Abstract: A method for distributing data to a computing device using device level authentication includes: receiving a single use key from a payment institution, the single use key encrypted by the payment institution using a first encryption, a server public key, and device data; wrapping a device public key using the server public key; electronically transmitting at least the device data, the wrapped device public key, and the single use key to a server; receiving the single use key encrypted using a second encryption from the server, the second encryption using the device public key to encrypt the single use key; decrypting the single use key encrypted with the second encryption using a device private key; and electronically transmitting the decrypted single use key and payment credentials to a point of sale device.

Abstract: The present disclosure provides a method, system, and device for file replication. To illustrate, based on target replication information corresponding to a version of a file at a target device, a source device may determine one or more portions of a different version of the file at the source device to be provided to the target device. One or more other aspects of the present disclosure further provide sending, to the target device, the one or more portions and replication information corresponding to the version of the file at the source device. Based on the version of the file at the target device, the one or more portions, and the replication information corresponding to the version of the file at the source device, the target device may assemble and store a file that corresponds to the version of the file at the source device.

Abstract: A print system determines whether a setting of a print job meets a condition under which an inspection can be executed, sets information indicating the inspection instruction in a detail of the print job when it is determined that the setting of the print job meets the condition, and executes inspection processing on the basis of a scanned image and a reference image registered in advance according to the inspection instruction. In addition, notification information is output. The inspection processing is not executed when it has been determined that the setting of the print job does not meet the condition, and notification information is outputted indicating that the inspection processing has not been executed.

Abstract: Systems and methods are provided for encrypting and decrypting data using visually encoded ciphertext. The method includes selecting, using a graphical user interface coupled to an electronic device, one or more portions of a document to be encrypted, visually encoding the selected one or more portions of the document, generating a visual representation, wherein the visual representation corresponds to encrypted content, and replacing the selected one or more portions of the document with the visual representation. The method further includes displaying, to the user, the visual representation, capturing the visual representation using one or more cameras, decoding the visual representation, obtaining the encrypted content, and decrypting the encrypted content, generating decrypted content.

Abstract: Systems and methods for representing video and audio media files as workflows are disclosed. In some cases, the systems and methods combine segments of the media files into larger compilations in the workflows, and using the workflows to individually optimize both the viewing experience for and the advertising presented to viewers based upon the circumstances of each viewer and parameters described with the workflow.

Abstract: In the embodiments described herein, partially encrypted print jobs are described which include unencrypted print job commands and encrypted print data objects. One embodiment comprises a print controller that includes a memory and at least one processor. The memory stores a print job comprising one or more print data objects, and print job commands that define data boundaries in the print job for the print data objects. The at least one processor processes the print job commands to identify the print data objects for the print job based on the data boundaries, encrypts the print data objects using a key while the print job commands remain unencrypted, generates a partially encrypted print job comprising the encrypted print data objects and the unencrypted print job commands, and provides the partially encrypted print job.

Abstract: A method for distributing data to a computing device using device level authentication includes: storing, in a memory of a computing device, a single use key encrypted with a first encryption, a server public key, and device data; generating a key pair comprising a device private key and a corresponding device public key; wrapping the device public key using the server public key; transmitting at least the device data, wrapped device public key, and the single use key encrypted with the first encryption to a server; receiving the single use key encrypted with a second encryption from the server; and executing a query on the memory to insert the received single use key encrypted with the second encryption.

Abstract: A system to provide users with a means for accessing media content directly, by performing operations that include: causing display of a media item within a graphical user interface at a client device, the graphical user interface including a set of graphical elements; receiving a selection of a graphical element from among the set of graphical elements within the graphical user interface; generating a reference to the media item based on the selection of the graphical element; encoding a matrix barcode with the reference to the media item; and generating a presentation of the media item that includes a display of the matrix barcode at a position within the media item.

Abstract: Manufactured goods are marked or labeled with a secure unique identifier. A central checking centre allows users to verify the authenticity of a particular good such as a cigarette pack or carton via any convenient interface such as the internet or a cell phone. A system of secret sharing allows secure authentication of each item and prevents code breaking or misuse.

Abstract: A screen capturing method comprising: providing an application configured to display an application screen comprising a plurality of display objects to a user of a user device, wherein a subset of the display objects is associated with information to be masked, and wherein at least one of the display objects of the subset is located at different locations in at least two different layouts of the application screen; receiving a request to obtain a centralized managed list comprising one or more records including information characterizing the subset; and sending the centralized managed list to the user device, thereby enabling the user device to determine a location of the subset and to generate at least one screen capture of the application screen in which the subset of the display objects associated with the information to be masked is masked.

Abstract: Systems and methods are provided for encrypting and decrypting data using visually encoded ciphertext. The method includes selecting, using a graphical user interface coupled to an electronic device, one or more portions of a document to be encrypted, visually encoding the selected one or more portions of the document, generating a visual representation, wherein the visual representation corresponds to encrypted content, and replacing the selected one or more portions of the document with the visual representation. The method further includes displaying, to the user, the visual representation, capturing the visual representation using one or more cameras, decoding the visual representation, obtaining the encrypted content, and decrypting the encrypted content, generating decrypted content.

Abstract: Embodiments of the invention relate to establishing commodity traceability across supplier, manufacturer, and customer processes via end-to-end commodity marking traceability. A manufacturer receives incoming material, such as an industry standard commodity, from a supplier and authenticates a marking affixed to the incoming material. After authenticating the supplier's marking for the incoming material, a second marking is affixed to the incoming material. The commodity is converted at manufacturing into a finished product and associated with finished product data. The supplier's marking and the manufacturer's markings for the incoming material are related, and the relationship is related to the finished product data. The stored and maintained relationships supports integration of the first marking data and the second marking data with product data, and supports end-to-end commodity marking traceability.

Abstract: Methods, systems, and devices for validation at an application server are described. The application server may validate a user device utilizing a public-private key pair, and may refrain from establishing a database connection until the user device is validated. For example, the application server may transmit a private key and a public key identifier to the user device. When the application server receives a session establishment message that is based on a private key and that contains the public key identifier, the application server may determine the public key of the public-private key pair based on the identifier. The application server may validate that the session establishment message is received from the user device based on the private key and the determined public key. Based on this validation procedure, the application server may establish a database connection with a database, granting the validated user device access to requested data.

Abstract: A portable terminal includes: a display; a user interface; a memory; a network interface; and a controller, the controller performs performing a deciding processing of deciding the display mode of instructions objects corresponding to the external instructions specified in the first specifying processing, based on attribute information; performing a display control processing of controlling the display to display a selection screen including instructions objects having the display mode decided in the deciding processing; performing a first receiving processing of receiving a user operation of selecting an object included in the selection screen, via the user interface; performing, in response to the operation of selecting a instructions object in the first receiving processing, an activation processing of activating an external instructions corresponding to the selected object; performing an designation information acquiring processing of acquiring designation information from the external instructions activa

Abstract: A computer-implemented system and method creates personalized artwork, including word clouds, for making personalized goods. The system may include an art creation server, a data store, and a controller with a plurality of subsystems. Each of the plurality of subsystems is configured to manipulate data included in the data store. A data management engine is configured to receive a plurality of art objects. A randomization engine is configured to automatically generate personalized artwork by selectively layering a subset of the plurality of art objects. The randomization engine is also configured to automatically generate a rendering of the personalized artwork that can be edited by a user.

Abstract: A method for distributing data to a computing device using device level authentication includes: storing, in a memory of a computing device, a single use key encrypted with a first encryption, a server public key, and device data; generating a key pair comprising a device private key and a corresponding device public key; wrapping the device public key using the server public key; transmitting at least the device data, wrapped device public key, and the single use key encrypted with the first encryption to a server; receiving the single use key encrypted with a second encryption from the server; and executing a query on the memory to insert the received single use key encrypted with the second encryption.

Abstract: In some embodiments, fast and secure communication can be achieved (e.g., in a fueling environment payment system) with systems and methods that validate an authentication request based on one or more pre-validated cryptographic keys.

Abstract: A method and system for tracking the status of a label. The system can include a memory with a database. The database can include an indicator of the label status. The system can additionally include a processor that operates in accordance with instructions stored in the memory. The processor can receive a request to generate a label, update the first database with an identifier that indicates the existence of the label, receive a signal indicating that a service requested by the label has been provided, and update the identifier in the first database to indicate that the requested service has been provided.

Abstract: Manufactured goods are marked or labelled with a secure unique identifier. A central checking centre allows users to verify the authenticity of a particular good such as a cigarette pack or carton via any convenient interface such as the internet or a cell phone. A system of secret sharing allows secure authentication of each item and prevents code breaking or misuse.

Abstract: A postage evidencing system for tracking postage amounts for multiple users comprising at least two register set partitions is disclosed. Each of the partitions includes an ascending register holding a number representing a value of postage that can be evidenced by the device, a descending register holding a number representing a value of postage that has been previously evidenced by the device, and an identification representing a source of mail pieces that are evidenced with postage from the partition. A security module limits access to the partitions and registers. The identifier for a selected partition is printed on mail pieces as part of an Information Based Indicia (IBI) to identify the source of the mail pieces.

Abstract: In some embodiments, a web-based postage transaction may be facilitated. In some embodiments, an applet embedded on a web page may be provided to a client computer in response to the client computer accessing the web page. A request related to a postage transaction may be received from the client computer. In response to the request, a validation check may be performed by providing a validation token to the embedded applet at the client computer to be validated by the embedded applet. Based on a determination by the embedded applet at the client computer that the validation token is valid, the embedded applet at the client computer is configured to execute at least a part of the request.

Abstract: A system of devices receives and stores documents based on confidential information redacted from the documents. An electronic document is analyzed to identify character blocks having confidential information. The confidential information can be in different formats within the document. Redaction rules are applied to the character blocks to identify confidential categories for the confidential information within the blocks. The confidential information is redacted based on the rules such that the confidential information is removed from the document. A new electronic document is generated with the information redacted such that it is not viewable or printable. The two documents with different levels of confidential information is then stored on separate devices within the system. The documents may be made available within the system according to authentication codes for the documents.

Abstract: A method for network-connected tool operation with user anonymity includes generating a first cryptographic key that is stored in a memory in the power tool, generating a first encrypted serial number for the power tool based on an output of an encryption function using the first cryptographic key applied to a non-encrypted serial number for the power tool stored in the memory, and generating usage data based on data received from at least one sensor in the power tool during operation of the power tool. The method further includes transmitting the usage data in association only with the first encrypted serial number from the power tool to a maintenance system to enable usage data collection that prevents identification of the power tool as being associated with the usage data.

Abstract: A system for authorizing a transaction includes one or more processors, and a memory storing instructions. When executed by the one or more processors, the instructions cause the system to perform operations including: receiving a configuration request associated with a financial service account via a web interface; setting a limitation in accordance with the configuration request; and generating a graphic indicium or a card number as a token for authorizing a transaction, associated with the financial service account, which satisfies the limitation in accordance with the configuration request. The token is configured to be printed on a substrate or loaded into an electronic payment system.

Abstract: A computer system for the creation of subliminal image or watermarks where the apparent video is an “obvious” image and a subliminal or “clandestine” image or watermark is hidden within the data structure. The concept is envisioned for the cloaking of images, sound, video or like digitized non-coded information. The cloaked files may be intended for storage, transmission, or clandestine placement in a public file system. The watermark may be used for the subliminal marking of a source of a file, its creation, or for tagging copyrighted information.

Abstract: A method, an apparatus, and a platform for sharing a wireless local area network, so as to resolve a problem of low system security that exists in a process of currently implementing wireless local area network sharing. In the embodiments of the present invention, a wireless local area network sharing platform receives a wireless local area network sharing message generated by a first terminal based on locally saved wireless local area network sharing information and generates, according to the sharing information, identifier information corresponding to a wireless local area network sharing page; a second terminal accesses a wireless local area network according to the identifier information.

Abstract: A ticket authentication method and a ticket authentication device are provided. The ticket authentication method includes the following steps. A first electronic device outputs an e-ticket. A second electronic device acquires the e-ticket. The second electronic device outputs a visible light verification code. The first electronic device acquires the visible light verification code and generates a composite code according to a certification data and the verification code. The second electronic device acquires the visible light composite code, and determines whether the composite code matches the certification data and the verification code. When the composite code matches the certification data and the verification code, the second electronic determines that the authentication of the e-ticket is successful.

Abstract: Systems and methods for providing a battery module 110 with secure identity information and authentication of the identity of the battery 110 by a host 120. In one embodiment, the system for providing a battery module with secure identity information includes: (1) a tamper resistant processing environment 200 located within the battery module 110 and (2) a key generator configured to generate a key based on an identity of the battery module 110 and cause the key to be stored within the tamper resistant processing environment 200.

Abstract: The invention provides methods and apparatus for securing personalized or sensitive information appearing in digital images. Digital images containing information to be secured is processed and divided into a plurality of image cells. At least one image cell from the plurality of image cells is selected and redacted or altered to render the information to be secured with the selected image cells indecipherable. The invention also provides methods and apparatus for transmitting or streaming unredacted image cells alone or in combination with redacted image cells for secured viewing on a user browser or computer.

Abstract: A method of converting a CMYK toner printer to print with a white toner, comprising the steps: providing a CMYK toner printer; wherein the toner printer has four printing cartridges; wherein the four printing cartridges comprise a black toner printing cartridge, a cyan toner printing cartridge, a magenta toner printing cartridge, and a yellow toner printing cartridge; removing the black toner printing cartridge from the toner printer, such that there is an empty toner cartridge slot; providing a white toner printing cartridge that is filled with a white toner; installing the white toner printing cartridge into the empty toner cartridge slot; and providing raster image processor (RIP) software, such that the printer is able to incorporate the white toner into one or more images printed by the printer.

Abstract: Ability information about an authentication printing function to be transmitted from a printing apparatus to a print client is varied depending on whether a communication path between the apparatuses is encrypted.

Abstract: The present invention provides a secure wireless device and a method for secure wireless communication between a secure wireless device and a mobile device using NFC. The devices have a common seed value, which may be provided to the secure wireless device by the mobile device when they are is physical contact. During contact the mobile device sends a pairing request and credentials to the secure device. After the credentials are validated, the devices are paired and can exchange encrypted messages via a suitable wireless interface such as Bluetooth, the messages being encrypted initially based on the common seed value and the encryption key being regenerated by each device after message transmission by the secure device and reception by the mobile device. The secure device stores confidential data, which can be sent in encrypted messages to the mobile device.

Abstract: A system, method, and computer program product are provided for preventing data loss associated with an image. In use, an image is identified, and it is determined whether the image includes predetermined data. In addition, an action is performed based on the determination, for preventing data loss.

Abstract: Techniques for replacing a token with a mask value are disclosed. In an embodiment, a masking engine is implemented by a cloud application. The cloud application receives, from a client device, a request for a data value associated with a data field. The masking engine determines that a set of data stored in association with the data field corresponds to a token format. The cloud application transmits a mask value, rather than the set of data, towards the client device. In an embodiment, a masking engine is implemented by a client device and/or a data residency proxy. The masking engine receives a set of data for display at an interface of the client device. The masking engine determines that the set of data corresponds to a token format. The masking engine causes a mask value, rather than the set of data, to be displayed at the interface.

Abstract: The present invention relates to a method for utilizing a mobile station for the transmission of authorization information requiring verification in a telecommunication network comprising the mobile station. In the method, the information to be verified is transmitted to the mobile station, the authorization information transmitted is presented on the display of the mobile station, the authorization information presented is read from the display of the mobile station, and the authenticity of the authorization information thus read is verified. According to the invention, the authorization information is sent in a form comprising information to be presented in a graphic form, and the authorization information is presented on the display of the mobile station using a user-independent function of the mobile station in question for the presentation of graphic information.

Abstract: Embodiments of the invention are directed to methods, apparatuses, computer readable media and systems for providing a token service environment that allows a token requesting party (e.g. token requestor) to specify parameters for token generation for controlling and customizing the token generation process. For example, the token requesting party may specify (e.g. select from a list or provide a list of) the accounts for tokenization. The accounts may be identified by account identifiers (e.g. account numbers) or bank identification numbers (BINs). The token requesting party may also specify encryption keys for the tokens to be generated. The token requesting party may also specify additional parameters such as notification thresholds indicating when notifications associated with the tokens are to be generated.

Abstract: A user associates a supply chain event with a personalized message. The system causes the personalized message (or a link thereto) to be sent to a recipient using a selected dissemination method when the supply chain event occurs.

Abstract: An information management control apparatus includes a storage unit, a transmission unit, and a permission unit. The storage unit stores a job including one of a pair of keys, with which both encryption and decryption are possible, and address information. The transmission unit encrypts a user ID of a login user by using the one of the keys and transmits the encrypted user ID through a communication unit in accordance with the address information, the user having been logged in in order to issue an instruction for executing the job. The permission unit permits execution of the job, in a case in which a user ID that has been encrypted by using the other of the keys and transmitted in response to the transmission is decrypted by using the one of the keys, if the user ID is the same as the user ID of the login user.

Abstract: A method and system for tracking the status of a label. The system can include a memory with a database. The database can include an indicator of the label status. The system can additionally include a processor that operates in accordance with instructions stored in the memory. The processor can receive a request to generate a label, update the first database with an identifier that indicates the existence of the label, receive a signal indicating that a service requested by the label has been provided, and update the identifier in the first database to indicate that the requested service has been provided.

Abstract: An anti-counterfeiting serialization method. The method can include receiving an input serial number, locating a seed character at a predetermined position in the input serial number, determining, based on the seed character, a first output position for an incrementing character of the input serial number, determining, based on the incrementing character, at least one second output position for at least one remaining character of the input serial number, and generating an output serial number having the incrementing character in the first output position and at least one remaining character in the at least one second output position.

Abstract: A method for authenticating a meter reading. The method includes obtaining a measurement representing a measured attribute of a user, analyzing the measurement to generate an authentication code, generating the meter reading based on the measurement and the authentication code, presenting, by the metering device, the meter reading to the user who alters and reports the meter reading as a reported meter reading, analyzing, by a meter reading analysis device, the reported meter reading to detect that the meter reading was altered by the user, and generating, by the meter reading analysis device and in response to the detecting, a dispatch request to dispatch a human inspector for validating the measurement.

Abstract: Systems and methods are provided for piecewise encryption of Page Description Language (PDL) print jobs. One embodiment is a method that includes receiving a Page Description Language (PDL) print job at a printer, wherein the print job includes segments of PDL content, and includes unencrypted PDL content. For each of the segments within the print job, the method includes detecting an identifier (ID) for the segment, correlating the ID with an encryption key stored at the printer, and decrypting the segment at the printer via the encryption key. The method further includes printing the print job, including each segment that has been decrypted.

Abstract: Methods and systems consistent with the present invention provide a barcode image. A client is operable to create a request for a barcode image and send the request to a server. The request comprises data to be converted to a barcode. The server is operable to receive the request from the client via a network, generate a barcode image from the data, and encode the barcode image. Thereafter, the server provides the encoded image to the client.

Abstract: Methods, computer readable storage media, and systems are provided for generating machine-readable biometric data from a medical device, which may include: obtaining an image of the medical device including a display of the medical device; retrieving a reference image of a reference display corresponding to the medical device, the reference image defining a reference data field within the reference display; comparing the image to the reference image to identify a data field within the display corresponding to the reference data field within the reference display; identifying one or more alpha-numeric symbols within the data field; and converting the alpha-numeric symbols into the machine-readable biometric data. The machine-readable biometric data may be used to create a data record for a user of the medical device, and can be communicated to an Independent Diagnostic Testing Facility (IDTF) database or server.

Abstract: A computer program product for creating personalized artwork includes an art creation server comprising a processor, a data store, and a controller comprising a data management engine, a randomization engine, and an online shopping. Each of the controller subsystems may manipulate information in the data store. The data management engine may receive and manage art objects, including both pre-set and custom versions of the following: outline shapes, design elements, and medium settings. The randomization engine may automatically generate the personalized artwork using selected art objects. The online shopping engine may process a purchase order for a good characterized by the personalized artwork. The selected art objects, the personalized artwork, and the purchase order may be added to the information included in the data store. A production device may create the good using the information in the data store.

Abstract: During manufacture and packaging of items whose authenticity is to be verified, the items are marked with individual item characteristics, and placed in a package. A first item authentication code is determined from the individual item characteristics of the marked items. A first package authentication code is generated, and the package is marked with the first package authentication code. During item authentication in the field, an image of the package and the marked items is captured, a second package authentication code and the individual item characteristics are extracted from the captured image, the extracted individual item characteristics are processed to generate a second item authentication code, and the authenticity of the marked items is verified by matching the first and second package authentication codes and by matching the first and second item authentication codes.

Abstract: Within a secure messaging environment, a determination is made that a request to send a message has been generated by a message sender. A message protection policy configured to process the message within the secure messaging environment is identified. The message protection policy specifies that, within the secure messaging environment, a secured digital certificate, other than a digital certificate of the message sender, is configured with an associated private key to digitally sign the message on behalf of the message sender. Based upon the message protection policy, a determination is made to digitally sign the message using the private key of the secured digital certificate. The message is signed on behalf of the message sender using the private key of the secured digital certificate.

Abstract: Within a secure messaging environment, a determination is made that a request to send a message has been generated by a message sender. A message protection policy configured to process the message within the secure messaging environment is identified. The message protection policy specifies that, within the secure messaging environment, a secured digital certificate, other than a digital certificate of the message sender, is configured with an associated private key to digitally sign the message on behalf of the message sender. Based upon the message protection policy, a determination is made to digitally sign the message using the private key of the secured digital certificate. The message is signed on behalf of the message sender using the private key of the secured digital certificate.

Abstract: In a communication system having a number of base stations and user devices, a sending user device comprising a processor and a memory is configured to generate a packet or other communication for forwarding to a receiving user device via one or more intermediary user devices of the system. The forwarding path of the communication may involve one or more of the base stations. A payment token is associated with the communication, such that at least one of the intermediary user devices can generate a payment claim based on the payment token. The payment token is independent of the particular identities of the one or more intermediary user devices of the system.

Abstract: A device for identification and authentication of a remote user connecting to a service over a network includes a cryptographic processor and at least one cryptographic key and storage means, additional processing means and interface means to generate and transmit a unique authentication code as emulated keystrokes through a standard input, means of a client terminal. The code may be transmitted only by an explicit command of the user.