Abstract: The disclosed embodiments include computer-implemented systems, apparatuses, and processes that perform a real-time delegated approval of initiated data exchanges by network-connected devices. For example, an apparatus determines determine a value of a parameter that characterizes an exchange of data and a first data type involved in the data exchange, and generates and transmits a first signal to a communications device associated with a second data type available for use in the data exchange and associated with the first data type. The apparatus receives, from the communications device, a second signal that includes information indicative of an approval of the second data type for use in the data exchange, and in response to the received approval, the apparatus performs the data exchange using the second data type and in accordance with the parameter value.

Abstract: A computer system and method for managing a data request interface. The system includes a memory associated with the data request interface and coupled to a processor. The memory includes processor-executable instructions of the method for managing the data request interface. The method includes: receiving, from a first client device, a first signal including a primary authorization credential associated with a data record and a second signal including a request to generate an alternate authorization credential for use by a software module. The alternate authorization credential is associated with data retrieval constraints. The method includes generating the alternate authorization credential and configuring the data request interface to impose the data retrieval constraints for constraining data operations on the data record upon receipt of the alternate authorization credential.

Abstract: A method for regulating access to a protected resource is disclosed. The method includes: receiving, via the communication interface from a client application executing on a first device, a first signal including a request to obtain an access token for accessing a protected resource, the request including: a client identifier uniquely identifying the client application; an authorization code for authorizing the client application's access of the protected resource; and a public key associated with the end user; and in response to validating the request: encrypting the authorization code using the public key to generate a first code; and transmitting, via the communication interface to the client application on the first device, a second signal including both an access token for accessing the protected resource and the first code.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authenticate device identity and authorize exchanges of data in real-time based on dynamically generated cryptographic data. For example, an apparatus may receive a first signal that includes a first cryptogram associated with a client device, and may perform operations that authenticate an identity of the client device based on a comparison of the received first cryptogram and a second cryptogram generated by a computing system associated with an application program executed by the client device. In response to the authenticated identity, the apparatus may load profile data associated with the client device from a storage unit, and perform operations consistent with the profile data in accordance with the authenticated identity.

Abstract: A server comprises a communications module, a processor coupled to the communications module, and a memory coupled to the processor, the memory storing processor-executable instructions which, when executed, configure the processor to receive, via the communications module and from a monitoring application installed on a remote computing device, on-device application data, generate a risk profile for a user based at least on the on-device application data, configure a data sharing configuration option for sharing data associated with the user based on the risk profile for the user, and share the data based on the data sharing configuration option.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that manage cryptographically secure exchanges of data using a permissioned distributed ledger. For example, an apparatus obtains parameter values characterizing an exchange of data and transmits the parameter values to a first computing system, which executed instructions included within a distributed ledger. The executed additional instructions cause the first computing system to access rules data recorded onto the distributed ledger and establish a consistency between the parameter values and at least a portion of the accessed rules data. The apparatus receives, from the first computing system, confirmation data indicative of the established consistency, and based on the confirmation data, transmit a request to execute the data exchange in accordance with at least the portion of the parameter values to a second computing system.

Abstract: A server comprises a communications module; a processor coupled to the communications module; and a memory coupled to the processor, the memory storing processor-executable instructions which, when executed, configure the processor to receive, via the communications module and from a remote computing device, user input indicating a response to one or more prompts; generate an aspirational profile for a user based at least on the received user input; receive, via the communications module and from a monitoring application installed on the remote computing device, monitoring data; generate a behavior profile for the user based at least on the monitoring data; and when the behavior profile is misaligned with the aspirational profile, send, via the communications module and to the remote computing device, a notification indicating that the behavior profile is misaligned with the aspirational profile.

Abstract: The present disclosure involves systems, software, and computer implemented methods for a remittance system that pre-populates remittance data based on historical usage of remittance transactions. One example system includes operations to generate, using a predictive model, data indicating a predicted likelihood of a user selecting at least one data exchange transaction, wherein the data indicates the predicted likelihood of the user performing the at least one data exchange transaction. A request is received to access a remittance page. In response, the at least one data exchange transaction that was previously generated is selected from a repository of predicted likelihoods. Remittance data associated with a UI element is generated that includes the at least one data exchange transaction. The remittance data is transmitted to the device. An indication from the device is received for interacting with the UI element. The data exchange transaction is executed in response to receiving the indication.

Abstract: Systems and methods for effecting secure transactions are described. A processing device, when executing computer-executable instructions: receives from a requesting entity computing system a transaction request for a payload. The transaction request is transmitted to delivery entity computing system associated with a delivery entity identifier and geographic location. An encryption key, random number and a unique request identifier are generated and transmitted to requesting and delivery entity computing systems. In response to receiving a delivery transaction confirmation from the delivery entity computing system, the processing device verifies the secure transaction. After receiving a requestor transaction confirmation from the requesting entity computing system (indicating a verified transfer of the payload), a payload reimbursement is transferred to a delivery transaction account from a requestor transaction account.

Abstract: A system comprises a communications module; a processor coupled to the communications module; and a memory coupled to the processor, the memory storing processor-executable instructions which, when executed by the processor, configure the processor to receive, via the communications module, a transfer instruction for transfer of data from a first data record associated with a transferor to a second data record associated with a recipient, the transfer instruction including a transfer amount and a condition associated with the transfer; send, via the communications module, a notification of the transfer instruction to a computing device associated with the recipient and request permission to obtain contextual data therefrom; when permission is granted, obtain, via the communications module, contextual data from the computing device; determine, based on the contextual data, that the condition associated with the transfer has been satisfied; and in response to determining that the condition associated with the t

Abstract: Systems and methods are provided that use a trained process to reply to a request comprising query data defining a query and context data defining contextual factors for the query from a device. The query is answered by one or more selected APIs of a plurality of APIs that invoke respective services to prepare a response. The trained process determines an execution plan responsive to the query data and the context data and is configured using training to define execution plans comprising selected APIs where a particular API is selected for the plan if it answers at least a portion of the query and the selected APIs together prepare the response optimized for the device according to the context data. The plan is provided to an execution component to execute the plan using the selected APIs and send the response to the requesting device.

Abstract: There is provided a system and method to direct processing of orders to improve processing resource usage. QOS statistics relative to wait times and/or processing times or other measures of busyness may be maintained relative to physical office or branch locations where customers attend to have orders processed. QOS measures may be defined relative to these statistical measures of busyness that predict future busyness at respective locations. The QOS measures may be provided to a customer, such as in association with an order ahead application, to recommend to the customer to attend at a location that is less busy thereby distributing processing requests (orders) to less busy locations and better utilize resources.

Abstract: The disclosure generally describes computer-implemented methods, software, and systems, including a method for placing a card into a usable state. A biometric input is received for a user to which a card has been issued by an entity. The card has an operational mode of an unusable state that has been previously identified by the entity for a particular PAN. The particular PAN is invalidated for use in further data exchanges using the card. The biometric input is received by an electronic controller embedded in the card. A determination is made that the biometric input matches one of one or more stored biometric profiles of users authorized to use the card. Based on the determining, a new PAN is activated for the card. The new PAN is usable in further data exchanges of the card. The operational mode of the card is modified to a usable state by the electronic controller.

Abstract: The disclosed exemplary embodiments include computer-implemented devices, apparatuses, and processes that, among other things, perform dynamic biometric authentication based on distributed ledger data. For example, a device may compute a first hash value based on first biometric data captured by a sensor unit, and may transmit a request to, and receive a response from, a computing system across a communications network via the communications unit. The request may cause the computing system to execute instructions maintained within the distributed ledger data, and to extract second biometric data maintained within an element of the distributed ledger data. The second biometric data may include a second hash, which the computing system may incorporate into the response. The device may authenticate an identity associated with the device when the first hash value corresponds to the second hash value incorporated within the response.

Abstract: Computer-implemented methods and systems reliant on establishing a common session key between an electronic device and a computer server are disclosed. The method and systems may be for processing de-tokenization requests in payment transaction processing and for preparing an electronic device to perform payment transactions. During such a transaction, the server may perform a method that includes receiving a de-tokenization request including a payment token and a cryptogram generated by the electronic device using a session key generated by the electronic device based on a fingerprint of the electronic device, a secret value previously shared with the electronic device, the payment token, and a transaction counter; retrieving the fingerprint, the secret value, and the transaction counter and generating the session key based on the same; verifying the cryptogram using the session key; retrieving an associated account number; and sending response to the request including the account number.

Abstract: Systems and methods are provided that use a trained process to reply to a request comprising query data defining a query and context data defining contextual factors for the query from a device. The query is answered by one or more selected APIs of a plurality of APIs that invoke respective services to prepare a response. The trained process determines an execution plan responsive to the query data and the context data and is configured using training to define execution plans comprising selected APIs where a particular API is selected for the plan if it answers at least a portion of the query and the selected APIs together prepare the response optimized for the device according to the context data. The plan is provided to an execution component to execute the plan using the selected APIs and send the response to the requesting device.

Abstract: There is provided a system and method to direct processing of orders to improve processing resource usage. QOS statistics relative to wait times and/or processing times or other measures of busyness may be maintained relative to physical office or branch locations where customers attend to have orders processed. QOS measures may be defined relative to these statistical measures of busyness that predict future busyness at respective locations. The QOS measures may be provided to a customer, such as in association with an order ahead application, to recommend to the customer to attend at a location that is less busy thereby distributing processing requests (orders) to less busy locations and better utilize resources.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data based on tokenized data characterized by a limited temporal or geographic validity. For example, an apparatus may receive a first signal that includes first information identifying a first geographic position of a client device. The apparatus may also obtain a digital token representative of a pre-authorization of a data exchange between the client device and a terminal device during a corresponding temporal interval. The terminal device may, for example, be disposed within a geographic region that includes the first geographic position of the client device. The apparatus may generate and transmit a second signal that includes the digital token to the client device. In some examples, the apparatus may transmit the second signal being through a programmatic interface associated with an application program executed by the client device.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, devices, apparatuses, and processes that maintain data confidentiality in communications involving voice-enabled devices operating within a distributed computing environment. By way of example, an apparatus may receive, from a communications system across a public communications network, a request for an element of data generated by the computing system based on first audio content obtained at a device. The apparatus may obtain the requested data element and further, may generate acoustic data representative of at least a portion of the requested data element. The apparatus may also generate an encrypted response to the received request that includes the acoustic data, and transmit the encrypted response to the device across the public communications network.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, devices, apparatuses, and processes that maintain data confidentiality in communications involving voice-enabled devices in a distributed computing environment using homomorphic encryption. By way of example, an apparatus may receive encrypted command data from a computing system, decrypt the encrypted command data using a homomorphic private key, and perform operations that associate the decrypted command data with a request for an element of data. Using a public cryptographic key associated with a device, the apparatus generate an encrypted response that includes the requested data element, and transmit the encrypted response to the device. The device may decrypt the encrypted response using a private cryptographic key and to perform operations that present first audio content representative of the requested data element through an acoustic interface.