Including Key Management Patents (Class 705/71)
  • Patent number: 10411901
    Abstract: Apparatus, methods and systems to secure remotely accessible applications using authentication devices are disclosed. More in particular apparatus, methods and systems are disclosed for thwarting overlay attacks against authentication applications for displaying transaction data and for generating signatures over these transaction data.
    Type: Grant
    Filed: December 28, 2018
    Date of Patent: September 10, 2019
    Assignee: OneSpan North America Inc.
    Inventors: Nicolas Fort, Frederik Mennes, Ludovic Joly, Guillaume Teixeron
  • Patent number: 10402823
    Abstract: System for cryptocurrency transactions, includes a server configured to mediate exchange of data between user devices; an internal currency derivable from any cryptocurrency; each user device configured to issue, transfer rights, redemption and restoration of an internal currency unit. Issue includes creation of new addresses in blockchain, protected by splitting the private key PrivKey into first part (PrivKey1) and second part (PrivKey2), and requires connection to the blockchain only once, to generate PrivKey and to split PrivKey into PrivKey1 and PrivKey2, based on PrivKey*G=(PrivKey1*PrivKey2)*G. PrivKey1 is generated and stored in the server, PrivKey2 is generated on the user's device. The server stores all PrivKey1's device IDs of the user's device.
    Type: Grant
    Filed: December 30, 2018
    Date of Patent: September 3, 2019
    Inventors: Alexander Vladimirovich Vlasov, Vadim Borisovich Leonovich
  • Patent number: 10387134
    Abstract: Embodiments of the present invention provide a method and device for downloading a profile of an operator, where one method includes: sending, by a terminal to the SM-DP by using an SM-SR, a request for downloading a profile of an operator, where the download request carries the download certificate, an ID of an eUICC of the terminal, and addressing information of the SM-DP; and receiving, by the terminal, the profile of the operator that is sent by the SM-DP by using the SM-SR and is corresponding to the download request, and transmitting the profile of the operator to the eUICC, where the profile of the operator is obtained by the SM-DP according to an identity of the profile of the operator after the SM-DP verifies that the certificate that is for downloading the profile of the operator and is carried in the download request is valid.
    Type: Grant
    Filed: September 27, 2018
    Date of Patent: August 20, 2019
    Assignee: HUAWEI DEVICE CO., LTD.
    Inventor: Linyi Gao
  • Patent number: 10380504
    Abstract: A network system may include a plurality of trainer devices and a computing system disposed within a remote network management platform. The computing system may be configured to: receive, from a client device of a managed network, information indicating (i) training data that is to be used as basis for generating a machine learning (ML) model and (ii) a target variable to be predicted using the ML model; transmit an ML training request for reception by one of the plurality of trainer devices; provide the training data to a particular trainer device executing a particular ML trainer process that is serving the ML training request; receive, from the particular trainer device, the ML model that is generated based on the provided training data and according to the particular ML trainer process; predict the target variable using the ML model; and transmit, to the client device, information indicating the target variable.
    Type: Grant
    Filed: December 20, 2017
    Date of Patent: August 13, 2019
    Assignee: ServiceNow, Inc.
    Inventors: Nikhil Bendre, Fernando Ros, Kannan Govindarajan, Baskar Jayaraman, Aniruddha Thakur, Sriram Palapudi, Firat Karakusoglu
  • Patent number: 10361853
    Abstract: Embodiments of the present invention provide a system for authenticating records belonging to an individual or entity and providing authorized access of the records to service providers. Embodiments of the invention utilize a private blockchain to store various types of records to be conveyed to the service providers. In this way, the individual or entity may securely store on the blockchain all records relevant to service providers, then provide the service providers with secured access to the records such that the providers may access only the specific records for which they are authorized, e.g. a healthcare provider may access only the healthcare records on the blockchain.
    Type: Grant
    Filed: October 12, 2016
    Date of Patent: July 23, 2019
    Assignee: Bank of America Corporation
    Inventors: Brandon Matthew Castagna, Kevin Ben Hicks
  • Patent number: 10289732
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for generating and providing converted content.
    Type: Grant
    Filed: June 13, 2016
    Date of Patent: May 14, 2019
    Assignee: Google LLC
    Inventors: Eugenio Jorge Marchiori, Michael Francis Warriner
  • Patent number: 10282711
    Abstract: The disclosed embodiments include computerized systems and methods that generate secured distributed storage ledger structures, such as block-chain-based ledger structures, that facilitate event-based control of tracked assets. In one embodiment, an apparatus associated with a centralized authority of the secured distributed storage ledger may detect an occurrence of a triggering event, and may access and decrypt a set of rules hashed into the secured distributed storage ledger using a confidentially-held master cryptographic key. The apparatus may identify a rule associated with the detected event, and perform one or more operations consistent with the rule and involving at least one of assets tracked within the secured distributed storage ledger or an owner of a portion of the tracked assets.
    Type: Grant
    Filed: August 11, 2016
    Date of Patent: May 7, 2019
    Assignee: The Toronto-Dominion Bank
    Inventors: Paul Mon-Wah Chan, John Jong Suk Lee, Perry Aaron Jones Haldenby
  • Patent number: 10237060
    Abstract: A data protector is described. In an implementation, the data protector promotes and enforces a data retention policy of a data consumer. In an implementation, the data protector limits access to sensitive data to the data consumers. A key manager provides a time-limited encryption key to the data protector. Responsive to collection of the time-limited encryption key from the key manager and sensitive data from a data provider, the data protector encrypts the sensitive data with the time-limited encryption key effective to produce encrypted sensitive data. In some embodiments, the data protector provides a data consumer with access to the encrypted sensitive data and the key manager provides the data consumer with access to the time-limited encryption key to decrypt the encrypted sensitive data. The key manager deletes the time-limited encryption key in compliance with the data retention policy of the data consumer.
    Type: Grant
    Filed: June 23, 2011
    Date of Patent: March 19, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kambiz Kouladjie, Robert Blanch, Robert Devine
  • Patent number: 10230721
    Abstract: The present disclosure discloses an authentication server, an authentication system and an authentication method. The authentication server includes an information acquisition module and an identity authentication module. The information acquisition module obtains telecommunication user information from a telecommunications server, and obtains merchant user information from a merchant server, based on an end-user's cell phone number. The identity authentication module compares the telecommunication user information with the merchant user information according to a predetermined authentication mode, and returns a comparison result to the merchant server. The authentication method of the present disclosure can obtain better security protection, fast authentication, better user experience, and avoid security problem of repeat SMS interception.
    Type: Grant
    Filed: April 12, 2018
    Date of Patent: March 12, 2019
    Inventor: Tai Chiu Chan
  • Patent number: 10212157
    Abstract: An augmented reality system that includes an augmented reality user device for a first person including a head-mounted display configured to overlay virtual objects onto tangible objects in real-time, a memory, a camera, and one or more processors. The augmented reality user device is configured to perform facial recognition on the captured image to identify a face of the second person, to identify an entry for the second person, and to initiate a peer-to-peer transfer when the entry for the second person has been identified. The augmented reality user device is further configured to authenticate the identify of the second person, to generate a transfer token for facilitating the peer-to-peer transfer, and to send the transfer token to a first institution associated with the first person to initiate the peer-to-peer transfer. A network device of the first institution is configured to receive the transfer token and facilitate the peer-to-peer transfer.
    Type: Grant
    Filed: November 16, 2016
    Date of Patent: February 19, 2019
    Assignee: Bank of America Corporation
    Inventors: Heather Dolan, Manu J. Kurian, Graham M. Wyllie
  • Patent number: 10181117
    Abstract: Logic to register a personal point of sale (POS) device. Logic may communicate with the registration processor to establish a secure communication channel. Logic may access a basic input output system to obtain platform information. Logic may transmit the platform information to the registration processor to identify a certification associated with the device. Logic may communicate with a payment instrument via a card reader. Logic may transmit an encrypted message from the card reader to the registration processor to bind the payment instrument to the device. Logic may receive a communication from the device comprising platform information. Logic may perform a security protocol to establish a secure communication channel with the device. Logic may determine an existence of the certification for the device in the database based upon the platform information. And logic may register the platform in response to locating the certification of the platform.
    Type: Grant
    Filed: September 12, 2014
    Date of Patent: January 15, 2019
    Assignee: INTEL CORPORATION
    Inventors: Farid Adrangi, Sanjay Bakshi, Amit S. Bodas
  • Patent number: 10171246
    Abstract: Apparatus, methods and systems to secure remotely accessible applications using authentication devices are disclosed. More in particular apparatus, methods and systems are disclosed for thwarting overlay attacks against authentication applications for displaying transaction data and for generating signatures over these transaction data.
    Type: Grant
    Filed: September 21, 2016
    Date of Patent: January 1, 2019
    Assignee: ONESPAN NORTH AMERICA INC.
    Inventors: Nicolas Fort, Frederik Mennes, Ludovic Joly, Guillaume Teixeron
  • Patent number: 10171248
    Abstract: A method for using digital signatures for signing blockchain transactions includes: generating a domain key pair comprising a domain private key and a domain public key, wherein the domain public key is signed after generation; receiving a plurality of member public keys, wherein each member public key is received from an associated member of a blockchain network and is a public key in a key pair comprising the member public key and a member private key corresponding to the associated member; signing each member public key using the domain private key; receiving a transaction block from a specific member of the blockchain network, wherein the transaction block includes a plurality of blockchain transaction values and a hash signed using the member private key corresponding to the specific member; signing the received transaction block using the domain private key; and transmitting the signed transaction block.
    Type: Grant
    Filed: March 26, 2018
    Date of Patent: January 1, 2019
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventor: David J. King
  • Patent number: 10147089
    Abstract: Systems and methods are disclosed in which data associated with a transaction are protected with encryption. At an access device, a PIN associated with a payment account may be encrypted with a first key derived from an initial key of the access device and sensitive data associated with the payment account may be encrypted with a second key derived from the initial key. At a secure module associated with a host server encrypted sensitive data of an authorization request message may be decrypted. The secure module associated with the host server can re-encrypt the sensitive data using a zone encryption key associated with a payment processing network. A translated authorization request message including the re-encrypted sensitive data can be transmitted by the merchant server to the payment processing network.
    Type: Grant
    Filed: January 7, 2013
    Date of Patent: December 4, 2018
    Assignee: Visa International Service Association
    Inventors: Glenn Powell, John Sheets, Paul Tait, Kim Wagner, Krishna Koganti, Marc Perl, Hector Rodriguez, Susan Zloth
  • Patent number: 10142312
    Abstract: Systems, computer program products, and methods are described herein for a system for establishing secure access for users in a process data network. The present invention is configured to create a block chain of resource information based on at least aggregated information associated with past transfer of resources executed by an entity; analyze the block chain of resource information to determine a pattern associated with the past transfer of resources executed by the entity; receive an indication that the entity has executed a transfer of resources; receive information associated with the transfer of resources; compare the information associated with the transfer of resources with the pattern associated with the past transfer of resources executed by the entity to determine a match; and allow the execution of the transfer of resources.
    Type: Grant
    Filed: February 22, 2016
    Date of Patent: November 27, 2018
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Darrell Johnsrud, Manu Jacob Kurian, Michael Wuehler
  • Patent number: 10142305
    Abstract: A calling device may obtain a first calling security parameter by registering with a network and obtain a second calling security parameter in response to causing an application authentication architecture of the network to verify that that the calling device is authorized to access a network service corresponding to a communication application stored by the calling device. The calling device may communicate the first and second calling security parameters to a called device and receive first and second called security parameters from the called device in response to communicating the first and second calling security parameters. The calling device may generate a security key based on the first calling security parameter, the second calling security parameter, first called security parameter, and the second called security parameter, and use the security key to encrypt or decrypt communication between the calling device and the called device.
    Type: Grant
    Filed: February 22, 2016
    Date of Patent: November 27, 2018
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: William C. King, Priscilla Lau, Kwai Yeung Lee
  • Patent number: 10139871
    Abstract: An electronic device with circuit protection including a body, an assembling unit, and a first electronic module, a control unit and a circuit protection unit disposed in the body is provided. The control unit is electrically connected to the first electronic module and the circuit protection unit. The assembling unit is detachably assembled onto the circuit protection unit and electrically connected thereto. A trigger signal is transmitted to the control unit while the assembling unit and the circuit protection unit being electrically connected with each other, such that states of the first assembling unit is changed by the control unit. An assembling method of the electronic device with circuit protection is also provided.
    Type: Grant
    Filed: June 16, 2015
    Date of Patent: November 27, 2018
    Assignee: Wistron Corporation
    Inventors: Yu-Sheng Su, Yin-Teng Hsieh
  • Patent number: 10134026
    Abstract: A wearable device receives ticket information for an event and information indicating a quantity of funds allocated from an account, associated with a user of a user device, to the wearable device, and stores the ticket information and the information indicating the quantity of funds. The wearable device utilizes a wireless component to pair the wearable device and the user device, and provides, to the user device and via the wireless component, the ticket information and information indicating access privileges for the event. The wearable device generates a token for a PoS device for a charge incurred at the event during an offline transaction with the PoS device, and provides, via a NFC component, the token to the PoS device. The wearable device provides, to the user device and via the wireless component, information indicating that that the token was provided to the PoS device.
    Type: Grant
    Filed: March 15, 2018
    Date of Patent: November 20, 2018
    Assignee: Capital One Services, LLC
    Inventor: Adam Koeppel
  • Patent number: 10129238
    Abstract: A distributed block chain network having at least a private block chain portion, and in some cases a public block chain portion, allows users to take actions (e.g., accessing, viewing, storing, disseminating, validating, or the like) with respect to event information associated with events. In some aspects of the invention the distributed block chain network with the private block chain portion may be utilized to verify events and separate the private information associated with the events from the public information associated with the events. As such, the present invention provides systems for centralized control of secure access to process data networks by utilizing a private block chain; and moreover, provide systems for control of secure access and communication with different process data networks with different security requirements by utilizing one or more block chains with private block chain portions and/or public block chain portions.
    Type: Grant
    Filed: February 22, 2016
    Date of Patent: November 13, 2018
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Manu Jacob Kurian, Darrell Johnsrud
  • Patent number: 10129754
    Abstract: Systems and devices are provided for real-time digital issuance/provisioning of digital resources. In accordance with embodiments of the invention, real-time provisioning of the digital resources occurs through access to a mobile application. In specific embodiments in which the user does not currently have authorization to use the mobile application, an authorization code is issued to a user and inputted via the mobile application as a means for verifying the identity of the user prior to provisioning the digital resource to the digital storage. As such, by having the provisioning occur electronically via the mobile application provisioning of the digital resource is highly secure, in that, provisioning occurs without the user possessing or having knowledge of the digital resource credentials prior to provisioning.
    Type: Grant
    Filed: August 31, 2016
    Date of Patent: November 13, 2018
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Tony England, Elizabeth A. Price, Shyam Kumar Agrawal
  • Patent number: 10114854
    Abstract: One embodiment provides a method of automatically managing a validation rule across a shared replicated database, the method including: utilizing at least one processor to execute computer code that performs the steps of: receiving, at a database, a first transaction associated with a user, wherein the database is associated with a node of a network comprising a plurality of nodes and wherein each of the plurality of nodes is associated with a different entity; the database being shared and replicated among the plurality of nodes; receiving, at the database, a validation rule associated with the first transaction, wherein the validation rule comprises at least one condition associated with the user; and automatically replicating the validation rule throughout the plurality of nodes. Other aspects are described and claimed.
    Type: Grant
    Filed: December 31, 2015
    Date of Patent: October 30, 2018
    Assignee: International Business Machines Corporation
    Inventors: Vishal Singh Batra, Pralhad Dinesh Deshpande
  • Patent number: 10114629
    Abstract: Embodiments of the present invention provide a method and device for downloading a profile of an operator, where one method includes: sending, by a terminal to the SM-DP by using an SM-SR, a request for downloading a profile of an operator, where the download request carries the download certificate, an ID of an eUICC of the terminal, and addressing information of the SM-DP; and receiving, by the terminal, the profile of the operator that is sent by the SM-DP by using the SM-SR and is corresponding to the download request, and transmitting the profile of the operator to the eUICC, where the profile of the operator is obtained by the SM-DP according to an identity of the profile of the operator after the SM-DP verifies that the certificate that is for downloading the profile of the operator and is carried in the download request is valid.
    Type: Grant
    Filed: June 3, 2016
    Date of Patent: October 30, 2018
    Assignee: HUAWEI DEVICE (DONGGUAN) CO., LTD.
    Inventor: Linyi Gao
  • Patent number: 10103885
    Abstract: A method for distributing multiple cryptographic keys used to access data includes: receiving a data signal superimposed with an access key request, wherein the access key request includes at least a number, n, greater than 1, of requested keys; generating n key pairs using a key pair generation algorithm, wherein each key pair includes a private key and a public key; deriving an access private key by applying the private key included in each of the n key pairs to a key derivation algorithm; generating an access public key corresponding to the derived access private key using the key pair generation algorithm; and electronically transmitting a data signal superimposed with a private key included in one of the n key pairs for each of the n key pairs.
    Type: Grant
    Filed: January 20, 2016
    Date of Patent: October 16, 2018
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventor: Steven Charles Davis
  • Patent number: 10082929
    Abstract: A working process processing system of an embodiment has: a 3D data storage for storing the 3D data; a working process data storage to store the working process data; an animation data processor to process animation data based on the 3D data stored in the 3D data storage and the working process data stored in the working process data storage, the animation data comprising displaying data showing a plurality of changing situations of the working processes; wherein the animation data processor is configured to include the comment information relating to the work attribute information of at least one of the working processes with the displaying data of the respective working process of the animation data processed thereof.
    Type: Grant
    Filed: July 7, 2015
    Date of Patent: September 25, 2018
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Tatsuya Sato, Yasunori Nakashima, Taku Orihara
  • Patent number: 10068232
    Abstract: A credit card reader is attached to a mobile device to process credit card transactions at the point of sale. In response to detecting attachment of the credit card reader to the mobile device, the credit card reader displays a one-time password for authenticating the credit card reader. The algorithm used to generate the one-time password is synchronized with a user token configured to display one-time passwords. If there is a match between the one-time passwords of the credit card reader and the token, the credit card reader is authentic. Further, if there is a match, the credit card reader may allow the user to process credit card transactions through the credit card reader.
    Type: Grant
    Filed: October 21, 2016
    Date of Patent: September 4, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Nima Sharifi Mehr
  • Patent number: 10068223
    Abstract: A payment terminal can have an application processing unit coupled to a transaction processing unit. The transaction processing unit can receive payment information from a payment device via a payment interface coupled to the transaction processing unit. The transaction processing unit can encrypt the payment information in accordance with a standard payment protocol and provide the encrypted payment information and other protocol dependent information to the application processing unit. The application processing unit can execute a point-of-sale application that can have the transaction processing unit acquire the payment information and have the application processing unit transmit the encrypted payment information and other protocol-dependent information from the transaction processing unit to a payment server.
    Type: Grant
    Filed: December 18, 2017
    Date of Patent: September 4, 2018
    Assignee: Square, Inc.
    Inventors: Afshin Rezayee, Yue Yang, Jesse Wilson, Kevin Ng
  • Patent number: 10057404
    Abstract: Techniques for mobile device personalization are described. In an embodiment, user credentials for an online service are received at a mobile device kiosk. The user credentials may be authenticated and, upon authentication, user data associated with the user credentials may be transferred to a mobile device of the mobile device kiosk. The user data may be transferred between the mobile device kiosk and a wireless transmitter embedded on a printed circuit board (PCB) of the mobile device. Further, the user data may be transferred to the mobile device without powering on the mobile device. Once the data transfer is complete, the mobile device may be provided to a user.
    Type: Grant
    Filed: October 17, 2017
    Date of Patent: August 21, 2018
    Assignee: FACEBOOK, INC.
    Inventors: Yael Maguire, Fraidun Akhi
  • Patent number: 10055713
    Abstract: A method and device are provided for delegating an implementation of transactions to an intermediate user. The method includes: at least one first phase of registering at least one payment server with the intermediate server, the first phase delivering, within the intermediate server, a delegating data structure including at least one association between the payment server and at least one list of types of transactions delegated by the payment server to the intermediate server; and at least one second phase of registering at least one user with the intermediate server, the second phase delivering, within the intermediate server, a provisioning data structure including at least one association between a user identifier, a payment server identifier and a user identifier with the payment server.
    Type: Grant
    Filed: May 28, 2015
    Date of Patent: August 21, 2018
    Assignee: Ingenico Group
    Inventor: Pierre Quentin
  • Patent number: 10049353
    Abstract: Techniques for enhancing the security of a communication device may include providing an application agent and a transaction application that executes on a communication device. The application agent may receive, from the application, a cryptogram key generated by a remote computer, and store the cryptogram key on the communication device. When the application agent receives a request to conduct a transaction from the application, the application agent may generate a transaction cryptogram using the cryptogram key, and provides the transaction cryptogram to an access device.
    Type: Grant
    Filed: August 21, 2017
    Date of Patent: August 14, 2018
    Assignee: Visa International Service Association
    Inventor: Eduardo Lopez
  • Patent number: 10049394
    Abstract: Method to perform secure transactions with a digital device starts with microphone receiving signal generated by the digital device. Signal includes product information in inaudible portion of signal that identifies at least one product associated with a timeframe of signal. Trusted execution environment (TEE) generates start signal based on first sensor signal from first sensor that may be inertial sensor. Start signal is generated when first sensor signals indicate that user wishes to perform transactions with digital device. TEE verifies an origin of the product information to determine integrity of the origin and data. Display device displays purchasing information to a user that is based on the product information. TEE authenticates user based on second sensor signal from second sensor that may be biometrics sensor. TEE completes transaction to purchase at least one product by providing payment information associated with user. Other embodiments are also described.
    Type: Grant
    Filed: December 24, 2014
    Date of Patent: August 14, 2018
    Assignee: INTEL CORPORATION
    Inventors: Miguel Ballesteros, Abhilasha Bhargav-Spantzel
  • Patent number: 10009324
    Abstract: A system is configured for detecting a point of sale, receiving a personal identification number (PIN), generating a PIN based key using a message digest of the PIN, decrypting a data encryption key (DEK) using the PIN based key, and generating a DEK based dynamic key using the PIN based key. The system may also decrypt a session key using the DEK based dynamic key, generate a cryptogram from the session key, and send the cryptogram to the point of sale.
    Type: Grant
    Filed: December 4, 2015
    Date of Patent: June 26, 2018
    Assignee: AMERICAN EXPRESS TRAVEL RELATED SERVICES COMPANY, INC.
    Inventors: Naresh Bhandari, Manish K. Deliwala, Ajay B. Maddukuri, John G. McDonald, Curtis Watson
  • Patent number: 9990659
    Abstract: A geo-fencing system includes a plurality of beacons defining zones within a venue. The system receives a first beacon identifier from a mobile device and registers the mobile device in a first zone corresponding to the first beacon. The system causes a first menu to be displayed on the mobile device, indicating options for the first zone. In response to selection of one of the options, the system registers the mobile device as being active in the first zone. The system then receives a second beacon identifier and registers the mobile device as being in the second zone. The system also suspends the activity of the mobile device in the first zone and causes options to be displayed to continue or terminate the activity in the first zone.
    Type: Grant
    Filed: May 28, 2014
    Date of Patent: June 5, 2018
    Assignee: Cellco Partnership
    Inventors: Sankar Shanmugam, Shan Olachery, Arindam Mitra, Daniel M. Rivera, Matthew Farley Reeves, Lapfan Lam
  • Patent number: 9990190
    Abstract: An installation image of a virtual storage appliance (VSA) is protected by initiating VSA installation from an archive image establishing a pre-installation operating state. The archive image includes an installation image with a lockbox storing a first key for accessing the installation image. The lockbox is encrypted using a second key derived from a stable system value (SSV), such as data for device partitioning, obtainable from an execution environment in the pre-installation operating state. During installation, the SSV is obtained and used in decrypting the lockbox to retrieve the first key and use the installation image to install the VSA. The VSA is installed in a manner establishing a post-installation operating in which the SSV is no longer obtainable from the execution environment, e.g., due to changing the device partition information. An SSV obtained from the partition information post-installation does not yield the key for decrypting the lockbox, protecting the installed image.
    Type: Grant
    Filed: April 29, 2016
    Date of Patent: June 5, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Michael L. Burriss, Weixing Wang, Benjamin P. Kelley, Gregory W. Lazar, Jochen F. De Smet
  • Patent number: 9992022
    Abstract: Embodiments disclosed herein provide systems and methods for digital identity management and permission controls within distributed network nodes. A network node may receive a request to generate a new digital identity record for an entity. The network node may retrieve a template based on an entity type; and receive information, reference documents, and biometric information for the new digital identity record. The network node may associate and store the received information to the data fields in the new digital identity record, generate respective one directional cryptographic hashes of the reference documents and the biometric information, and store the hashes in the new digital identity record while storing the reference documents and biometric information in a non-blockchain repository. The network node may generate a digital identity record block for the new digital identity record, encrypt the digital identity record block, and append the encrypted block to the latest valid blockchain.
    Type: Grant
    Filed: December 18, 2017
    Date of Patent: June 5, 2018
    Assignee: Northern Trust Corporation
    Inventors: Justin Chapman, Andrew Czupek, Andrew Monks, Anthony Stevens, Ariji Das, Christopher Price, Wayne Hannaway, Zabrina Smith
  • Patent number: 9979699
    Abstract: A system for establishing a trusted end-to-end communication link between different NFV networks is disclosed. The system comprises a server operating in a trusted security zone and configured to generate and send a trust ticket, a communication request, and disable communication with the first NFV network. The system further comprises a virtual machine executing virtualized network functions and a session border controller. The session border controller is configured to receive the trust ticket, request, and trusted data from the first server; transmit the trust ticket and request to a second session border controller, wherein the trust ticket and request are transmitted to a second server associated with a second NFV network, and receive a response and second trust ticket from the second NFV network, compare the first and second trust ticket for compatibility, and transmit the trusted data if the trust tickets are compatible.
    Type: Grant
    Filed: July 20, 2017
    Date of Patent: May 22, 2018
    Assignee: Sprint Communications Company L.P.
    Inventors: Ronald R. Marquardt, Lyle W. Paczkowski, Arun Rajagopal
  • Patent number: 9948467
    Abstract: A method for using digital signatures for signing blockchain transactions includes: generating a domain key pair comprising a domain private key and a domain public key, wherein the domain public key is signed after generation; receiving a plurality of member public keys, wherein each member public key is received from an associated member of a blockchain network and is a public key in a key pair comprising the member public key and a member private key corresponding to the associated member; signing each member public key using the domain private key; receiving a transaction block from a specific member of the blockchain network, wherein the transaction block includes a plurality of blockchain transaction values and a hash signed using the member private key corresponding to the specific member; signing the received transaction block using the domain private key; and transmitting the signed transaction block.
    Type: Grant
    Filed: December 21, 2015
    Date of Patent: April 17, 2018
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventor: David J. King
  • Patent number: 9942305
    Abstract: A method for file downloading is described. The method comprises: transmitting a first request to a server to start a downloading process of a file; receiving a first destination address and a first cookie for the downloading process, wherein the first destination address and the first cookie are associated with the file; storing the first destination address, the first cookie, a link address associated with the file, and a web address associated with the link address; detecting an interruption of the downloading process; and responsive to detection of an interruption of the downloading process, transmitting a second request to the server for a second destination address and a second cookie associated with the file based on the link address and web address. The method further comprises resuming the downloading process of the file using the second destination address and the second cookie.
    Type: Grant
    Filed: December 10, 2015
    Date of Patent: April 10, 2018
    Assignee: GUANGZHOU UCWEB COMPUTER TECHNOLOGY CO., LTD.
    Inventors: Jie Liang, Huake Guo, Xinwu Luo
  • Patent number: 9910685
    Abstract: A mobile application development system includes a developer portal that receives an application from a developer and provides a routing library to the developer to augment the application. An offline analysis system analyzes the application to (i) determine a set of activities that a handler within the application is programmed to resume in response to respective resumption requests from a host operating system and (ii) determine parameters for each of the activities. The offline analysis system generates a set of links that each corresponds to a respective one of the activities. The routing library, installed as part of the augmented application onto a user device, receives a link, from the user device's operating system, that identifies a first activity. The routing library includes instructions for generating a first resumption request based on parameters corresponding to the first activity and transmitting the first resumption request to the augmented application's handler.
    Type: Grant
    Filed: August 12, 2016
    Date of Patent: March 6, 2018
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Kalyan Desineni, Matan Levi, Moshe Krush, Danny Tsechansky
  • Patent number: 9894525
    Abstract: A searching method for an electronic device includes presetting a condition for a second electronic device to act as a searching terminal for searching the electronic device. An authentication password is preset at the electronic device. A request for the authentication password is sent to the second electronic device upon determining that the second electronic device meets the condition. Once a password from the second electronic device matches the authentication password, coordinates corresponding to a current location of the electronic device are sent to the second electronic device.
    Type: Grant
    Filed: January 28, 2016
    Date of Patent: February 13, 2018
    Assignee: Chiun Mai Communication Systems, Inc.
    Inventor: Hung-Chin Chen
  • Patent number: 9870558
    Abstract: A payment terminal can have an application processing unit coupled to a transaction processing unit. The transaction processing unit can receive payment information from a payment device via a payment interface coupled to the transaction processing unit. The transaction processing unit can encrypt the payment information in accordance with a standard payment protocol and provide the encrypted payment information and other protocol dependent information to the application processing unit. The application processing unit can execute a point-of-sale application that can have the transaction processing unit acquire the payment information and have the application processing unit transmit the encrypted payment information and other protocol-dependent information from the transaction processing unit to a payment server.
    Type: Grant
    Filed: June 23, 2017
    Date of Patent: January 16, 2018
    Assignee: Square, Inc.
    Inventors: Afshin Rezayee, Yue Yang, Jesse Wilson, Kevin Ng
  • Patent number: 9836741
    Abstract: Systems, apparatus, methods, and computer program products for using quick response (QR) codes for authenticating users to ATMs and other secure machines for cardless transactions are disclosed. Embodiments of the present disclosure read an image displayed on a display of an external device using a mobile device associated with a user authorized to access a secure resource, decode transaction information encoded in the image, transmit the transaction information and an identifier of the mobile device from the mobile device to an authentication system, and grant access to the secure resource if the transaction information and the identifier satisfy an authentication test performed at the authentication system.
    Type: Grant
    Filed: December 1, 2014
    Date of Patent: December 5, 2017
    Assignee: CA, Inc.
    Inventors: Rammohan Varadarajan, Ambarish Malpani
  • Patent number: 9832607
    Abstract: A method and an electronic device for processing a beacon are provided. The method includes receiving identification information of a beacon signal from a beacon transmitter in a geo-fence; comparing the received identification information of the beacon signal with beacon link information stored in the electronic device; and executing, according to a result of the comparison, a predetermined function based on stored beacon link information corresponding to the identification information of the beacon signal.
    Type: Grant
    Filed: July 2, 2015
    Date of Patent: November 28, 2017
    Assignee: Samsung Electronics Co., Ltd
    Inventor: Sung-Wook Won
  • Patent number: 9824353
    Abstract: Proposed are a key protection method and system. The method comprises: a: receiving by a mobile terminal a registration instruction, generating a user's public key and private key, and sending the user's public key to a third-party e-business verification server, if the mobile terminal respectively passes identity verifications of the mobile bank server and a comprehensive pre-position bank server; b: performing a verification by the mobile bank server on user's trade information, and performing a trade by the comprehensive pre-position bank server if the verification is successful; c: generating by the mobile terminal an updated parameter for protecting a private key after the trade is performed, sending to the mobile bank server, receiving a successful updating result from the mobile bank server and encrypting and storing the user's private key. The present invention can increase the difficulty of an attack, and improve security.
    Type: Grant
    Filed: September 24, 2013
    Date of Patent: November 21, 2017
    Assignee: TENDYRON CORPORATION
    Inventor: Dongsheng Li
  • Patent number: 9805370
    Abstract: In some examples, methods and systems may process one or more payment transactions between a merchant and a buyer by registering a communication device as an authorization instrument to the payment transaction. To this end, the method includes detecting at least one transaction activity associated with a payment system, establishing a communication channel between the POS terminal an RF communication device in proximity to the POS terminal.
    Type: Grant
    Filed: March 31, 2016
    Date of Patent: October 31, 2017
    Assignee: Square, Inc.
    Inventors: Oliver S. C. Quigley, Collin Mulliner
  • Patent number: 9775029
    Abstract: Techniques for enhancing the security of a communication device may include providing an application agent that executes in a trusted execution environment of the communication device, and a transaction application that executes in a normal application execution environment of the communication device. The application agent may receive, from the application, a limited-use key (LUK) generated by a remote computer, and store the LUK in a secure storage of the trusted execution environment. When the application agent receives a request to conduct a transaction from the application executing in the normal execution environment, the application agent may generate a transaction cryptogram using the LUK, and provides the transaction cryptogram to an access device.
    Type: Grant
    Filed: August 24, 2015
    Date of Patent: September 26, 2017
    Assignee: Visa International Service Association
    Inventor: Eduardo Lopez
  • Patent number: 9762551
    Abstract: A cryptographic expansion device that can be attached to a communication component of a communication device to enable the communication device to perform cryptographic operations on communications sent to and from the communication device is described. The cryptographic expansion device can be a small-form factor cryptographic expansion device that can be used with a small-form factor communication component such as a micro-SIM (subscriber identity module) card. When used with a communication device, the cryptographic expansion device enables the communication device to send and received end-to-end secure encrypted communications. The end-to-end secure communications enabled by the cryptographic expansion device can be utilized by a user of the communication device to perform financial and/or banking transactions.
    Type: Grant
    Filed: July 21, 2016
    Date of Patent: September 12, 2017
    Assignee: Visa International Service Association
    Inventors: Horatio Nelson Huxham, Alan Joseph O'Regan
  • Patent number: 9703827
    Abstract: Streaming data from a plurality of streaming data sources can be received. The streaming data may not be stored in persistent storage. A query can be received from a client device. A rule can be defined based on the query. The rule can be applied to the streaming data. Alerts associated with a subset of the streaming data that matches the rule can be stored in persistent storage. A signal associated with the alerts can be sent to the client device such that the graphical user interface is updated based on the alerts.
    Type: Grant
    Filed: July 17, 2014
    Date of Patent: July 11, 2017
    Assignee: Illumina Consulting Group, Inc.
    Inventors: Ed Clark, Thomas Foughner, John Halper, John Hicks, Nicholas Stroh, David Waldrop, Graydon Weideman
  • Patent number: 9691067
    Abstract: The present invention consists of methods whereby local/mobile computing devices are registered by collecting a set of hardware and/or software distinctive identifiers to be saved in a validation database residing on a validation database server/Web server, such that the local/mobile computing device can be used as a digital hardware key for right of access and authorization of electronic transactions. This is done by comparing a regenerated set of hardware and/or software distinctive identifiers with those previously registered in the validation database in order to validate the identity of the local/mobile computing device. The invention consists of a first software program executing on a local/mobile computing device that generates the set of hashed and/or encrypted hardware and/or software distinctive identifiers and a second software program resident residing on a validation database server/Web server that manages the validation database.
    Type: Grant
    Filed: May 20, 2015
    Date of Patent: June 27, 2017
    Assignee: Invysta Technology Group
    Inventors: Gary William Streuter, William Pat Price
  • Patent number: 9667629
    Abstract: Resource and memory use by applications used by user equipment (UE) can be adaptively controlled. A UE comprises a connection-manager kernel (CMKC) that can be embedded at the SOC level to facilitate resource and memory control at SOC level. CMKC operates in conjunction with an operating system kernel. CMKC comprises functional blocks that provide network enabler functions and observability APIs for network enhancement, traffic flow monitoring and filtering, QOE executive routines, and traffic flow time shifting. CMKC performs or provides analytics, security and firewall tags, cache management at SOC level, and policy enforcement. CMKC and a trusted memory operate in a trusted zone environment to facilitate secure operation. CMKC adaptively collects information from control registers and analytics, and maps such information to the trusted memory, which can be accessible to trusted APIs to facilitate enabling trusted applications to have knowledge of contextual network information.
    Type: Grant
    Filed: January 14, 2016
    Date of Patent: May 30, 2017
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventor: Mostafa Tofighbakhsh
  • Patent number: 9572135
    Abstract: Airtime usage may be used as a factor in controlling network traffic flow to and from client devices via a wireless network interface. Received packets or other data are assigned to a quality of service profile. Additionally, a cost value for communicating the received data is determined at least in part based on an actual or estimated airtime usage for the received packet. The cost value is used to allocate wireless network airtime to data. The allocation of wireless network airtime may be varied dynamically based on operating conditions. The cost value may be based on factors including the airtime used to communicate data; whether the data is a retransmission; and wireless network overhead. The cost value of data may also be different depending on whether the data is being sent from a client device or to a client device.
    Type: Grant
    Filed: April 10, 2014
    Date of Patent: February 14, 2017
    Assignee: Aerohive Networks, Inc.
    Inventors: Peter Wu, Sreekanth Reddy, Jianlin Zeng, Changming Liu