Abstract: Improvements in a projectile launcher with a two-part bolt is disclosed. The two-part bolt has a forward bolt that moves and locates the projectile from the magazine to the breach. The ball is maintained in the breach until pressurized air pushes the projective out of the launcher. A ball holder is biased by a spring and when the bolt is moved, the bolt will lift the ball holder and blocks loading of a second projectile. An adjustable barrel detent alters pressure on top of the projectile to create backspin. The two bolt parts forms a piston to drive the projectile forward. A spring between the forward bolt and the rear bolt to maintains an extended biased location between the two bolt components. Travel between the two bolt elements if maintained by a pin that is retained in the rear bolt with a pin keeper spring.

Abstract: A method includes forming a communication channel between a user device and an access device. The communication channel is then secured using a user device key pair in the user device and an access device ephemeral key pair in the access device. The access device then generates a session key using at least a private cryptographic key in the access device ephemeral key pair, and a public key in the user device key pair. The access device then uses the session key to secure an ultra-wideband communication channel between the user device and the access device.

Abstract: Techniques for managing an application token may include providing, by a first service provider application on a communication device to a first service provider computer, a first request for a first application token, receiving, by an account management application on the communication device from a token service computer in communication with the first service provider computer, the first application token, and storing the first application token in a token container in the account management application.

Abstract: Improvements in a projectile launcher with a two-part bolt is disclosed. The two-part bolt has a forward bolt that moves and locates the projectile from the magazine to the breach. The ball is maintained in the breach until pressurized air pushes the projective out of the launcher. A ball holder is biased by a spring and when the bolt is moved, the bolt will lift the ball holder and blocks loading of a second projectile. An adjustable barrel detent alters pressure on top of the projectile to create backspin. The two bolt parts forms a piston to drive the projectile forward. A spring between the forward bolt and the rear bolt to maintains an extended biased location between the two bolt components. Travel between the two bolt elements if maintained by a pin that is retained in the rear bolt with a pin keeper spring.

Abstract: Methods, systems, and computer-readable storage media for maintaining and utilizing a unified cache memory. The method first identifies a unified cache memory associated with an application and populates it with data for access during application execution. The unified cache memory is associated with coupled lookup elements, which include multiple keys and multiple values coupled together. The coupled lookup elements are available to the application for access to all possible views of the data.

Abstract: There is described a method for transmitting a transaction message from a transaction device having a transaction device identifier. The method involves encrypting, at a transaction device, a transaction device identifier, generating, at the transaction device, a transaction message for a transaction system, the transaction message including, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data, and sending the transaction message to a transaction processing system. The generation of the transaction message includes providing data in the first data field of the transaction message that does not identify the transaction device and providing the encrypted transaction device identifier in the second data field of the transaction message.

Abstract: Improvements in a more efficient use of air in a projectile launcher is disclosed. The launcher uses a two-stage air gun fire and reset to have a more efficient compressed gas usage because the gas is not wasted by performing simultaneous actions, instead, the motion dedicates a portion of the motion to firing only then transitions a “port” to close and redirect the gasses to “re-cocking” without wasted gasses going out the firing bolt. The air is redirected through a moving port or gate to allow the launcher to continue to perform and “cycle” to the point where there is low pressure in the supply tank. This prevents chopping or shredding of paintballs because the feed port of the projectiles only partially opens. The improvement allows the launcher to reliably feed and fire projectiles down to the point where it is obvious that the tank requires changing.

Abstract: Provided herein are RNA molecules encoding viral replication proteins and antigenic proteins or fragments thereof. Also provided herein are compositions that include RNA molecules encoding viral replication proteins and antigenic proteins or fragments thereof, and lipids. RNA molecules and compositions including them are useful for inducing immune responses.

Abstract: A method is disclosed. The method comprises receiving, by a user device from an identity network computer, a query set comprising a plurality of test identity attributes; encrypting, by the user device, the query set to form an obscured query set; computing, by the user device, a zero-knowledge proof using the obscured query set and an encrypted identity attribute associated with a user operating the user device; and transmitting, by the user device to the identity network computer, the obscured query set and the zero-knowledge proof, wherein the identity network computer verifies the zero-knowledge proof, retrieves an encrypted identity attribute associated with the user, evaluates the obscured query set with respect to the encrypted identity attribute, and transmits a result of the evaluation to a relying party computer.

Abstract: There is described a method for transmitting a transaction message from a transaction device having a transaction device identifier. The method involves encrypting, at a transaction device, a transaction device identifier, generating, at the transaction device, a transaction message for a transaction system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data, and sending the transaction message to a transaction processing system. The generation of the transaction message comprises providing data in the first data field of the transaction message that does not identify the transaction device and providing the encrypted transaction device identifier in the second data field of the transaction message.

Abstract: A method is disclosed. The method comprises transmitting, by an access device to a communication device, a resource provider certificate and an access device certificate. Then, establishing a secure channel between the access device and the communication device using data from the resource provider certificate and the access device certificate. Then, transmitting to or receiving data from the communication device using the secure channel.

Abstract: Methods and systems provide for improved security for domain name resolution (DNS) and browsing. User privacy may be improved for client devices by first transmitting authentication information and the domain name to a server. After determining that the requesting security component on the client device is authorized to access a domain resolution service, the domain name is resolved to obtain an internet protocol (IP) address. Classification data is then retrieved from a third-party service for the domain name and/or the IP address. This classification data may then be evaluated against a first policy associated with the client device. When the evaluation indicates the client device is not allowed to access the IP address, the client device is sent information indicating that access is not permitted. When access is permitted, the client device may be sent the IP address and the classification data used for the evaluation.

Abstract: A method is disclosed. The method comprises receiving, by an identity network computer, a query set including a plurality of test identity attributes. After receiving the query set, the identity network computer may retrieve derivatives of identity attributes associated with a user, and an encrypted trapdoor, then compute an obscured query set using the query set, and optionally the derivatives of identity attributes. The identity network computer may transmit the obscured query set (i) and the encrypted trapdoor to a user device associated with the user, which generates and transmits a first modified trapdoor and the obscured query set to a relying party computer, or (ii) and a second modified trapdoor to the relying party computer. The relying party computer may thereafter use the obscured query set, and the first modified trapdoor or the second modified trapdoor, to determine if the identity attributes is a member of the query set.

Abstract: A method is disclosed. The method comprises transmitting, by an access device to a communication device, a resource provider certificate and an access device certificate. Then, establishing a secure channel between the access device and the communication device using data from the resource provider certificate and the access device certificate. Then, transmitting to or receiving data from the communication device using the secure channel.

Abstract: A user device may receive (e.g., when proximate to the first access device), from an intervening device, device identification data for a first access device. A message may be received from a second access device via the intervening device. The message may include a digital signature generated based at least in part on second access device identification data. The user device may validate the message utilizing the digital signature and a public key. If the message is invalid, the user device may discard the message. If the message is valid, (e.g., unaltered), the user device may determine that the user has not confirmed an intent to interact with the second access device and may terminate a[n] further interaction with the second access device accordingly.

Abstract: Techniques for managing an application token may include providing, by a first service provider application on a communication device to a first service provider computer, a first request for a first application token, receiving, by an account management application on the communication device from a token service computer in communication with the first service provider computer, the first application token, and storing the first application token in a token container in the account management application.

Abstract: One or more medical devices are configured to connect to a predetermined temporary provisioning network of a healthcare organization, the temporary provisioning network being different than a healthcare network of the healthcare organization. After the devices are received by the healthcare organization, and powered up for the first time, device identifiers corresponding to the medical devices are received at a server remote from the healthcare organization, from the temporary provisioning network, together with an indication that the medical devices are requesting access to a management server within a healthcare network of the healthcare organization.

Abstract: Methods and systems provide for improved security for domain name resolution (DNS) and browsing. User privacy may be improved for client devices by first transmitting authentication information and the domain name to a server. After determining that the requesting security component on the client device is authorized to access a domain resolution service, the domain name is resolved to obtain an internet protocol (IP) address. Classification data is then retrieved from a third-party service for the domain name and/or the IP address. This classification data may then be evaluated against a first policy associated with the client device. When the evaluation indicates the client device is not allowed to access the IP address, the client device is sent information indicating that access is not permitted. When access is permitted, the client device may be sent the IP address and the classification data used for the evaluation.

Abstract: Techniques for managing an application token may include providing, by a first service provider application on a communication device to a first service provider computer, a first request for a first application token, receiving, by an account management application on the communication device from a token service computer in communication with the first service provider computer, the first application token, and storing the first application token in a token container in the account management application.

Abstract: A method includes forming a communication channel between a user device and an access device. The communication channel is then secured using a user device key pair in the user device and an access device ephemeral key pair in the access device. The access device then generates a session key using at least a private cryptographic key in the access device ephemeral key pair, and a public key in the user device key pair. The access device then uses the session key to secure an ultra-wideband communication channel between the user device and the access device.