Abstract: A method and apparatus for conducting a commercial transaction over the Internet or other network connection are provided. Random numbers, which are unique for each user session, are pre-loaded onto a handheld, portable device, or token The random numbers are generated by external systems and delivered to the token for storage an internal memory and to a database accessible by an authentication system. The random numbers are dispensed by the token to a user by pressing a button on the token or otherwise signaling the token. A dispensed number is cross referenced, by the authentication system, to the database. The dispensed number authenticates the user or transaction.

Abstract: A servicing and monitoring system for monitoring a gate member which is moved by a drive apparatus. The servicing and monitoring system includes a drive control unit which actuates the drive apparatus, a detection device which detects a gate status of the gate member, a first data connection which connects the drive control unit and the detection device and via which a status signal of the gate member is transmitted from the detection device to the drive control unit, and a data reading device which reads the status signal sent from the detection device to the drive control unit and which outputs an alarm signal depending on the status signal read by the data reading device.

Abstract: A system for verifying a request for access to data is provided, the system comprising a first module 20 and a second module 30. The first module 20 is arranged to generate a password, and the second module 30 is arranged to receive a password associated with a request for data, validate the received password, and enable access to the requested data. The system is such that the first and second modules 20, 30 share a secret that has been uniquely assigned thereto, the shared secret being for use in generation and validation of a said password. Furthermore, the first module 20 is communicatively disconnected from the second module 30.

Abstract: A system associated with authentication of an object related to a multi-mode marker using a processing device. The processing device performs operations that include detecting a signal associated with a multi-mode marker related with the object; assigning a digital code based on the detected signal associated with the multi-mode marker; and identifying the object based on the digital code related to authentication of the object. A corresponding method and computer-readable device are also disclosed.

Abstract: Devices, systems, and methods facilitate enrollment of authenticating biometric data for authenticating an authorized user via a biometric sensor. Included devices transmit power to a sensor-enabled device that does not have an independent power source without transmitting data to or from the device. Data input devices coupled to the biometric sensor enable user input of non-biometric data, such as an activation code, via the biometric sensor. For biometric sensors comprising fingerprint sensors, finger guides position a finger to contact the sensor at a desired orientation. Systems and methods allow for enrollment of one or more authenticating biometric data templates with or without requiring input of non-biometric authentication data, such as an activation code.

Abstract: The present disclosure relate generally to image signal processing, color science and signal encoding. Signal encoding can be applied to color image data through use of a luminance contrast sensitivity function and a chrominance contrast sensitive function. Of course, other features, combinations and claims are disclosed as well.

Abstract: A radio beacon device is configured to only transmit information about its location or information about the object the radio beacon is associated with when an occupant is present. For example, the radio beacon device may include a presence detector and may transmit the information only when the presence detector detects an occupant. In another example, the radio beacon device may remain in a low battery usage state until a presence detection message is received from a remote radio equipped presence sensor that is in proximity to the radio beacon device or a message is received from a mobile device in proximity to the radio beacon device. Once a presence detection message or message from a mobile device is received, the radio beacon device may transmit the information, e.g., for a predetermined amount of time.

Abstract: A method and system for remotely seeking assistance to timely refill an expiring parking meter and generating notifications thereof. Data indicative of a vehicle being parked in a parking space and parking meter time limit information are received for a parking meter associated with the parking space. An approaching expiration of the parking meter time limit is detected and sent to the first user. The first user may then transmit a request to additional users in the area for assistance with refilling the parking meter. Upon acceptance of the request by a second user, the first user is notified. An escrow account is established for the first user to deposit payment for the refilling, and notification of the deposit is sent to the second user. Upon completion, the second user transmits proof of the refilling and the deposit payment is transferred from the escrow account to the second user.

Abstract: A multi-mode transportation management method is disclosed here. An embodiment of the method processes a transportation request for a passenger. The request identifies a starting location, a destination location, and travel timing information. The method continues by identifying a multi-mode travel plan that satisfies requirements of the request. The travel plan includes at least one vehicle segment and at least one additional segment. Travel progress of the passenger is monitored to control the dispatch timing of a vehicle in accordance with the travel plan and in response to the monitored travel progress of the passenger to synchronize arrival of the vehicle with arrival of the passenger at a departure location of an approaching vehicle segment of the multi-mode travel plan.

Abstract: A system for controlling access to one or more enclosed areas comprises at least one access card reader and controller powered via a Power-over-Ethernet (PoE) interface, each access card reader and controller being capable of controlling access through a particular entrance to a particular enclosed area and an access control server in communication with the at least one access card reader and controller, the access control server being capable of controlling the operation of the at least one access card reader and controller, and a signal converter disposed between the access card reader and the access control server.

Abstract: A first communication apparatus including a control device configured to: receive a specific signal from a second communication apparatus; determine whether an inter-device distance between the communication apparatuses is equal to or smaller than a first distance; cause a server to supply printing data to a printer when the inter-device distance is equal to or smaller than the first distance; again receive the specific signal from the second communication apparatus; determine whether the inter-device distance is equal to or smaller than a second distance that is smaller than the first distance by using a second reception radio wave intensity of the again-received specific signal; and cause the printing execution unit to execute printing in accordance with the printing data when it is determined that the inter-device distance is equal to or smaller than the second distance.

Abstract: A refrigerator and a positioning device for a refrigerator are provided. The positioning device includes: a wave absorbing component disposed in the refrigerator and configured to absorb a radio frequency (RF) signal emitted from an RF tag in the refrigerator; a plurality of reading components disposed in the refrigerator and configured to receive an RF signal passing through the wave absorbing component; an intensity detecting module configured to detect an intensity of the RF signal received by each of the plurality of reading components; and a positioning module configured to determine a location of the RF tag according to the intensity of the RF signal received by each of the plurality of reading components.

Abstract: A system includes a mobile-device processor configured to generate a first code based on a changing variable and a generation schema, both known by a mobile device and a vehicle and display the first code. The vehicle processor is configured to receive input of the first code, generate a second code based on the variable and schema, and grant vehicle access when the first code corresponds to the second code.

Abstract: Embodiments of the present application provide a method and system for wireless payment of transport fare. During operation, the system receives a request at a server from a mobile device for information of a payee's account, which is associated with a public transport and corresponds to a wireless network identifier of a wireless network located on the public transport. The server may determine information of the payee's account corresponding to the wireless network identifier. The server then sends the payee's account information to the mobile device. The system may then receive, from the mobile device, a payment order to make a payment to the payee's account.

Abstract: An apparatus for controlling the power delivered from an AC power source to an electrical load may include a controllably conductive device. The apparatus may also include a first wireless communication circuit that may be operable to communicate on a first wireless communication network via a first protocol and the first communication circuit may be in communication with the controller. The apparatus may also include a second communication circuit that may be operable to communicate on a second communication network via a second protocol. The controller may be further operable to control the first wireless communication circuit to communicate configuration data with the first wireless communication network via the first protocol. The controller may also be operable to control the second wireless communication circuit to communicate operational data with the second communication network via the second protocol.

Abstract: Examples of monitoring circuitry include a receiver circuit configured to receive a plurality of status indication signals, each status indication signal comprising information indicative of a cabinet occupancy status associated with one or more cabinets located in a data center storage space, a processor circuit configured to process the received status indication signals, and to determine if any of the status indication signals include an occupancy status indicating that the cabinet associated with the occupancy status indicates that at least one slot of the cabinet is not occupied with either the electronic device or the blanking cover, and to generate a status output signal indicative of any of the plurality of cabinets that are not fully occupied.

Abstract: A pickup location that includes a control station and one or more storage compartment modules provides the ability for items to be ordered and delivered for pickup by a user without having to pack those items in a shipping package prior to shipping from a materials handling facility. Delivering items for pickup by a user without having to package the items prior to shipping, may provide a better experience for the customer, reduce waste in packaging material and a lower cost of delivering the ordered items to the customer.

Abstract: Disclosed are various embodiments for verifying the authenticity of machine-readable identifiers, such as quick response (QR) codes or other identifiers. After data is received corresponding to a machine-readable identifier, environmental data may be acquired with respect to an environment of the machine-readable identifier. The authenticity of the machine-readable identifier may be verified based at least in part on the environmental data. In some embodiments, a verification request may be sent to a trusted authority.

Abstract: A communications controller and method is provided for use in a checkout system including at least one POS terminal and a wrist-worn wearable device. The communications controller includes an alert server and one or more adapters. The alert server receives transaction information from a POS terminal, processes the transaction information to identify the POS terminal and an issue relating to the POS terminal to be resolved. An adapter develops alert information for the wrist-worn wearable device to enable the wrist-worn wearable device to display a notification associated with the issue relating to the POS terminal and to receive an input to resolve the issue relating to the POS terminal. The alert information is based on the transaction information and specifications of the wrist-worn wearable device.

Abstract: A method for locking out a remote terminal unit includes: receiving a lockout request, wherein the lockout request includes at least a public key associated with a user, a user identifier, and a terminal identifier; identifying a user profile associated with the user based on the user identifier included in the received lockout request; verifying the public key included in the received lockout request and permission for the user to lockout a remote terminal unit associated with the terminal identifier included in the received lockout request based on data included in the identified user profile; generating a lockout permit, wherein the lockout permit includes at least the public key included in the received lockout request; and transmitting at least a lockout request and the generated lockout permit, wherein the lockout request includes an instruction to place a lockout on the remote terminal unit.

Abstract: An adaptive biometric authentication system may include a user identity reference module that is configured to maintain user identification items stored in a secure memory. The system may include a passive data aggregator that is configured to receive and aggregate data items that are passively collected by a device that is in proximity to a user. The system may include a user identity confidence level generator that is configured to generate a user identity confidence level that indicates a confidence that the user in proximity to the device is the reference user based at least in part on a comparison between the passively collected data items and the user identification items, and to update the user identity confidence level as additional passively collected data items are received. The system may include an authentication module that facilitates user authentication based at least in part on the user identity confidence level.

Abstract: The invention provides a device and a method for frequent verifications of the identity of a user performed during a long session of client-server communication by secure exchange of keys between the client and the server. The device is a computer mouse with embedded camera and embedded microphone. The camera is used to make pictures of a user's palm; the microphone is used to register a sound of user's pulse. The method has zero privacy leakage because the user is represented at the server by an array of random numbers, which have nothing to do with his biometric data. The security of the system is difficult to break because the exchange keys are different on each request/response.

Abstract: A method implemented on an augmented reality (AR) electronic device includes initiating a security access code software application on the AR electronic device. A user of the AR electronic device is identified. A first electronic computing device at or near a current location of the user is identified. The first electronic computing device is an input device for entry of a security code to permit access to a protected asset. A determination is made as to whether the user is authorized to access the protected asset. When a determination is made that the user is authorized to access the protected asset, a security access code is displayed on the AR electronic device. The security access code permits the user to access the protected asset via the first electronic computing device.

Abstract: An MFP is an image processing device which can communicate with external devices such as other MFPs, biological information terminals, a meeting management server, portable terminal devices, and terminals, via network. The MFP prohibits transmitting data stored in the MFP to an external device connected to the network, not associated with at least attendees of the meeting, by an operation of the meeting attendees, when it is determined that the behavior state of the MFP satisfies a predetermined condition which relates to the meeting.

Abstract: An access control system is disclosed in which a user or guest's first entry or usage of an electronic key is reported. Reporting of the first entry or usage may include information particular to the initial transaction and may be delivered by a path that is substantially the same, but reversed, from an original key delivery path. In this way, non-networked or ‘offline’ locks/readers can report first entry or usage of an electronic key.

Abstract: A network- and/or client-side device configuration system facilitates automatic configuration of portable electronic devices. Predetermined configuration parameters for a particular portable electronic device are generated and stored. A computer-readable visual symbol such as an optical graphic code (for example, a tag, barcode, or matrix code) is generated by a network-side service and transmitted to an authorized user of the particular portable electronic device. The portable electronic device reproduces the visual symbol and transmits a message (which may or may not include the reproduced visual symbol) to the (same or different) network-side service. The network-side service authenticates the portable electronic device, and authorizes the portable electronic device to access and use the predetermined configuration parameters to automatically configure itself.

Abstract: A near field transaction system includes a first transaction device having near field communication circuitry, and a portable device having near field communication circuitry. The system also includes at least one transaction server having a memory area with at least one application program, and a mechanism for establishing a data link between the server and the near field communication circuitry of the portable device. The application program is configured to perform a transaction with the first transaction device, using the near field communication circuitry of the portable device as a proximity relay to communicate with the first transaction terminal.

Abstract: A method of inputting an action to a computer device using a fingerprint recognition sensor placed on a thumb of a user. The method including: setting a plurality of actions corresponding to fingerprint data from a user's fingerprint patterns; storing the plurality of actions corresponding to the fingerprint data in the computer device; reading fingerprint data by the fingerprint recognition sensor corresponding to the user's fingerprint patterns from a first finger placed in contact with the fingerprint recognition sensor; comparing the fingerprint pattern from the first finger with the user's fingerprint data stored in the computer device; and responsive to a match between the fingerprint pattern from the first finger and the user's fingerprint data stored in the computer device, initiating the action stored in the computer device corresponding to the first finger placed in contact with the fingerprint recognition sensor.

Abstract: A device management system that is capable of scheduling connected devices and personnel for tasks, monitoring the ability of the devices to perform the scheduled task by checking in with the devices based on their uses and locations, and to modify the functioning of the devices according to the tasks scheduled for the devices and their uses. Additionally, the system can incorporate uncommunicated “dumb” devices into the scheduling of tasks and track and manage those devices.

Abstract: Described herein is a framework to monitor traffic congestion. In accordance with one aspect of the framework, the framework receives vehicle data from vehicle data sources located in a region of interest. The framework may determine a sample size and an average speed for an edge of the region of interest based on the vehicle data. Congestion probability may then be determined based on the sample size and average speed. A report may be presented based on the congestion probability.

Abstract: A system and method for generating virtual objects, the data for the virtual object is retrieved at least in part from a tag. The tag comprises a transparent physical surface and a visually imperceptible structure constructed in the transparent physical surface. The tag encodes the data for the virtual objects in the visually imperceptible structure. When detected by the appropriately configured capture devices, the visually imperceptible structure produces a depth pattern that is reflected in phase shifts between regions in the tag.

Abstract: A biometric sensor apparatus for authenticating a user using images (1) of patterns of blood vessels (30) of the user, comprising: a wrist strap (12); a clasp (4); a camera (3) arranged for capturing said images; a mechanism for detecting an opening of said clasp (4); a module programmed for authenticating said user when said images match reference images of said user, and for revoking said authentication when an opening of the clasp has been detected.

Abstract: The present invention discloses a resource allocation method and user equipment, where the method includes: determining, by first user equipment, a first resource; and sending, by the first user equipment, at least one occupation signal on the first resource, where the at least one occupation signal is used to indicate occupation of the first resource. According to the resource allocation method and the user equipment in embodiments of the present invention, an occupation signal is sent on a selected to-be-occupied resource to indicate occupation of the resource, so as to effectively avoid resource contention between different user equipment or between different user groups and effectively improve user experience.

Abstract: The invention relates to a method for reading at least one attribute stored in an ID token, wherein the ID token is assigned to a user, comprising the following steps: authenticating the user with respect to the ID token, authenticating a first computer system with respect to the ID token, after successful authentication of the user and the first computer system with respect to the ID token, read-access by the first computer system to the at least one attribute stored in the ID token for transfer of the at least one attribute to a second computer system.

Abstract: In one embodiment, a method includes receiving a request for an object; retrieving one or more rules to evaluate whether to allow or deny access to the object, wherein a first rule is of an allow-type or a deny-type; evaluating the first rule by executing one or more of its operations, wherein when any of the executed operations of the first rule returns a result that is not definitive, if the first rule is of the allow-type, assigning a final result as an indication to skip evaluation of the rule, and if the rule is of the deny-type, assigning the final result to the first rule as an indication to deny access to the object; determining final results for the one or more rules; and based on the final results, allowing or denying access to the object.

Abstract: Networked electric vehicle charging stations for charging electric vehicles are coupled with an electric vehicle charging station network server that performs authorization for charging session requests while the communication connection between the charging stations and the server are operating correctly. When the communication connection is not operating correctly, the networked electric vehicle charging stations enter into a local authorization mode to perform a local authorization process for incoming charging session requests.

Abstract: A vehicle keypad lock control system includes a computer programmed to determine whether the keypad master code should be deactivated based at least on data received by or stored on the computer. The computer deactivates the keypad master code in response to a determination that the keypad master code should be deactivated. The computer may actuate the power lock to an unlocked condition in response to receiving keypad data including the keypad master code while the keypad master code is activated.

Abstract: A typical system environment comprises a terminal device, a secure storage subsystem, and an interconnectivity component. The terminal device has a network connectivity subsystem enabled for data connectivity with a wireless communications network. The secure storage subsystem has a secure storage memory for securely storing contents and is enabled for local RF connectivity through a local RF communication subsystem. The secure storage subsystem is operable as a contactless smartcard in accordance with any contactless technology. The interconnectivity component is adapted to enable communication of the secure storage subsystem through the network connectivity subsystem with the network. The interconnectivity component is further configured to detect that messages received from the network are destined for the secure storage subsystem and is configured to supply that identified messages to the secure storage subsystem.

Abstract: A method for minimizing a physical queue for a first guest attraction, the method including storing a guest identifier corresponding to a guest in a first virtual queue, wherein a position of the guest within the first virtual queue is associated with an estimated wait time for the first guest attraction, updating the first virtual queue when the position of the guest within the first virtual queue is changed, providing a notification to the guest to enter the physical queue when the position of the guest in the first virtual queue is less than or equal to a threshold position of the first virtual queue, removing the guest identifier from the first virtual queue in response to an indication to dequeue the guest from the first virtual queue, storing the guest identifier in a second virtual queue corresponding to the physical queue, and removing the guest identifier from the second virtual queue in response to an indication that the guest is exiting the physical queue.

Abstract: Embodiments of systems, methods, and machine-readable media are disclosed for enabling the management of a transit user account of a transit system with a mobile device. Embodiments of a transit system utilizing such transit user accounts are also disclosed. Embodiments for enabling a mobile device to manage a transit user account can include receiving an identification code of a fare media and receiving contact information of the mobile device. The transit user account, which can be used in transactions of the transit system associated with the fare media, can be created using user information and a passcode. Additionally, the mobile device can be authenticated by sending at least one message to the mobile device and receiving at least one message from the mobile device.

Abstract: A system for information delivery includes: an electronic tag for holding a tag identifier being updatable; a server for storing the tag identifier held in the electronic tag and information corresponding to the tag identifier; and a terminal for causing the information corresponding to the tag identifier to be delivered from the server. The terminal includes a memory, and a processor coupled to the memory and configured to execute a process. The process executed by the processor includes reading the tag identifier from the electronic tag, updating the tag identifier in the electronic tag with a new tag identifier that is different in content from the tag identifier read from the electronic tag, and establishing, after updating the tag identifier in the electronic tag, a time period in which a discrepancy between the tag identifier in the electronic tag and the tag identifier stored in the server occurs.

Abstract: Systems and methods for continuously secure Intelligent Platform Management Interface (IPMI) Remote Authenticated Key-Exchange Protocol (RAKP) over hash cracks. The system includes a management controller, which may receive, from a computing device via a network under the IPMI RAKP protocol, a credential information including a password. In response, the management controller may generate a hash information based on the password, and send the hash information to the computing device. Since the hash information may be used to crack the password, after a time interval from sending the hash information to the computing device, the management controller may change the password to a new password, in order to maintain the security of the password.

Abstract: A residential key may be programmed by a computer with access rights information. A lock device may receive the access rights information from the residential key. The lock device may store and utilize the access rights information if the lock determines that the residential key is authorized to update the lock device.

Abstract: A computer-implemented method includes: receiving a request for associating a first index of privileges and permissions with an identity token, the first index specifically encoding the privileges and permissions of a first subscriber in accessing transactional data of the requester, the request including the identity token that identifies a person and has been issued to the requester by a trusted entity through a vetting process; in response to determining that the identity token is valid and verifying that the requester is the person identified by the identity token, associating the first index of privileges and permissions of the first subscriber with the identity token; and providing the identity token associated with the first index of privileges and permissions of the first subscriber, the identity token enabling the first subscriber to access transactional data of the requester in accordance with the first index of privileges and permissions.

Abstract: A computerized system allows intercommunication of patients with respect to the treatment of their diseases. This system includes an electronic medical record database providing electronic medical records of a given set of patients as developed by healthcare professionals and linked to an anonymous identifier for each patient and a set of terminal devices accessible to the patients allowing for the electronic exchange of information through a display and data input device.

Abstract: Approaches presented herein enable performing a health analysis of a user using a smart floor mat. Specifically, a sensory array of the smart floor mat collects static and dynamic pressure data for capturing the movement and force exerted by a user's feet as the user walks across the smart floor mat. A healthcare analysis is then performed by comparing this current measurement data against the user's historical measurement data and expected results to generate a healthcare insight such as a trend, pattern, or deviation. The healthcare insight can predict or indicate a health issue. If a deviation exceeding a predefined permissible threshold exists, a healthcare professional can be notified.

Abstract: Network access control systems and methods are provided herein. A method includes receiving at a network device a SYN packet from a client device over a network, determining if the client device is a trusted source for the network using the SYN packet, if the client device is a trusted resource, receiving an acknowledgement (ACK) packet from the client device that includes identifying information for the client device plus an additional value, and identifying information for the network device, and establishing a connection with the network for the client device.

Abstract: A control system including a detection device and a control host is provided. The detection device is configured to detect a biometric characteristic to accordingly identify a user ID, and output an ID signal according to the user ID. The control host is configured to receive the ID signal to accordingly perform an individualized control associated with the user ID.

Abstract: The invention creates a data carrier, in particular chip card, in particular smart card, having a device for generating one-time passwords and having a display for displaying generated one-time passwords. Preferably the data carrier is a Eurocheque card or credit card with the integrated function of an electronic purse (cash card function) and the generated one-time password is a transaction number (TAN) for acknowledging a secure electronic payment transaction.

Abstract: A hybrid device includes a personal digital key (PDK) and a receiver-decoder circuit (RDC). The PDK and RDC of the hybrid device are coupled for communication with each other. In one embodiment, the hybrid device also provides a physical interconnect for connecting to other devices to send and receive control signals and data, and receive power. The hybrid device operates in one of several modes including, PDK only, RDC only, or PDK and RDC. This allows a variety of system configurations for mixed operation including: PDK/RDC, RDC/RDC or PDK/PDK. The present invention also includes a number of system configurations for use of the hybrid device including: use of the hybrid device in a cell phone; simultaneous use of the PDK and the RDC functionality of hybrid device; use of multiple links of hybrid device to generate an authorization signal, use of multiple PDK links to the hybrid device to generate an authorization signal; and use of the hybrid device for authorization inheritance.