Abstract: A method and system for remediating vulnerable code libraries, including open source libraries, in a software application. An application that uses code libraries and information regarding known library vulnerabilities are received, then it identifies one or more libraries in the application that are vulnerable based upon the information. For each of the one or more vulnerable libraries, a library version that minimizes risk is determined. The determined library version is incorporated into the application to form a test application, and an application test is performed on the test application. If an application test score on the test application is below a predetermined threshold, the determined library version is incorporated into a final application precursor. A final application can be determined from the final application precursor for each of the one or more vulnerable libraries.

Abstract: Embodiments of the invention are directed to techniques for enabling self-certification of an electronic device to result in the issuance of a security certificate that the electronic device may use to authenticate itself to another entity. In some embodiments, the device is caused to initiate the self-certification process upon determining that a status of a current security certificate is no longer valid. In some embodiments, an electronic device may communicate with a certificate authority, which may generate a set of policy data that indicates permissions for the electronic device. The electronic device may then generate an electronic record to be associated with the security certificate, which it may sign using a private key. The certificate authority may then verify the authenticity of the signed electronic record using a public key associated with the electronic device. The electronic record may be appended to some collection of records.

Abstract: Methods and systems for processing interactions with account assertions are disclosed. A method includes receiving, by an assertions model manager, a first request from a resource provider computer for a set of assertions including an account assertion, related to a digital identity of a user. The method then includes responding, by the assertions model manager, to the first request with a response message, comprising a set of assertions, wherein one of the plurality of assertions is an account assertion. Then the method includes receiving, by the assertions model manager, a second request from the resource provider for a value interaction from the user and initiating, by the assertions model manager, the value interaction.

Abstract: Disclosed are methods and systems for enabling a package of assertions to be provided to a relying entity seeking to interact with an account. A server computer may receive, from a relying entity, a request for assertions, wherein the request for assertions includes an identifier of the relying entity and a hash of an identifier of an account. The server computer may determine an assertions model based on the identifier of the relying entity. The server computer may retrieve a package of assertions associated with the account based on the assertions model and the hash of the identifier of the account. The server computer may transmit the package of assertions to the relying entity.

Abstract: The disclosure relates to a real-time merchandising system for the communication of offers and the acceptance or rejection of the communicated offers. The offers communicated may be based on the location of the merchandising system, the time of day and the user device that is in proximity of the system. The merchandising system may require no, or a minimum of, user interaction for an offer to be accepted or rejected or for the offer to expire. It may also be configured to track and analyze offer campaign effectiveness.

Abstract: The described system and method reviews past receipts from purchases and past purchase patterns and, in response to a request, returns a recommendation about future scheduling or future purchases.

Abstract: Provided is a wearable device, including a base configured to be worn by a user, at least one data element at least partially positioned on or within the base and programmed or configured to have account data stored thereon, and at least one antenna including an open circuit, the at least one antenna at least partially positioned on or within the base and configured to transmit at least a portion of the account data and receive at least a portion of transaction data from at least one target device when the open circuit of the antenna is closed and becomes powered by at least one power source. Other expressions are also disclosed.

Abstract: Provided is a wearable device, including a base configured to be worn by a user, at least one data element at least partially positioned on or within the base and programmed or configured to have account data stored thereon, and at least one antenna including an open circuit, the at least one antenna at least partially positioned on or within the base and configured to transmit at least a portion of the account data and receive at least a portion of transaction data from at least one target device when the open circuit of the antenna is closed and becomes powered by at least one power source. Other expressions are also disclosed.

Abstract: Embodiments of the invention are directed assessing reliability between two computing devices. A distributed database may maintain reliability associations between pairs of computing devices. Each reliability association may indicate a particular device has determined (e.g., locally) that another device is reliable. In order to determine an amount of reliability between a first computing device and a second computing device, an ordered combination of the reliability associations may be determined utilizing the distributed database. The ordered combination of reliability associations may identify a reliability path between the first computing device and the second computing device. An amount of reliability may be determined based on the reliability path. An interaction between the devices may be allowed or restricted based at least in part on the amount of reliability between the computing devices.

Abstract: Embodiments of the invention are directed to techniques for enabling self-certification of an electronic device to result in the issuance of a security certificate that the electronic device may use to authenticate itself to another entity. In some embodiments, the device is caused to initiate the self-certification process upon determining that a status of a current security certificate is no longer valid. In some embodiments, an electronic device may communicate with a certificate authority, which may generate a set of policy data that indicates permissions for the electronic device. The electronic device may then generate an electronic record to be associated with the security certificate, which it may sign using a private key. The certificate authority may then verify the authenticity of the signed electronic record using a public key associated with the electronic device. The electronic record may be appended to some collection of records.

Abstract: Methods and systems disclosed herein related to analyzing the risk of an identity-based transaction and offering the identity-based transaction to a risk exchange. An identity-based transaction may be a transaction that is initiated with a digital identity, and an assertions model manager may provide assertions about the digital identity for completing the identity-based transaction. The assertions model manager may use the assertions and information about the identity-based transaction to analyze transaction risk. A risk score for the identity-based transaction can be calculated, and then the identity-based transaction may be offered on a risk exchange.

Abstract: Embodiments of the invention are directed assessing reliability between two computing devices. A distributed database may maintain reliability associations between pairs of computing devices. Each reliability association may indicate a particular device has determined (e.g., locally) that another device is reliable. In order to determine an amount of reliability between a first computing device and a second computing device, an ordered combination of the reliability associations may be determined utilizing the distributed database. The ordered combination of reliability associations may identify a reliability path between the first computing device and the second computing device. An amount of reliability may be determined based on the reliability path. An interaction between the devices may be allowed or restricted based at least in part on the amount of reliability between the computing devices.

Abstract: A method and system for remediating vulnerable code libraries, including open source libraries, in a software application are disclosed. The method includes receiving an application that uses code libraries and information regarding known library vulnerabilities, then determining if one or more libraries in the application is vulnerable based upon the information. For each of the one or more vulnerable libraries a library version that minimizes risk is determined. The determined library version is incorporated into the application to form a test application, and an application test is performed on the test application. If the application test is below a predetermined threshold, the determined library version is incorporated into a final application precursor. A final application can be determined from the final application precursor for each vulnerable library.

Abstract: Provided is a wearable device, including a base configured to be worn by a user, at least one data element at least partially positioned on or within the base and programmed or configured to have account data stored thereon, and at least one antenna including an open circuit, the at least one antenna at least partially positioned on or within the base and configured to transmit at least a portion of the account data and receive at least a portion of transaction data from at least one target device when the open circuit of the antenna is closed and becomes powered by at least one power source. Other expressions are also disclosed.

Abstract: Embodiments of the disclosure are directed to performing a transaction between a smartwatch and an access device. Transaction details are transmitted by an antenna of a smartwatch to a contactless transaction module. An interface is rendered to a display of the smartwatch. An input of the interface is adjusted in response to a rotation of a crown of the smartwatch. The input is transmitted, by the antenna of the smartwatch, to a contactless transaction module in response to a confirmation of the input by a user of the smartwatch.

Abstract: Methods and systems disclosed herein relate to providing a receiving entity with a package of assertions. A package of assertions may include a group of yes or no statements (e.g., as an answer to a question). Alternatively, or additionally, a package of assertions may comprise a clustered assertion, which is a singular yes or no statement, that is itself based on a set of underlying assertions made using information from one or more sources. A particular type of package of assertions may be selected based on the relying entity requesting the assertions, based on an assertions model. The package of assertions may be cryptographically secured.

Abstract: Embodiments of the invention are directed assessing reliability between two computing devices. A distributed database may maintain reliability associations between pairs of computing devices. Each reliability association may indicate a particular device has determined (e.g., locally) that another device is reliable. In order to determine an amount of reliability between a first computing device and a second computing device, an ordered combination of the reliability associations may be determined utilizing the distributed database. The ordered combination of reliability associations may identify a reliability path between the first computing device and the second computing device. An amount of reliability may be determined based on the reliability path. An interaction between the devices may be allowed or restricted based at least in part on the amount of reliability between the computing devices.

Abstract: The described system and method reviews past receipts from purchases and past purchase patterns and, in response to a request, returns a recommendation about future scheduling or future purchases.

Abstract: Embodiments of the disclosure are directed to performing a transaction between a smartwatch and an access device. Transaction details are transmitted by an antenna of a smartwatch to a contactless transaction module. An interface is rendered to a display of the smartwatch. An input of the interface is adjusted in response to a rotation of a crown of the smartwatch. The input is transmitted, by the antenna of the smartwatch, to a contactless transaction module in response to a confirmation of the input by a user of the smartwatch.

Abstract: The TRANSACTION VISUAL CAPTURING APPARATUSES, METHODS AND SYSTEMS (“TVC”) transform mobile device location coordinate information transmissions, real-time reality visual capturing, and mixed gesture capturing via TVC components into real-time behavior-sensitive product purchase related information, shopping purchase transaction notifications, and electronic receipts. In one implementation, the TVC obtains user check-in information from a user mobile device upon user entry into a store. The TVC extracts a user identifier based on the user check-in information, and accesses a database for a user profile. The TVC determines a user prior behavior pattern from the accessed user profile, and obtains user real-time in-store behavior data from the user mobile device. Using these, the TVC generates and provides a recommendation to the user mobile device. The TVC adds a product for purchase by the user to a cart based on the provided recommendation.