Abstract: Techniques for providing friction-free transactions using geolocation and user identifiers are described herein. These techniques may ascertain a user's location based on a location of a mobile device. A transaction between the user and a merchant may be completed with zero or minimal input from the user based on the geolocation of the mobile device and the user identifiers. In some implementations, a transaction initiated earlier is completed when the mobile device arrives at the merchant. Additionally, a parent-child or similar relationship may be established between multiple devices. Security on the mobile device based may be provided by biometric identification and calculation of variance from regular movement patterns. Advertisements may be sent to the mobile device based on bids from merchants near to the mobile device. Promotions may be sent to the mobile device when more than a threshold number of mobile devices are located at the same merchant.

Abstract: A user, using a user-computing device connected to a computer network, is authenticated to access a computing resource managed by a system on the computer network. The user computing device presents a user interface to prompt the user to input a value for each of a set of user-defined credentials that the user has previously defined for a SAIF server to authenticate the user to access the computer resource, thereby forming a set of input values. Modified values, each generated from and representing a corresponding one of the input values, are transmitted and validated by comparing them with corresponding modified forms of user-defined credential values stored in a memory, thereby determining whether the user is authenticated to access the computing resource on the system.

Abstract: A user, using a user-computing device connected to a computer network, is authenticated to access a computing resource managed by a system on the computer network. The user computing device presents a user interface to prompt the user to input a value for each of a set of user-defined credentials that the user has previously defined for a SAIF server to authenticate the user to access the computer resource, thereby forming a set of input values. Modified values, each generated from and representing a corresponding one of the input values, are transmitted and validated by comparing them with corresponding modified forms of user-defined credential values stored in a memory, thereby determining whether the user is authenticated to access the computing resource on the system.

Abstract: A user, using a user-computing device connected to a computer network, is authenticated to access a computing resource managed by a system on the computer network. The user computing device presents a user interface to prompt the user to input a value for each of a set of user-defined credentials that the user has previously defined for a SAIF server to authenticate the user to access the computer resource, thereby forming a set of input values. Modified values, each generated from and representing a corresponding one of the input values, are transmitted and validated by comparing them with corresponding modified forms of user-defined credential values stored in a memory, thereby determining whether the user is authenticated to access the computing resource on the system.

Abstract: Methods, systems, and computer-readable media for implementing automated services capacity modeling using call tracing are disclosed. A plurality of demand drivers are determined based on trace data for service interactions between services in a service-oriented system. The demand drivers are determined to drive a generation of service calls to a particular service. A total call volume is determined to the particular service based on the external demand drivers. An optimized quantity of computing resources to provide the particular service is determined based on the total call volume.

Abstract: A method for optimizing resource prefetch criteria may include identifying a prefetch criteria for a selectable item, the first prefetch criteria being associated with the selectable item. The first prefetch criteria may be modified to a second prefetch criteria different from the first prefetch criteria, where the modification includes a change of shape of a prefetch area from a first shape to a second shape different from the first shape. The first prefetch criteria may be replaced with the second prefetch criteria.

Abstract: This disclosure is directed, in part, to providing payment device security by storing security information in a payment device that, when received by a point-of-sale (POS) device, initiates a security request by the POS device that is used to protect the payment device against fraudulent use or misuse by unauthorized people. The payment device may store a code that, when received by the POS device, may allow the POS device to determine a security request associated with the code. The POS device may determine the security request by converting the code locally or the POS device may transit the code to a security provider that returns the security request. The POS device may then implement and/or enforce the security request. In some embodiments, the authorized user of the payment device may specify at least part of the security request, thereby enabling customization the security request.

Abstract: User input into a user interface is symbolically represented to increase security. User input received into a user interface and a mapping is applied to the user input. A result of the mapping is provided. The user interface may be updated to include the result of the mapping and/or may be provided to another device, such as over a short range communication channel. A person who views or otherwise has access to the user interface does not obtain the user input, but the result of the mapping indicates whether the user input was provided correctly.

Abstract: Existing infrastructure for processing credit card transactions at point-of-sale (POS) devices is leveraged to provide secure and convenient payment with a mobile device. A mobile transaction infrastructure that is integrated with the credit card interchange network receives information from the mobile device and passes this information to a gateway provider or a payment processor. By combining information from both the mobile device and the POS device, this backend infrastructure can uniquely identify a transaction and appropriately charge an account associated with the user of the mobile device. The transaction may be matched with the mobile device be based on location, time, transaction charge, and/or other factors.

Abstract: Techniques for providing friction-free transactions using geolocation and user identifiers are described herein. These techniques may ascertain a user's location based on a location of a mobile device. A transaction between the user and a merchant may be completed with zero or minimal input from the user based on the geolocation of the mobile device and the user identifiers. In some implementations, a transaction initiated earlier is completed when the mobile device arrives at the merchant. Additionally, a parent-child or similar relationship may be established between multiple devices. Security on the mobile device based may be provided by biometric identification and calculation of variance from regular movement patterns. Advertisements may be sent to the mobile device based on bids from merchants near to the mobile device. A relationship between the mobile device an a merchant may be bootstrapped from previous transactions that did not use the mobile device.

Abstract: Techniques are described for scheduling data access jobs based on a job dependency analysis. Preliminary data access jobs subsequently accessed by a primary data access job are identified. Execution durations of the primary data access job and the preliminary data access jobs are determined based on historical data. A total execution duration of subsets of serially dependent preliminary data access jobs and predicted execution duration of primary data access job are determined. A time-sensitive subset is identified and start times for the data access job are scheduled. The results of the preliminary data access jobs are provided to the primary data access job prior to the start time of the primary data access job so the primary data access job completes by a target completion duration.

Abstract: Methods, systems, and computer-readable media for implementing computing resource forecasting and optimization are disclosed. A projected service call volume is determined for a particular service for a future period of time. A set of computing resources is determined to support the projected service call volume for the particular service. The set of computing resources is determined based on automated analysis of the projected service call volume and is calibrated for throughput for the particular service. The set of computing resources is allocated to provide the particular service for the future period of time.

Abstract: Customers receive advertisements or “impressions” related to brick and mortar merchants while accessing online content. The merchants or other entities track which impressions correlate with customers coming to a physical store and conducting a transaction (e.g., making a purchase) by comparing transaction information with information about the customer that is provided by the source of online impressions. In one implementation, the merchant creates a hash from the customer's name and account number on a payment card. This hash is compared with a hash from the impression provider that is generated using the same technique. When a match is found, it is inferred that exposure to the online impression caused the customer to make a purchase at the physical store. Merchants may pay the impression providers an advertising or referral fee based on the matches.

Abstract: Techniques described and suggested herein include the use of transformation parameters, such as mathematical and/or cryptographic operations, to permute various aspects of executables so as to control executable code authorized to run on one or more hosts. For example, a set of transformation parameters, such as a mathematical operation and a specified value upon which the mathematical operation may operate, are associated with a host or group of hosts. The set of transformation parameters may be applied to one or more runtime-related numerical locations associated with an executable that is intended to run on the specified hosts. At runtime, appropriately encoded executables are decoded by the specified hosts and operate normally, while differently encoded or unencoded executables are inoperable by the specified hosts.

Abstract: A manufacturer of computing equipment may generate a signature for computing equipment by measuring various attributes of the computing equipment, such as the impedance across circuits included in the computing equipment. Verification equipment may be provided to a recipient of the computing equipment. The verification equipment may be configured to generate a signature of the computing equipment over a physical connection between the verification equipment and the computing equipment. A determination may be made whether the computing equipment has been tamper with based at least in part on the signature generated by the manufacturer and the signature generated by the recipient.

Abstract: Described are techniques for providing event messages to mobile devices and other types of user devices. User communications and sensor data from the user devices may be used to determine an emergency condition. User data associated with a user device may be used to determine the content contained in an event message generated for receipt by that user device. Communications from users, responsive to the event message, may be curated, provided to other users, or responded to.

Abstract: Disclosed are various embodiments for active data that tracks usage. The active data includes instructions that are executable by a computing device. The computing device is scanned to identify characteristics of the computing device. The characteristics of the computing device are utilized to determine whether the usage of the active data is authorized. Data is transmitted to a network service, including identifying information for the particular computing device and data that identifies a deployment of the active data.

Abstract: Disclosed are various embodiments that facilitate bootstrap authentication of a second application by way of a user confirmation via a first application. The first application is authenticated using trusted credentials. A first application is authenticated with an authentication service using the security credential. Text input is sent from the first application to the second application via the network. The text input is sent to a text entry field on the second application.

Abstract: A user, using a user-computing device connected to a computer network, is authenticated to access a computing resource managed by a system on the computer network. The user computing device presents a user interface to prompt the user to input a value for each of a set of user-defined credentials that the user has previously defined for a SAIF server to authenticate the user to access the computer resource, thereby forming a set of input values. Modified values, each generated from and representing a corresponding one of the input values, are transmitted and validated by comparing them with corresponding modified forms of user-defined credential values stored in a memory, thereby determining whether the user is authenticated to access the computing resource on the system.

Abstract: Techniques are described for modeling data query execution time based on a cost of data queries, where the cost provides a measure of the processing resources used by the data query while executing. Using regression analysis or other statistical methods, a model may be generated that enables the prediction of the query execution time based on the query cost. In some cases, the model may be generated based on a linear regression analysis of previously measured execution times and previously determined data query costs. The model may be stored and employed prior to, or during, the subsequent execution of a data query, to predict the execution time of the data query. Data queries that execute substantially longer than the predicted execution time may be terminated.