Abstract: Managed lifecycle roles are disclosed. Managed lifecycle roles may be used for secure credential vending or otherwise. For instance, an entity (e.g., administrator or other entity) requests, via an interface of a role manager, creation of a role associated with a lifecycle definition (e.g., an expression of an enforceable expiration of the role or similar characteristic). The role manager stores the role and role lifecycle definition to a data store. Another entity requests to use the role to perform some operation with respect to a resource. A credential service validates the request against a lifecycle definition for the role (and against an access control list, in some examples) and responds to valid requests with credentials useable to perform the operation with respect to the resource. The other entity uses the credentials to perform the operation with respect to the resource. A sweep process manages attributes of the roles.

Abstract: A cloud managed storage system (200) includes a cluster of the nodes (220) that are already in communication with a cloud management plane (280) that has visibility of all the storage nodes (220) in the cluster. When a cluster is created, the number of nodes (220) is determined and based on the number of nodes (220), the storage system (200) can determine whether an external quorum witness (284) is required and automatically enable a quorum witness (284) as a cloud service. Storage nodes (220) can contact the quorum witness (284) when necessary for failover processes.

Abstract: Managed lifecycle roles are disclosed. Managed lifecycle roles may be used for secure credential vending or otherwise. For instance, an entity (e.g., administrator or other entity) requests, via an interface of a role manager, creation of a role associated with a lifecycle definition (e.g., an expression of an enforceable expiration of the role or similar characteristic). The role manager stores the role and role lifecycle definition to a data store. Another entity requests to use the role to perform some operation with respect to a resource. A credential service validates the request against a lifecycle definition for the role (and against an access control list, in some examples) and responds to valid requests with credentials useable to perform the operation with respect to the resource. The other entity uses the credentials to perform the operation with respect to the resource. A sweep process manages attributes of the roles.

Abstract: Managed lifecycle roles are disclosed. Managed lifecycle roles may be used for secure credential vending or otherwise. For instance, an entity (e.g., administrator or other entity) requests, via an interface of a role manager, creation of a role associated with a lifecycle definition (e.g., an expression of an enforceable expiration of the role or similar characteristic). The role manager stores the role and role lifecycle definition to a data store. Another entity requests to use the role to perform some operation with respect to a resource. A credential service validates the request against a lifecycle definition for the role (and against an access control list, in some examples) and responds to valid requests with credentials useable to perform the operation with respect to the resource. The other entity uses the credentials to perform the operation with respect to the resource. A sweep process manages attributes of the roles.

Abstract: An electronic fund transfer system comprises a transaction server, a first mobile electronic device operated by a first user, and a second mobile electronic device operated by a second user. The transaction server stores user profiles, including financial account details and other personal details, for each of the first user and the second user, and further stores therein a list of first users associate with a premise. The second mobile electronic device is operable to obtain from the transaction server the list of first users associated with the premise. The second mobile electronic device is further operable by the second user to select one first user from the list and effect a transfer of funds from the second user to the selected first user. The transfer of funds from the second user to the selected first user is effected without any of the financial account details and other personal details of the first user being provided to the second user.

Abstract: An electronic payment system includes a wallet server storing account details of one or more payment schemes with which a user has an account; a mobile application operable to indicate to the wallet server which of the one or more payment schemes is to be pre-authorized for a transaction; and a payment card conforming to a payment card standard. Operating the payment card to effect a financial transaction effects a financial transaction using the payment scheme indicated to the wallet server by the mobile application.

Abstract: A system for effecting electronic payments via multiple payment schemes from a single payment integrated circuit (IC) card includes a payment IC card conforming to a payment card standard, the payment IC card being issued with a plurality of primary account numbers (PANs) from the payment card standard; a wallet server storing account details of one or more payment schemes with which a user has an account; and a vendor payment system configured to accept transactions using the payment card standard. The payment IC card is operable to transact with the vendor payment system using the payment card standard. The vendor payment system is operable to provide to the wallet server one of the PANs issued to the payment IC card to effect a financial transaction via one of the payment schemes with which the user has an account.

Abstract: The present invention is directed to a smartcard that enables a one-time pin code offline security authentication with a card reader. This is achieved by generating a one-time pin code when the user inputs their pin code. The inputted pin code is encrypted and matched with the encrypted user correct pin code. If there is a match the one-time pin code is stored in memory and the transaction can proceed.

Abstract: A system for effecting a financial transaction via multiple payment schemes from a single payment integrated circuit (IC) card is provided. The system comprises a payment IC card compatible with a payment card standard, the payment IC card having one or more selectable presets each identified by an identifying value; a wallet server storing, in association with respective identifying values, user payment scheme accounts of one or more payment schemes; and a vendor payment system configured to facilitate transactions in accordance with the payment card standard, wherein the wallet server is configured to receive an identifying value from the vendor payment system, and further wherein the wallet server is configured to effect a financial transaction with a user payment scheme account stored in association with an identifying value matching the identifying value received from the vendor payment system.

Abstract: An electronic payment system includes a wallet server storing account details of one or more payment schemes with which a user has an account; a mobile application operable to indicate to the wallet server which of the one or more payment schemes is to be pre-authorized for a transaction; and a payment card conforming to a payment card standard. Operating the payment card to effect a financial transaction effects a financial transaction using the payment scheme indicated to the wallet server by the mobile application.

Abstract: A system for effecting electronic payments via multiple payment schemes from a single payment integrated circuit (IC) card includes a payment IC card conforming to a payment card standard, the payment IC card being issued with a plurality of primary account numbers (PANs) from the payment card standard; a wallet server storing account details of one or more payment schemes with which a user has an account; and a vendor payment system configured to accept transactions using the payment card standard. The payment IC card is operable to transact with the vendor payment system using the payment card standard. The vendor payment system is operable to provide to the wallet server one of the PANs issued to the payment IC card to effect a financial transaction via one of the payment schemes with which the user has an account.

Abstract: A computer method and system provide means for recommending an organization to a user. The system includes a database of business relationships between organizations. A user may search for an organization according to search criteria and the system will select a set of organizations that match the criteria. The organizations may be displayed based on the relevance of the selected organization and the similarity of organizations connected to the selected organizations.

Abstract: The present invention is directed to a smartcard that enables a one-time pin code offline security authentication with a card reader. This is achieved by generating a one-time pin code when the user inputs their pin code. The inputted pin code is encrypted and matched with the encrypted user correct pin code. If there is a match the one-time pin code is stored in memory and the transaction can proceed.

Abstract: A method of authenticating a remote service (104) to a user (102) via a communications network (106) is disclosed. The remote service (104) obtains a service authentication code that has been generated, using a code generation algorithm, based on a first secret key. The service authentication code is communicated to the user (102) via the communications network (106) and received, or entered, into an authentication device (106) associated with the user (102). The authentication device (106) then generates, using the same code generation algorithm, an expected code value based on a second secret key and compares the expected code value to the service authentication code. Responsive to the comparison, and in the event that the expected code value correlates with the service authentication code, the authentication device (106) generates a response that indicates to the user (102) the authenticity of the remote service (104).