Abstract: A key delegation request is received from a host system. The key delegation request includes a new public key. A challenge is generated based on the new public key and a root public key, and the challenge is provided to the host system responsive to the request. A first and second digital signature are received from the host system. The first digital signature is generated by cryptographically signing the challenge using a new private key corresponding to the new public key and the second digital signature is generated by cryptographically signing the challenge using a root private key corresponding to the root public key. The first digital signature is validated using the new public key and the second digital signature is validated using the root public key. Based on successful validation of both signatures, the new public key is utilized in one or more cryptographic operations.

Abstract: A target sends ID of a key table. The apparatus receives the ID. The apparatus sends ID of an authentication table to the target. The apparatus sends a challenge corresponding to a pair of the ID of the key table and the ID of the authentication table, to the target. The target obtains, from the key table, a key corresponding to a pair of the ID of the key table and the ID of the authentication table. The target generates a response from the challenge and the key. The target sends the response to the apparatus. The apparatus obtains, from the authentication table, a response corresponding to a pair of the ID of the key table and the ID of the authentication table. The apparatus authenticates the target based on the responses.

Abstract: Blockchain-based systems and methods related to creating and distributing cryptographically secure, digital tokens representing equity in assets corresponding to loan agreements. The system may comprise a transaction interface portal configured to collect and manage information pertaining to the origination of a loan agreement or a token transaction agreement. The system may include an underwriting smart contract configured to autonomously verify the value of an asset corresponding to a loan origination based at least partially on information not originating on the blockchain. The system may deliver tokens through a programmable escrow wallet configured to deliver tokens to buyers upon the satisfaction of encoded regulatory criterion. The system may be configured to determine the price of one or more tokens before delivery and adjust the price based at least on the appreciating value of the assets corresponding to the loan agreements and the number of tokens retired by the system.

Abstract: Systems and methods for automatically tagging cloud resources that are spread across multiple cloud platforms are provided. According to one embodiment, information regarding each cloud provider of multiple cloud providers associated with a cloud environment used by a private network is received by a cloud-tagging orchestrator service of the private network. For each cloud resource of a plurality of cloud resources hosted by the cloud providers on behalf of the private network: (i) information associated with the cloud resource is retrieved by the cloud-tagging orchestrator service; (ii) a unified tag of multiple unified tags for the cloud resource is identified by the cloud-tagging orchestrator service based on a pre-defined global tagging policy; and (ii) the unified tag is assigned by the cloud-tagging orchestrator service to the cloud resource via an application programming interface (API) of a cloud provider of the multiple cloud providers hosting the resource.

Abstract: A network-accessible cyber-threat security analytics service is configured to receive and respond to requests that originate as name queries to a Domain Name System (DNS) service. Threat intelligence information provided by the service is organized into threat intelligence zones that correspond to zones exposed via the DNS service. Upon receipt of a DNS query, the query having been generated by an application seeking access to threat intelligence data exposed by the service, the query is translated into a DNS zone-specific API request based on the type of threat intelligence information sought. The zone-specific API request is then used to retrieve the requested threat intelligence information from a threat intelligence database. The requested threat intelligence information is then returned to the application by being encoded as part of a response to the DNS query. In this manner, the DNS protocol is leverage to facilitate highly-efficient access and retrieval of threat intelligence information.

Abstract: Disclosed is a method performed by a system of a communications network. The method comprises encoding the first data stream and the second data stream, analyzing time data related to the first and second data stream, in order to determine a time relationship between the first and second data streams. The method comprises creating an offset file comprising the time relationship between the first and second data streams and transmitting the first data stream, the first time metadata, the second time metadata and the offset file. The method comprises receiving the first data stream, the first time metadata, the second time metadata and the offset file and streaming the first data stream. The method comprises determining a start time for the second data stream, obtaining the second data stream and streaming the second data stream, such that the first and second data streams and synchronized.

Abstract: The present disclosure provides an updating method, a terminal and an electronic device. The updating method may include: acquiring updated authority information; and transmitting a first update notification to a first data node, the first update notification comprising the updated authority information. When a control node transmits the first update notification to the first data node, such notification includes the updated authority information.

Abstract: Disclosed herein is a computing system with the capability to execute instructions in different positional notation values. The definition of a positional notation value is given by the general formula that represent a base 10 numeral in any positional notation in the following manner: . . . d3r3+d2r2+d1r1+d0r0, where d is a coefficient, r is the base of the positional number system (i.e. r=2 for binary, or r=3 for ternary), and the exponent is the position of the digit. The computing may provide a configuration which hybridizes the instructions of multiple positional notation values in variable ratios. The computing system may dynamically switch between the multiple hybridized instructions sets. Embodiments may be applied to provide security benefits.

Abstract: One embodiment provides a method, including: receiving, at an information handling device, a user query; identifying, using a processor, that a stored answer does not correspond to the user query; determining, using a processor, a query-answering source for the user query; transmitting the user query to the query-answering source; and providing an answer submitted by the query-answering source to a user. Other aspects are described and claimed.

Abstract: A system for combining a payment mechanism with an offer to a consumer is described. The system includes a virtual payment account number generation engine to generate virtual payment account numbers that can be used by a consumer in a payment transaction at a merchant, the virtual payment account number generation service also operable to take a portion of the virtual payment account number and send it as a checkout code to a consumer using the consumer's mobile device, and an offer generation engine used to set rules for an offer to be sent to consumers, create a fund for the offer, and determine individual consumer's eligibility for the offer. The offer is associated with the checkout code such that the offer is processed as part of the payment during the payment transaction using the virtual payment account number.

Abstract: Methods, systems, and apparatuses are described herein for the direct sharing and use of transaction data separately from transaction authorization processes. Transaction metadata associated with a transaction may be received and validated. Authorization information corresponding to the transaction may be received. The degree to which the transaction metadata is tested may be based on a predicted time of receipt of the authorization information. The transaction metadata and authorization information may be correlated. A computing device may determine whether to authorize the financial transaction based on the authorization information and the correlated transaction metadata. All or portions of the transaction metadata may be provided to one or more users after the transaction has been authorized or denied.

Abstract: A method for requesting proof of delegation for delivery of content to a client terminal via an encrypted connection. The content is referenced on a content server, to which the client terminal emitted a request to obtain the content. The content server has delegated the delivery of the content to a primary delivery server. The method is implemented by a secondary delivery server, to which the primary delivery server has delegated the delivery of the content. The method includes: receiving a request to establish an encrypted connection, from the client terminal, including an identifier of the content server; emitting a request for proof of delegation of delivery, addressed to the content server; receiving of a message from the content server, including an encryption key; emitting a response for establishing an encrypted connection, addressed to the client terminal; and establishing the encrypted connection with the client terminal using the encryption key.

Abstract: Dynamically enforcing access control policies unique to respective users in a multi-cluster container orchestration environment is provided. Resource-permission-role mappings are generated for users in the multi-cluster container orchestration environment based on preset access control criteria. Dynamic access control criteria are learned from the multi-cluster container orchestration environment over time. The resource-permission-role mappings for the users in the multi-cluster container orchestration environment are updated based on the dynamic access control criteria learned from the multi-cluster container orchestration environment over time. The resource-permission-role mappings are enforced to respective users in the multi-cluster container orchestration environment in response to receiving corresponding user resource access requests.

Abstract: Provided is a data management method of a server, including receiving, from a first server, first data, in which a first identification (ID) associated with a device and a first encryption identification (ID) that encrypts an ID associated with an advertisement are mapped and second data, in which a second ID associated with the advertisement and a second encryption ID that encrypts an ID associated with the device are mapped; converting a second encryption ID associated with an electronic device, received from a second server, to the second ID based on the second data, and transmitting the converted second ID and third data to an advertisement service server; and converting a first encryption ID associated with the electronic device, received from a third server, to the first ID based on the first data, and transmitting the converted first ID and fourth data to a general service server.

Abstract: Computer-based access security includes executing secure login and authorization methodologies by which configuration parameters and permissions associated with a user at a user computing device are compared to database-stored respective configuration parameters and permissions associated with the user. Thereafter, the user is authorized or not to login and access mobile app functionality if the user successfully passes facial recognition and/or spoof detection techniques. Facial recognition techniques include collection and indexing of user captured photo as compared to already stored photo information pertaining to the user.

Abstract: Systems and methods may be provided for masking data on public networks, such as social networking sites. At a publishing node, the system may monitor data input fields in a webpage that are processed by an internet browser. The system may intercept data, such as text, images, and video input at the data input fields, prior to the data being posted online on a public service provider's website. The publishing node may control which users are permitted access to the posted data by defining a policy associated with the data input field. The posted data may be transformed or tokenized to ensure that it is inaccessible to a user (or group of users) unless that user/group is granted access to the decoding key under the policy. In this way, data security and data control may be provided to a publishing user node. Data that has already been posted may be destroyed, for example, by deleting the decryption key or a token.

Abstract: Systems, methods, and apparatus for identity access management for web services are disclosed. The method includes: creating on a user device, a session's access token and an identity token to be sent along with a request for accessing web services, wherein: the accessing of web services includes at least one of: retrieving and pushing information from an instance storage which is client specific and protected from unauthorized access by another instance storage; the session's access token indicates a location where the session's access token was created, an expiration time, and a hash identity for verifying a validity of the session's access token; the identity token identifies a user who sends the request; and authenticating the user on the user device according to the session's access token and the identity token to authorize the accessing of web services in a session.

Abstract: A non-transitory tangible recording medium stores recorded AV data. The AV data includes a system stream file played by a playback device and a management information file having management information corresponding to the system stream file. The system stream file includes a first segment including repeated a first data unit that be decrypted using a first decryption key that the playback device individually has and a second data unit that cannot be decrypted by the first decryption key. The system stream file also includes a second segment which can be decrypted using a second decryption key that the playback device has in common with another playback device. The management information file has a start source packet number, which identifies a start source packet out of a plurality of source packets storing an I-picture that is a random access point, and the start source packet is situated in the second segment.

Abstract: A processor-implemented method is disclosed. The method includes: obtaining sensor readings from a plurality of sensors associated with a plurality of homes; receiving, from a computing device associated with a first one of the plurality of homes, a request for a live home score; determining, based on first sensor readings for at least one sensor associated with the first one of the plurality of homes and second sensor readings from corresponding sensors associated with at least a second one of the plurality of homes, a live home score for the first one of the plurality of homes; and sending the live home score to the computing device associated with the first one of the plurality of homes.

Abstract: In accordance with embodiments, there are provided mechanisms and methods for facilitating auditory media metadata-based software configuration using design systems according to one embodiment. In one embodiment and by way of example, a method includes identifying an auditory message of contents including a workflow of transactions to be performed by a software application associated with a software design system, where the auditory image represents a digital voice message captured by one or more of a microphone and a digital audio recorder. The method may further include translating the contents into metadata compatible with the software design system, generating a process flow corresponding to the workflow and based on the metadata, and configuring the software application based on the process flow such that one or more objects of the software application are augmented based on the process flow.

Abstract: A system and method to manage data associated with a merchant system to provide in response to a search query from an end user system. The system and method generate a custom entity type including one or more fields comprising first data corresponding to the merchant system. An update to the first data of the custom entity type can be received and an updated custom entity type is generated. The updated custom entity type is distributed to multiple business listing provider systems configured to provide search results associated with the merchant system in response to a search query from an end user system. The system and method can also generate a search experience interface including multiple input fields. The search experience interface is displayed to an end user to receive search terms via the first input and the second input field in response to a single search action.

Abstract: A messaging system interacts with the messaging applications of customer, admin, and agent clients to support encrypted communications among customers and businesses. To register as an agent of the business, an agent client sends registration information to the messaging system and receives a barcode in response. The messaging system validates information about the barcode received from the admin client and sends a validation code to the admin client. The admin client displays the validation code, and the validation code is entered into the agent client. The admin client generates a membership list including an agent client identifier, digitally signs the membership list, and provides the signed membership list to the messaging system. When a customer messages the business, the messaging system forms a customer group using the signed membership list and distributes the message to the agent clients in the group.

Abstract: A data protection circuit of a chip, a chip, and an electronic device, where the data protection circuit performs bit width expansion and scrambling processing on a first alarm signal using an operation circuit to obtain a second alarm signal, and outputs the second alarm signal to a processing circuit. The processing circuit performs descrambling processing after receiving the second alarm signal to obtain a descrambling result. When the second alarm signal is attacked, the descrambling fails, and the descrambling result is an active level. The processing circuit outputs the descrambling result to a reset request circuit, and the reset request circuit generates a reset request signal according to the descrambling result.

Abstract: A method of analyzing images by a computing device to generate an e-commerce interface, comprising receiving, from a computing device associated with a first human user, a list of items associated with the first human user; receiving, from a computing device associated with a merchant, purchasing information for each item of the list of items; receiving, from a second human user, one or more images depicting the first human user using one or more items from the list of items; automatically analyzing the one or more images to identify the one or more items; and generating a user interface comprising at least one of the one or more images, links to a computing system of the merchant from which the second human user may obtain the one or more items identified.

Abstract: An indicator associated with a financial card to tender payment for a transaction is received from a point of sale device. A storage device stores independent sets of information associated with the financial card. The sets of information indicate different actions to be performed and settings corresponding to the actions. The indicator received from the point of sale device is associated with one of the independent sets of information. The actions associated with the received indicator are performed in accordance with the corresponding settings in response to conducting a transaction with the financial card.

Abstract: A consent receipt management system may, for example, be configured to track data on behalf of an entity that collects and/or processes persona data related to: (1) who consented to the processing or collection of personal data; (2) when the consent was given (e.g., a date and time); (3) what information was provided to the consenter at the time of consent (e.g., a privacy policy, what personal data would be collected following the provision of the consent, for what purpose that personal data would be collected, etc.); (4) how consent was received (e.g., one or more copies of a data capture form, webform, etc. via which consent was provided by the consenter); (5) when consent was withdrawn (e.g., a date and time of consent withdrawal if the consenter withdraws consent); and/or (6) any other suitable data related to receipt or withdrawal of consent.

Abstract: A notification message is received by a communication device The notification message includes a message identifier and a digital signature generated by an original sender of the notification message. That an integrity of message content in the notification message and an original sender of the notification message is verified is determined using the digital signature. Responsive to determining that the notification message is verified, the notification message is forwarded by the communication device using a peer-to-peer communication channel over a mesh network.

Abstract: A set of potential personal information (PI) is constructed. A first data component of a first potential PI in the set of potential PI conforms to each element of a delimited alphanumeric string defining a PI search pattern. A first metadata component of the first potential PI comprises system information of a system maintaining the first potential PI. Responsive to determining that a component of the first potential PI meets a specification of a component of a signature, the first potential PI is identified as a first actual PI, wherein the signature comprises a data component specifying an alphanumeric string and a metadata component specifying a delimited alphanumeric string defining a metadata search pattern. Using a removal request constructed responsive to identifying the first actual PI, removal of the first data component from data maintained by the system maintaining the first potential PI is caused.

Abstract: Disclosed herein are systems and techniques for using a content delivery network to perform various functions within a digital advertising ecosystem, in ways that yield technological benefits such as improved security, efficiency, and speed (for example, reduction in publisher load times). As one specific example, a content delivery network can be used for the creation of electronic tokens for user identity protection between demand side platforms, supply side platforms, content creators (for example, advertisers), and publishers.

Abstract: Operating conditions of a blockchain configuration may be dynamic and change automatically under certain circumstances. One example method of operation may include receiving a blockchain transaction sent from a first blockchain to a second blockchain, identifying an inter-ledger contract between the first blockchain and the second blockchain, receiving an inter-ledger message at the second blockchain from the first blockchain, and determining whether to log the blockchain transaction in the first blockchain or the second blockchain based on the inter-ledger message.

Abstract: An embodiment includes a multi-function electronic device capable of generating a programmed magnetic field of alternating polarity based on a speed of a card swipe, and methods for constructing the device for the purpose of emulating a standard credit card. An apparatus is described to allow the device to emulate behavior of a credit card when used in electronic credit card readers. Additionally, methods are described to allow user control of the device for the purpose of authorizing or controlling use of the device in the application of credit, debit and cash transactions, including cryptocurrency and device-to-device transactions. Methods are also described for generating a limited-duration payment number when performing a transaction for the purpose of creating a limited-use payment number, which is limited in scope of use to a predetermined number of authorized transactions. Furthermore the device may interact with other similar devices in proximity for the purpose of funds or credit/debit transfers.

Abstract: A credentials verification network utilizes blockchain technology to track/verify credentials for candidates that can later be used in the hiring verification process. As implemented by nodes of a distributed network, a candidate receives from a first network node a secure credential generated by a credentialing source from an original credential document. The first node processes the secure credential according to a security feature (e.g., hash function) to create a transaction, and assigns an identifier to the transaction. The first node signs the transaction with a private key to create a transaction signature. The first node sends the signed transaction to a central server that broadcasts the transaction to the blockchain network. Once the network has accepted the transaction, the candidate will be notified and handed over the raw text document and transaction receipt ID. The candidate can forward the information to a recruiter or potential employer running a second node.

Abstract: A television program ratings method and system includes transferring information associated with households from a cable provider to a ratings provider such that the ratings provider has access to information associated with sampled households and lacks access to information associated with non-sampled households. To this end, identity information and usage information associated with the households are respectively anonymized and encrypted. Knowledge of the identities of the sampled households enables the anonymized identity information and the encrypted usage information for the sampled households to be respectively de-anonymized and decrypted. The ratings provider knows which households are sampled households. As such, the ratings provider de-anonymizes and decrypts the information associated with the sampled households and then uses the de-anonymized and decrypted information to determine television program ratings.

Abstract: An interface self-service method, an apparatus, a computer device and a non-transitory storage medium for implementing the same. The interface self-service method includes: installation of a self-hosted server in a local device; installation of an interface webpage in the self-hosted server in the form of a webpage expansion package; installation of an interface function in the self-hosted server in the form of a function expansion package; confirmation of an access request when the self-hosted server receives the access request from a local browser; if the access request is an interface webpage request, a corresponding interface webpage is returned to the local browser according to the webpage expansion package; and if the access request is an interface function request, a corresponding interface function of the function expansion package is accessed.

Abstract: A computerized method, system for, and computer-readable medium operable to: retrieve program details data about at least one media program. Retrieve social media posts involving the at least one media program. Match the retrieved program details data with the retrieved social media posts to find matching locations. Store time offset data corresponding to the matched locations within the at least one media program into at least one micropost. Rank the at least one media program by the number of microposts corresponding to the at least one media program. Present the at least one media program, each of the at least one media program with at least one micropost, wherein the at least one micropost comprises a link to the original social media page hosting the social media post and a video deeplink that plays a time off-set video, the time off-set video starting from the stored time offset data.

Abstract: Symbol sequences are estimated using a computer-implemented method including detecting one or more candidates of a target symbol sequence from a speech-to-text data, extracting a related portion of each candidate from the speech-to-text data, detecting repetition of at least a partial sequence of each candidate within the related portion of the corresponding candidate, labeling the detected repetition with a repetition indication, and estimating whether each candidate is the target symbol sequence, using the corresponding related portion including the repetition indication of each of the candidates.

Abstract: Systems and techniques are disclosed for progressive authorization of information. One of the methods includes obtaining information from a user device indicating a user identity of a user operating the user device, the user device being in communication with a content server. A confidence associated with the user identity of the user is determined. Requests from the content server for profile information associated with the user identity are responded to, such that authorization levels of requested profile information are determined to be satisfied based on the confidence. Upon a positive determination, use of the requested profile information is granted. Upon a negative determination, prompts for additional identifying information are provided on the user device.

Abstract: A mobile device may be configured to determine, in a secure portion of the mobile device, whether a non-volatile indication (e.g., a fuse or non-volatile bit or flag) allocated to lender binding has been set. A mobile device processor may query a payment server associated with a lender of the mobile device to determine a next payment due date in response to determining that the non-volatile indication allocated to lender binding has been set, and select an operating mode for the mobile device based on a difference between the next payment due date and the current date.

Abstract: An object is to provide a surveying instrument and system to manage instrument setting and usage data for each personal user. The surveying instrument includes a personal authentication sensor, a control unit, and a storage unit. A personal information registration unit of the control unit acquires personal authentication information from the sensor and stores the personal authentication information in a personal identification information database of the storage unit in association with user information. A personal authentication execution unit of the control unit identifies a user based on whether authentication data acquired by the sensor matches personal authentication information stored in the personal identification information database. A personal setting application unit of the control unit refers to a personal setting information database in the storage unit, and when finding instrument setting saved by the authenticated user, applies the instrument setting and starts the surveying instrument.

Abstract: Aspects of the present disclosure are directed to electronic computer implemented tracking method and system for an article of manufacture. In one aspect, a plurality of computer readable records are electronically maintained and stored in a computer readable database. In one step, a temporary virtual record is generated with EDI data payload including a transaction record attribute, a location transfer request attribute for designating a transfer location of an article of manufacture, and a recipient user biometric ID attribute. Next, electronically via data communications network tunnel, EDI data payload representative of the transaction record attribute and the location transfer request attribute is transmitted; and responsive to the location transfer request attribute, via the computer-based data communications network, the system transmits EDI data payload representative of an exchange zone attribute for designating a physical zone for exchanging said article of manufacture.

Abstract: A system and method for analyzing media requests and evaluating the authenticity of geographic data associated with the media requests. A mobile device may use media requests to retrieve media items that are displayed to a user. A media request may include geographic data with latitude and longitude information and entity data identifying a user, application, mobile device, or combination thereof. The system may analyze the geographic data to identify locations and may analyze the entity information to identify user activity. The user activity may be internet activity of an application running on another device (e.g., user's desktop). The system may then correlate the user activity (e.g., accessing a venue web site) with the geographic locations (e.g., venue locations) to evaluate the authenticity of the geographic data associated with the mobile requests.

Abstract: A hearing device for being worn at or at least partly within an ear of a user and including an acoustic shock detector for detecting an acoustic shock event present in an input audio signal from an input transducer and providing shock detection information related to the acoustic shock event. The hearing device further includes an acoustic shock controller for determining a first gain factor (Gb) and a second gain factor (Gp) in dependence of the shock detection information, a first attenuator for attenuating a processed input audio signal by the first gain factor (Gb) and providing an attenuated audio signal to an output limiter providing a limited audio signal, and a second attenuator for attenuating the limited audio signal by the second gain factor (Gp) and providing a further attenuated audio signal to an output transducer. A corresponding method for acoustic shock control in a hearing device.

Abstract: A hosts file manager is provided that displays a user interface with a list of selectable server groups. The list may comprise, for example, identifications server groups. Each server group corresponds to an IP address, and the hosts file manager has access to such IP address data. A user selection of a first server group may be made and received via said user interface. A computer's hosts file may then be modified to correlate a hostname with an IP address of the selected server group.

Abstract: Mechanisms for providing point to point encryption and tokenization enabling decryption, tokenization and storage of sensitive encrypted data on one system are discussed.

Abstract: The disclosed merchant server initiates a verification process in response to receiving an account identifier for an account in response to a payment selection by an account holder. In response to confirming enrollment of the account in a verification service, the merchant server receives an access point (e.g., a uniform resource locator (URL), API, etc.) and presents an offer interface corresponding to the access point. The offer interface includes a value added offer based on a profile of the account. The merchant server receives a credential and an acceptance indicator in response to the account holder accepting the value added offer. The merchant server may send an authorization request to a transaction authorization system.

Abstract: This disclosure relates to data encryption and decryption. In one aspect, a method includes receiving, by a second peer end computing device, first data from a first peer end computing device. The second end computing device generates a random term based on a result range pre-agreed upon with the first peer end computing device. The result range includes a minimum result value and a maximum result value. The random term is a product of a random number and an agreed upon constant. The agreed upon constant is greater than a difference between the maximum result value and the minimum result value. The second peer end computing device performs a homomorphic operation based on the first data, local private second data, and the random term to obtain an encryption result. The second peer end computing device returns the encryption result to the first peer end computing device.

Abstract: The application relates to a method for computing a probabilistic encryption scheme for encrypting a data item in an electronic device including: computing a plurality of random bit strings in a computation cluster; sending the computed plurality of random strings to the electronic device; generating a random string (rE) for using in the encryption scheme in the electronic device using a subset of the plurality of the random strings computed in the computation cluster and encrypting the data item using the random string computed in the electronic device. The present application also relates to a corresponding system and corresponding computer program product including one or more computer readable media having computer executable instructions for performing the steps of the method.

Abstract: A data verification apparatus includes a storage, a management unit, and a verification unit. The storage includes a first storage and a second storage. The first storage stores first data and first status information. The second storage stores second data and second status information. The management unit controls a write process and updates the first status information and the second status information in response to the write process, the write process being a process of writing the first data to the first storage on a basis of data acquired by communication with an external apparatus, and thereafter writing the second data to the second storage on a basis of the data. The verification unit verifies, in a state in which the communication is disconnected, the first data and the second data on a basis of the first status information and the second status information.

Abstract: Systems, methods, and apparatuses for storing verified identification information in a distributed database and for verifying entities to requestors are provided herein. Identity information relating to an entity is verified by a generally recognized identity provider (GRIP). Once verified, the GRIP populates a distributed database with an entry corresponding to the verified identity information. The distributed database is publically accessible such that identity requestors can see the entries in the distributed database. In some arrangements, the distributed database is write-protected such that only an authorized GRIP can modify the distributed database. An entity can provide information to a requestor to verify an identity attribute of the entity to the requestor. The requestor uses information provided by the entity to retrieve verified entity identification information from the distributed database and to confirm that the identity attribute was verified by an authorized GRIP.

Abstract: A data update computing device is provided. The data update computing device receives, from one of a user computing device and a first relying party computing device, a first access authorization message, wherein the first access authorization message identifies (i) a first relying party and (ii) a first user data element of the user to be shared with the first relying party. The data update computing device generates a first globally unique identifier (GUID), wherein the first GUID is uniquely associated in a first record in a GUID database table with the first user data element and the first relying party; receives an updated value of the first user data element of the user; stores the updated value of the first user data element in the first record, and flag the first record as updated in the GUID database table; and transmits the first GUID to the first relying party.