Abstract: Various systems and methods for implementing random access channel security are described herein. An apparatus for a base station includes: receiver circuitry to receive at the base station, a signal from a user equipment (UE) transmitter to access resources of the base station; statistics circuitry to calculate high-order statistics on the signal to produce an identification indication; a memory device to store the high-order statistics and the identification indication; and processing circuitry to: associate the identification indication with the UE transmitter; use the identification indication to determine that multiple failures of a random access channel (RACH) process have occurred from the UE transmitter; and restrict later attempts by the UE transmitter to perform RACH processes with the base station.

Abstract: Systems, computer program products, and methods are described herein for dynamic exposure monitoring. The present invention is configured to determine a resource associated with a network environment, wherein the resource is associated with an exposure portfolio; determine one or more monitoring requirements associated with the resource, wherein the one or more monitoring requirements are determined based on the exposure portfolio; implement a first subset of one or more resource monitoring tools based on at least the one or more monitoring requirements of the resource; determine a change in the exposure portfolio of the resource; determine a change in the one or more monitoring requirements based on at least the change in the exposure portfolio of the resource; trigger a dynamic modification to the one or more resource monitoring tools; and implement the second subset of the one or more resource monitoring tools on the resource.

Abstract: There is provided a method of operating a node of a network. A first token generated by a device having an application program stored therein is received from the device. The first token is generated by the device in response to a request from a user to access the application program. A second token input by the user at a mobile terminal of a mobile network is received. The second token is input in response to a request for the user to input the first token. It is decided whether to allow the user access to the application program stored in the device based on a verification of whether the second token matches the first token and whether the user has a subscription for the application program. An indication of the decision whether to allow the user access to the application program is transmitted to the device.

Abstract: A server may include at least one server processor configured to execute an application. A desktop virtualization system may include at least one desktop virtualization processor. The desktop virtualization processor may be configured to instantiate a virtual desktop; authenticate a user of a client device; in response to authenticating the user of the client device, place the client device in communication with the virtual desktop through at least one network; launch a secure browser in the virtual desktop; and using the secure browser, place the client device in communication with the server through the at least one network. The application may be configured to perform processing in response to at least one command from the client device. The processing may include generating a one-time passcode, establishing a code word not communicated through the at least one network, and sending a message including the one-time passcode to a sender client device.

Abstract: There is provided an information processing apparatus including a first communication section configured to communicate with a communication terminal through a first communication channel, and a second communication section configured to communicate with the communication terminal through a second communication channel different from the first communication channel, wherein the first communication section is used for transmission of connection information for establishing the second communication channel with the communication terminal, wherein the second communication section is configured to establish the second communication channel based on the connection information, and wherein the information processing apparatus is connected to a network based on a connection instruction transmitted across the second communication channel, and receives service data by which to run the information processing apparatus from a service providing apparatus via the network.

Abstract: A method and device for handling an anomaly at a unit. The device is integrated into the unit. A variable is detected for handling attacks on the unit that defines an operation of the unit. A piece of information is determined depending on the variable that characterizes surroundings in which the unit is operated. It is checked depending on a comparison of the piece of information about the surroundings to a piece information about the setpoint surroundings for the operation of the unit, whether or not an anomaly is present in the operation of the unit. The unit is operated in a first operating mode having a first functional range, if no anomaly is detected. The unit is operated in a second operating mode having a second functional range, which is reduced or changed with regard to the first functional range, if an anomaly is detected.

Abstract: This document relates to securing ownership of devices to particular users when the devices are shipped directly from an original equipment manufacturer in order to prevent malicious use of devices that are lost or stolen. A purchaser may purchase a device from an original equipment manufacturer, and as part of the purchasing process, may provide ownership information for the device, which may include a user identifier and an identity provider. The ownership data can be written to firmware, and upon powering on of the device, the device can request a user identifier, which is then validated by the identity provider before allowing operating systems operations to continue on the device.

Abstract: A mechanism is provided that enables hiding identities of a target subscriber that is to be subject of lawful interception, LI, when the intercept access point, IAP, is outside the network operator part of the LI domain. Monitoring of data traffic such as over-the-top, OTT, services is enabled while at the same time hiding LI target identities to a network element, NE, containing the IAP. A secure memory area in the NE is dedicated to the LI functionality necessary to intercept and report interception data to the operator part of the LI domain. The interface between the NE and the operator part of the LI domain is the use of a secure injection channel via which the necessary LI software and target information are conveyed between the NE and the operator part of the LI domain.

Abstract: Novel tools and techniques are provided for implementing data and source validation for equipment output data and/or for equipment failure predict. In various embodiments, in response to receiving a first request for first data that is output by first equipment, a computing system might retrieve and analyze the first data to determine whether the first data can be trusted. If so, the computing system might send the first data to the requesting device. If not, the computing system might send a second request for identifying a blockchain containing a block containing a copy of the first data. In response to the blockchain system identifying such a blockchain, the computing system might receive the identified blockchain; might abstract the block containing the copy of the first data from the identified blockchain; might abstract the first data from the block; and might send the first data to the requesting device.

Abstract: In some aspects, a channel hopping sequence for communication on a mesh network is generated. The hopping sequence may include multiple channels assigned to respective positions in the hopping sequence. In some cases, a first channel is assigned to a first position such that the first channel may transmit communications in a first transmission mode, such as a low-bandwidth transmission mode. In addition, an additional channels adjacent to the first channel is also assigned to the first position such that the combination of the first channel and additional channel may transmit communications in a second transmission mode, such as a high-bandwidth transmission mode. In some cases, a whitelist is determined based on the assigned channels. The whitelist may indicate channels that do not conflict with the assigned channels during transmission of a communication. In addition, channels may be assigned to the hopping sequence based on the whitelist.

Abstract: A computer-implemented method of communicating with a point of sale terminal. The method includes establishing wireless communication with a point of sale terminal using a first communication channel, and establishing communication with the point of sale terminal using a second communication channel. The method also includes transmitting a first section of communication data via the first communication channel; and transmitting a second section of the communication data using the second communication channel.

Abstract: Disclosed herein are system, method, and computer program product embodiments for identity obscuration of a station (STA) connected to a wireless network to prevent the tracking of the STA. Embodiments include a STA configured to establish a security association with an access point (AP) based on an original long term identity for the station and an identity of the AP. The STA can transmit a new long term identity for the STA to the AP based on the security association. The STA can then transmit a request frame to change the original short term identity assigned to the STA to the AP. The STA can receive a response frame from the AP. The response frame can include a new short term identity assigned to the station by the AP. The STA can then map its new long term identity to its new short term identity assigned by the AP.

Abstract: There is a need to accurately and dynamically generate a time-based prediction and control access to the time-based prediction. This need can be addressed, for example, by allowing controlled access to user information pertaining to a user visiting a facility. In one example, a method includes storing a companion user identifier in association with a public user identifier; receiving a request for a user status of the user; determining whether the companion user is permitted to receive the user status of the user based at least in part on the public user identifier and the companion user identifier; responsive to determining that the companion user is permitted to receive the user status of the user, requesting an aggregated time-based prediction for the user; and causing, the aggregated time-based prediction to be decrypted and provided as a response to the request for the user status of the user.

Abstract: According to an aspect, there is provided a method of operating a first radio access node in a communication network, the method comprising determining (601) whether a first base key that is used to determine a first encryption key for encrypting communications between a communication device and the first radio access node can be used by a second radio access node for determining a second encryption key for encrypting communications between the communication device and the second radio access node; and if the first base key can be used by the second radio access node, sending (603) the first base key to the second radio access node during handover of the communication device from the first radio access node to the second radio access node.

Abstract: The concepts and technologies disclosed herein provide a network-assisted secure access (“NASA”) application that is installed on a user device. The NASA application can enhance current multi-factor authentication processes to prevent unauthorized access by leveraging mobile connectivity data. The enhanced two-factor authentication process is made seamless and transparent to the user by authenticating the mobile connectivity data with data known to the mobile network that serves the user device. The mobile connectivity data can include network-determined location, cell identifier (“cell ID”), Internet protocol (“IP”) address, a globally unique temporary identifier (“GUTI”), combinations thereof, and the like. Additionally or alternatively, one or more user profiles (e.g., user-defined and/or social media profile(s)) can be used to further enhance security.

Abstract: Embodiments described herein disclose methods and systems for providing selective data access to representatives. In some embodiments, the system can monitor a call between a user and a representative regarding a subject matter. The user can have an associated profile with data, and the data can be locked such that the representative cannot access the data. During the conversation between the representative and the user, the system can continuously convert both parties' speech into text. The system can determine an intent of the call based on the text and unlock a portion of the data about the user based on the determined intent of the call. Only the unlocked portion of the data is displayed to the representative.

Abstract: The present subject matter is directed to an apparatus and methodology for monitoring for the occurrence of use of unauthorized telecommunications equipment within a designated area. The present subject matter has particular utility to the corrections environment in that it discloses a methodology for detecting and reporting the unauthorized operation of cellular telephones within a corrections facility. The present technology may be used advantageously in combination with inmate telephone systems to transmit information to appropriate personnel in the form of email messages and/or voice communications by way of telephone local or corrections facility external telephone lines. The present technology also provides for recordation and storage of time, date and location information for detected events.

Abstract: Various techniques described herein relate to a client application framework for a contact center environment. A role-specific thick client framework may include a web browser-based application having multiple processes that can be distributed across the computing infrastructure of the client device. A portion of the framework may include a container application image received from an internal server of the contact center and launched by the client device. The framework also may include queuing and communication services executing on the client device, which interface with the internal client application and external service providers to support a common queuing framework and an integrated model implementation across the contact center environment.

Abstract: A message processing method is provided. The message processing method comprises the steps of receiving a message, checking the value of an extended protocol discriminator of the message. If the value of the extended protocol discriminator corresponds to a special extended protocol discriminator, the method includes modifying the special extended protocol discriminator to a regular extended protocol discriminator.

Abstract: A server as an information processing device includes: a communicator that communicates with mobile a body; a monitoring data storage that stores past monitoring data of the mobile body received by the communicator; and an alive monitor that determines whether a current state of the mobile body is anomalous, based on the past monitoring data stored in the monitoring data storage.

Abstract: A method, computer program product and system for generating false data for suspicious users. A suspicious user is identified. Actions of the user are then tracked. The user attempting to access sensitive information is detected. Relevant false sensitive information corresponding to the sensitive information is then detected. The relevant false sensitive information is then mapped to the sensitive information. The relevant false sensitive information is provided to the suspicious user. In response to user input, at least one command is executed, where the at least one command includes the relevant false sensitive information and not the sensitive information.

Abstract: Information related to apparently successful matches between two entities is collected, and culled based on a later indication that the match failed. Matches between two entities may be generated based on comparative information with other entities who appear to share some characteristics or preferences. Matches may be based on actual actions, in contrast to expressed preferences. Actual actions may be taken into account in addition to expressed preferences. Generation of matches may take into account geographical and/or temporal proximity and/or likelihood of receiving a response, in addition to other attributes of an entity. Matching algorithms may be updated based on entity input. Potential matches may be presented to third party entities for evaluation.

Abstract: A wireless audio system that may include a first wireless transceiver that is configured to receive audio information from an audio source over a bi-directional wireless link; a second wireless transceiver that is configured to sniff audio information sent over the bi-directional wireless link; and wherein the first and second wireless transceivers are configured to share sniff enabling information, over a shared link and before an establishment of the bi-directional wireless link.

Abstract: Techniques are described for automatically incorporating lifecycle information for a secured environment (SE) into an intrusion detection system monitoring the secured environment's operations. In one example, a secured environment including at least one component is monitored, where the secured environment is associated with a lifecycle operations manager (LOM) responsible for managing lifecycle operations associated with at least one component in the SE. One or more log files associated with operations of each of the at least one components are obtained, along with log files associated with lifecycle operations executed by the LOM. A determination is made as to whether the particular activities documented in the log files indicate a violation of at least one malicious action rule. In response to determining that the log files are associated with a malicious action rule, a mitigation action associated with the violation is triggered.

Abstract: A mobile device dock arrangement includes a mobile device dock and a near field communication (NFC) device. The NFC device includes a first NFC antenna for obtaining data from a readable object when the NFC device is operatively coupled to the NFC reader, where the first NFC antenna permits positioning the first NFC antenna remote from the mobile device dock and the mobile device for obtaining the data from the readable object at a position remote from the mobile device dock and the mobile device; a second NFC antenna coupleable to the mobile device dock and configured, when coupled to the mobile device dock, for presenting the data in readable form to the NFC reader of the mobile device; and a cord coupled, or coupleable, to the first NFC antenna and the second NFC antenna for carrying the data from the first NFC antenna to the second NFC antenna.

Abstract: This application provides a security context obtaining method and apparatus. The method includes: receiving, by a user plane gateway, a PDU session establishment request from UE, where the PDU session establishment request is used to request to establish a PDU session between the user plane gateway and the UE, and the PDU session is carried between the UE and a service server of a data network; and separately obtaining, by the user plane gateway and the UE, a security context used for the PDU session, and activating user plane security protection based on the security context. Therefore, during PDU session reestablishment, for example, PDU session reestablishment triggered by switching of the user plane gateway, a session management network element, and the like, the user plane gateway and the UE can obtain a new security context, thereby achieving end-to-end protection between the UE and the user plane gateway.

Abstract: A data interaction method, a verification terminal, a server, and a system are described. The method includes: receiving, by a verification terminal, identity verification information from a user terminal, the identity verification information being information sent to the user terminal by a server in advance; sending, by the verification terminal, a request instruction to the server, the request instruction including the identity verification information; executing, by the server, an operation corresponding to the request instruction; and sending, by the server, feedback information to the verification terminal.

Abstract: Methods, apparatuses, and systems are described for deriving secured keys and authenticating based on the derived keys. An entity may receive one or more derived keys and one or more key derivation algorithms associated with the one or more derived keys. A user device may derive, based on a key associated with the user device and unknown to the entity, a user key. The entity may derive, based on a first derived key and one of the key derivation algorithms, a second derived key, and may verify, based on the second derived key, the user key.

Abstract: A vehicle that has an automatic notification function includes a first communication device that transmits emergency information to a server apparatus of an automatic emergency notification system via a base station in a case where an emergency situation arises, a control unit that automatically transmits the emergency information to the server apparatus by using the first communication device when the emergency situation arises, and a second communication device that restrictedly communicates with an external device.

Abstract: A method of controlling a packet stream generated by an application installed in a mobile terminal, the stream being intended to be sent by the terminal over a communications network managed by an operator. The method includes the following acts implemented in the terminal, for at least one packet generated by the application: obtaining a first packet having a first header and payload data; transmitting a request message to a security module installed in the terminal, the message including a parameter of the first header; receiving a response from the security module, which includes an instruction relating to transmission of a second packet, the response being based on the parameter and established according to a processing rule; preparing the second packet by modifying the first header into a second header, based on the instruction, the second packet including the second header and the payload data; and transmitting the second packet.

Abstract: A method performed by a network node that generates a schedule of communication exchanges between the network node and a small cell of a telecommunications network. The schedule is unique for the small cell among multiple small cells and sets times for sending status signals to the small cell and receiving counterpart response signals from the small cell. When the network node detects non-compliance with the schedule, the network node can begin to monitor the small cell for anomalous activity. Upon detecting that the anomalous activity includes malicious activity, the network node can communicate with the small cell wirelessly to deauthorize the small cell.

Abstract: A method of determining a confidence level associated with a device using heuristics of trust includes receiving, by an evaluating device, at least a communication from a first remote device, determining, by the evaluating device, an identity of the first remote device as a function of the at least a communication, calculating, by the evaluating device, at least a heuristic of trust as a function of the at least a communication and the identity, assigning, by the evaluating device, a first confidence level to the first remote device as a function of the at least a heuristic of trust, and assigning, by the evaluating device, an access right as a function of the first confidence level.

Abstract: A computer-based system for facilitating the execution of law enforcement duties is disclosed. More particularly, according to one aspect of the invention, an electronic system is configured to facilitate the performance of law enforcement duties by quasi-instantaneously providing actionable intelligence to its users, such as front-line law enforcement officers, in response to a real-time query. According to another aspect of the invention, a system implements a set of automated status classifications for subjects with suspected or confirmed involvement in criminal activities. The status classifications specifically and concisely establish the subject's involvement in criminal activities. According to yet another aspect of the invention, a system executes a streamlined electronic process for handling and processing seized items so as to ensure that criminal assets are efficiently and effectively seized, and that asset forfeiture actions are effectively initiated against the seized items.

Abstract: A computing device may receive a file previously uploaded by another device, and may validate the received file using data including a first value encrypted based on a document (e.g., a digital certificate or identification certificate) of the uploading device. The computing device may determine the validity of the certificate based on a certificate of a remote computing device to which the file was uploaded, and may decrypt the first value using a key of the certificate of the uploading device. The computing device may determine a second value for the received file and may determine validity of the received file based on a match of the first value and the second value.

Abstract: A system for processing a transaction is described. The system may comprise two summary and turns on a logic component configured for processing the transaction and a memory communicatively coupled to the logic component. The memory may have instructions stored thereon that, in response to execution by the logic component, cause the logic component to receive a request for funds, determine a transaction type associated with the request for funds, aggregate a plurality of transaction requirements based upon the transaction type, analyze transaction data associated with the request for funds, compare the transaction data to the plurality of transaction requirements, determine that the transaction data satisfies each of the plurality of transaction requirements, submit the request for funds to one of a plurality of payment processors, and transmit the transaction response to a client device, where the transaction response comprises one of an approval message or a declined message.

Abstract: A system includes a source code repository which stores source code entries, which include instructions in a programming language for performing computing tasks. A style repository stores a style profile. Each style profile includes predefined style features associated with formatting characteristics of the stored source code entries. A source code analyzer receives a source code which includes instructions in the programming language for performing a computing task. Style features of the source code are determined. The style features include characteristics of a format of the source code. The source code analyzer determines whether the style features correspond to predefined style features indicated by a style profile. If this is the case, the source code is stored in the source code repository. If this is not the case, storage of the source code is prevented.

Abstract: An information handling system of a Radio Access Network (RAN) system operating a secure network slice orchestration system may comprise a network interface device of the RAN system transceiving data within a 5G New Radio (NR) frequency band with an endpoint computing device, the network interface device receiving an instruction from a client solutions management (CSM) platform to assign a network slice within the 5G NR frequency band, based on a security profile associating the endpoint computing device with a security tier, to a network slice as established by a software defined network (SDN) controller within a sub-portion of the 5G NR frequency band, the secure network slice orchestration system determining the endpoint computing device is associated with the network slice within a communications profile received from the CSM platform, and the SDN controller establishing a virtual access point transceiving data within the network slice with the endpoint computing device.

Abstract: In order to achieve the above-described object, a disclosure of this specification provides a method for performing, by a UE, a PDU session establishment request, in case information on a LADN area is changed. The method may include the steps of performing a first PDU session establishment request for a first LADN area, in case the first PDU session establishment request is transmitted from outside of the first LADN area, receiving a Reject message rejecting the first PDU session establishment request from a network system, in case the Reject message is received, transmitting a registration update request for updating a LADN area to the network system, receiving information on an updated second LADN area (LADN Service Area 2) as a response to the registration update request, and performing a second PDU session establishment request for the second LADN area.

Abstract: Embodiments implement multifactor authentication without a user footprint. An application programming interface call from a client application can be received that includes a messaging identifier. A transaction identifier can be transmitted to the client application and stored. Using a shared secret, a temporary password can be generated, where the shared secret can be associated with the transaction identifier and can be stored. The temporary password can be transmitted to the messaging identifier. A second application programming interface call can be received that includes a reference transaction identifier and input, where a user provides the input to the client application. The user can be authenticated when the reference transaction identifier matches a transaction identifier stored and the input matches an expected password that is based on a stored shared secret associated with the matching stored transaction identifier.

Abstract: The present disclosure pertains to provisioning of credentials, and in particular to provisioning of authentication credentials to a computer device for accessing a cloud platform computer system. The computer device obtains sensor data and sends a request including a device identifier to a provisioning server using a provisioning server network address. The computer device receives a response, from the provisioning server, including a platform credential and a platform server network address of a platform server. The computer device stores the platform credential. The computer device sends the sensor data and the platform credential to the platform server using the platform server network address.

Abstract: Systems and methods are provided herein for providing user-based resource allocation using OFDMA functionality. This may be accomplished by a WAP receiving a request for access to a network from a first device, wherein the first device is configured to communicate with the WAP using OFDMA. The request for access comprises an identifier and role associated with the first device. The WAP then determine if a second device associated with the same identifier as the first device is being allocated one or more RUs for communicating with the network. If there is a second device associated with the identifier being allocated RUs for communicating with the network, the WAP determines a number of one or more RUs to provide to the first device based on the role associated with the first device and one or more conditions stored in a database.

Abstract: The present disclosure relates to systems, non-transitory computer-readable media, and methods for dynamically providing a activity dashboard for display within a graphical user interface. In particular, the disclosed systems can intelligently display, within the activity dashboard, insights of digital activity within an application of a child account. For example, the disclosed systems can monitor digital activity associated with recent contacts and groups, contact updates, and digital media items exchanged in messaging chat threads. In turn, the disclosed system can selectively surface one or more portions (and/or indications) of the monitored digital activity in the activity dashboard along with corresponding actionable options available for user selection.

Abstract: A method and system for real-time qualification of rental customers allows a rental company to quickly qualify a customer making an online reservation of a rental vehicle, such as a car share rental, without requiring the customer to be a member or have a membership or to be pre-qualified. The system includes: a database operative to store account information associated with a customer for a rental transaction; an input component operative to receive from the customer an uploaded image of the customer's driver's license and an uploaded second image of the customer; and a processor operative with the database to use the uploaded driver's license image, the uploaded second image and information associated with the uploaded second image to qualify the customer for a rental transaction.

Abstract: An electronic device include: a display, an input unit, at least one processor, and a memory. The input unit includes at least one biometrics sensor and the memory includes instructions. The processor is configured to perform user authentication based on biometric sensing information obtained through the at least one biometrics sensor in response to an input to the input unit. In response to successfully performing the user authentication, the processor is configured to identify whether a duration of the input exceeds a first threshold time. The processor is configured to perform a first function when the duration is less than or equal to the first threshold time. The processor is also configured to perform a second function when the duration exceeds the first threshold time.

Abstract: A gaming system is provided. The gaming system allows users to access applications via gaming communication devices coupled to a communication network. At least a portion of the network may be wireless. The gaming applications include gambling, financial, entertainment service, and other types of transactions. The system may include a user location determination feature to prevent users from conducting transactions from unauthorized areas.

Abstract: A method includes receiving, at an access point, an access request from a first device after an expiration of a first passcode. The access request is encrypted based on the first passcode. The method includes making a determination by the access point before an expiration of a usage time of a first passcode usage list that an identifier of the first device is included in the first passcode usage list. The method also includes, in response to making the determination, generating, at the access point, data representing a second passcode by encrypting the second passcode using the first passcode; and sending the data representing the second passcode from the access point to the first device.

Abstract: A card registry system is configured to automatically identify financial card information in one or more credit files associated with a consumer and populate a card registry account of the consumer with the identified financial card information. Once the financial card information has been obtained from the credit file(s), the card registry system may transmit cancellation and/or reissuance requests to the respective card issuers in the instance that one or more cards are compromised, so that the financial cards may be easily and efficiently cancelled and/or reissued at the request of the consumer.

Abstract: An indoor geolocation system for determining a location in three-dimensional space includes a plurality of base stations and a mobile device movable about an indoor environment in three dimensions. The mobile device detects electromagnetic signals in the indoor environment emitted by devices other than the base stations, and generates a signal profile based on the signals. The mobile device transmits the signal profile to one or more of the base stations, which forward the signal profile to a remote server. The system determines a location of the in three-dimensional space of the mobile device by comparing the signal profile to data regarding signal profiles at a plurality of locations in the indoor environment. The data regarding signal profiles in the indoor environment may have been captured by a detection device other than the mobile device at a time prior to the detection of the electromagnetic signals by the mobile device.

Abstract: A method of detecting and disabling offending devices includes monitoring for a radio frequency signal. When an offending device initializes and registers with a cell tower, it emits the radio frequency signal. After the radio frequency signal is detected, a message including an identification of the radio frequency signal is transmitted to a receiver of a base station. Responsive to receiving the message, the base station sends a secure transaction that includes an indication of the radio frequency signal to a processor of a cellular carrier system. Responsive to receiving the secure transaction, the processor of the cellular carrier system correlates a time and the radio frequency signal with an account associated with the registration of the offending device, disconnects from the offending device, and disables an account associated with the offending device.

Abstract: According to one aspect of the present invention for accomplishing the aforementioned purpose, a mobile authentication method performed by a portable user device comprises the steps of extracting a telephone number of the portable user device, transmitting member information including the telephone number to an authentication server, receiving a user authentication number using the member information from the authentication server, extracting unique user identifiers (UUID) of an application (app) installed in the portable user device, and transmitting the extracted UUID of the app and the received user authentication number to a service server.