Abstract: Systems and methods for managing conditional use data resources are described. A conditional data record is disclosed. The conditional data record records only data resources having conditions restricting use and excludes data resources defined in a non-conditional data record. A first transfer of first data resources is received to an account. The first transfer has a first condition restricting use of the first data resources. The conditional data record is updated based on the first data resources. A transfer request for second data resources is received. The transfer request includes metadata defining a second condition. Based on the metadata, a determination is made regarding whether data resources associated with the conditional data record or data resources associated with the non-conditional data record should be used to complete the transfer request. The transfer request is completed.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically manage consent, permissioning, and trust between computing systems and unrelated, third-party applications operating within a computing environment. By way of example, the apparatus may receive a request for an element of data that includes an access token and first credential data associated with an application program. When the first credential data corresponds to second credential data associated with the application program, may determine that the requested data element is accessible to the application program and perform operations that validate the access token. Further, and based on the validation of the access token, that apparatus may obtain and encrypt the requested data element, and may transmit the encrypted data element to a device via the communications interface.

Abstract: According to an aspect there is provided a system that is configured to: detect, based on an output of at least one of the one or more sensors, an entity at the physical premises; authenticating the detected entity by: receiving, from a first system, an indication that authentication has been performed by the first system using a first authentication parameter; obtaining an indication that authentication has been performed by a system that is not the first system using a second authentication parameter; and determining that the detected entity is an authenticated entity based on the indication that the authentication has been performed by the first system and the indication that authentication has been performed by the system that is not the first system. The system may also be configured to perform an operation for the authenticated entity.

Abstract: Systems and methods for the efficient transfer of data are disclosed. The method comprises obtaining transfer definitions for a plurality of transfers to be completed, and identifying a set of the plurality of transfers including only the transfers having transfer definitions received during a particular time period. The particular time period has a starting time of no more than ten seconds earlier than a current time. The method further comprises performing an aggregation on the transfers in the set to reduce a number transfers that are to occur, yielding an amended set of transfers; and immediately, after the aggregation, completing the amended set of transfers. Completing the amended set of transfers includes updating a shared infrastructure.

Abstract: A server computer system, comprises a processor; a communications module coupled to the processor; and a memory coupled to the processor, the memory storing instructions that, when executed, configure the processor to receive, via the communications module and from a client device, a signal including a request to configure a transfer of data to a particular data record; determine that the particular data record is associated with a third party server; obtain a trust score associated with the particular data record; determine that the trust score satisfies trust criteria; and responsive to determining that the trust score satisfies trust criteria, enable one or more transfer features associated with a real-time transfer protocol.

Abstract: According to an aspect there is provided an ambient commerce system. The ambient commerce system may include a sensor at an ambient commerce premises. The ambient commerce system may include a processor coupled to the one or more sensors. The ambient commerce system may include a memory coupled to the processor. The memory may store processor-executable instructions which, when executed, cause the processor to: detect, based on an output of one or more of the sensors, engagement of an entity with a restricted item; identify the entity; obtain at least a portion of a profile for the entity; determine, based on the at least a portion of the profile for the identified entity, eligibility for the entity to acquire the restricted item; and selectively generate, based on the determined eligibility for the entity, a notification on an electronic device associated with the entity.

Abstract: A computer-implemented method is disclosed. The method includes: receiving, via a client device, a resource transfer request for resources to be transferred to a transferee account; generating a secure data object based on request data of the resource transfer request, the secure data object including a first hash computed based on an input string comprising a transferee account identifier; signing the secure data object using a private key of a transferee resource account management system; and sending the signed secure data object to a messaging address associated with a transferor account.

Abstract: The disclosed exemplary embodiments include computer-implemented apparatuses and methods that validate confidential data based privacy-preserving homomorphic computations involving encrypted data. For example, an apparatus may receive, from a first computing system, encrypted data that includes a first encrypted value representative of at least one of first account data or an element of cryptographic data. Based on the first encrypted value and on second encrypted values, the apparatus may generate encrypted residual values representative of second account data associated with one or more reference accounts, and the apparatus may request and receive a decrypted residual value associated with each of the encrypted residual values from a second computing system. The apparatus may transmit the decrypted residual values to the first computing system, which may validate the first account data based on at least the decrypted residual values and perform operations associated with the validated first account data.

Abstract: Methods and systems for performing a partial pass-through transfer are described. In an aspect, a method includes: receiving, from a first computing system, pass-through transfer definition data to be associated with a first logical storage area, the pass-through transfer definition data including a trigger condition for a pass-through transfer and an apportionment value for the pass-through transfer; storing a representation of the pass-through transfer definition data in association with the first logical storage area; detecting a first data transfer to the first logical storage area, the first data transfer representing a transfer of a resource; determining that the first data transfer satisfies the trigger condition; and in response to determining that the first data transfer satisfies the trigger condition: identifying a portion of the resource based on the apportionment value; and initiating a second data transfer.

Abstract: The disclosure generally describes computer-implemented methods, software, and systems, including a method for placing a card into an alert state. An alert detection indication is received during an attempted data exchange using a permanent account number (PAN) associated with a card. The alert detection indication is received by an electronic controller embedded in the card and is received through an interface. The alert detection indication indicates that the PAN has an alert state identified for the PAN by an entity that issued the card. An operational mode of the card is modified into the alert state by the electronic controller and is based on receipt of the alert detection indication. An electronic display indicating that the card is in the alert state is displayed by the electronic controller.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically manage consent, permissioning, and trust between computing systems and unrelated, third-party applications operating within a computing environment. By way of example, the apparatus may receive a request for an element of data that includes an access token and first credential data associated with an application program. When the first credential data corresponds to second credential data associated with the application program, may determine that the requested data element is accessible to the application program and perform operations that validate the access token. Further, and based on the validation of the access token, that apparatus may obtain and encrypt the requested data element, and may transmit the encrypted data element to a device via the communications interface.

Abstract: According to an aspect there is provided an ambient commerce system. The ambient commerce system may include a sensor at an ambient commerce premises, a communication module, and a processor coupled to the sensor and the communication module. The ambient commerce system further includes a memory coupled to the processor. The memory stores processor-executable instructions which, when executed, cause the processor to: detect, based on an output of one or more of the sensors, an unauthenticated entity at an ambient commerce premises; receive, from a first independent trusted system and via the communication module, an indication that authentication has been performed by the first independent trusted system for the unauthenticated entity using a first authentication parameter; determine that the entity is an authenticated entity based on the indication that the authentication has been performed and at least a second authentication parameter; and perform an ambient commerce operation for the authenticated entity.

Abstract: Methods and computer systems for optimization of computing resources. Obtaining one or more parameters of a resource demand, the one or more parameters including at least a defined date. Identifying, based on a projected demand for a computing resource, a resource optimization opportunity prior to the defined date. Generating a message based on the identification of the resource optimization opportunity. Identifying a second computer system based on the resource demand. Facilitating access to the computing resource prior to the defined date by a transmitting the generated message to the identified second computer system prior to the defined date.

Abstract: Methods and systems for controlling computing processes to manage finite resources are described. In an aspect, a method may include obtaining resource availability data indicating current resource availability for a resource associated with the computing system. The method may further include detecting an excess availability of a resource of a particular type based on the resource availability data. The method may further include, in response to detecting the excess availability of the resource of the particular type, identify a flexibly-scheduled computing process requiring the use of the resource of the particular type. The method may further include initiating the flexibly-scheduled computing process to consume at least a portion of the excess availability of the resource.

Abstract: According to an aspect there is provided an ambient commerce system. The ambient commerce system may include a sensor at an ambient commerce premises. The ambient commerce system may include a processor coupled to the one or more sensors. The ambient commerce system may include a memory coupled to the processor. The memory may store processor-executable instructions which, when executed, cause the processor to: detect, based on an output of one or more of the sensors, engagement of an entity with a restricted item; identify the entity; obtain at least a portion of a profile for the entity; determine, based on the at least a portion of the profile for the identified entity, eligibility for the entity to acquire the restricted item; and selectively generate, based on the determined eligibility for the entity, a notification on an electronic device associated with the entity.

Abstract: A method for evaluating security of third-party application is disclosed. The method includes: in an automated test environment: launching a test instance of a first application; and obtaining a data access signature of the first application based on identifying at least one application state of the first application and account data retrieved by the first application from a user account at a protected data resource in the at least one application state; receiving, from a client device associated with the user account, an indication of access permissions for the first application to access the user account for retrieving account data; detecting a change in the data access signature of the first application; and in response to detecting the change in the data access signature of the first application, notifying the user of the detected change.

Abstract: A method for evaluating security of third-party application is disclosed. The method includes: in an automated test environment: launching a test instance of a first application; and obtaining a data access signature of the first application based on identifying at least one application state of the first application and account data retrieved by the first application from a user account at a protected data resource in the at least one application state; receiving, from a client device associated with the user account, an indication of access permissions for the first application to access the user account for retrieving account data; detecting a change in the data access signature of the first application; and in response to detecting the change in the data access signature of the first application, notifying the user of the detected change.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, devices, apparatuses, and processes that maintain data confidentiality in communications involving voice-enabled devices in a distributed computing environment using homomorphic encryption. By way of example, an apparatus may receive encrypted command data from a computing system, decrypt the encrypted command data using a homomorphic private key, and perform operations that associate the decrypted command data with a request for an element of data. Using a public cryptographic key associated with a device, the apparatus generate an encrypted response that includes the requested data element, and transmit the encrypted response to the device. The device may decrypt the encrypted response using a private cryptographic key and to perform operations that present first audio content representative of the requested data element through an acoustic interface.

Abstract: Methods and computer systems for optimization of computing resources. Obtaining one or more parameters of a resource demand, the one or more parameters including at least a defined date. Identifying, based on a projected demand for a computing resource, a resource optimization opportunity prior to the defined date. Generating a message based on the identification of the resource optimization opportunity. Identifying a second computer system based on the resource demand. Facilitating access to the computing resource prior to the defined date by a transmitting the generated message to the identified second computer system prior to the defined date.

Abstract: Systems and methods for effecting secure transactions are described. A processing device, when executing computer-executable instructions: receives from a requesting entity computing system a transaction request for a payload. The transaction request is transmitted to delivery entity computing system associated with a delivery entity identifier and geographic location. An encryption key, random number and a unique request identifier are generated and transmitted to requesting and delivery entity computing systems. In response to receiving a delivery transaction confirmation from the delivery entity computing system, the processing device verifies the secure transaction. After receiving a requestor transaction confirmation from the requesting entity computing system (indicating a verified transfer of the payload), a payload reimbursement is transferred to a delivery transaction account from a requestor transaction account.