Abstract: Protecting sensitive data in an internet-of-things (IoT) device. In one embodiment, a computing device includes network communications, a memory, and an electronic processor communicatively coupled to the memory and the network communications. The electronic processor is configured to receive a transaction setup request, determine, with the network communications, whether minimally required network environment attributes are available, prompt a user that sensitive data can be securely stored in the memory and to enter the sensitive data in response to determining that the minimally required network environment attributes are available, and prompt the user that the sensitive data cannot be securely stored in the memory in response to determining that the minimally required network environment attributes are not available.

Abstract: A universal device identifier (UDID) service with adjusted attribute distances. In one embodiment, a server includes an electronic processor and a memory storing the UDID service. The electronic processor is configured to receive an identification request regarding a currently-observed device having a first set of device attributes, retrieve any previously-observed devices, determine whether one or more devices are found from retrieving the any of the previously-observed devices, determine all changed device attributes for each device of the one or more devices that are found relative to the first set of device attributes, generate an adjusted attribute distance corresponding to the all changed device attributes for the each device, retrieve a universal device identifier (UDID) of a closest device having a lowest adjusted attribute distance among all adjusted attribute distances that are generated, and assign the UDID of the closest device to the currently-observed device.

Abstract: Systems, methods, and non-transitory computer-readable media for authentication and authorizing a payment request. In one embodiment, the system includes a server including a first memory and a first electronic processor communicatively connected to the first memory. The first electronic processor is configured to receive the payment request, three-domain secure (3DS) data, and fast ID online (FIDO) data, output an authentication request that includes a portion of the 3DS data and a portion of the FIDO data, receive an authentication response based on the 3DS data and the FIDO data, the authentication response including one or more authentications, output the payment request based on the authentication response, and receive an authorization or a denial of the payment request.

Abstract: An account recommendation system that includes a server. The server is operable to identify a user account based on a server-side persistent device identification. The server includes a processor and a memory. The server is configured to receive a request including one or more attributes related to a client device, identify the server-side persistent device identification (“PDI”) record for the client device based on the one or more attributes of the client device, identify one or more candidate accounts based on the server-side persistent device identification, determine confidence scores for each of the one or more candidate accounts, generate a recommendation signal for the user account associated with the client device based on the confidence scores, and transmit the recommendation signal to a merchant server.

Abstract: Enterprise cybersecurity systems and methods related to receiving or accessing a real-time cybersecurity request, automatically transmitting a live mode request to a first cybersecurity microservice to generate cybersecurity risk-scoring information, receiving a response to the live mode request, calculating a cybersecurity score, automatically populating cybersecurity response data based on the calculated cybersecurity score, and automatically transmitting the cybersecurity response data to the enterprise client electronic device. The enterprise cybersecurity system and method also includes, after the cybersecurity response data has been transmitted to the enterprise client electronic device, automatically transmitting a test mode request to at least one test mode cybersecurity microservice, wherein the test mode request includes real-time data extracted from the real-time cybersecurity request.

Abstract: An account recommendation system that includes a server. The server is operable to identify a user account based on a server-side persistent device identification. The server includes a processor and a memory. The server is configured to receive a request including one or more attributes related to a client device, identify the server-side persistent device identification (“PDI”) record for the client device based on the one or more attributes of the client device, identify one or more candidate accounts based on the server-side persistent device identification, determine confidence scores for each of the one or more candidate accounts, generate a recommendation signal for the user account associated with the client device based on the confidence scores, and transmit the recommendation signal to a merchant server.

Abstract: A universal device identifier (UDID) service with adjusted attribute distances. In one embodiment, a server includes an electronic processor and a memory storing the UDID service. The electronic processor is configured to receive an identification request regarding a currently-observed device having a first set of device attributes, retrieve any previously-observed devices, determine whether one or more devices are found from retrieving the any of the previously-observed devices, determine all changed device attributes for each device of the one or more devices that are found relative to the first set of device attributes, generate an adjusted attribute distance corresponding to the all changed device attributes for the each device, retrieve a universal device identifier (UDID) of a closest device having a lowest adjusted attribute distance among all adjusted attribute distances that are generated, and assign the UDID of the closest device to the currently-observed device.

Abstract: A fraud prevention system that includes a server. The server is operable to receive a first attribute of a client device from the client device and associated with a first transaction, receive a second attribute of the client device from the client device and associated with the first transaction, receive a third attribute related to the client device and associated with the first transaction, and generate a persistent device identification (“PDI”) record including the first attribute, the second attribute, and the third attribute, store the PDI record in a memory, receive the third attribute related to the client device and associated with a second transaction, and identify the client device using the PDI record based on the third attribute without receiving, in association with the second transaction, the first attribute of the client device and the second attribute of the client device.

Abstract: A fraud prevention system that includes a fraud prevention server including an electronic processor and a memory. The memory includes a feature drift hardened online application origination (OAO) service. When executing the feature drift hardened OAO service, the electronic processor is configured to detect, with respect to a first OAO model, feature drift in a dataset of an online application that exceeds a predefined threshold, generate one or more feature drift hardened OAO models that mitigate the feature drift, determine a fraud score of the online application based on the one or more feature drift hardened OAO models that differentiates between a behavior of a normal user and a behavior of a nefarious actor during a submission of the online application on a device and mitigates the feature drift, and control a client server to approve, hold, or deny the online application based on the fraud score.

Abstract: A fraud prevention system that includes a fraud prevention server including an electronic processor and a memory. The memory includes an online application origination (OAO) service. When executing the OAO service, the electronic processor is configured to determine whether the OAO service is enabled and whether a website configuration includes a list of multi-page placements for an online application, determine that input data needs to be stored in the memory and combined into multi-page input data, determine a fraud risk score of the online application based on the multi-page input data and an online application origination (OAO) model that differentiates between a behavior of a normal user and a behavior of a nefarious actor during a submission of the online application on a device, and control a client server to approve, hold, or deny the online application based on the fraud risk score that is determined.

Abstract: A fraud prevention system that includes a client server and a fraud prevention server. The fraud prevention server includes an electronic processor and a memory. The memory includes an online application origination (OAO) service. When executing the OAO service, the electronic processor is configured to determine a fraud score of an online application based on an online application origination (OAO) model that differentiates between a behavior of a normal user and a behavior of a nefarious actor during a submission of the online application on a device, and control the client server to approve, hold, or deny the online application based on the fraud score that is determined.

Abstract: A fraud prevention system that includes a server. The server is operable to receive a first attribute of a client device from the client device and associated with a first transaction, receive a second attribute of the client device from the client device and associated with the first transaction, receive a third attribute related to the client device and associated with the first transaction, and generate a persistent device identification (“PDI”) record including the first attribute, the second attribute, and the third attribute, store the PDI record in a memory, receive the third attribute related to the client device and associated with a second transaction, and identify the client device using the PDI record based on the third attribute without receiving, in association with the second transaction, the first attribute of the client device and the second attribute of the client device.

Abstract: An account recommendation system that includes a server. The server is operable to identify a user account based on a server-side persistent device identification. The server includes a processor and a memory. The server is configured to receive a request including one or more attributes related to a client device, identify the server-side persistent device identification (“PDI”) record for the client device based on the one or more attributes of the client device, identify one or more candidate accounts based on the server-side persistent device identification, determine confidence scores for each of the one or more candidate accounts, generate a recommendation signal for the user account associated with the client device based on the confidence scores, and transmit the recommendation signal to a merchant server.