access to data and validates the received password using at least the untrusted indicator of time. The second module then causes a message to be transmitted to the computing device, the message comprising data indicative at least of the untrusted indicator of time used to validate the received password. The computing device then generates data indicative of a comparison between the untrusted indicator of time and the second trusted indicator of time, and uses the generated data to provide said access to data.

Abstract: A system for verifying a request for access to data is provided, the system comprising a first module 20 and a second module 30. The first module 20 is arranged to generate a password, and the second module 30 is arranged to receive a password associated with a request for data, validate the received password, and enable access to the requested data. The system is such that the first and second modules 20, 30 share a secret that has been uniquely assigned thereto, the shared secret being for use in generation and validation of a said password. Furthermore, the first module 20 is communicatively disconnected from the second module 30.

Abstract: Trust is established between a service provider (20) and a client (10) of the service provider (20). The client (10) is associated with a party that is known by an identity provider (50), and the identity provider (50) is trusted by the service provider (20). The identity provider (50) contacts (70) the party (80) via a predetermined medium, and requests the party to identify itself. The identity provider (50) determines whether the identity of the identifying party (80) corresponds to an identity held by the identity provider (50) for the party and shares a secret (100) with the identifying party (80) in the event that the identity provider (50) has determined that the identity of the identifying party (80) is the same as said identity held by the identity provider (50).

Abstract: A system for verifying a request for access to data is provided, the system comprising a first module and a second module. The first module is arranged to generate a password, and the second module is arranged to receive a password associated with a request for data (received at step), validate the received password, and enable access to the requested data. The system is such that the first and second modules share a secret that has been uniquely assigned thereto, the shared secret being for use in generation and validation of a said password. Furthermore, the first module is communicatively disconnected from the second module.

Abstract: A system for verifying a request for access to data is provided, the system comprising a first module and a second module. The first module is arranged to generate a password, and the second module is arranged to receive a password associated with a request for data (received at step), validate the received password, and enable access to the requested data. The system is such that the first and second modules share a secret that has been uniquely assigned thereto, the shared secret being for use in generation and validation of a said password. Furthermore, the first module is communicatively disconnected from the second module.

Abstract: Trust is established between a service provider (20) and a client (10) of the service provider (20). The client (10) is associated with a party that is known by an identity provider (50), and the identity provider (50) is trusted by the service provider (20). The identity provider (50) contacts (70) the party (80) via a predetermined medium, and requests the party to identify itself. The identity provider (50) determines whether the identity of the identifying party (80) corresponds to an identity held by the identity provider (50) for the party and shares a secret (100) with the identifying party (80) in the event that the identity provider (50) has determined that the identity of the identifying party (80) is the same as said identity held by the identity provider (50).

Abstract: Trust is established between a service provider (20) and a client (10) of the service provider (20). The client (10) is associated with a party that is known by an identity provider (50), and the identity provider (50) is trusted by the service provider (20). The identity provider (50) contacts (70) the party (80) via a predetermined medium, and requests the party to identify itself. The identity provider (50) determines whether the identity of the identifying party (80) corresponds to an identity held by the identity provider (50) for the party and shares a secret (100) with the identifying party (80) in the event that the identity provider (50) has determined that the identity of the identifying party (80) is the same as said identity held by the identity provider (50).