Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically manage consent, permissioning, and trust between computing systems and unrelated, third-party applications operating within a computing environment. By way of example, the apparatus may receive a request for an element of data that includes an access token and first credential data associated with an application program. When the first credential data corresponds to second credential data associated with the application program, may determine that the requested data element is accessible to the application program and perform operations that validate the access token. Further, and based on the validation of the access token, that apparatus may obtain and encrypt the requested data element, and may transmit the encrypted data element to a device via the communications interface.

Abstract: A system and method for controlling access to an on-device machine learning model without the use of encryption is described herein. For example, a request is received from an application executing on a device of a user. The request is to download a machine learning model to the device that enables a feature of the application, and the request includes information associated with the user and/or the device. The information is used to create an obfuscation key, and a derivative model can be generated using a reference copy of the machine learning model and the obfuscation key. The derivative model and the obfuscation key are then sent to the application. When the obfuscation key is provided to the derivative model at runtime, values derived from the obfuscation key are provided as additional inputs that enable the derivative model to function properly.

Abstract: Systems and methods for the efficient transfer of data are disclosed. The method comprises obtaining transfer definitions for a plurality of transfers to be completed, and identifying a set of the plurality of transfers including only the transfers having transfer definitions received during a particular time period. The particular time period has a starting time of no more than ten seconds earlier than a current time. The method further comprises performing an aggregation on the transfers in the set to reduce a number transfers that are to occur, yielding an amended set of transfers; and immediately, after the aggregation, completing the amended set of transfers. Completing the amended set of transfers includes updating a shared infrastructure.

Abstract: According to an aspect there is provided a system that is configured to: detect, based on an output of at least one of the one or more sensors, an entity at the physical premises; authenticating the detected entity by: receiving, from a first system, an indication that authentication has been performed by the first system using a first authentication parameter; obtaining an indication that authentication has been performed by a system that is not the first system using a second authentication parameter; and determining that the detected entity is an authenticated entity based on the indication that the authentication has been performed by the first system and the indication that authentication has been performed by the system that is not the first system. The system may also be configured to perform an operation for the authenticated entity.

Abstract: A server computer system, comprises a processor; a communications module coupled to the processor; and a memory coupled to the processor, the memory storing instructions that, when executed, configure the processor to receive, via the communications module and from a client device, a signal including a request to configure a transfer of data to a particular data record; determine that the particular data record is associated with a third party server; obtain a trust score associated with the particular data record; determine that the trust score satisfies trust criteria; and responsive to determining that the trust score satisfies trust criteria, enable one or more transfer features associated with a real-time transfer protocol.

Abstract: According to an aspect there is provided an ambient commerce system. The ambient commerce system may include a sensor at an ambient commerce premises. The ambient commerce system may include a processor coupled to the one or more sensors. The ambient commerce system may include a memory coupled to the processor. The memory may store processor-executable instructions which, when executed, cause the processor to: detect, based on an output of one or more of the sensors, engagement of an entity with a restricted item; identify the entity; obtain at least a portion of a profile for the entity; determine, based on the at least a portion of the profile for the identified entity, eligibility for the entity to acquire the restricted item; and selectively generate, based on the determined eligibility for the entity, a notification on an electronic device associated with the entity.

Abstract: In an embodiment, a method includes receiving, via a processor, identity provider (IDP)/single sign on (SSO) data that is associated with an IDP and an SSO entity. The IDP and the SSO entity manage access to a plurality of cloud-based applications for a plurality of user compute devices for a plurality of users. The method further includes generating, via the processor and without accessing the plurality of cloud-based applications, analytics based on the IDP/SSO data. The method further includes causing, via the processor, an action based on the analytics.

Abstract: A computer-implemented method is disclosed. The method includes: receiving, via a client device, a resource transfer request for resources to be transferred to a transferee account; generating a secure data object based on request data of the resource transfer request, the secure data object including a first hash computed based on an input string comprising a transferee account identifier; signing the secure data object using a private key of a transferee resource account management system; and sending the signed secure data object to a messaging address associated with a transferor account.

Abstract: An AR calibration system for correcting AR headset distortions. A calibration image is provided to a screen and viewable through a headset reflector, and an inverse of the calibration image is provided to a headset display, reflected off the reflector and observed by a camera of the system while it is simultaneously observing the calibration image on the screen. One or more cameras are located to represent a user's point of view and aligned to observe the inverse calibration image projected onto the reflector. A distortion mapping transform is created using an algorithm to search through projection positions of the inverse calibration image until the inverse image observed by the camera(s) cancels out an acceptable portion of the calibration image provided to the screen as observed through the reflector by the camera, and the transform is used by the headset, to compensate for distortions.

Abstract: Methods and systems for performing a partial pass-through transfer are described. In an aspect, a method includes: receiving, from a first computing system, pass-through transfer definition data to be associated with a first logical storage area, the pass-through transfer definition data including a trigger condition for a pass-through transfer and an apportionment value for the pass-through transfer; storing a representation of the pass-through transfer definition data in association with the first logical storage area; detecting a first data transfer to the first logical storage area, the first data transfer representing a transfer of a resource; determining that the first data transfer satisfies the trigger condition; and in response to determining that the first data transfer satisfies the trigger condition: identifying a portion of the resource based on the apportionment value; and initiating a second data transfer.

Abstract: Techniques for providing multi-user multi-touch projected capacitive touch sensors are disclosed herein. Some embodiments may include a method that includes receiving a first sense signal from a first sensing array, the first sensing array configured to provide the first sense signal indicating a first touch on a first touch surface of a touch substrate as well as receiving a second sense signal from a second sensing array, the second sensing array configured to provide the second sense signal indicating a second touch on a second touch surface of a second touch substrate occurring concurrently to the first touch. The method may further include determining whether the first touch and the second touch share at least one anti-ghost. The method may also include associating the first touch and the second touch with a common touch entity in response to determining that the first touch and the second touch share the at least one anti-ghost.

Abstract: The disclosure generally describes computer-implemented methods, software, and systems, including a method for placing a card into an alert state. An alert detection indication is received during an attempted data exchange using a permanent account number (PAN) associated with a card. The alert detection indication is received by an electronic controller embedded in the card and is received through an interface. The alert detection indication indicates that the PAN has an alert state identified for the PAN by an entity that issued the card. An operational mode of the card is modified into the alert state by the electronic controller and is based on receipt of the alert detection indication. An electronic display indicating that the card is in the alert state is displayed by the electronic controller.

Abstract: The technology disclosed performs hand pose estimation on a so-called “joint-by-joint” basis. So, when a plurality of estimates for the 28 hand joints are received from a plurality of expert networks (and from master experts in some high-confidence scenarios), the estimates are analyzed at a joint level and a final location for each joint is calculated based on the plurality of estimates for a particular joint. This is a novel solution discovered by the technology disclosed because nothing in the field of art determines hand pose estimates at such granularity and precision. Regarding granularity and precision, because hand pose estimates are computed on a joint-by-joint basis, this allows the technology disclosed to detect in real time even the minutest and most subtle hand movements, such a bend/yaw/tilt/roll of a segment of a finger or a tilt an occluded finger, as demonstrated supra in the Experimental Results section of this application.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically manage consent, permissioning, and trust between computing systems and unrelated, third-party applications operating within a computing environment. By way of example, the apparatus may receive a request for an element of data that includes an access token and first credential data associated with an application program. When the first credential data corresponds to second credential data associated with the application program, may determine that the requested data element is accessible to the application program and perform operations that validate the access token. Further, and based on the validation of the access token, that apparatus may obtain and encrypt the requested data element, and may transmit the encrypted data element to a device via the communications interface.

Abstract: According to an aspect there is provided an ambient commerce system. The ambient commerce system may include a sensor at an ambient commerce premises, a communication module, and a processor coupled to the sensor and the communication module. The ambient commerce system further includes a memory coupled to the processor. The memory stores processor-executable instructions which, when executed, cause the processor to: detect, based on an output of one or more of the sensors, an unauthenticated entity at an ambient commerce premises; receive, from a first independent trusted system and via the communication module, an indication that authentication has been performed by the first independent trusted system for the unauthenticated entity using a first authentication parameter; determine that the entity is an authenticated entity based on the indication that the authentication has been performed and at least a second authentication parameter; and perform an ambient commerce operation for the authenticated entity.

Abstract: Methods and computer systems for optimization of computing resources. Obtaining one or more parameters of a resource demand, the one or more parameters including at least a defined date. Identifying, based on a projected demand for a computing resource, a resource optimization opportunity prior to the defined date. Generating a message based on the identification of the resource optimization opportunity. Identifying a second computer system based on the resource demand. Facilitating access to the computing resource prior to the defined date by a transmitting the generated message to the identified second computer system prior to the defined date.

Abstract: Methods and systems for controlling computing processes to manage finite resources are described. In an aspect, a method may include obtaining resource availability data indicating current resource availability for a resource associated with the computing system. The method may further include detecting an excess availability of a resource of a particular type based on the resource availability data. The method may further include, in response to detecting the excess availability of the resource of the particular type, identify a flexibly-scheduled computing process requiring the use of the resource of the particular type. The method may further include initiating the flexibly-scheduled computing process to consume at least a portion of the excess availability of the resource.

Abstract: According to an aspect there is provided an ambient commerce system. The ambient commerce system may include a sensor at an ambient commerce premises. The ambient commerce system may include a processor coupled to the one or more sensors. The ambient commerce system may include a memory coupled to the processor. The memory may store processor-executable instructions which, when executed, cause the processor to: detect, based on an output of one or more of the sensors, engagement of an entity with a restricted item; identify the entity; obtain at least a portion of a profile for the entity; determine, based on the at least a portion of the profile for the identified entity, eligibility for the entity to acquire the restricted item; and selectively generate, based on the determined eligibility for the entity, a notification on an electronic device associated with the entity.

Abstract: Packaging may include a base box and a lid having a tamper-evident seal. The tamper-evident seal may include a paper substrate having a first adhesive portion configured to attach to a side panel of the base box, a second adhesive portion configured to attach to a second side panel of the lid. The first and second adhesive portions may be disposed on opposing sides of the paper substrate, and a tab configured to be accessible on an exterior of a package when the tamper-evident seal is applied may be a part of the paper substrate. When the tab is pulled with sufficient force, the paper substrate tears such that the first adhesive portion and the second adhesive portion remain fixed to the first and second side panels, respectively, while the remainder of the paper substrate tears free so that the packaging may be opened.

Abstract: A method for evaluating security of third-party application is disclosed. The method includes: in an automated test environment: launching a test instance of a first application; and obtaining a data access signature of the first application based on identifying at least one application state of the first application and account data retrieved by the first application from a user account at a protected data resource in the at least one application state; receiving, from a client device associated with the user account, an indication of access permissions for the first application to access the user account for retrieving account data; detecting a change in the data access signature of the first application; and in response to detecting the change in the data access signature of the first application, notifying the user of the detected change.