Abstract: A method including: receiving, from an application executing on a computing device and by an authentication process executing on the computing device, data representative of user credentials corresponding to the application, the authentication process being isolated from the application; packaging, by the authentication process, the data representative of user credentials with a device identification assigned to the computing device and an indication that the user credentials correspond to the application, the device identification being hidden from the application; outputting for transmission, by the authentication process and to an authentication server, an authentication request containing the packaged user credentials and device identification; receiving, by the authentication process and from the authentication server, an indication of authentication of the user credentials; and forwarding the received indication from the authentication process to the application.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for a watermark-based message queue. One of the methods includes receiving a first connection request for messages associated with a user device. A first connection session is established with the user device. A message queue of messages associated with the user device is identified, each message in the message queue is associated with a respective timestamp, and the message queue is associated with a current watermark that identifies a first timestamp. An oldest message in the message queue at the time the first connection session was established is identified. An updated watermark that identifies a second timestamp associated with the oldest message is associated with the message queue. One or more messages that have a timestamp newer than or equal to the first timestamp identified by the current watermark is provided to the user device.

Abstract: A method including: receiving, from an application executing on a computing device and by an authentication process executing on the computing device, data representative of user credentials corresponding to the application, the authentication process being isolated from the application; packaging, by the authentication process, the data representative of user credentials with a device identification assigned to the computing device and an indication that the user credentials correspond to the application, the device identification being hidden from the application; outputting for transmission, by the authentication process and to an authentication server, an authentication request containing the packaged user credentials and device identification; receiving, by the authentication process and from the authentication server, an indication of authentication of the user credentials; and forwarding the received indication from the authentication process to the application.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for a watermark-based message queue. One of the methods includes receiving a first connection request for messages associated with a user device. A first connection session is established with the user device. A message queue of messages associated with the user device is identified, each message in the message queue is associated with a respective timestamp, and the message queue is associated with a current watermark that identifies a first timestamp. An oldest message in the message queue at the time the first connection session was established is identified. An updated watermark that identifies a second timestamp associated with the oldest message is associated with the message queue. One or more messages that have a timestamp newer than or equal to the first timestamp identified by the current watermark is provided to the user device.

Abstract: A method including: receiving, from an application executing on a computing device and by an authentication process executing on the computing device, data representative of user credentials corresponding to the application, the authentication process being isolated from the application; packaging, by the authentication process, the data representative of user credentials with a device identification assigned to the computing device and an indication that the user credentials correspond to the application, the device identification being hidden from the application; outputting for transmission, by the authentication process and to an authentication server, an authentication request containing the packaged user credentials and device identification; receiving, by the authentication process and from the authentication server, an indication of authentication of the user credentials; and forwarding the received indication from the authentication process to the application.

Abstract: A method including: receiving, from an application executing on a computing device and by an authentication process executing on the computing device, data representative of user credentials corresponding to the application, the authentication process being isolated from the application; packaging, by the authentication process, the data representative of user credentials with a device identification assigned to the computing device and an indication that the user credentials correspond to the application, the device identification being hidden from the application; outputting for transmission, by the authentication process and to an authentication server, an authentication request containing the packaged user credentials and device identification; receiving, by the authentication process and from the authentication server, an indication of authentication of the user credentials; and forwarding the received indication from the authentication process to the application.

Abstract: Systems, device and techniques are disclosed for implementing a security configuration change based on one or more base events and a current security configuration. An inference module may identify a security configuration change based on receiving base events from a state storage/event listener and analyzing the base events to determine if a current security configuration is optimal given the base events.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for a watermark-based message queue. One of the methods includes receiving a first connection request for messages associated with a user device. A first connection session is established with the user device. A message queue of messages associated with the user device is identified, each message in the message queue is associated with a respective timestamp, and the message queue is associated with a current watermark that identifies a first timestamp. An oldest message in the message queue at the time the first connection session was established is identified. An updated watermark that identifies a second timestamp associated with the oldest message is associated with the message queue. One or more messages that have a timestamp newer than or equal to the first timestamp identified by the current watermark is provided to the user device.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for a watermark-based message queue. One of the methods includes receiving a first connection request for messages associated with a user device. A first connection session is established with the user device. A message queue of messages associated with the user device is identified, each message in the message queue is associated with a respective timestamp, and the message queue is associated with a current watermark that identifies a first timestamp. An oldest message in the message queue at the time the first connection session was established is identified. An updated watermark that identifies a second timestamp associated with the oldest message is associated with the message queue. One or more messages that have a timestamp newer than or equal to the first timestamp identified by the current watermark is provided to the user device.

Abstract: Systems, device and techniques are disclosed for implementing a security configuration change based on one or more base events and a current security configuration. An inference module may identify a security configuration change based on receiving base events from a state storage/event listener and analyzing the base events to determine if a current security configuration is optimal given the base events.

Abstract: The present disclosure provides systems and methods for intervention optimization. A computing system obtain an entity history of each of a plurality of entities of a computer application. For each of the plurality of entities, the computing system can determine a respective probability that each of a plurality of available interventions will improve an objective value that is determined based at least in part on a measure of continued use of a computer application by the entity. The computing system can provide interventions of the plurality of available interventions to entities of the plurality of entities based at least in part on the respective probabilities determined via the machine-learned intervention selection model. Thus, a computing system can employ a machine-learned intervention selection model to select, on an entity-by-entity basis, interventions that are predicted to prevent the entity from churning out of the computer application.

Abstract: In an example implementation of the disclosed technology, a method includes predicting, by a computing device, a destination server that is predicted to be the destination of a message from a sending device connected to the computing device. The method also includes determining whether a connection exists between the computing device and the destination server. The method also includes, responsive to determining that no connection exists, determining a connection and caching the connection at the computing device. The method also includes, responsive to receiving a message for dispatch to the destination server, dispatching the message to the destination server via the connection.

Abstract: In an example implementation of the disclosed technology, a method includes assigning a computing device to a region associated with a region server that comprises a plurality of region server instances. The method also includes generating device-to-region mapping and transmitting a replica of the device-to-region mapping to a messaging server instance and connection server instance. Further, the method includes receiving local device connection information comprising connection information relating the computing device and the connection server instance. The method also includes outputting the local device connection information to the plurality of region server instances. Additionally, the method includes receiving a message for delivery to the computing device and, responsive to accessing the local device connection information, transmitting the message to the connection server instance identified by the local device connection information.

Abstract: A method including: receiving, from an application executing on a computing device and by an authentication process executing on the computing device, data representative of user credentials corresponding to the application, the authentication process being isolated from the application; packaging, by the authentication process, the data representative of user credentials with a device identification assigned to the computing device and an indication that the user credentials correspond to the application, the device identification being hidden from the application; outputting for transmission, by the authentication process and to an authentication server, an authentication request containing the packaged user credentials and device identification; receiving, by the authentication process and from the authentication server, an indication of authentication of the user credentials; and forwarding the received indication from the authentication process to the application.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for a watermark-based message queue. One of the methods includes receiving a first connection request for messages associated with a user device. A first connection session is established with the user device. A message queue of messages associated with the user device is identified, each message in the message queue is associated with a respective timestamp, and the message queue is associated with a current watermark that identifies a first timestamp. An oldest message in the message queue at the time the first connection session was established is identified. An updated watermark that identifies a second timestamp associated with the oldest message is associated with the message queue. One or more messages that have a timestamp newer than or equal to the first timestamp identified by the current watermark is provided to the user device.

Abstract: Systems, device and techniques are disclosed for implementing a security configuration change based on one or more base events and a current security configuration. An inference module may identify a security configuration change based on receiving base events from a state storage/event listener and analyzing the base events to determine if a current security configuration is optimal given the base events.

Abstract: Systems, device and techniques are disclosed for implementing a security configuration change based on one or more base events and a current security configuration. An inference module may identify a security configuration change based on receiving base events from a state storage/event listener and analyzing the base events to determine if a current security configuration is optimal given the base events.

Abstract: A network traffic monitoring system monitors communications that a large number of personal electronic devices will direct to various services via various proxies. When a detection system determines that the volume of requests directed to at least one of the services exceeds a capacity limit threshold, a control system will command the proxies to instruct the devices to slow or stop the service requests until the system determines that it is clear to resume communication.

Abstract: Systems, device and techniques are disclosed for implementing a security configuration change based on one or more base events and a current security configuration. An inference module may identify a security configuration change based on receiving base events from a state storage/event listener and analyzing the base events to determine if a current security configuration is optimal given the base events.

Abstract: In an example implementation of the disclosed technology, a method includes receiving, at a processor, an indication of a user intent, the user intent indicative of an intent of a user to control a functionality of a receiving device in wireless communication with the computing device. The method also includes serializing at least a portion of data representing the indication of the user intent into a text bundle. The method also includes generating a message configured to control the functionality of the receiving device according to the user intent, the message comprising at least the text bundle. Finally, the method includes transmitting the message for delivery to the receiving device.