Abstract: Methods and systems for performing federated private anomaly detection are disclosed. An anomaly detector computer can collaborate with an aggregator computer and an account management computer in order to train machine learning models, which can be used to classify events as not fraudulent or fraudulent. The anomaly detector computer can obliviously use private information (e.g., account flags and account flag values) held by the account management computer to train and use the machine learning models, such that the anomaly detector does not become aware of the account flags or account flags values. Such a system can be used, for example, for the detection and prevention of financial crime. The anomaly detector computer can use the account flag information possessed by the account management computer to identify fraudulent events performed by customers of the organization operating the account management computer.

Abstract: Provided are systems for determining adversarial examples that include at least one processor to determine a first additional input from a plurality of additional inputs based on a proximity of the first additional input to an initial input, determine a second additional input from the plurality of additional inputs based on a proximity of the second additional input to the first additional input, generate a first vector embedding, a second vector embedding and a third vector embedding based on the second additional input, generate a first relational embedding, a second relational embedding, and a third relational embedding based on the third vector embedding and the first vector embedding, concatenate the first relational embedding, the second relational embedding, and the third relational embedding to provide a concatenated version, and determine whether the first input is an adversarial example based on the concatenated version. Methods and computer program products are also provided.

Abstract: A method, performed by a digital identity computer, for processing a resource request is disclosed. The method includes receiving. from a user device operated by a user, a resource request and indication of identity attributes needed to process the resource request. The digital identity computer may then retrieve an identity token associated with the user and compute an authentication score based on the sensitivity and rarity of the identity attributes indicated. The authentication score can be used to determine an authentication process. After determining and executing the authentication process with the user device, the digital identity computer may then grant the user device access to the resource requested.

Abstract: Provided are systems for determining adversarial examples that include at least one processor to determine a first additional input from a plurality of additional inputs based on a proximity of the first additional input to an initial input, determine a second additional input from the plurality of additional inputs based on a proximity of the second additional input to the first additional input, generate a first vector embedding, a second vector embedding and a third vector embedding based on the second additional input, generate a first relational embedding, a second relational embedding, and a third relational embedding based on the third vector embedding and the first vector embedding, concatenate the first relational embedding, the second relational embedding, and the third relational embedding to provide a concatenated version, and determine whether the first input is an adversarial example based on the concatenated version. Methods and computer program products are also provided.

Abstract: The present disclosure describes a method and system for training a robust source code model in a neural network. The neural network trains on a large-scale dataset and adversarial examples to improve the classification accuracy of the source code model. The system generates adversarial examples based on a sequence of transformations, modeled by a mapping function in the feature-space.

Abstract: Methods and systems for privacy-preserving identity attribute verification are presented. During an interaction between a relying entity and a user, a relying entity computer can transmit a policy token to a user device. The policy token may indicate the information needed by the relying entity in order to perform the interaction. The user device can verify the policy token, then use the policy token in conjunction with an identity token to generate a zero-knowledge proof. The user device may transmit the zero-knowledge proof to an identity service provider computer. The identity service provider computer may verify the zero-knowledge proof, then generate a verification message. The identity service provider computer may sign the verification message and transmit the signed verification message to the relying entity computer. The relying entity computer may verify the verification message and complete the interaction with the user.

Abstract: A method is disclosed. The method comprises receiving, by a user device from an identity network computer, a query set comprising a plurality of test identity attributes; encrypting, by the user device, the query set to form an obscured query set; computing, by the user device, a zero-knowledge proof using the obscured query set and an encrypted identity attribute associated with a user operating the user device; and transmitting, by the user device to the identity network computer, the obscured query set and the zero-knowledge proof, wherein the identity network computer verifies the zero-knowledge proof, retrieves an encrypted identity attribute associated with the user, evaluates the obscured query set with respect to the encrypted identity attribute, and transmits a result of the evaluation to a relying party computer.

Abstract: Provided is a computer-implemented method for authenticating an identification document. The method includes determining, with at least one processor, whether image data associated with the identification document has at least one predetermined indicia. In response to determining that the image data has the at least one predetermined indicia, the method includes determining whether the at least one predetermined indicia corresponds to at least one invalidation mark on the identification document, and, in response to determining that the at least one predetermined indicia corresponds to the at least one invalidation mark, determining, that the identification document is invalid. In response to determining that the identification document is invalid, the method includes preventing or causing the prevention of at least one action from being performed. A system and computer program product for authenticating identification documents are also disclosed.

Abstract: Training an adversarial perturbation detector comprises accessing a training set comprising an enrolled biometric sample xi and a public biometric sample x of an enrolled user, and submitted biometric samples x? of a second user, the submitted biometric samples x? comprising perturbed adversarial samples x?+?x?. A transformation function k(?) is provided having learnable a parameter ? and a classifier having a learnable parameter ?. The training set is used to learn the parameters ? and ? by inputting the training set to the transformation function k(?). The transformation function k(?) generates transformed enrolled samples k(xi), a transformed public biometric sample k(x), and a transformed adversarial sample k(x?+?x?). The classifier classifies the transformed adversarial sample k(x?+?x?) as a success or as a fail based on the transformed enrolled samples k(xi). Based on a result of the classification, the learnable parameters ? and ? are updated.

Abstract: A method is disclosed. The method includes receiving, by a processing network computer from a relying party computer associated with a relying party, a request for data associated with a user operating a user device. The processing network computer may retrieve first encrypted data of the user having a user-layer of encryption. The processing computer can then generate a second symmetric key to add a relying party-layer of encryption to the first encrypted data using a stream cipher. The doubly encrypted data may be transmitted to a user device that removes the user-layer of encryption on the first doubly encrypted data, and then adds a second relying party-layer of encryption to form second doubly encrypted data. The second doubly encrypted data may be transmitted to the relying party computer, which can remove both relying party-layers of encryption to gain access to the data associated with the user.

Abstract: Described herein are a system and techniques for detecting whether biometric data provided in an access request is genuine or a replay. In some embodiments, the system uses an machine learning model trained using genuine and replay sample data which is optimized in order to produce a result set in which results for the genuine samples are pulled closer to a genuine center and results for the replay samples are pushed away from the genuine center. Subjecting input biometric data (e.g., an audio sample) to the trained model results in a classification of the input biometric data as genuine or replay, which can then be used to determine whether or not to verify the input biometric data.

Abstract: Methods and systems for privacy-preserving identity attribute verification are presented. During an interaction between a relying entity and a user, a relying entity computer can transmit a policy token to a user device. The policy token may indicate the information needed by the relying entity in order to perform the interaction. The user device can verify the policy token, then use the policy token in conjunction with an identity token to generate a zero-knowledge proof. The user device may transmit the zero-knowledge proof to an identity service provider computer. The identity service provider computer may verify the zero-knowledge proof, then generate a verification message. The identity service provider computer may sign the verification message and transmit the signed verification message to the relying entity computer. The relying entity computer may verify the verification message and complete the interaction with the user.

Abstract: A method is disclosed. The method comprises receiving, by an identity network computer, a query set including a plurality of test identity attributes. After receiving the query set, the identity network computer may retrieve derivatives of identity attributes associated with a user, and an encrypted trapdoor, then compute an obscured query set using the query set, and optionally the derivatives of identity attributes. The identity network computer may transmit the obscured query set (i) and the encrypted trapdoor to a user device associated with the user, which generates and transmits a first modified trapdoor and the obscured query set to a relying party computer, or (ii) and a second modified trapdoor to the relying party computer. The relying party computer may thereafter use the obscured query set, and the first modified trapdoor or the second modified trapdoor, to determine if the identity attributes is a member of the query set.

Abstract: A method is disclosed. The method comprises receiving, from a server computer, a challenge, and displaying objects from an object list to a user. The method includes determining that a user has visually selected an object from the object list and moving the selected object on a display according to screen coordinates. A client computer captures a biometric of the user, and compares the biometric to another biometric stored in the client computer to provide a first comparison output, and compares a derivative of the selected object to a derivative of an object stored in the client computer to produce a second comparison output. The client computer signs the challenge with a private key and sends the signed challenge to the server computer, and the server computer verifies the signed challenge.

Abstract: Provided is a computer-implemented method for authenticating an identification document. The method includes determining, with at least one processor, whether image data associated with the identification document has at least one predetermined indicia. In response to determining that the image data has the at least one predetermined indicia, the method includes determining whether the at least one predetermined indicia corresponds to at least one invalidation mark on the identification document, and, in response to determining that the at least one predetermined indicia corresponds to the at least one invalidation mark, determining, that the identification document is invalid. In response to determining that the identification document is invalid, the method includes preventing or causing the prevention of at least one action from being performed. A system and computer program product for authenticating identification documents are also disclosed.

Abstract: A method is disclosed. The method includes receiving, by a processing network computer from a relying party computer associated with a relying party, a request for data associated with a user operating a user device. The processing network computer may retrieve first encrypted data of the user having a user-layer of encryption. The processing computer can then generate a second symmetric key to add a relying party-layer of encryption to the first encrypted data using a stream cipher. The doubly encrypted data may be transmitted to a user device that removes the user-layer of encryption on the first doubly encrypted data, and then adds a second relying party-layer of encryption to form second doubly encrypted data. The second doubly encrypted data may be transmitted to the relying party computer, which can remove both relying party-layers of encryption to gain access to the data associated with the user.

Abstract: Provided is a method for enabling speaker de-identification in public audio data by leveraging adversarial perturbation. The method may include receiving audio data associated with at least one voice sample. One or more of the voice sample(s) may be perturbed toward an edge of a decision boundary of at least one classifier model. One pitch of each voice sample may be perturbed to shift each voice sample across the decision boundary of the at least one classifier model to provide at least one de-identified voice sample. A media file with the at least one de-identified voice sample may be encoded. A system and computer program product are also disclosed.

Abstract: Described herein are a system and techniques for enabling biometric authentication without exposing the authorizing entity to sensitive information. In some embodiments, the system receives a biometric template from a user device which is encrypted using a public key associated with the system. The encrypted biometric template is then provided to a second entity along with a biometric identifier. Upon receiving a request to complete a transaction that includes the biometric identifier and a second biometric template, the second entity may encrypt the second biometric template using the same public key associated with the system and perform a comparison between the two encrypted biometric templates. The resulting match result data file is already encrypted and can be provided to the system to determine an extent to which the two biometric templates match.

Abstract: A method is disclosed. The method includes receiving, by a processing network computer from a relying party computer associated with a relying party, a request for data associated with a user operating a user device. The processing network computer may retrieve first encrypted data of the user having a user-layer of encryption. The processing computer can then generate a second symmetric key to add a relying party-layer of encryption to the first encrypted data using a stream cipher. The doubly encrypted data may be transmitted to a user device that removes the user-layer of encryption on the first doubly encrypted data, and then adds a second relying party-layer of encryption to form second doubly encrypted data. The second doubly encrypted data may be transmitted to the relying party computer, which can remove both relying party-layers of encryption to gain access to the data associated with the user.

Abstract: A method is disclosed. The method comprises receiving, by a digital identity computer, a request for personal data associated with a user. The digital identity computer may retrieve encrypted personal data, wherein the personal data is encrypted with a public key associated with the user. The digital identity computer may encrypt the encrypted personal data with a first public key associated with a relying party or derivative thereof to form subsequently encrypted personal data. The method may then proceed to transmit the subsequently encrypted personal data or derivative thereof to a relying party computer, or a user device. If the user device receives the subsequently encrypted personal data, the user device may thereafter transmit the subsequently encrypted personal data or derivative thereof to the relying party computer. Then, the relying party computer obtains the personal data from the subsequently encrypted personal data or derivative thereof.