Abstract: An embodiment includes a method to increase the efficiency of security checkpoint operations. A security checkpoint kiosk serves as a Relying Party System (RPS). The RPS establishes a secure local connection between the RPS and a User Mobile-Identification-Credential Device (UMD). The RPS sends a user information request to the UMD, via the secure local connection, seeking release of user information associated with a Mobile Identification Credential (MIC). The RPS obtains authentication of the user information received in response to the user information request. The RPS retrieves user travel information based on the user information. The RPS determines that the user travel information matches the user information. When the user travel information matches the user information, the RPS approves the user to proceed past the security checkpoint kiosk.

Abstract: Systems, methods, and computer-readable media for validating online access to secure device functionality are provided that may use shared secrets between different subsystems and limited use validation data.

Abstract: A system may include a remote server and an on-premises node. The server may receive a first set of parameters defining a blockchain operation. The server may generate an operation payload based on the parameters. The on-premises node may receive the operation payload from the computing server and decode the operation payload to extract a second set of parameters reflected in the operation payload. The on-premises node may compare the second set of parameters to the first set of parameters to determine whether the second set matches the first set. If the parameters match, the on-premises node may sign cryptographically the operation payload and transmit the operation payload to the computing server for the computing server to broadcast the operation payload to a blockchain to carry out the blockchain operation.

Abstract: A secure trusted service manager provider may include at least one processor configured to provide, to an electronic device, a first script to provision an applet instance corresponding to a third party server, the script including a public key corresponding to the third party server. The at least one processor may be configured to receive, from the electronic device, an encrypted symmetric key and provide the encrypted symmetric key to the third party server, the symmetric key being encrypted with the public key. The at least one processor may be configured to receive, from the third party server, an encrypted data element corresponding to a transaction to be performed by the applet instance, the encrypted data element being encrypted with the symmetric key, generate a second script that includes the encrypted data element and provide, to the electronic device, the second script that includes the encrypted data element.

Abstract: A device implementing a user configurable direct transfer system may include at least one processor configured to receive, from an electronic device associated with a user account, a request to establish a type of transfer between a first account associated with an entity and a second account associated with the user account, the request including an entity identifier and a transfer type identifier. The at least one processor may be further configured to generate a transfer alias that is stored in association with the entity identifier, a second account identifier, and the transfer type identifier, and provide the transfer alias to the electronic device and a server associated with the entity to facilitate the type of transfer between the first account associated with the entity and the second account associated with the user account.

Abstract: Systems, methods, and computer-readable media for validating online access to secure device functionality are provided that may use shared secrets between different subsystems and limited use validation data.

Abstract: A device for controlled identity credential release may include at least one processor configured to receive a request to release an identity credential of a user, the identity credential being stored on the device. The at least one processor may be further configured to authenticate the user associated with the identity credential. The at least one processor may be further configured to, responsive to the authentication, provide at least a portion of the identity credential, such as for display and/or to a terminal device over a direct wireless connection. The at least one processor may be further configured to cause the electronic device to enter a locked state and/or to remain in a locked state, responsive to providing the at least the portion of the identity credential.

Abstract: An embodiment includes a method to increase the efficiency of security checkpoint operations. A security checkpoint kiosk serves as a Relying Party System (RPS). The RPS establishes a secure local connection between the RPS and a User Mobile-Identification-Credential Device (UMD). The RPS sends a user information request to the UMD, via the secure local connection, seeking release of user information associated with a Mobile Identification Credential (MIC). The RPS obtains authentication of the user information received in response to the user information request. The RPS retrieves user travel information based on the user information. The RPS determines that the user travel information matches the user information. When the user travel information matches the user information, the RPS approves the user to proceed past the security checkpoint kiosk.

Abstract: An embodiment includes a method to increase the efficiency of security checkpoint operations. A security checkpoint kiosk serves as a Relying Party System (RPS). The RPS establishes a secure local connection between the RPS and a User Mobile-Identification-Credential Device (UMD). The RPS sends a user information request to the UMD, via the secure local connection, seeking release of user information associated with a Mobile Identification Credential (MIC). The RPS obtains authentication of the user information received in response to the user information request. The RPS retrieves user travel information based on the user information. The RPS determines that the user travel information matches the user information. When the user travel information matches the user information, the RPS approves the user to proceed past the security checkpoint kiosk.

Abstract: The present disclosure generally relates to digital identification credential user interfaces.

Abstract: Techniques are described herein for reader initiated provisioning. An example method includes a device detecting a trigger to establish a connection with a second device. The device can receive a first input to verify an identity associated with the second computing device. The device receives from the second device, a first information item comprising identification information based at least in part on the first input. The device receives a comparison result from a server. The device receives a second input to provision a digital access asset onto the second device based on the comparison result. The device transmits, to the second device, the digital access asset based at least in part on the second input.

Abstract: An embodiment includes a method to increase the efficiency of security checkpoint operations. A security checkpoint kiosk serves as a Relying Party System (RPS). The RPS establishes a secure local connection between the RPS and a User Mobile-Identification-Credential Device (UMD). The RPS sends a user information request to the UMD, via the secure local connection, seeking release of user information associated with a Mobile Identification Credential (MIC). The RPS obtains authentication of the user information received in response to the user information request. The RPS retrieves user travel information based on the user information. The RPS determines that the user travel information matches the user information. When the user travel information matches the user information, the RPS approves the user to proceed past the security checkpoint kiosk.

Abstract: A device for controlled identity credential release may include at least one processor configured to receive a request to release an identity credential of a user, the identity credential being stored on the device. The at least one processor may be further configured to authenticate the user associated with the identity credential. The at least one processor may be further configured to, responsive to the authentication, provide at least a portion of the identity credential, such as for display and/or to a terminal device over a direct wireless connection. The at least one processor may be further configured to cause the electronic device to enter a locked state and/or to remain in a locked state, responsive to providing the at least the portion of the identity credential.

Abstract: A method and system for interoperability between mark-up language applications, executable within a browser container, includes accessing a first exchange script in the first application and a second exchange script in the second application. The method and system includes executing the applications on the processing device and executing a microservices module disposed at a desktop services layer between the first application and the browser container and between the second application and the browser container. The method and system includes communicating between the applications and the microservices module using exchange scripts, as well as determining, within the microservices module, an interaction in the first application and generating an action command for orchestrating interoperability, transferring the action command from the microservices module to the second application and performing a processing operation in the second application based on the action command.

Abstract: A machine-learning model is trained using images of structures including defects and images of structures not including defects. Preprocessing is performed on the images before training the machine-learning model. The trained machine-learning model is used to classify defects within images of structures. Images of structures with defects are identified, and the probabilities of the identification/defect classification are obtained.

Abstract: The present disclosure generally relates to digital identification credential user interfaces.

Abstract: The present application relates to devices and components including apparatus, systems, and methods to share a credential for accessing a secured entity between an origination device and a recipient device. In some embodiments, the sharing may be cross platform where the recipient device executes a different platform than the origination device.

Abstract: The present application relates to devices and components including apparatus, systems, and methods to share a credential for accessing a secured entity between an origination device and a recipient device. In some embodiments, the sharing may be cross platform where the recipient device executes a different platform than the origination device.

Abstract: The present application relates to devices and components including apparatus, systems, and methods to share a credential for accessing a secured entity between an origination device and a recipient device. In some embodiments, the sharing may be cross platform where the recipient device executes a different platform than the origination device.

Abstract: A device implementing a system for using a verified claim of identity includes at least one processor configured to receive a verified claim including information to identify a user of a device, the verified claim being signed by a server based on verification of the information by an identity verification provider separate from the server, the verified claim being specific to the device. The at least one processor is further configured to send, to a service provider, a request for a service provided by the service provider, and receive, from the service provider and in response to the sending, a request for the verified claim. The at least one processor is further configured to send, in response to the receiving, the verified claim to the service provider.