Abstract: According to an aspect there is provided an ambient commerce system. The ambient commerce system may include a sensor at an ambient commerce premises. The ambient commerce system may include a processor coupled to the one or more sensors. The ambient commerce system may include a memory coupled to the processor. The memory may store processor-executable instructions which, when executed, cause the processor to: detect, based on an output of one or more of the sensors, engagement of an entity with a restricted item; identify the entity; obtain at least a portion of a profile for the entity; determine, based on the at least a portion of the profile for the identified entity, eligibility for the entity to acquire the restricted item; and selectively generate, based on the determined eligibility for the entity, a notification on an electronic device associated with the entity.

Abstract: The disclosed exemplary embodiments include computer-implemented apparatuses and methods that validate confidential data based privacy-preserving homomorphic computations involving encrypted data. For example, an apparatus may receive, from a first computing system, encrypted data that includes a first encrypted value representative of at least one of first account data or an element of cryptographic data. Based on the first encrypted value and on second encrypted values, the apparatus may generate encrypted residual values representative of second account data associated with one or more reference accounts, and the apparatus may request and receive a decrypted residual value associated with each of the encrypted residual values from a second computing system. The apparatus may transmit the decrypted residual values to the first computing system, which may validate the first account data based on at least the decrypted residual values and perform operations associated with the validated first account data.

Abstract: A computer-implemented method is disclosed. The method includes: receiving, via a client device, a resource transfer request for resources to be transferred to a transferee account; generating a secure data object based on request data of the resource transfer request, the secure data object including a first hash computed based on an input string comprising a transferee account identifier; signing the secure data object using a private key of a transferee resource account management system; and sending the signed secure data object to a messaging address associated with a transferor account.

Abstract: Methods and systems for performing a partial pass-through transfer are described. In an aspect, a method includes: receiving, from a first computing system, pass-through transfer definition data to be associated with a first logical storage area, the pass-through transfer definition data including a trigger condition for a pass-through transfer and an apportionment value for the pass-through transfer; storing a representation of the pass-through transfer definition data in association with the first logical storage area; detecting a first data transfer to the first logical storage area, the first data transfer representing a transfer of a resource; determining that the first data transfer satisfies the trigger condition; and in response to determining that the first data transfer satisfies the trigger condition: identifying a portion of the resource based on the apportionment value; and initiating a second data transfer.

Abstract: The disclosure generally describes computer-implemented methods, software, and systems, including a method for placing a card into an alert state. An alert detection indication is received during an attempted data exchange using a permanent account number (PAN) associated with a card. The alert detection indication is received by an electronic controller embedded in the card and is received through an interface. The alert detection indication indicates that the PAN has an alert state identified for the PAN by an entity that issued the card. An operational mode of the card is modified into the alert state by the electronic controller and is based on receipt of the alert detection indication. An electronic display indicating that the card is in the alert state is displayed by the electronic controller.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically manage consent, permissioning, and trust between computing systems and unrelated, third-party applications operating within a computing environment. By way of example, the apparatus may receive a request for an element of data that includes an access token and first credential data associated with an application program. When the first credential data corresponds to second credential data associated with the application program, may determine that the requested data element is accessible to the application program and perform operations that validate the access token. Further, and based on the validation of the access token, that apparatus may obtain and encrypt the requested data element, and may transmit the encrypted data element to a device via the communications interface.

Abstract: According to an aspect there is provided an ambient commerce system. The ambient commerce system may include a sensor at an ambient commerce premises, a communication module, and a processor coupled to the sensor and the communication module. The ambient commerce system further includes a memory coupled to the processor. The memory stores processor-executable instructions which, when executed, cause the processor to: detect, based on an output of one or more of the sensors, an unauthenticated entity at an ambient commerce premises; receive, from a first independent trusted system and via the communication module, an indication that authentication has been performed by the first independent trusted system for the unauthenticated entity using a first authentication parameter; determine that the entity is an authenticated entity based on the indication that the authentication has been performed and at least a second authentication parameter; and perform an ambient commerce operation for the authenticated entity.

Abstract: Methods and computer systems for optimization of computing resources. Obtaining one or more parameters of a resource demand, the one or more parameters including at least a defined date. Identifying, based on a projected demand for a computing resource, a resource optimization opportunity prior to the defined date. Generating a message based on the identification of the resource optimization opportunity. Identifying a second computer system based on the resource demand. Facilitating access to the computing resource prior to the defined date by a transmitting the generated message to the identified second computer system prior to the defined date.

Abstract: Methods and systems for controlling computing processes to manage finite resources are described. In an aspect, a method may include obtaining resource availability data indicating current resource availability for a resource associated with the computing system. The method may further include detecting an excess availability of a resource of a particular type based on the resource availability data. The method may further include, in response to detecting the excess availability of the resource of the particular type, identify a flexibly-scheduled computing process requiring the use of the resource of the particular type. The method may further include initiating the flexibly-scheduled computing process to consume at least a portion of the excess availability of the resource.

Abstract: According to an aspect there is provided an ambient commerce system. The ambient commerce system may include a sensor at an ambient commerce premises. The ambient commerce system may include a processor coupled to the one or more sensors. The ambient commerce system may include a memory coupled to the processor. The memory may store processor-executable instructions which, when executed, cause the processor to: detect, based on an output of one or more of the sensors, engagement of an entity with a restricted item; identify the entity; obtain at least a portion of a profile for the entity; determine, based on the at least a portion of the profile for the identified entity, eligibility for the entity to acquire the restricted item; and selectively generate, based on the determined eligibility for the entity, a notification on an electronic device associated with the entity.

Abstract: A method for evaluating security of third-party application is disclosed. The method includes: in an automated test environment: launching a test instance of a first application; and obtaining a data access signature of the first application based on identifying at least one application state of the first application and account data retrieved by the first application from a user account at a protected data resource in the at least one application state; receiving, from a client device associated with the user account, an indication of access permissions for the first application to access the user account for retrieving account data; detecting a change in the data access signature of the first application; and in response to detecting the change in the data access signature of the first application, notifying the user of the detected change.

Abstract: A method for evaluating security of third-party application is disclosed. The method includes: in an automated test environment: launching a test instance of a first application; and obtaining a data access signature of the first application based on identifying at least one application state of the first application and account data retrieved by the first application from a user account at a protected data resource in the at least one application state; receiving, from a client device associated with the user account, an indication of access permissions for the first application to access the user account for retrieving account data; detecting a change in the data access signature of the first application; and in response to detecting the change in the data access signature of the first application, notifying the user of the detected change.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, devices, apparatuses, and processes that maintain data confidentiality in communications involving voice-enabled devices in a distributed computing environment using homomorphic encryption. By way of example, an apparatus may receive encrypted command data from a computing system, decrypt the encrypted command data using a homomorphic private key, and perform operations that associate the decrypted command data with a request for an element of data. Using a public cryptographic key associated with a device, the apparatus generate an encrypted response that includes the requested data element, and transmit the encrypted response to the device. The device may decrypt the encrypted response using a private cryptographic key and to perform operations that present first audio content representative of the requested data element through an acoustic interface.

Abstract: Methods and computer systems for optimization of computing resources. Obtaining one or more parameters of a resource demand, the one or more parameters including at least a defined date. Identifying, based on a projected demand for a computing resource, a resource optimization opportunity prior to the defined date. Generating a message based on the identification of the resource optimization opportunity. Identifying a second computer system based on the resource demand. Facilitating access to the computing resource prior to the defined date by a transmitting the generated message to the identified second computer system prior to the defined date.

Abstract: Systems and methods for effecting secure transactions are described. A processing device, when executing computer-executable instructions: receives from a requesting entity computing system a transaction request for a payload. The transaction request is transmitted to delivery entity computing system associated with a delivery entity identifier and geographic location. An encryption key, random number and a unique request identifier are generated and transmitted to requesting and delivery entity computing systems. In response to receiving a delivery transaction confirmation from the delivery entity computing system, the processing device verifies the secure transaction. After receiving a requestor transaction confirmation from the requesting entity computing system (indicating a verified transfer of the payload), a payload reimbursement is transferred to a delivery transaction account from a requestor transaction account.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, devices, apparatuses, and processes that maintain data confidentiality in communications involving voice-enabled devices operating within a distributed computing environment. By way of example, an apparatus may receive, from a communications system across a public communications network, a request for an element of data generated by the computing system based on first audio content obtained at a device. The apparatus may obtain the requested data element and further, may generate acoustic data representative of at least a portion of the requested data element. The apparatus may also generate an encrypted response to the received request that includes the acoustic data, and transmit the encrypted response to the device across the public communications network.

Abstract: A computer-implemented method is disclosed. The method includes: receiving, via a first application, a request to connect a first data record associated with the first application on a computing device with a second data record associated with a second application on the computing device; establishing a secure data communication channel between the first application and the second application; receiving, via the first application, a request for transfer of data between the first application and the second application; and in response to receiving the request, transmit, by the first application to the second application via the secure data communication channel, a message comprising the second device token using a trusted link associated with the second application.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, generate and provision digital tokens based on dynamically obtained contextual data. For example, an apparatus may receive first information that characterizes an exchange of data initiated by a first application program executed by the apparatus, and may generate and transmit a signal to a computing system through a programmatic interface associated with a second application program executed by the apparatus. In some instances, the first signal may include the first information and data that instructs the computing system to obtain a digital token representative of a data type available for use in the data exchange. The apparatus may also receive a second signal that includes the digital token and based on the digital token, perform operations that present second information characterizing the available data type on an interface.

Abstract: In an aspect, a processor-implemented method is disclosed. The method may be performed by a server. A method may include: receiving an authentication request from a device, the authentication request including a unique identifier; authenticating the authentication request by: retrieving a non-fungible token (NFT) identifier and public key associated with the unique identifier; identifying, from a blockchain, a blockchain address that is an owner of an NFT represented by the NFT identifier; verifying that the blockchain address that is the owner of the NFT is associated with the public key that is associated with the unique identifier; and verifying that a private key stored in a secure area of the device is associated with the public key that is associated with the unique identifier; and after authenticating the authentication request, enabling an operation not available prior to authenticating the authentication request.

Abstract: A server computer system, comprises a processor; a communications module coupled to the processor; and a memory coupled to the processor, the memory storing instructions that, when executed, configure the processor to obtain information associated with a request to transfer data to a data record; determine, based on an identifier associated with the data record, whether a real-time transfer protocol is available to complete the transfer; and send, via the communications module and to a client device associated with a recipient of the request to transfer the data to the data record, a signal updating one or more interface elements of an interface displayed on the client device based on whether the real-time transfer protocol is available to complete the transfer.