Abstract: The present invention is directed blockchain systems and censuses protocols that adopt a pipelining technique. The systems and protocols involve a committee of consensus nodes that include proposer nodes and voter nodes. Each proposer node can send two or more unnotarized proposals to the voter nodes, and the voter nodes can vote on an unnotarized proposal when they have the same freshest notarized chain or block. A sequence number is provided to facilitate the operation of the systems and protocols. The sequence number can be used to determine the freshest notarized chain or block and the finalized chain and switch proposer node. The systems and protocols also provide other features such as chain syncer, committee election scheme, and committee reconfiguration. The systems and protocols further provide a simple finalization process and thus have a low finalization time.

Abstract: A method including receiving a first application user credential associated with a user profile; comparing, for a first match, the first application user credential with a stored second application user credential, wherein the stored second application user credential is associated with a user identity; and responsive to finding a first match, verifying the user identity by performing the following: communicating with a card using near field communication; receiving a public key of a key pair of the card and cardholder identification information of an account holder of the card; instructing the card to generate a digital signature; receiving the digital signature from the card; verifying the digital signature using the public key; and comparing, for a second match, at least a portion of the user identity with at least a portion of the cardholder identification information.

Abstract: A system for protecting a computer system interfacing with peripheral elements via a generic port associated with an open standard interface, the system comprising at least one protection device configured for installation between the computer system and its peripheral element/s and including a pair of computer-peripheral interfaces and a uni-directional data flow limiter (e.g. Uni-directional buffer) intermediate the computer-peripheral interfaces.

Abstract: Systems and methods for providing and validating a digital ticket are disclosed. In one implementation, a ticket validating device includes one or more processors configured to obtain a digital ticket, a ticket-server signature, and a device signature from a ticket holder's device. The digital ticket is obtained from a ticket server by the ticket holder's device, the ticket-server signature is generated based on the digital ticket using a private key associated with the ticket server, and the device signature is generated based on the digital ticket using a private key associated with the ticket holder's device. The one or more processors are further configured to validate the digital ticket. The validation of the digital ticket includes verifying the ticket-server signature using a public key corresponding to the private key associated with the ticket server, and verifying the device signature using a public key corresponding to the private key associated with the ticket holder's device.

Abstract: A consensus building method suitable when f Byzantine failure nodes (f is an integer equal to or larger than 1 and smaller than N/3) are assumed in a network having N nodes (N is an integer equal to or larger than 1) participating in consensus building, comprising the steps of: receiving a first message from other node which communicates that the other node determined a message including data subject to consensus building valid as a proposal, when the number of received first messages reach a predetermined value Q, transmitting a second message to each node which communicates that it is accepting the proposal, and when the number of received first messages do not reach the predetermined value Q, transmitting a third message to each node which communicates that it is dismissing the proposal, when the number of received second messages reach a predetermined value Q, transmitting a fourth message to each note which communicates that it is treating the proposal as agreed in the network, and when the number of rec

Abstract: A system and method for reliably and securely recording and storing all attributes of personal identification, for the identification and authorization of individual identity as well as attributes relating to it and personal data including but not limited to individual's physical description, bank details, travel history, etc. (the “Personally Identifiable Information “PII”). PII can be difficult to manage in networks where correlation between data sources is required. Thus, in some embodiments, the system combines a distributed database to create a framework for a robust security. The system manages the distributed database to associate transactions, or actions, using data, digital signatures, and/or cryptographic keys, which can be unique to an individual.

Abstract: A computer-implemented method and system for keyword bidding in a market cooperative are disclosed. A particular embodiment includes receiving a keyword bid from a first party; determining a value to a host associated with the keyword bid; augmenting the keyword bid by an amount corresponding to the value to the host; and sending the augmented keyword bid to a second party.

Abstract: The present invention provides a method and system for verifying and tracking identification information. In an embodiment of the invention, a system for delivering security solutions is provided that includes at least one of the following: a radio frequency (RF) identification device, an identification mechanism (e.g., a card, sticker), and an RF reader.

Abstract: In some examples, a software agent may request a token from a server. The request may include dock identifiers associated with one or more docks, credentials, and actions to be performed by the one or more docks. The server may determine, using an access control list, whether the credentials authorize the software agent to instruct the one or more docks to perform the actions. If the server determines that the software agent is authorized, then the server may send a token to the software agent. The software agent may send an action request to the one or more docks. The action request may include the token and the actions. Each dock that receives the request may attempt to validate the token. If the dock successfully validates the token, the dock may perform the actions and send a message to the software agent indicating a result of performing the actions.

Abstract: Disclosed is a method, system, and non-transitory computer-readable record medium for protecting content copyright in a chatroom. A content protection method includes adding, by at least one processor, a mark to content in a chatroom, the mark including chatroom information for identifying the chatroom in response to a user request from a user associated with the content in the chatroom, and executing, by the at least one processor, a function corresponding to the user request using the content to which the mark is added.

Abstract: An example operation may include one or more of a method for providing a one-step transaction submission in a blockchain network, comprising sending a transaction proposal, by a client node, to one or more peers of a plurality of peers, simulating a transaction associated with the transaction proposal, by at least one peer of the plurality of peers, evaluating, by an endorser peer, whether an endorsement policy has been fulfilled, and when the endorsement policy has been fulfilled, sending the transaction to at least one orderer node to be committed to a ledger, by the endorser peer.

Abstract: The present invention relates to the field of electronic transactions, and provides methods and systems for reducing user interventions necessary for authentication of transactions. In an embodiment the invention implements an authentication server configured to receive from a terminal device an electronic payment transaction request and device IDs corresponding to devices having wireless communication capability that are detected within a wireless communication range of the terminal device. The authentication server selects a payment account for implementing the requested electronic payment transaction, wherein selection of the payment account is based on a determination that one or more of the device IDs received from the terminal device are associated with the identified payment account, and thereafter generates a payment transaction authentication decision.

Abstract: A programmed computer-implemented method allows enterprises to pay transactions using a virtual credit card at the time of an approved purchase order. The approach maintains corporate controls relating to requisitions and purchase orders, eliminates the need for electronic invoicing, and automates the accounting and reconciliation of virtual credit card charges. For example, a particular line item in a card statement, representing a particular charge event, is automatically reconciled to the correct purchase order. For another example, each charge represented in a card statement can be associated with the supplier that is identified in a corresponding PO. Therefore, a computer graphical user interface (GUI) can show vendor identification at any time, whereas most buyers are not able to see the true vendor in spend data on a credit card charge, as the vendor is typically just represented as the issuing bank.

Abstract: A method, a system and a computer program product are provided for identity authentication. A personal identity information indicative of an identity is received. A plurality of questions, is presented, each of the questions being related to an aspect of features of the password associated with the personal identity information. The A responsive answer is received to the questions including individual answers to the questions. The identity is authenticated in response to determining that the responsive answer is correct.

Abstract: Systems and methods for performing consolidation of several cryptocurrency payments by using a non-custodial cryptocurrency platform. A consolidation address is generated at the non-custodial platform in response to a withdrawal request. The consolidation address is under direct ownership of a user. At least one unsigned consolidation transaction is generated that identifies at least one selected payment representation as input, and the generated consolidation address as an output. An unsigned destination transaction is also generated. The unsigned destination transaction identifies the generated consolidation address as an input and the withdrawal destination as an output. A signed version of each consolidation transaction and a signed version of the destination transaction are received from a signing enclave. The signing enclave is included in a client device of the user.

Abstract: Methods, systems, and non-transitory computer-readable media for securely broadcasting shared folders from one client device to other client devices and synchronizing the shared folders over a local area network. A first client device, associated with a content management system, generates a secure identifier for a shared folder, using a shared secret key that is associated with the shared folder. The first client device announces the secure identifier over a local area network to other client devices on the local area network including a second client device. The first client device receives a synchronization request for the shared folder from the second client device. After authenticating, using the shared secret key, that the second client device has authorization to access the shared folder, the first client device synchronizes the shared folder with the second client device over the local area network.

Abstract: A smart card, a method for outputting validation data, and a method for responding to an operation request are provided. The method for outputting validation data includes acquiring an operation request by a smart card; acquiring smart card operation information of the smart card by the smart card, after acquiring the operation request, wherein the smart card operation information comprises at least a smart card mode factor for indicating a working mode of the smart card, and the working mode of the smart card comprises a non-contact communication mode and/or a contact communication mode; acquiring a validation data generating strategy, and using the validation data generating strategy to process at least the smart card operation information to obtain validation data by the smart card; outputting the validation data by the smart card after obtaining the validation data.

Abstract: A non-repudiable transaction protocol system includes a memory, at least one processor in communication with the memory, an operating system executing on the at least one processor, a resource manager configured to manage a storage system, and a transaction manager. The transaction manager is configured to provide NRO-W evidence of a work request from a client to the resource manager and provide NRR-W evidence to the client that the resource manager has completed initial work for the work request. Additionally, the transaction manager is configured to provide NRO-C evidence to the resource manager that the client requested completion of the initial work and NRR-C evidence to the client that the resource manager promised to execute the completion. Each of the NRO-W evidence, the NRR-W evidence, the NRO-C evidence, and the NRR-C evidence are exchanged to prevent either one of the client and the resource manager from gaining an advantage.

Abstract: A system for returning change electronically to a consumer as a result of a cash transaction is provided. The system uses a merchant terminal by bypassing default funds availability authorization performed in consumer to merchant transfers by the terminal. The terminal therefore enables transfer funds from merchant to consumer in an amount which is associated with change due to the consumer upon receipt of the appropriate request and consumer account identifier. In particular aspects, the change is returned in a cryptocurrency.

Abstract: A method is provided for completing an authenticated commercial transaction over an internet protocol (IP) network (40) for an account holder (60) engaged in the transaction via a non-IP based telecommunications platform (30).

Abstract: A blockchain function may include one or more of receiving a last observed location identifier for a product identified via a product tag associated with the product, determining whether the last observed location identifier was received from a trusted source device, and storing the last observed location identifier in a blockchain with a confirmed status responsive to determining the last observed location identifier was received from the trusted source device.

Abstract: Methods and systems are provided for making a pre-payment. In some embodiments, a user is provided with a mobile wallet; information populating at least one payment instrument to the mobile wallet is received; information that the mobile wallet is usable with respect to the vehicle is received; information that the mobile wallet has been presented by the vehicle to a payment location is received; an authorized pre-payment corresponding to items or an amount associated with the payment location is received; a token is received from the user at the payment location; and the pre-payment is settled using the payment instrument.

Abstract: A methods and system of hosted thin-client payment authorization and authentication services for processing payments for value-added service (VAS) providers is described. A method, performed by a host server operating a thin-client device, includes receiving transaction request data at a host server computer from a thin-client device, where the transaction request data can include financial account data and biometric data. The host-server transmits a verification request message to a VAS provider and receives an indication that it is a valid merchant. The host-server transmits an authorization request message comprising the biometric data to a payment processing network (PPN), where the PPN communicates with an authentication server computer to validate the biometric data, sends the authorization request message to an issuer and receives an authorization response message from the issuer.

Abstract: The invention relates to blockchain technologies such as the Bitcoin blockchain, and the tokenisation of assets or entities. It is particularly suited for implementing a payroll on a blockchain platform and comprises a method (100) and system (1) of transferring cryptocurrency from a first node (3) to a second node (7). Both nodes (3, 7) are associated with a payroll and have a respective asymmetric cryptography pair, each pair including a master private key and a master public key. Respective additional private and public keys may be determined based on the master private key, master public key and a generator value at each node. The additional private and public keys may form a hierarchical structure. A common secret may be determined at each of the nodes (3, 7) based on the additional private and public keys. The common secret may be used to securely transmit confidential information across a communications network (5).

Abstract: Methods, systems, and computer program products for replaying tokenized payment transactions are disclosed. A computer-implemented method may include generating or receiving a token for a tokenized payment transaction involving a merchant, creating an association between the token and the tokenized payment transaction, storing the association between the token and the tokenized payment transaction, providing the token to the merchant during the tokenized payment transaction to authorize payment, receiving a request from the merchant to provide the token during a subsequent transaction relating to the tokenized payment transaction, selecting a transaction record corresponding to the tokenized payment transaction to retrieve the token for the second transaction, and determining the token to provide to the merchant in the second transaction.

Abstract: Various embodiments are directed to applying, via contactless card authentication, one or more restrictions to a virtual card number and generating the card number for use by a recipient. The one or more restrictions may be specifically personalized to the recipient and may include, for example, a merchant restriction, an amount restriction, a time period restriction, or a location restriction. The generated virtual card number along with the applied one or more restrictions may be consumed in various ways, such as writing the number to a blank card, transmitting the number directly to the recipient's computing device, etc., all via near-field communication.

Abstract: Systems, methods, and computer-readable media for validating online access to secure device functionality are provided that may use shared secrets between different subsystems and limited use validation data.

Abstract: Various examples are directed to systems and methods for processing offline payments from a mobile wallet. A computing system may receive, from a financial institution system, an authentication request message comprising a first offline token. The computing system may determine that the mobile wallet application is not online and determine that the first offline toke comprises first offline token data that matches the first offline token reference data. The computing system may send to the financial institution system a first authentication message indicating that the first offline token is associated with the mobile wallet application.

Abstract: Method and system for revenue maximization in a communication network. This invention relates to management of communication networks and more particularly to monitoring information of a subscriber of a communication network. Embodiments herein enable the network operator to collect and profile usage information of a subscriber on a User Equipment (UE) with the intention of using the information for revenue maximization applications and preventing fraud for a network operator, wherein revenue maximization applications include but are not limited to fraud management, revenue assurance, churn management, customer experience management, credit risk management and partner settlement.

Abstract: A mobile virtual network operator is provided. The operator includes a server that is communicatively coupled to a mobile device. The mobile device includes application software provided by the virtual network operator for allowing phone call and data connectivity.

Abstract: Examples described herein relate to systems, apparatuses, and methods for using tokens between two entities comprising a client device and a server, including receiving, by the server, a token from the client device, wherein the token is unique to a transaction, deriving, by the server, a server-derived token from the original data based on a transaction count, wherein the transaction count corresponds to a number of times that the original data is involved in transactions, comparing, by the server, the received token with the server-derived token, and responsive to determining that the received token and the server-derived token are same, sending, by the server, a verification message.

Abstract: A method for a tokenisation service provider (TSP) to generate tokenised card numbers tPANs associated with real card numbers PANs for digital payment transactions, and a processor configured to perform the method are provided. The method comprises a TSP processor: receiving from a card issuer processor a request to generate one or more tokenised card numbers tPAN1 . . . m; generating and recording one or more tokenised card numbers tPAN1 . . . m, wherein the one or more tPAN1 . . . m is/are not associated with a real card number PAN; receiving a real card number PANi from the card issuer processor; and recording the mapping of the real card number PANi to a tokenised card number tPANxE1 . . . m in a tokenisation service provider database. A method for a card issuer to provide tokenised card numbers tPANs associated with real card numbers PANs for digital payment transactions, and a processor configured to perform the method are also provided.

Abstract: Particular embodiments may receive results from completion of a first set of a plurality of iterations of a workflow, the workflow comprising one or more tasks performed by one or more workers. A result for a task may be received from a worker. An outlier model may be determined based on a vector of behavioral features of the worker. A determination may be made regarding whether the result is fraudulent, based on the outlier model and a global normal feature vector.

Abstract: A payment network server for processing a payment transaction at a point-of-sale terminal is described. The server comprises a transaction module, a query module and a transfer module. The transaction module is configured to: (i) receive a payment transaction request comprising at least transaction details and a fund transfer indicator, the transaction details comprise at least a customer identifier, a merchant identifier, and a payment amount, the fund transfer indicator indicating that the payment transaction is to be processed by fund transfer; and (ii) transmit a payment transaction response indicating if the payment transaction is approved or refused to proceed.

Abstract: A requester device 12 registers inspection target data in a file server 18. An inspector device 14 operated by an inspector who inspects whether the inspection target data is illegitimate or not acquires, from the file server 18, the inspection target data registered by the requester device 12 and registers an inspection result of the inspection target data in a blockchain network 22. A viewer device 16 acquires, from the blockchain network 22, the inspection result registered by the inspector device 14 and executes data processing based on the inspection result.

Abstract: A cloud authentication system is disclosed. A request for an authentication setup for a first user of a first service provider is received. Additional information, such as authentication criteria, can further be received, such as from the first service provider. A set of stimuli to associate with a first user profile of the first user of the first service provider is stored.

Abstract: A system for generating subtokens and/or sets of protocols to be provided to connected devices for use in subsequent transactions is disclosed. A mobile device identifies one or more connected devices via a discovery process. The mobile device may receive transaction information related to transactions to be conducted by the connected devices. The mobile device may, in some cases by communicating with a processing server, identify a parent token and/or a set of protocols related to the transaction information/connected device. The mobile device may subsequently generate a subtoken derived from the parent token based on the set of protocols. The subtoken and/or the set of protocols may be provided to a connected device, which may subsequently conduct a transaction using the subtoken and/or the set of protocols.

Abstract: In one embodiment, a method comprises: receiving, by a parent network device providing at least a portion of a directed acyclic graph (DAG) according to a prescribed routing protocol in a low power and lossy network, a destination advertisement object (DAO) message, the DAO message specifying a target Internet Protocol (IP) address claimed by an advertising network device in the DAG and the DAO message further specifying a secure token associated with the target IP address; and selectively issuing a cryptographic challenge to the DAO message to validate whether the advertising network device generated the secure token.

Abstract: Systems, methods, and computer-readable storage media are provided for authorizing a trading algorithm prior to execution of the trading algorithm. An example method includes receiving a trading algorithm definition associated with a unique identifier and sending the unique identifier to an algorithm server that is operable to execute programming code representing the trading algorithm. The unique identifier may be associated with a trader authorized to execute the programming code. The algorithm server may check the unique identifier prior to execution of the programming code to ensure that the trading algorithm has been authorized.

Abstract: An example operation may include one or more of requesting, by a client, a service that does not require an account registration, providing, by a server coupled to the client, calculation parameters comprising block content for a new block of a blockchain network to the client, calculating, by the client, one or more hashes of the block content while changing one or more nonces in the block, verifying the one or more hashes and nonces of the block content are valid, submitting, by the client, the one or more valid nonces to the server, submitting a valid hash to the blockchain network, and in response receiving a reward from the blockchain network.

Abstract: Systems and methods for providing security to an integrated circuit/processor and the processor cores in an endpoint device using a dynamic security architecture environment (DSAE) are disclosed.

Abstract: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device.

Abstract: A system and method is provided to allow access to centralised patient data captured from a medical device across an open network to a third party. The system and method receives the request based upon patient-specific information, checks the request and allows access if the request matches stored information.

Abstract: Examples associated with certificate analysis are disclosed. One example periodically analyzing a secure socket layer certificate chain between a client device and a server device. The client device may perform this periodic analysis. In response to detecting an unexpected certificate in the secure socket layer certificate chain, a responsive action is taken.

Abstract: A system, method, and apparatus of authenticating and authorizing a payment are provided. A method includes receiving authentication information gathered by a point-of-sale device from a customer initiating a payment for a transaction via the point-of-sale device; receiving context information gathered by the point-of-sale device; authenticating the customer using the received authentication information; selecting a customer payment profile from a plurality of customer payment profiles to use for the transaction, based on the received context information, wherein each customer payment profile is associated with a payment account; authorizing the payment for the transaction from the payment account associated with the selected customer payment profile; and sending, to the point-of-sale device, a notification that the customer has been authenticated and that the payment for the transaction has been authorized.

Abstract: Techniques are disclosed for identifying and authenticating prospective certificate authority customers of a secure socket layer (SSL) certificate prior to receiving an order from the customer. The CA generates a list of prospective customers of digital certificates (e.g., by scanning networked servers via the Internet for the presence of an installed digital certificate). The CA retrieves data for each customer on the list and determines, based on a set of approval criteria, which prospective customers to target in enrollment campaigns. For each approved customer, the CA initiates an enrollment process prior to receiving a request from the customer to provide a certificate.

Abstract: Authentication includes receiving an indication of physical possession of a payment card by a merchant and receiving a purchase request for an authorization of an exchange from the payment account of the cardholder to the merchant. Authentication includes assigning a randomized transaction identifier to the request for the authorization of the exchange. The method also includes transmitting the request for the authorization of the exchange from the payment account of the cardholder to the merchant and receiving the assigned randomized transaction identifier and a randomized authentication identifier associated with the randomized transaction identifier from a payment association, the payment association determining whether the request for the authorization of the exchange is valid.

Abstract: Authentication for payment transaction includes receiving, by a point-of-sale (POS) terminal, an indication that a payment account of a cardholder is associated with a mobile device and receiving a second indication of physical possession of a payment card by a merchant. The authentication includes receiving a purchase request for an authorization of exchange from the payment account of the cardholder to the merchant and assigning a transaction identifier to the request for the authorization of the exchange. The authentication includes transmitting the request for authorization of the exchange from the cardholder payment account to the merchant and the transaction identifier. The authentication includes receiving an indication that an authentication identifier is associated with the transaction identifier. The authentication includes receiving a copy of the authentication identifier, facilitated by the cardholder.

Abstract: Embodiments disclosed herein relate to a method of writing a transaction to a data store having one or more data tables. An application agent receives transaction data for a first transaction of a first type. Application agent attempts to write the first transaction of the first type to a data table in the data store, provided that a transaction of the first type has been committed to the data store. Application agent scans a plurality of additional data stores for previously committed transactions of the first type Application agent determines additional transactions of another type that are co-located in a data table. Application agent ranks the additional transactions of the other type. Application agent identifies a data table in the data store to which a top ranking additional transaction of the other type has been committed. Application agent writes the first transaction to identified data table in the data store.

Abstract: A payment system that uses replacement account identifiers is disclosed. An encrypted primary account number (PAN) may be received by a secure computer from a data entry device. The encrypted PAN may be decrypted by the secure computer and the secure computer may transmit a zero, nominal or no dollar authorization request to an issuer. Using the zero, nominal or no dollar authorization request, the issuer may verify the account. If the account is verified, then a replacement account identifier can be issued at a later time. The replacement account identifier may be used instead of the actual PAN to conduct payment transactions.