Abstract: Aspects of this disclosure relate to a blockchain system for management, splitting, and transfer of tokens. In an arrangement, splitting of a token may comprise splitting the blockchain by adding blocks, comprising the new tokens, to reference a same block of the blockchain. In an arrangement, an old token may be burned by associating the token to a predetermined wallet identifier.

Abstract: A system is provided for generation of substitutable configuration of secure distributed register tokens. In particular, the system may generate, on a distributed register, a secure token with a built-in source code function for triggering a substitution of the secure token with one or more substitute tokens upon the occurrence of a specific condition. The function may pull one or more values associated with the secure token (e.g., from an oracle) and generate the one or more substitute tokens based on the one or more values. Once the substitute tokens are generated, the substitute tokens may be used to replace the secure token on the distributed register.

Abstract: Disclosed herein is digital object generator that makes uses a one-way function to generate unique extended reality environments based on the user specific input. Features of the input are first extracted via a few-shot convolutional neural network model, then evaluated weight and integrated fit. The resulting digital object includes a user decipherable output such as a visual representation, an audio representation, or a multimedia representation that includes recognizable elements from the user specific input.

Abstract: Methods and systems are described herein for a malware detection system that detects whether an on-chain program associated with a cryptographic token is malicious based on output of a machine learning model. The malware detection system may retrieve or generate attributes associated with an on-chain program and input those into a plurality of scripts within a malware detection script database to determine whether the on-chain program is malicious. The scripts may be generated based on an output of a machine learning model indicating whether the on-chain program is malicious.

Abstract: An ownership management system records an article ID, which is unique information for identifying an article, and an owner ID, which is information indicating an owner of the article, on a blockchain in association with each other, and generates a two-dimensional code from a hash value acquired from the blockchain at the time of recording, the article ID, and the owner ID. The ownership management system accepts the two-dimensional code, extracts the hash value, the article ID, and the owner ID from the accepted two-dimensional code acquires the article ID and the owner ID recorded on the blockchain by using the extracted hash value, determines a matching relationship between the article ID and the owner ID extracted from the two-dimensional code, and outputs the extracted article ID and the owner ID when it is determined that the matching is made.

Abstract: Systems, computer program products, and methods are described herein for secure user identification using digital image processing. The present invention is configured to receive, via a first user input device, an input selection of a first image from a first user, wherein the first image is associated with a second user; extract features of the first image; determine a secure image matching the first image based on at least the features of the first image; extract, from the secure image, a unique device identifier associated with the second user embedded thereon; and transmit control signals configured to cause the first user input device to display the unique device identifier.

Abstract: Various aspects of the disclosure relate to using a verifiable and distributed encoding as a digital currency (e.g., cryptocurrency). According to some embodiments, systems and methods can be executed to transfer cash or “hard” currency responsive to exchange of cryptocurrency supported by blockchain technology. In further example, the systems and methods are tailored to operate within a specified/defined community that ensures the efficient operation of the system by ensuring liquidity of the transfer. According to one embodiment, the system is configured to distribute stable coin, issuing the coin at a discounted value (e.g., relative to a redemption or cash equivalent face value). For example, by issuing coin at a discount the system automatically facilitates peer-to-peer physical cash transfers.

Abstract: In certain embodiments, a physical network access token at a network access terminal may be authenticated for modification of records at a remote server system. In some embodiments, a set of records and counterpart records having the same record identifiers and resource amounts may be stored independently on a physical token or user device and the remote server system. When a connection is established between an access terminal and the physical token (e.g., for authenticating a modification of record(s)), the access terminal may transmit input data to the token, which may use the input data with the records stored on the token to generate authentication data, which may be used by the remote server to authenticate a network action requested via the token.

Abstract: The described financial institution computing system provides services to customers through an application programming interface (“API”). The services include user identification services to customers and payment services that allow users to pay the customers via the financial institution. The user identification services allow the customers to verify the identity of users as non-fraudulent users. Further the user identification services allow the financial institution to provide known user information to the customers for purposes of prepopulating registration forms, completing transactions, and the like. Further services, such as user account validation services, payment services, and the like are also possible through the financial institution APIs. In some situations, users are registered with the financial institution. For example, a user may also be an account holder with the financial institution. In other situations, the users are not registered with the financial institution.

Abstract: In embodiments of the present invention, systems are provided for an interface configured to handle a unique identifier for a first digital token, a cryptographic token generation system that generates a second digital token that is unique and cryptographically secure, and a linking system configured to generate a one-to-at-least-one link between the second digital token generated by the cryptographic token generation system and the first digital token, such that the second digital token provides a unique digital tokenization of the first digital token. In embodiments, a rule system is configured to manage and apply a set of rules to the second digital token, wherein the set of rules includes a lock rule that restricts one or more transaction actions involving the second digital token and an unlock rule that removes the restriction of the one or more transaction actions involving the second digital token.

Abstract: A system, method, apparatus, and computer program product for interactively broadcasting value via a sound, a Wi-Fi, a Bluetooth, an email, a messaging, an RFID, or an NFC to incentivize direct consumer engagement. The system produces verifiable data on customer preferences, habits, and purchasing while using secure digital cryptographic technology to convey an item of value. The system is configured to transact a digital token normally carried on a blockchain leger in an off-ledger condition. The digital token is embedded with a media content. A mobile computing device having a representation of a digital wallet is configured to detect the digital token, decode the digital token and transfer the digital token back to the blockchain ledger. When validated by the blockchain ledger, the digital token is transacted to a digital wallet on the blockchain ledger.

Abstract: A crypto ETP is administered by a portfolio modeling computer/(PMC), a fund administration computer/(FAC), an order taking platform computer/(OTP), a custodian computer/(CC), and a paying agent settlement computer/(PASC). The PMC defines the ETP and captures data for a cryptocurrency index. The CC tracks Underlying Assets held by the ETP, and sends the data to the FAC, which calculates the NAV of the Underlying Assets to generate a Portfolio Composite File/(PCF) sent to the OTP. The OTP receives and validates/confirms with the CC, orders for creations and redemptions of the ETP from Authorized Parties/(APs), in exchange for the Underlying Assets and/or cryptocurrency. The PASC provides settlement on the Exchange in cryptocurrency by: receiving confirmation from the CC of transfer of underlyings, ETPs or cryptocurrency from the APs to a blockchain wallet associated with the PCM; and issuing units of the ETPs, underlyings or cryptocurrency to the APs.

Abstract: The invention described herein is directed to a secure text messaging and object sharing mobile application connected to a DRM cloud service that provides encryption, digital rights management (DRM) of the text and of the attachments, blockchain transactions, the capability of attaching documents, photos and so forth, the capability of interfacing with a user's contacts application, and that operates in both Android and iOS environments.

Abstract: A computer-based digital notarized ledger management system comprises at least one computer-readable memory storing a primary ledger and software instructions. The system further comprises at least one processor coupled with the memory, the processor performs operations upon software instruction execution. The at least one processor performs instructions to receive a ledger request comprising target ledger parameters, generate in the memory, at least one digital token representing a target ledger based on target ledger parameters, mint according to at least one primary ledger smart contract, the at least one digital token as a set of non-fungible tokens (NFTs) having at least some of the target ledger parameters and representing the target ledger on the primary ledger, instruct at least one computing node to instantiate the target ledger in at least one node memory according to the target ledger parameters, and instruct the at least one node to enable target ledger transactions.

Abstract: A method includes an authorizing entity computer receiving a request for a virtual access credential from a communication device operated by a user. The authorizing entity computer can then transmit the virtual access credential to the communication device operated by the user. The authorizing entity computer can then receive an authorization request message comprising the virtual access credential from an access device associated with a resource provider for an interaction between the user and the resource provider. The authorizing entity computer can then determine an account identifier linked to the virtual access credential. The account identifier being associated with an account maintained by an external entity computer that is external to the authorizing entity computer. The authorizing entity computer can then determine that the interaction is authorized based upon determining the account identifier associated with the virtual access credential.

Abstract: A crypto ETP is administered by a portfolio modeling computer/(PMC), a fund administration computer/(FAC), an order taking platform computer/(OTP), a custodian computer/(CC), and a paying agent settlement computer/(PASC). The PMC defines the ETP and captures data for a cryptocurrency index. The CC tracks Underlying Assets held by the ETP, and sends the data to the FAC, which calculates the NAV of the Underlying Assets to generate a Portfolio Composite File/(PCF) sent to the OTP. The OTP receives and validates/confirms with the CC, orders for creations and redemptions of the ETP from Authorized Parties/(APs), in exchange for the Underlying Assets and/or cryptocurrency. The PASC provides settlement on the Exchange in cryptocurrency by: receiving confirmation from the CC of transfer of underlyings, ETPs or cryptocurrency from the APs to a blockchain wallet associated with the PCM; and issuing units of the ETPs, underlyings or cryptocurrency to the APs.

Abstract: A crypto ETP is administered by a portfolio modeling computer/(PMC), a fund administration computer/(FAC), an order taking platform computer/(OTP), a custodian computer/(CC), and a paying agent settlement computer/(PASC). The PMC defines the ETP and captures data for a cryptocurrency index. The CC tracks Underlying Assets held by the ETP, and sends the data to the FAC, which calculates the NAV of the Underlying Assets to generate a Portfolio Composite File/(PCF) sent to the OTP. The OTP receives and validates/confirms with the CC, orders for creations and redemptions of the ETP from Authorized Parties/(APs), in exchange for the Underlying Assets and/or cryptocurrency. The PASC provides settlement on the Exchange in cryptocurrency by: receiving confirmation from the CC of transfer of underlyings, ETPs or cryptocurrency from the APs to a blockchain wallet associated with the PCM; and issuing units of the ETPs, underlyings or cryptocurrency to the APs.

Abstract: Various aspects of the disclosure relate to using a verifiable and distributed encoding as a digital currency (e.g., cryptocurrency). According to some embodiments, systems and methods can be executed to transfer cash or “hard” currency responsive to exchange of cryptocurrency supported by blockchain technology. In further example, the systems and methods are tailored to operate within a specified/defined community that ensures the efficient operation of the system by ensuring liquidity of the transfer. According to one embodiment, the system is configured to distribute stable coin, issuing the coin at a discounted value (e.g., relative to a redemption or cash equivalent face value). For example, by issuing coin at a discount the system automatically facilitates peer-to-peer physical cash transfers.

Abstract: The invention provides a method and corresponding system for controlling the generation of a blockchain transaction, and/or the recipient of a transaction output. It can also be used to control and record the ownership of an asset represented on the blockchain without the need for a separate registry of ownership. The ownership and transfers thereof can be handled and recorded without the need for knowledge of the parties involved or their identities. According to one embodiment, the method comprises the steps of identifying at least one transaction (Tx) on a blockchain which comprises: an unspent transaction output (UTXO) relating to a tokenised asset associated with an asset controller; and an input which spends an output from a previous transaction that is locked by a redeem script hash.

Abstract: A transaction platform including at least one or more public, public-private and/or private distributed ledgers or blockchains that together enable the secure effectuation and recordation of one or more transactions while maintaining transaction party confidentiality. The private distributed ledgers or blockchains are able to store, maintain and provide information about the parties related to the transactions which the distributed blockchains or databases are able to utilize in order to securely and quickly validate, execute and record the transactions in a manner that is GDPR and other data privacy law complaint.

Abstract: Method for the secure execution of programs (smart contracts) implemented between a first wallet node (WN) (WN1) and a second wallet node (WN2), at least the second WN being implemented in an enclave of a processor, and the WNs being capable of executing programs designated in the messages that reach them, the method comprising the following steps: a) sending by WN1 to WN2 of a pre-message; b1) in response to this pre-message, execution in the enclave of a first program (WNRoT); b2) generation by the enclave of a certificate of authenticity of said first program and of the integrity of its execution; b3) sending said certificate to WN1; c) verification by WN1 of said certificate; d) in the event of successful verification, sending by WN1 to WN2 of a message intended to trigger the execution of a given program in WN2, and e) execution of said program in WN2.

Abstract: A system and method for preventing the double-spending of digital currency that transfers between multiple DLT networks. The system and method includes creating, based on a unit of fiat currency, a first digital currency of a first type on a first DLT network and a second digital currency of a second type on a second DLT network. Each of the first digital currency and the second digital currency simultaneously represent a value associated with the unit of fiat currency. The system and method includes detecting a transaction request to transfer the first digital currency from the first DLT network to the second DLT network. The system and method include locking, responsive to detecting the transaction request, the first digital currency onto the first DLT network to prevent a transfer of the first digital currency from the first DLT network to another DLT network responsive to a subsequent transaction request.

Abstract: Aspects of the disclosure relate to implementation of a recursive hierarchic blockchain for event validation and processing. A computing platform may receive event data from first and second data sources. The computing platform may store, in a first distributed ledger, an event record for each event from the first data source and may store, in a second distributed ledger, an event record for each event from both data sources. In response to determining that a validation condition for a current block of the second distributed ledger has been satisfied, the computing platform may compute a hash and generate a numeric representation of the first distributed ledger. In a new block of the second distributed ledger, the computing platform may store the hash and the numeric representation. The computing platform may write, to the new block of the second distributed ledger, additional event data from both data sources.

Abstract: A contract manager system is a system that allows at least two entities to exchange digital currencies of a different type or on different blockchains (e.g., exchanging XLM digital currency for Stellar Ledger digital currency). The system includes a graphical user interface (GUI) including a display, a processor, and memory. The memory includes instructions stored thereon, which, when executed by the processor, cause the system to execute an atomic swap.

Abstract: A method includes: determining, by a computing device communicably coupled to a blockchain network, participants in a remittance transaction, in which each participant has a corresponding account in a blockchain ledger of the blockchain network, and in which each account includes one or more assets; assembling the remittance transaction based on one or more to-be-spent assets of the one or more assets in an account corresponding to a real remitter, one or more covered assets of the one or more assets in an account corresponding to a fake remitter, and one or more encrypted transfer amounts; generating a linkable ring signature for the remittance transaction based on a private key held by the real remitter, a public key held by the real remitter, and a public key held by the fake remitter; and submitting the remittance transaction and the linkable ring signature to the blockchain network for completion.

Abstract: A method and apparatus for reader device registration, activation, and use are described. The method may include receiving, by a commerce platform, a registration request generated by a reader device, wherein the registration request comprises at least identification data for the reader device. The method may also include transmitting, to the reader device, a registration code. The method may also include receiving, by the commerce platform from a merchant system, a second registration code purported to be the registration code transmitted to the reader device. The method may also include generating an encryption key associated with the reader device and transmitting the encryption key to the merchant system, wherein the encryption key is provided by merchant system to the reader device for use by the reader device when communicating with the commerce platform during merchant transactions.

Abstract: A data validation procedure may be propagated to a server machine and to a client machine to perform the same data checking in the respective machines. The data validation procedure may be converted and expressed in a specification language that is suitable for the server machine. Likewise, the data validation procedure may be converted and expressed in a specification language that is suitable for the client machine.

Abstract: A method, system and computer program product automate support for an Internet of Things (IoT) device by a trusted agent. The system includes a mobile wallet executed by a user device that effects execution of a financial transaction with a third party system for an IoT device. A device interface receives a unique identifier associated with the IoT device. A network interface accesses support information associated with the unique identifier of the IoT device. A secure storage used by the mobile wallet stores the unique identifier and support information. A support operation engine executes a support operation for the IoT device based on the unique identifier and support information in the secure storage accessed by the mobile wallet.

Abstract: A method and system for detecting and preventing Internet fraud in online transactions by utilizing and analyzing a number of parameters to uniquely identify a computer user and potential fraudulent transaction through predictive modeling. The method and system uses a delta of time between the clock of the computer used by the actual fraudulent use and the potentially fraudulent user and the clock of the server computer in conjunction with personal information and/or non-personal information, preferably the Browser ID.

Abstract: Example embodiments of systems and methods for data transmission between a contactless card, a client device, and one or more servers are provided. One or more applets of the contactless card are configured to dynamically generate an encrypted payload appended to a link, wherein the contactless card is configured to transmit the link with the appended payload to the client device via one or more gestures. The one or more servers are configured to receive the payload from the client device via one or more applications, parse and decrypt the payload after launch of one or more applications, and transmit one or more notifications to the client device based on a status associated with decryption of the payload. The client device is granted access to a plurality of services associated with the one or more servers based on the one or more notifications received from the one or more servers.

Abstract: Systems, methods, and apparatuses of created a repair token for a distributed ledger are provided. A method includes identifying an error in the distributed ledger, the error associated with a first block on the distributed ledger, creating a repair token including content of the first block and a correction to the error, digitally signing and timestamping the repair token, and publishing the repair token to a repair token ledger.

Abstract: An electrical signal indicative of an intrusion is detected at an application executing in a cryptographic data processing system. In response to the detection, an instruction is constructed in the application for the cryptographic data processing system. Using a processor, the instruction causes a cryptographic data item to be removed from a portion of a memory device installed in the cryptographic system.

Abstract: Systems and methods of the present disclosure include receiving an electronic request to exchange data items. A digital asset associated with the exchange of the data items is generated including a vault unique identifier, and an asset owner. An exchange block is generated on an exchange chain to record the electronic request. An asset copy is generated on the exchange ledger chain to record a non-permissioned copy of the digital asset independent from the vault unique identifier. An asset block is generated on an asset ledger chain to record an authoritative copy of the digital asset associated with the exchange of the data items on the exchange chain; where the asset block header includes an asset block hash concatenated with the vault unique identifier associated with the digital asset. The authoritative copy of the digital asset associated with the electronic request is displayed in response to a user selection.

Abstract: Embodiments of the disclosure provide a method for verifying a trusted terminal, including: determining whether a login terminal of a user matches the trusted terminal of the user recorded locally; determining, when it is determined that the login terminal does not match the trusted terminal of the user recorded locally, whether a login account of the user is associated with a frequent-use login account of the login terminal; and determining that the login terminal is the trusted terminal of the user if Yes. By means of solutions of the disclosure, in an application scenario of a login terminal being exchanged between users, repetitively performing complicated verifying on the login terminal may be avoided.

Abstract: A system and method for issuing, managing, and transferring asset-backed asset tokens is provided. The system comprises a mint component and a commerce component. The commerce component provides an interface through which customers can purchase asset tokens. The commerce component interfaces with the mint component to control the issuance of the asset tokens in the name of the purchasing customers.

Abstract: Systems and techniques are provided for a resource transfer setup and verification. A request for transfer conditions for a transfer of resources may be received from a first computing device. A set of transfer conditions may be generated in response to the request for transfer conditions and sent to the first computing device. The set of transfer conditions and an indication of an acceptance of the set of transfer conditions by a second computing device may be received from the first computing device. A transfer identifier for the set of transfer conditions may be generated from data from the set of transfer conditions which may specify a first sub-transfer. Transfer instructions may be sent to a third computing device, including instructions for a sub-transfer specified in the set of transfer conditions. The set of transfer conditions may be stored with the transfer identifier as a transfer record in non-volatile storage.

Abstract: A user may request a payment token from a host. The payment token may be a unique one-time use identifier linked to one or more payment accounts associated with the user. The payment token may be subject to conditions of use. To redeem the payment token, the user device may generate an image code to visually present the payment token for access by a recipient's camera. The recipient may then record the image code. The user may also provide a security identifier to the recipient. The recipient may then transmit the image code and the security identifier to the host as a payment request. The host may verify the payment request and verify compliance with any associated conditions. When the payment token is valid, funds are available, and the conditions are satisfied, then the host may transfer the funds to an account of the recipient.

Abstract: Disclosed is a method, a device, and/or a system of secure custody of a ledger token and/or a quantity of cryptocurrency of a distributed ledger network through binding to a possession token. In one embodiment, a private key controlling an entry in a ledger database of a distributed ledger network is stored in a cryptographically secured data container. The private key may be generated and securely maintained by a server. The data container is cryptographically tied to a possession token that can be issued to a user that may be an evolving dataset that may evolve in state on each transfer to maintain a real time global state across a network of computing devices. Decryption of the private key on the server may depend on data stored in the possession token. The possession token may therefore bestow title of the ledger token and allow for transfer of title while protecting the private key from threats such as hacking and inadvertent loss.

Abstract: A method for incorporating one-time-tokens, coupon and reward systems in conjunction with merchants' POS checkout systems in the physical or virtual environments includes providing a consumer computing device comprising an electronic wallet application, providing a One-time Token Redemption System (OTRS) and user electronic wallet accounts, logging into a user electronic wallet account through the electronic wallet application, sending a request for a one-time token valid for a specified time interval and then forwarding the request for the one-time token to the OTRS and upon approval sending the requested one-time token from the OTRS to the electronic wallet application. Next, presenting and entering the one-time token into a merchant point of sale checkout system within the specified time interval via the consumer computing device, sending the entered one-time token to a checkout application, and then processing payment via a secure payment application.

Abstract: An apparatus and method allowing authentication of a service using a service initiating terminal and a service authorization terminal. The method includes sending, by the service initiating terminal, service information to the service authorization terminal, receiving, by the service initiating terminal, a service authorization code corresponding to the service information sent by the service authorization terminal. The method also includes generating, by the service initiating terminal, service authentication information according to the service information and the service authorization code, and uploading the service authentication information to a server for processing the service after authenticating the service authorization code.

Abstract: A method and apparatus for pre-certifying a chip card transaction, includes receiving, by a server, a request for processing the chip card transaction from a first device. The server authenticates the first device and one or more devices involved in the transaction for processing the transaction. If the first device and all of the one or more devices are authenticated, the transaction is processed and data relating to the processed transaction is transmitted to the first device.

Abstract: Included are embodiments for tokenizing sensitive data. Some embodiments of systems and/or methods are configured to receive sensitive data from a vendor, determine a token key for the vendor, and utilize a proprietary algorithm, based on the token key to generate a vendor-specific token that is associated with the sensitive data. Some embodiments include creating a token identifier that comprises data related to the token key sending the vendor-specific token and the token identifier to the vendor.

Abstract: Disclosed embodiments include methods, systems, and computer-readable media configured to provide wearable devices storing tokens associated with digital versions of physical documents/cards. The wearable devices may further transfer tokens securely to interested parties without Bluetooth® or other network connectivity beyond NFC radio. In some embodiments, a token vault operator system may receive a request to establish a token vault account for a user, authenticate an identity of the user based at least on the received request, and generating a token vault ID associated with the user. The token vault operator system may further configure access to data sets generated for and associated with the token vault ID, generate tokens associated with the token vault ID, each token corresponding to one of the one or more data sets, and provide the generated plurality of tokens associated with the token vault ID to at least one user device.

Abstract: Systems and techniques are provided for a resource transfer setup and verification. A request for transfer conditions for a transfer of resources may be received from a first computing device. A set of transfer conditions may be generated in response to the request for transfer conditions and sent to the first computing device. The set of transfer conditions and an indication of an acceptance of the set of transfer conditions by a second computing device may be received from the first computing device. A transfer identifier for the set of transfer conditions may be generated from data from the set of transfer conditions which may specify a first sub-transfer. Transfer instructions may be sent to a third computing device, including instructions for a sub-transfer specified in the set of transfer conditions. The set of transfer conditions may be stored with the transfer identifier as a transfer record in non-volatile storage.

Abstract: A system, method, and server computer configured to authenticate a consumer device. The consumer device is authenticated via a mobile gateway using challenge-response authentication. If the consumer device is successfully authenticated, a secure channel is established between the consumer device and a first entity. The secure channel allows for secure communication between the consumer device and the first entity.

Abstract: Embodiments of the invention are directed to systems, methods, and computer program products for tokenization and token selection associated with wearable device transactions. The system is configured to receive an indication that a user is in possession of the wearable device; authenticate the wearable device; receive an indication from the user to execute a transaction; determine that the user continues to remain in possession of the wearable device; and complete execution of the transaction; initiate execution of the transaction using the first token received from the user; determine a second token based on at least the transaction information and the one or more limits associated with the second token; swapping the first token with the second token; and execute the transaction using one or more financial institution accounts of the user associated with the second token.

Abstract: A method for preserving backward compatibility involves adding a new virtual method to a first version of a code package comprising a plurality of members to obtain a second version of the code package, wherein the plurality of members include a plurality of virtual methods having at least a first virtual method that is assigned a first token number and a second virtual method that is assigned a second token number sequentially after the first token number, converting a set of code that is part of the first version of the code package to obtain a converted file, modifying the converted file to include backward compatibility information associated with a plurality of token numbers assigned to the plurality of virtual methods in the first version of the code package, and adjusting the assigned first and second token numbers at one of linking time and runtime based on the backward compatibility information.

Abstract: A deployable computing environment may facilitate interaction and data sharing between users and devices. Users, devices, and relationships between the users and devices may be represented within the deployable computing environment. A relationship between a user and a device may specify that the device is owned by the user and that the device is authorized to perform operations within the deployable computing environment on behalf of the user. Secure authentication of devices and users for interaction within the deployable computing environment is achieved by authenticating tickets corresponding to the user, the device, and the relationship. A device identification ticket and a user identification ticket are used to authenticate the device and user for interaction within the deployable computing environment. A device claim ticket allows the device to perform delegated operations (e.g., data synchronization, peer connectivity, etc.) on behalf of the user without the user's credentials (e.g.

Abstract: Techniques of performing impersonation detection involve using encrypted access request data. Along these lines, an impersonation detection server stores historical access request data only in encrypted form and has no way to decrypt such data. When a new access request is received by a client, the client sends the username associated with the request to the server, which in turns sends the client the encrypted historical access request data. In addition, the server sends the client instructions to perform impersonation detection. The client then carries out the instructions based on the encrypted historical access request data and data contained in the new access request.

Abstract: A system, method, and server computer configured to authenticate a consumer device. The consumer device is authenticated via a mobile gateway using challenge-response authentication. If the consumer device is successfully authenticated, a secure channel is established between the consumer device and a first entity. The secure channel allows for secure communication between the consumer device and the first entity.