Abstract: A method, computer program product, and computer system for identifying a characteristic of a communication of one or more communications on one or more communication channels. At least a portion of the communication is restricted. A comparison is made between the characteristic of the communication on the one or more communication channels with a predetermined communication rule and a determination is made whether that the characteristic correlates to the predetermined communication rule. If there is a correlation to the predetermined communication rule, at least a portion of the restriction to access at least the portion of the communication may be removed.

Abstract: A payment-enabled mobile device is placed in communication with a POS (point of sale) terminal to facilitate a purchase transaction. A user selects a payment account in the payment-enabled mobile device. Payment credentials are transmitted from the payment-enabled mobile device to the POS terminal. The payment credentials include a PAN-length identifier that identifies an issuer of the selected payment account.

Abstract: An example operation may include one or more of initiating a timer to begin timing an audit procedure, when the timer expires after a predefined period of time, randomly selecting a committer node member of a blockchain, transmitting a request for a hash of a blockchain block, comparing the hash of the blockchain block, received from the randomly selected committer node, to a known value of the hash of the blockchain block, and determining whether the hash of the blockchain block received matches the known value of the hash of the blockchain block.

Abstract: The disclosure relates to a process for performing transactions among a number of participants, in which every participant has a unique pseudonym assigned to him and the assignment of pseudonym to a participant and the participant's transaction data are stored on a notary server.

Abstract: A payment token is generated within a token bank identification number (BIN) range, and is linked with an underlying account number of a consumer. A first instance of the token is made available in at least one of a first portable electronic device, a first mobile payment application (MPA), and a first web wallet of the consumer with an associated first primary account sequence number (PSN). A second instance of the token is made available in at least one of a second portable electronic device, a second mobile payment application (MPA), and a second web wallet of the consumer with an associated second primary account sequence number (PSN).

Abstract: Methods, systems, and apparatuses for blockchain-based unexpected data detection are described herein. In some arrangements, a node within a decentralized peer-to-peer (e.g., P2P) network may receive a plurality of network function requests corresponding to the decentralized network. The node may analyze the plurality of network function requests to identify whether the requests included unexpected data and/or irregular data, and/or are associated with flagged wallets and/or smart contracts.

Abstract: The present embodiments relate generally to systems and methods for securing operation of an ultrasound scanner for use with a multi-use electronic display device. In some embodiments, the multi-use electronic display device can control whether the ultrasound scanner is permitted to generate ultrasound image data for display based on an institution affiliation status of the ultrasound scanner retrieved from a server. In some embodiments, the multi-use electronic display device can control whether the ultrasound scanner is permitted to generate ultrasound image data for display based on whether a digital certificate provided by a server is successfully validated.

Abstract: The present disclosure provides a method and device for in-vehicle payment. A face image of an in-vehicle user and a geographic location of the in-vehicle user are received at a point of a ride route traveled by a vehicle occupied by the in-vehicle user. An image set associated with the geographic location is received from an image database using the geographic location of the in-vehicle user. The image set includes face images of a plurality of users. The face image of the in-vehicle user is compared with face images in the image set to determine an identity of the in-vehicle user. A fare deduction account corresponding to the in-vehicle user is identified using the identity of the in-vehicle user. A fare corresponding to the ride route is deducted from the fare deduction account.

Abstract: Technologies for unwrappable virtual egifts enabling recipients to redeem gift credits using payment accounts. In some examples, a system identifies a merchant associated with a giver, the giver being associated with a giver payment account and a recipient being associated with a recipient payment account. The system associates a policy with the gift credit and generates an image underlay identifying the gift credit and an image overlay hiding the image underlay and gift credit, the image overlay including a separable flap having a portion that appears unadhered to the image underlay, the separable flap being configured to trigger, in response to an input, an animated unwrapping effect that removes the image overlay to reveal the image underlay and gift credit. The system presents the image overlay and, in response to receiving the input, generates the animated unwrapping effect to remove the image overlay and reveal the image underlay.

Abstract: A portable transfer container associated with a resource document handling network that provides for optimization of the physical handling of resources within a supply chain network. The container typically includes an item storage unit and a resource transfer unit configured to deposit, withdraw, or otherwise exchange items stored in the item storage unit. The container also typically includes a memory, a processor, and an item transfer application stored in the memory. As resources are placed into the container the system generates a ledger of the container, physical resources within the container, and owners of the resources within the container. As such, with the ledger, the container may be universally used by one or more users or entities across the supply chain network. As such, the container may be portable and may be exchanged with other entities, other containers, recycled, or provided to storage.

Abstract: A transform-enabled integrated circuit for use in cryptographic proof-of-work systems is provided. The transform-enabled integrated circuit includes a transformation block embedded among other circuitry components within the cryptographic datapath of the transform-enabled integrated circuit. The transformation block may be configured at a time subsequent to the manufacture of the integrated circuit to embody as circuitry any one of a plurality of mathematical transformation functions, thus enabling a user to systemically modify the results of cryptographic operations performed by the integrated circuit while retaining the high performance and efficiency characteristics of application specific integrated circuits.

Abstract: Presented herein is an exemplified system and method that provides visibility, for traffic analytics, into secured encapsulated packet (e.g., secure VXLAN-GPE packet, a secure metadata-GPE packet or other GPE standards). The exemplified system and method facilitate encryption of traffic in a granular manner that also facilitate the monitoring of said secure traffic in a fabric network in an end-to-end manner throughout the network. Such monitoring can be beneficially used for analytics, performance analysis, and network debugging/troubleshooting.

Abstract: A method for conducting a transaction may include: receiving, at a user device from a transaction system, a request for a data element for conducting the transaction; in response to receiving the request, determining a data map corresponding to the requested data element, the data map including containing a plurality of pointers, each pointing to a respective one of a plurality of data fragments located on a respective one of a plurality of different data storage locations, such as a plurality of different data storage systems; retrieving, using the data map, the plurality of data fragments from the plurality of data storage locations; assembling the data element using the retrieved data fragments; and providing, by the user device to the transaction system, the data element to conduct the transaction.

Abstract: A method and system are configured for performing a transfer of digital currency from an owner of the digital currency to a recipient of the digital currency. The transfer of digital currency includes transferring a sequence of digitally signed transactions from the owner to the recipient. The method and system are further configured for recording the performed transfer of digital currency to a block chain public ledger, generating a digital contract for the recipient that converts the transferred digital currency from an intangible asset type to a financial asset type, and storing the generated digital contract along with electronic credentials associated with accessing the digital currency in a holding account for the recipient.

Abstract: The present disclosure provides a method and device for in-vehicle payment. A face image of an in-vehicle user and a geographic location of the in-vehicle user are received at a point of a ride route traveled by a vehicle occupied by the in-vehicle user. An image set associated with the geographic location is received from an image database using the geographic location of the in-vehicle user. The image set includes face images of a plurality of users. The face image of the in-vehicle user is compared with face images in the image set to determine an identity of the in-vehicle user. A fare deduction account corresponding to the in-vehicle user is identified using the identity of the in-vehicle user. A fare corresponding to the ride route is deducted from the fare deduction account.

Abstract: A Physical Layer (PHY) of a host system of an electronic device may be implemented as a contactless PHY (cPHY) for extremely high frequency (EHF) contactless communication and the operation of EHF transmitters (TX), receivers (RX) and transceivers (EHF-XCVR) in an extremely high frequency integrated circuit (EHF IC) of the electronic device. The Host-cPHY translates logical communications requests from the Link Layer (LINK) into hardware-specific operations to affect transmission or reception of signals over an EHF contactless link. The Link Layer (LINK) may also be optimized as a contactless Link Layer (cLINK) for EHF contactless communication. A virtualized contactless Physical Layer (VcPHY) may comprise a contactless Physical Layer (Host-cPHY), and a contactless Link Layer (cLINK) for coupling a conventional Link Layer (LINK) with the contactless Physical Layer (Host-cPHY). Multiple data streams may be transported over the EHF contactless link over a range of frequencies.

Abstract: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.

Abstract: Disclosed are systems, methods, and computer-readable storage media to provide integrated ecommerce solution on a social network. In some aspects, the social network may provide an ecommerce interface for products offered by the social network itself. A social network ecommerce engine may provide data driven capability, enabling it to import product information offered by other vendors. The products offered by these vendors may then be presented to social network users via the social network interface. By providing a unified ecommerce interface for both products offered by the social network and those offered by other vendors, a user's ecommerce experience on the social network is enhanced, leading to increased purchases of products via the social network.

Abstract: In some embodiments, an apparatus having at least a portion of a first instance of a distributed database at a first compute device is configured to be included within a group of compute devices that implement via a network operatively coupled to the group of compute devices the distributed database. The distributed database enables anonymous transfers of digital assets between compute devices via a transfer protocol such that an identity of a compute device associated with a private key corresponding to a public key logically related to a destination record is concealed among a set of compute devices including the first compute device and at least one second compute device.

Abstract: A transform-enabled integrated circuit is provided with a combined transformation/hashing block, such as for cryptographic proof-of-work systems. The transform-enabled integrated circuit embeds components for a transformation function among hashing function components within the cryptographic datapath of the transform-enabled integrated circuit. The combined transformation/hashing block may be configured after the manufacture of the integrated circuit to embody as circuitry any one of a plurality of mathematical transformation functions, thus enabling a user to systemically modify the cryptographic operations performed by the integrated circuit while retaining the high performance and efficiency characteristics of application specific integrated circuits. Embodiments modify the internal intermediate state variables of the hashing function to transform and hash an input message. Method and computer program product embodiments are also provided.

Abstract: A method for identifying a plurality of related computing devices related to a transaction account includes: storing token profiles, each including data related to a payment token including a digital token number, associated transaction account number, computing device identifier, and computing device data; receiving a transaction data entry related to an electronic transaction including transaction data and one of: a specific transaction account number or an associated specific digital token number; identifying a plurality of related token profiles where the included associated transaction account number corresponds to the specific transaction account number; identifying a third party entity associated with at least one identified token profile; and electronically transmitting the transaction data included in the transaction data entry and at least one of: the computing device identifier and computing device data included in each of the identified plurality of related token profiles to the third party entity

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data in real-time based on dynamically generated tokenized data. For example, an apparatus may receive first positional data identifying a first geographic position of a client device and based on the first positional data, the apparatus may determine a value of a parameter characterizing an exchange of data between the client device and a terminal device disposed proximate to the client device during a temporal interval. The apparatus may transmit data requesting a pre-authorization of the data exchange to a computing system, which perform operations that pre-authorize the data exchange in accordance with the parameter value and transmit a digital token representative of the pre-authorized data exchange to the terminal device. The digital token may be valid during the temporal interval and may include a cryptogram associated with the client device.

Abstract: A secure digital communications method is provided in which a Certificate Authority generates an improved RSA key pair having a modulus, a public key exponent, a public key, and a private key. The public key exponent can contain descriptive attributes and a digital signature. The digital signature can be responsive to the descriptive attributes and the modulus. A secure session can be established between a first system and a second system, within a secure digital communication protocol. The second system can verify the digital signature to authenticate the public key.

Abstract: A computer-implemented method includes receiving an order for a good or service. The order includes a plurality of order conditions. A plurality of limited-use payment tokens are provisioned. Each of the limited use payment tokens are structured to expire according to one of the plurality of order conditions. An indication of completion of the order is received upon completion of the order. An indication of conditions of the completed order is also received. It is determined whether each of the limited-use payment tokens are expired, based on the conditions of the completed order. A payment is transmitted to a recipient. The payment corresponds to at least one of the non-expired limited-use payment tokens.

Abstract: A method may comprise: receiving, from a merchant server, an application programming interface (API) call including an authorization request for payment and a mobile wallet identification; querying a database with the mobile wallet identification to determine a logical location of a mobile wallet associated with the mobile wallet identification; transmitting, based on the determination, a request for a payment source for the payment to the mobile wallet; receiving, from the mobile wallet, an identification of a payment source; and forwarding the identification of the payment source to the merchant server.

Abstract: Disclosed herein are representative embodiments of methods, apparatus, and systems for maintaining the security of certain sensitive user information during computer network transactions between the user and multiple third-party hosts.

Abstract: Methods are provided for achieving consensus among an order in which write requests are received by various ones of a plurality of nodes in a distributed system using a shared data structure. The plurality of nodes are organized into groups of nodes and successively larger groupings of groups, based on physical proximity. A consensus protocol is used to achieve consensus among groups of nodes, and then among the groupings of groups of nodes in a logical tree structure up to a root level virtual node.

Abstract: Systems and methods for firmware validation for encrypted virtual machines are disclosed. An example method may include receiving, by a processing device, a request to launch a virtual machine on a host machine; starting, on the host machine, the virtual machine comprising a first firmware and a second firmware; performing, using the first firmware, a first validation process to authenticate the virtual machine with a server of a guest owner; and performing, using the first firmware, a second validation process to validate the second firmware of the virtual machine. In some embodiments, the first firmware includes a shim firmware. In some embodiments, the second firmware includes BIOS or UEFI.

Abstract: The present disclosure relates to methods, terminal devices, and cloud servers for presenting schedule reminder information. One example method includes after a second terminal logs in to a cloud server by using a first group account, acquiring schedule information stored in the cloud server, where the schedule information is information that is created by a first user who registers a first personal account, and is transmitted to the cloud server by a first terminal that logs in, by using the first personal account, to the cloud server, when reminder time of the schedule information arrives, acquiring second biometric characteristic information of a second user who is using the second terminal, and when it is determined that the second biometric characteristic information is the same as first biometric characteristic information of the first user, presenting reminder information of the schedule information.

Abstract: Using contactless cards to pay for offline transactions. An application executing on a mobile device may receive, via a communications interface of a contactless card, an account identifier of the contactless card, and transaction data received by the contactless card from a POS device via the communications interface, the transaction data comprising at least an identifier of a merchant account, a timestamp, and an amount of the transaction, a network connection between the POS device and a payment server not available. The application may transmit the account identifier and the transaction data to the payment server via a cellular network connection of the mobile device. The mobile device may receive, from the payment server via the cellular network connection, authorization of a payment for the transaction. The application may generate a graphical indication of the authorization of the payment for the transaction and output the graphical indication of the authorization.

Abstract: Methods and apparatuses allow an insurance agency to track their current performance in managing existing customers and bringing in new customers. A tool may obtain information from a user regarding characteristics of the user's agency and/or agency goals. The tool may use this information to determine an agency's business efficiency. The tool may also provide advice regarding marketing spending and/or additional human resources needed. The tool may benchmark an insurance agency against other agencies in the market. The tool may also display how generated leads are converted to new business and/or income for an agency.

Abstract: A method including receiving a query request for a registration status of a payment account number (PAN) with an electronic receipt service; determining, in reply to the query request, whether the PAN is registered with the electronic receipt service; determining an electronic receipt handling option associated with the PAN; and sending a response including at least an electronic receipt destination address, the electronic receipt destination address being an address to which an electronic receipt associated with the PAN of the query request is to be sent.

Abstract: One or more systems implement a plurality of blockchains to track event data. The plurality of blockchains are arranged in tiered form, and the content and/or integrity of blockchains in higher tiers depends on, or at least derives from, the content and/or integrity of the blockchains in lower tiers. Depending on the specific structure and implementation, assurances, verifications, and the like may be provided for services and other resources using such blockchains in a repeatable manner.

Abstract: A system for providing increased security in a mobile operating system includes at least one mobile device and a remote computing device that is remote from the mobile device. The remote computing device receives a list of two or more applications that are currently installed or intended to be installed on the mobile device's operating system. The remote computing device identifies vulnerable inter-component communication (ICC) paths by analyzing files associated with each of the two or more applications. A list of the vulnerable ICC paths is stored in memory of the mobile device. The mobile processor compares the list of the vulnerable ICC paths to intents sent by the components of the two or more applications and identifies a potential unsecure intent that matches one of the list of the vulnerable ICC paths. Unsecured intents can then be blocked by the user.

Abstract: A system comprises a Content Tracking System (CTS) and Content Tracking Network Modules (CTNMs). The CTS and CTNMs identify, track, report and block piracy over a network. The CTS stores content distribution network information (CDNI) and copyright profile information. The CDNI includes blacklist sites and whitelist sites. A content generating entity generates digital content and registers the content with the CTS. The CTS generates copyright profile information, and forwards the CDNI and the copyright profile information to all of the CTNMs on the network. Each of the CNTMs monitors network traffic and detects whether a destination address of a packets matches one of the blacklist sites. If a match is detected, then the CTNM tracks all packets having the same source address as the matched packet, effectively monitoring a user. The CTNM forwards this information to the CTS to report piracy, identify new pirate sites, and to prevent further piracy.

Abstract: Disclosed is a method performed by a network node (300) in a communication network for correlating information of a first network domain (310) with information of a second network domain (320), the second network domain being different from the first network domain. The method comprises receiving (102) event information of a first event that occurred in the first network domain and receiving (104) event information of a second event that occurred in the second network domain, wherein the event information of the first event and the event information of the second event each comprises a user ID, UID; a time stamp, and a geographical information.

Abstract: Implementations of the present specification provide for cross-blockchain authentication. A public key of a database engine comprising a trusted node of a second blockchain is determined by a subscribing client included in a system for cross-chain interaction. The public key is used as an authentication data source. The system comprises the subscribing client (corresponding to a first blockchain), a publishing client (corresponding to the second blockchain), and a cross-chain interaction end separately connected to the subscribing client and publishing client. Data that is to be authenticated in the second blockchain is determined using the cross-chain interaction end. The data is published by the publishing client. The data to be authenticated is signed by the database engine using a private key of the database engine. The data authentication performed on the data uses the authentication data source and a signature of the data to be authenticated.

Abstract: In one embodiment, secure service chaining can be implemented efficiently for content delivery systems. An orchestrator can determine a service chain for processing a request from a client for content. The orchestrator can determine a capability identifying nodes of the service chain. The orchestrator can then transmit, to the client, a redirect message having the capability, wherein the redirect message redirects the request to a first node of the service chain. The nodes of the service chain can verify the capability and carry out the service chain. Service functions can be applied to the traffic flow associated with delivering the content to the user.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage devices, for data processing and storage. One of the methods includes receiving, by a storage system, a processing request of data of a centralized ledger system. Types of the data of the centralized ledger system include block data, transaction data, and index data. The storage system determines a type of the data among the types of the data of the centralized ledger system, and applies a type of a processing engine specified for processing the type of the data according to a characteristic of the type of the data.

Abstract: A method of performing a fund transfer at an ATM includes receiving an active authentication transaction key at an ATM from a mobile financial transaction instrument via a wireless communication protocol, generating a PIN at the ATM, and storing the PIN in a machine readable storage medium. An authorization request message is transmitted to a financial institution identified by the active authentication transaction key. The authorization request message includes the PIN and at least a portion of the active authentication transaction key. The PIN is received from a user of the mobile financial transaction instrument, and the funds are dispensed in response to receiving the PIN.

Abstract: In a computer-implemented method for providing biometric security for mobile loyalty services via a native mobile application a physical location of a mobile device are accessed by a single native mobile application executing on the mobile device, wherein the physical location is accessed in response to a user initiating access to the mobile loyalty services. A time corresponding to a determination of the physical location of the mobile device is accessed. A date corresponding to a determination of the physical location of the mobile device is accessed. Biometrics of the user of the mobile device is accessed. Biometric security of the single native mobile application is provided based on the physical location, the time corresponding to a determination of the physical location of said mobile device, the date corresponding to a determination of the physical location of the mobile device, and the biometrics of the user.

Abstract: A blockchain-based method is described which is related to transferring electronic currency from a payer to a payee. In some embodiments, a first process, a second process and a third process are performed. The first process includes receiving a processing request for a target transaction from a terminal of a payer, and transferring the processing request to a first blockchain node among a plurality of blockchain nodes. When a verification result indicates that the target transaction is valid, the method proceeds to performing the second and third processes. The second process includes transferring electronic currency from an electronic wallet of the payer to an electronic wallet of the payee. The third process includes recording data for the target transaction in a new block, and spreading the new block over the blockchain network. In some embodiments, the second process and the third process are performed in parallel.

Abstract: A global endpoint may be associated with an organization name and a plurality of directories located in different geographic regions. The global endpoint may be a computing system that hosts a page used by users to access an application or service. A user may be able to access the application or service using already existing credentials. For example, the user may access the application or service using credentials stored and maintained by an entity with which the user is affiliated. Users having credentials stored in different geographic regions may be able to access the application or service via the same global endpoint.

Abstract: A method and apparatus provides a blockchain that includes one or more blocks that contain a cryptographic binding of a signature-verification public key and/or a data encryption public key to the identity of the holder of the corresponding private key. The binding is performed by one or more key binding entities, referred to herein as a blockchain identity binder. Originators and recipients use the identity binding data to secure block chain transactions.

Abstract: Block chain/distributed ledger-based verification of entity identity or verification of a relationship between two or more entities may be provided. Verification addresses may be established on a block chain/distributed ledger by: associating identifiers and verifiers with entities having previously verified entity identities or having previously verified relationship(s) with other entities, assigning verification addresses on a block chain/distributed ledger to the entities, and recording entity identifier(s), identity verifier data and relationship verifier data associated with the entities at corresponding verification addresses. Embodiments for block chain/distributed ledger-based verification of entity identity and/or verification of entity's relationship to related entity(ies) using the verification addresses are performed using one or more identity verifiers and/or one or more relationship verifiers.

Abstract: In an example implementation of the disclosed technology, a system is provided by which a utility company customer can make a payment to the utility company via a point of sale (POS) system at a retailer such as a grocery store or clothing store. In some embodiments, the utility company provides to the user a barcode that includes information relating to the customer's account, and the customer can present the barcode to the POS system or a retail agent in the course of checking out at the retailer. Accordingly, the customer can pay a utility bill in the course of paying for, for example, groceries.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, dynamically authorize pre-stages data exchanges based on contextual data. For example, an apparatus may receive first data characterizing an initiation of a first exchange of data between a client device and a terminal device. Based on the first data, the apparatus may obtain second data that characterizes an expected initiation of a second exchange of data during a corresponding temporal interval, which may be specified relative to an initiation time of the first data exchange. The apparatus may generate and transmit, to a computing system, pre-authorization data that requests a pre-authorization of the second data exchange to a computing system. The pre-authorization data may include a portion of the second data and may instruct the computing system to pre-authorize the second data exchange in accordance with the second data.

Abstract: A method includes identifying an event corresponding to an event node of a social graph associated with a social-networking system, where the social graph includes nodes and edges connecting the nodes, and the event node is connected to ticket nodes corresponding to tickets for the event. The nodes include a first user node corresponding to a first user of the social-networking system, and second nodes, each of which corresponds to a concept or to one of a plurality of second users of the social-networking system. The method further includes receiving a request to assign a selected one of the tickets for the event to the first user, and creating an edge between the first user node and a selected one of the ticket nodes, where the selected ticket node corresponds to the selected ticket.

Abstract: Systems and methods for facilitating the sale of an asset having digital title through two separate math-based currency (“MBC”) transactions. The first MBC transaction passes digital title from the seller to the buyer by incorporating the digital title or a pointer to the digital title in the metadata of the first MBC transaction. The second MBC transaction passes funds to the seller from the buyer (either directly or via an intermediary). Accordingly, the ownership chain of the asset can be traced and verified through a MBC blockchain or ledger that serves as a record of all MBC transactions.

Abstract: A method of providing secure ledger distribution for interbank settlement includes establishing a private sidechain among a centralized computer system of a central bank and computer systems of at least a sender bank and a receiver bank, each of which have an account with the central bank. The centralized computer system receives a transaction from the computer system of the sender bank as a payment request. The centralized computer system determines whether the transaction is valid. Consensus is reached within the private sidechain. The centralized computer system forwards the transaction to the computer system of the receiver bank along with a finality proof. The accounts of the sender bank and the receiver bank are updated and the transaction is added to a private ledger accessible only within the private sidechain.