Abstract: Systems and methods for providing a workspace Root-of-Trust (RoT) are described. In an embodiment, an Information Handling System (IHS) may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution, cause the IHS to receive a digital certificate from each of a plurality of peripheral devices coupled to the IHS in a workspace and combine at least portions of the digital certificates to create a workspace certificate unique to the workspace.

Abstract: A gate apparatus includes a progress indicator and a control unit. The progress indicator indicates the progress of the procedures related to emigration and immigration examination of the examination target user. The control unit controls the progress indicator depending on the nationality of the examination target user.

Abstract: Systems and methods for dynamic inclusion of enhanced data in transactions are disclosed. According to another embodiment, in an information processing apparatus comprising at least one computer processor, a method for conducting a mobile wallet payment with dynamic enhanced data using a mobile payment application may include: (1) receiving, from a merchant point of transaction device, a transaction request from a mobile payment application executed by a mobile electronic device, the transaction request comprising a unique identifier for a financial instrument provisioned to a mobile wallet computer application and a payment option selection; and (2) processing the transaction request according to the payment option selection.

Abstract: Aspects disclosed are directed to a system and methods that device authentication. The system at least transmits a silent push notification to an application installed on a client device. The silent push notification includes a push token provided by a push service and an embedded secret. A response to the silent push notification can be received with a further embedded secret. The embedded secret and the further embedded secret can be compared to determine if they match. If the embedded secret and the further embedded secret match, the client device can be authenticated.

Abstract: Biometrically-linked electronic proof of health status of an individual. In one embodiment, an electronic device including a biometric capture circuitry, a memory, and an electronic processor. The biometric capture circuitry configured to capture one or more biometrics of the individual. The electronic processor is configured to receive the one or more biometrics of the individual that are captured by the biometric capture circuitry, generate a biometric token of the individual based on the one or more biometrics, receive information indicative of a health status of the individual, link the information indicative of the health status of the individual to the biometric token, and control the memory to store the biometric token and the information indicative of the health status of the individual that is linked to the biometric token.

Abstract: Systems and methods are described for authenticating devices. The systems and methods may include detecting, by a sensor on a wearable device, at least one cloud anchor that includes an identifier associated with a network and configured for a physical environment. In response to detecting that a location associated with the at least one cloud anchor is within a threshold distance of the wearable device and detecting that the wearable device has access to the at least one cloud anchor, triggering extraction of the identifier from the at least one cloud anchor. The systems and methods may also include joining the wearable device to the network based on a received authentication corresponding to the extracted identifier.

Abstract: System, apparatus, device and methods relating to a telematic vehicle sharing platform ecosystem and a telematic vehicle share I/O expander to automate sharing and management of a vehicle that is shared by more than one operator.

Abstract: The disclosure describes a campaign director (CD) system associated with a financial institution and an associated campaign manager (CM) unit executing on a mobile device used to facilitate behavior based allocation of payment tokens and activation of payment transactions based on the tokens. The CM unit of the mobile device may be programmed by the CD system at the financial institution to generate tokens according to a token generation model that is a function of financial behavior history associated with a credit card account. When a credit card is used to initiate a payment transaction with a merchant, the CM unit of the mobile device may generate a token for the payment transaction and send the token to the CD system at the financial institution. The CD system then determines whether to activate the payment transaction based on the token and merchant data associated with the payment transaction.

Abstract: A data controller computing device is configured to receive, from a voice-controlled (VC) computing device, a shared payment initialization request identifying a primary user payment account associated with the VC computing device. The DC computing device creates a shared payment account linked in a database to the primary user payment account. The DC computing device also receives secondary user information, and links in the database at least one secondary user payment account to the shared payment account. Additionally, the DC computing device transmits a shared payment account identifier to the VC computing device. The DC computing device receives, via a payment network, a transaction authorization request including the shared payment account identifier, a merchant identifier, and a transaction amount. The DC computing device applies respective portions of the transaction amount against each of the primary user account and the at least one secondary user payment account.

Abstract: System, apparatus, device and methods relating to a telematic vehicle sharing platform ecosystem and a telematic vehicle share I/O expander to automate sharing and management of a vehicle that is shared by more than one operator.

Abstract: Provided is a system and method of optical character recognition of a bag tag, the method including: a) obtaining, by at least one of at least one processor, image data representative of at least one image of printed passenger information associated with an airline travel carrier on an originating hardcopy bag tag or a printed instrument comprising at least a portion of the printed passenger information on the originating hardcopy bag tag to create a digital passenger information (DPI) data record linked to the airline travel carrier, wherein the originating hardcopy bag tag is issued for a luggage item of a passenger, and wherein the DPI data record comprises an International Air Transport Association (IATA) license plate number, a passenger name record (PNR) number, an airline code, an airline name, a name of the passenger, or any combination thereof; b) accessing, by at least one of the at least one processor, passenger return flight information from a computer system associated with the airline travel car

Abstract: Techniques and apparatus for allowing a network fabric to accept network devices associated with other fabric networks are described. An example technique involves establishing a communication session between a first network node and a first control plane of the network fabric, wherein the first network node supports a second control plane different from the first control plane; First routing information from the first network node is imported into a first routing table of the first control plane. Second routing information from a second network node is imported into a second routing table of the first network node.

Abstract: A wireless signal may supply a wireless power signal to a device to power the device for an authentication. If the device is authenticated, the wireless signal may be adjusted to provide power to the device. If the device is not authenticated, the wireless signal may be adjusted to avoid providing power to the device.

Abstract: Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key.

Abstract: A system and method in which the Bluetooth technology is used in conjunction with a user application on a mobile device to facilitate hands-free fare validation at a transit station. The user app communicates with a controller driver in a controller unit that interfaces with a compliant fare gate. Bluetooth beacons are used to determine a passenger's proximity to the gate and camera-like devices determine whether a passenger has entered a fare validation zone. A user with a valid and active electronic ticket on their mobile device may simply walk through the fare gate “hands free” without the need to search for a physical ticket or a smartcard or a mobile phone. This hassle-free approach significantly improves the user experience and passenger throughput through fare gates. The Bluetooth-based automated fare validation system also detects passengers with valid electronic tickets and those without a valid permit for travel.

Abstract: The disclosure describes a biometric authentication system that can authorize a transaction at a retail store using a person's biometric data and password. The biometric authentication system may include a point-of-sale device that can receive a biometric data (e.g., voice data, fingerprint data, or facial data) of a person that initiates a transaction. The biometric authentication system may also include one or more authentication systems that analyzes the received biometric data, and an authorization system that compares data obtained from the one or more authentication systems and the POS device to determine whether the information obtained from the person is related to that person's biometric and password information previously stored by the authorization system.

Abstract: A method includes receiving first data associated with a first power amplifier and second data associated with a second power amplifier. The method also includes generating a first amplitude limiting signal having gain parameters that are based on the first data and the second data. The first data includes at least one of a temperature measurement associated with the first power amplifier, a supply voltage measurement associated with the first power amplifier, a load resistance associated with the first power amplifier, or a gain associated with the first power amplifier. The method further includes modifying an audio signal based at least in part on the first amplitude limiting signal to generate a first gain-adjusted audio signal. The method also includes providing a first output audio signal to the first power amplifier for amplification. The first output audio signal is based at least in part on the first gain-adjusted audio signal.

Abstract: A gate apparatus (10) includes a first light emission unit (110), a first person detection unit (120), a second person detection unit (122), and a control unit (140). Each of the first person detection unit (120) and the second person detection unit (122) detects existence of a person. The second person detection unit (122) is positioned on the exit side of the first person detection unit (120). Then, the control unit (140) changes the light emission state of the first light emission unit (110) from a first state to a second state different from the first state with detection of a person by the first person detection unit (120) as at least one condition. Further, the control unit (140) sets the light emission state of the first light emission unit (110) to the first state with detection of a person by the second person detection unit (122) as at least one condition.

Abstract: The features relate to artificial intelligence directed detection of user behavior based on complex analysis of user event data including language modeling to generate distributed representations of user behavior. Further features are described for reducing the amount of data needed to represent relationships between events such as transaction events received from card readers or point of sale systems. Machine learning features for dynamically determining an optimal set of attributes to use as the language model as well as for comparing current event data to historical event data are also included.

Abstract: The invention relates generally to systems and methods for protecting patient privacy when health care information is shared between various entities and, in particular, to systems and methods that implement a multi-stage sanitizing routine for de-identifying patient data from medical reports and diagnostic images to ensure patient privacy, while preserving the ability for sanitized medical reports and diagnostic images to be re-identified.

Abstract: An access-control mechanism, wireless device, and method for controlling the access-control mechanism and wireless device is provided herein. During operation the wireless device will create a “group” of devices that will be allowed to enter through a passage barrier without authentication. When authenticating with the access-control mechanism, the wireless device will prove the access-control mechanism with a list of credentials (e.g., identification information) for each device within the group. The access-control mechanism will then determine if every device on the list is allowed entry. If so, non-authenticated entry for a number of devices/people through the passage barrier will be allowed. The number of non-authenticated devices/people allowed to enter will be equal to a number of devices that are in the group.

Abstract: The embodiment of the present disclosure provides a method for evolving a root of trust and an electronic device using the method. Through the present disclosure, the root of trust can be evolved several times to strengthen the security verification capability for secure boot. Different from the conventional method of burning the root of trust in the read-only memory, the present disclosure uses a block protection storage device to write a verification firmware to be added to the root of trust into an unprotected block of the block protection storage device. Further, after the writing is completed, the unprotected block in which the verification firmware is written becomes a protected block, so as to make the evolvable root of trust secure and reliable, and can achieve credibility for evolving the root of trust.

Abstract: A method for authenticating the identity of a user who is attempting to access a website or conduct a transaction is described. The method involves receiving two geographical locations, and associated time stamps, of a mobile phone associated with the user, one of the locations being the location of the transaction or access attempt. The method determines whether the speed required to travel between the two geographical locations in the elapsed time is within acceptable limits. A confidence score, derived in part from this calculation, is taken into account when deciding whether to allow or deny the access or the transaction.

Abstract: An electronic device is provided. The electronic device includes a display, a communication module, a memory, and at least one processor configured to be operatively connected to the display, the communication module, and the memory. The at least one processor may be configured to detect an occurrence of an event for executing a remaining fingerprint theft prevention service. The at least one processor may be configured to receive remaining fingerprint candidate group data corresponding to a fingerprint candidate area. The at least one processor may be configured to determine authentication validity of the fingerprint candidate area. The at least one processor may be configured to transmit a security level obtained by evaluating a security risk of remaining fingerprints remaining on the display. The at least one processor may be configured to output security guidance information on the remaining fingerprints of the display.

Abstract: Techniques and architecture are described for providing connectivity and monitoring the connectivity of a fabric network controller/control plane with external and extended network controllers/control planes. The techniques and architecture provide a method that includes provisioning a control plane of a first network with a control plane of a second network. The method also includes establishing a session between the control planes of the first and second networks. The method further includes registering nodes of the first network with the control plane of the second network and providing, by the control plane of the first network to the control plane of the second network, information related to endpoints within the first network. The method also includes monitoring, reporting, and possibly taking corrective actions, by the control plane of the second network, with respect to connectivity/status between the control plane of the first network and the control plane of the second network.

Abstract: An arrangement for securely closing a head module of a device for handling notes of value includes a frame and a front panel. The arrangement further includes at least one sensor unit for outputting a control signal, an authentication unit for determining authentication information, and a control unit. The head module has at least one electromechanical locking unit which in a locking state generates a locking of the front panel with the frame, and which unlocks the locking in an unlocking state. The control unit is configured to perform detection of the control signal and a verification of the authentication information, and to control the electromechanical locking unit such that changing the electromechanical locking unit from the locking state into the unlocking state only takes place upon detection of the control signal and upon successful verification of the authentication information.

Abstract: A method for receipt tracking performed by one or more processors of a mobile wallet computer system includes receiving a receipt corresponding to a mobile wallet transaction performed by a mobile device associated with a user; extracting a first portion of identifying information from the receipt; receiving, via a user input, a second portion of identifying information to at least one of supplement or correct the extracted first portion of identifying information; updating a record associated with the receipt based on the received second portion and the first portion of identifying information; storing the updated record in a transaction database; and sorting records of previous transactions including the mobile wallet transaction stored in the transaction database.

Abstract: A method for using a surgical enhanced visualization system for enhancing a surgical operation includes the steps of acquiring patient reference data, loading the patient reference data and features into the computer, and acquiring live data from the operating suite during the surgical operation, where the live data includes a live three dimensional model of the patient. The method continues with the steps of registering the patient reference data and live data and displaying in real time an overlay of selected registered patient reference data onto the patient through the headset worn by the surgeon. The surgical enhanced visualization system may include a computer adapted to store reference data, a sensor module inside the surgical suite that is configured to record live data during the surgical procedure, and an augmented reality headset configured to display both live data and reference data to the surgeon during the surgical procedure.

Abstract: A system for generating a linkage between a vehicle and a user and for generating a linkage between users includes: a display device to display image data of a code; a communication device to communicate with a portable electronic device; a processing circuitry operatively connected to the display device and the communication device and configured to generate a unique code to be displayed, display the unique code at the display device to be read by a portable electronic device associated with a user, receive a determination that the unique code has been read by the portable electronic device associated with the user, and establish a trusted linkage between the vehicle and the user based on the presence of the portable electronic device at the vehicle.

Abstract: A method in an orchestrator computing device includes: detecting a request to obtain updated data from a data source, for storage in a dataset corresponding to the data source; retrieving, from the dataset, a client identifier of the data source; generating a data collection message including (i) an input element to receive the updated data, (ii) a selectable submission element including a network identifier of the orchestrator computing device, and (iii) an authentication token; transmitting the data collection message for delivery to the data source using the client identifier; responsive to (i) entry of the updated data via the input element, and (ii) selection of the submission element at a client computing device associated with the data source, receiving, from the client computing device, the updated data and the authentication token; and updating the dataset to include the updated data.

Abstract: An apparatus for controlling the power delivered from an AC power source to an electrical load may include a controllably conductive device. The apparatus may also include a first wireless communication circuit that may be operable to communicate on a first wireless communication network via a first protocol and the first communication circuit may be in communication with the controller. The apparatus may also include a second communication circuit that may be operable to communicate on a second communication network via a second protocol. The controller may be further operable to control the first wireless communication circuit to communicate configuration data with the first wireless communication network via the first protocol. The controller may also be operable to control the second wireless communication circuit to communicate operational data with the second communication network via the second protocol.

Abstract: This disclosure provides methods, systems, and platforms for automatically prompting a mobile device user to download an application to their mobile device after a triggering event. Triggering events include calling a business, receiving a call from a business, and navigating to a website. In some embodiments, a business can run a targeted campaign to automatically prompt a mobile device user to download an application. In some embodiments, the platform interacts with an application installed on the mobile device. The prompt displayed on the mobile device includes an actionable option to download an application.

Abstract: A method and system of protecting network activity of mobile devices is disclosed. Specifically, the methods and systems enable the detection of surveillance signals targeting or potentially targeting a user's personal device and automatically triggering a protective response to safeguard the user's information. The proposed systems can provide mobile device users with a powerful security capability by enabling their device to automatically disconnect from one or more networks and/or emitting a protective jamming signal in response to the detection of nearby potential surveillance activities.

Abstract: An ultra-thin Self-Service Terminals (SSTs) is provided. The ultra-thin SST lacks an Operating System (OS). When the ultra-thin SST is powered on, firmware of the ultra-thin SST connects to a virtualized environment over a first network connection and a Virtual Machine (VM) instance having the OS is loaded within the virtualized environment. The OS of the VM instance obtains middleware services from a second network connection to a middleware environment. The middleware services provided authentication, management, and audit services for the VM instance based on the ultra-thin SST.

Abstract: A method is provided for displaying an augmented reality image of account information associated with an indicialess transaction card having a card surface with a background pattern applied thereto. A real-time image of the card surface is captured and processed to determine if the background pattern matches a card background pattern associated with a cardholder account. Responsive to a positive determination, communication is established between the user device processor and a card processor carried by the indicialess transaction card. The user device processor receives from the card processor an encrypted verification block and transmits, to an authentication server, an authentication request including the verification block.

Abstract: This disclosure describes systems and techniques for enabling a communication device to communicate wirelessly with a near-field-communication (NFC)-enabled payment terminal while avoiding interference between the NFC-enabled payment terminal and other NFC payment instruments. In some instances, the communication device may receive, via a non-NFC communication protocol, a payment token from an identification device and may send, over NFC, the payment token to the NFC-enabled payment terminal for satisfying the cost of a transaction.

Abstract: Provided herein are systems and processes for transmitting interactive content to an application and causing the interactive content to be rendered on a display of the application. In at least one embodiment, the system is configured to analyze mapping metadata based on deployment criteria and cause a content element to be rendered on a display when the mapping metadata satisfies the deployment criteria. A content element may be a permitted content element from a plurality of permissible content elements. The deployment criteria includes temporal criteria, mapping criteria, and/or other criteria described herein.

Abstract: A system has a computing device that displays a plurality of graphical user interfaces (GUIs), the GUIs designed to capture detailed data indicative of a renter of a vehicle. The system further has a processor that receives data from one of the plurality of GUIs indicative of the renter. Further, the processor provides a plurality of vehicles available for renting and receives a selection of one of the plurality of vehicles from the renter. Also, the processor opens a gate for the renter to a rental car location and directs the renter to a key box, unlocks the key box based upon comparing the renter's image captured at the rental car location to a picture previously received from the renter. The processor further opens the key box if the comparison indicates the renter at the rental car location is the same person who uploaded the picture previously.

Abstract: Conducting hands-free transactions comprises a server at a payment processing system, a user computing device, and a merchant computing device. The payment processing system receives a communication from a hands-free payment application on a user device, the communication comprising a first transaction token, an identification of a user account, and a beacon identifier. The merchant may provide a challenge to the user and use the response to identify the token and account of the user. The merchant computing device can use voice patterns of the user to assist in identifying the token and account of the user. The system receives from the merchant computing device a transaction request, the transaction request comprising the first transaction token and transaction data associated with the transaction request. The system determines that the transaction is for an amount less than a configured transaction limit and communicates a request for an authorization of the transaction.

Abstract: Detecting and controlling fraud in centralized processing is provided. A system receives data packets carrying electronic transactions, and clusters the electronic transactions based on an intermediary identifier of each of the electronic transactions to identify a first cluster and a second cluster. The system generates a first model for the first cluster and a second model for the second cluster. The system detects a fraudulent electronic transaction having a first source identifier. The system locks a first data structure to prevent transfer of a first resource in electronic transactions associated with the first source identifier. The system identifies source identifiers associated with the first cluster in a first tier. The system locks absent detection of the fraudulent electronic transaction in one or more electronic transaction associated with the source identifiers, the data structure corresponding to each of the source identifiers in the first cluster.

Abstract: The invention relates to a storage and order-picking system (1a . . . 1f) as well as order-picking method for picking ordered goods into or onto a target loading aid (4, 4?), in which at least one of the picking orders comprises multiple order lines (6, 7), which specify (an) ordered good(s) (2, 3) according to its/their type of good (8) and its/their number of pieces to be picked (9). During the execution of a picking order, a first loading aid (11, 11a . . . 11c), which is configured so as to be different from a hanging bag, with ordered good(s) (2) of the first order line (6) is out-fed from a first storage zone (10). Further, a hanging bag (13) with ordered good(s) (3) of the second order line (7) is out-fed from a second storage zone (12). Then, the ordered good(s) (2) of the first order line (6) and the ordered good(s) (3) of the second order line (7) are loaded into or onto a target loading aid (4, 4?) in accordance with the at least one picking order.

Abstract: A method for authenticating a user prior to allowing a transaction or access to a website, in which the user's computer is identified via a recognized computer signature that is associated with a geographical location. The location of the user's cell phone is compared to the associated location, and the transaction or access is permitted if the difference in locations is within a predetermined acceptable distance.

Abstract: A portable handheld device pairs with a first building control device, to form a first wireless connection. The portable handheld device receives information about a second building control device via the first wireless connection, at least some of the information is received by the first building control device from the second building control device over a building control network before the first building control device provides at least some of the received information to the portable handheld device via the first wireless connection. The portable handheld device sends one or more messages to the first building control device via the first wireless connection, wherein the one or more messages cause the first building control device to communicate with the second building control device via the building control network to initiate a commissioning and/or maintenance process of the second building control device.

Abstract: An authentication system, wherein an RF tag stores a first facial feature point extracted from a captured image of a user's face. In an authentication device, a wireless communication unit wirelessly reads and writes information from and to the RF tag. A controller adjusts wireless communication conditions of the wireless communication unit, and estimates a position of the RF tag according to a distance to the RF tag. The controller adjusts imaging conditions of an imaging unit. A position of the user is detected according to an imaging resulting from the imaging unit. A second facial feature point is extracted from an image of the user's face captured by the imaging unit, and is collated with the first facial feature point read from the RF tag. Based on a collation result, authentication of the user is performed.

Abstract: Techniques for provisioning a central, cloud-based service (i) that generates customized queries for execution against multiple third-party applications to collect certain metric data and (ii) that generates an evaluation score based on the collected metric data are disclosed. A corresponding query is created for each of the third-party applications. Each query is designed to extract certain metric data. The queries are transmitted to their corresponding third-party applications. Metric data is returned, including first and second metric data. The first and second metric data are used to validate one another with respect to an event, which is classified. The metric data is weighted. An evaluation score is then generated based on the weighted metric data.

Abstract: A secure parcel receptacle system includes a box-shaped container having a locking and hinged lid with LED lights positioned on the corners of the lid. Additionally, the lid includes a digital display on the front edge and a handle. The interior of the container includes a plurality of mounting holes in the floor panel. The holes receive a screw or a bolt to effectively couple the receptacle to a ground surface in front of a user's house. Additionally, the digital display of the front edge of the receptacle may serve as a digital bar code which effectively locks and unlocks the hinged lid. In one embodiment, the hinged lid is unlocked when a user inserts a code into the digital bar.

Abstract: A property management apparatus for managing visitor access to a managed premises. The apparatus is configured to execute stored instructions to receive visit information of a proposed visitor from a user frontend through a data communication link, to store the visit information on the data storage, and to register the proposed visitor as an authorized visitor after receipt of the visit information. The visit information comprises information of an accessible destination within the premises and visit conditions. The user frontend is pre-registered with the apparatus as associated with an associated address within the premises, and the apparatus is to operate to identify the associated address upon data communication connection with the user frontend.

Abstract: Methods, systems, and devices for fire control system authentication are described herein. One method includes authenticating a user device to an authentication server, receiving, from the authentication server, an offline token, and authenticating the user device to a fire control panel using the offline token.

Abstract: A method for authenticating a consumer. The method includes receiving an authorization request message associated with a consumer conducting a transaction with a portable consumer device. A challenge message is sent to the consumer, where the challenge message is dynamic or semi-dynamic. A challenge response message is received from the consumer, and an authorization response message is sent to the consumer. The authorization response message indicates whether or not the transaction is authorized.

Abstract: A control device that controls a robot capable of self-propelling is provided. The control device comprises: a facility staff member identifying unit configured to identify a position of a facility staff member in a facility; a visitor identifying unit configured to identify a position of a visitor in the facility; and a control unit configured to instruct the robot capable of self-propelling to move. In a case where the control unit determines that the facility staff member that has been identified by the facility staff member identifying unit is absent in a predetermined range near the visitor that has been identified by the visitor identifying unit, the control unit causes the robot to move into the predetermined range.