Abstract: A computer-implemented method for anonymizing online transaction details may include performing a process to generate an identifier (ID) and reference address for a user, and receiving a request for transaction processing from an e-commerce server. The request may include first data including: information associated with a purchase of a product to be delivered to the user; the identifier; and the reference address. The method may further include: in response to the request, determining whether the ID and reference address are included in the request, and if so, obtaining the accurate address and shipping rate rules; applying, based on the first data and the accurate address, the shipping rate rules to determine accurate shipping rate cost information associated with delivering the product to the accurate address; performing an anonymizing process on the accurate information to obtain anonymous shipping rate information, and transmitting the anonymous shipping rate information to the e-commerce server.

Abstract: A method for processing a payment transaction via a proxy guarantor includes receiving a transaction request associated with a payment transaction for a transaction amount. The payment transaction is associated with a user, and the transaction request includes: payment device data associated with a payment device of the user, the payment device associated with a debit account, and guarantor data identifying a guarantor associated with a credit account. The method further includes communicating a hold request to an issuer system associated with the credit account to cause the issuer system associated with the credit account to place a hold on the credit account for at least a portion of the transaction amount, and communicating an authorization request to an issuer system associated with the debit account.

Abstract: A cross-entity and cross-retailer platform is provided that captures transaction data (and/or browser history data associated with online browser-based transactions), indexes, and stores the data in a cloud-accessible data store. A cloud service is provided that custom processes retailer and entity-defined workflows based on purchase transactions using the data store. The service discovers and updates trends and patterns associated with item sales for a given retailer or for a given entity across channels associated with in-store and online item sales. The trends and patterns are dynamically reported to the corresponding entity or the corresponding retailer. The entities may comprise manufacturers of an item, a supplier of the item, a distributor of the item, and a Consumer Packaging Goods (CPG) company of the item.

Abstract: Systems, media and methods for staggered medical transactions are provided. A method includes displaying a plurality of products on a display client. The method may further include receiving, at the display client, input from a user selecting a product. The method may also further include prompting the user via the display client to continue on another device. The method may additionally include outputting, via the display client, an identifier associated with the product and the user. The method may also additionally include receiving the identifier at a user device after the user has been authenticated at the user device. The method may still further include receiving confirmation input at the user device from the user confirming selection of the product. The method may also still further include outputting, from the user device, the confirmation data based upon the confirmation input.

Abstract: Systems and methods for providing independent situational awareness messages are provided. The method includes receiving, by a rendering engine, a request for information from an input interface. The rendering engine queries at least one data store in response to the request. The rendering engine obtains public content data and private content data from the data store. The rendering engine transmits the public content data over a public output interface. The rendering engine transmits the private content data over a private output interface.

Abstract: One embodiment of the invention provides a method for utility-preserving text de-identification. The method comprises generating corresponding processed text for each text document by applying at least one natural language processor (NLP) annotator to the text document to recognize and tag privacy-sensitive personal information corresponding to an individual, and replacing some words in the text document with some replacement values. The method further comprises determining infrequent terms occurring across all processed texts, filtering out the infrequent terms from the processed texts, and selectively reinstating to the processed texts at least one of the infrequent terms that is innocuous.

Abstract: A method for interleaving time slots in a multi-antenna system for communication with RFID tags is described. An exemplary system has a first RFID interrogator and first and second antennas. The first and second antennas direct signals to and receive signals from respective first and second interrogation zones. A first interrogation signal is transmitted to the first antenna. A first acquire window for receiving a signal from a first RFID transponder is opened after the first interrogation signal. A second interrogation signal is transmitted to the second antenna after the first interrogation signal, and a second acquire window for receiving a signal from a second RFID transponder is opened after the second interrogation signal.

Abstract: Systems, methods, and computer-readable medium are provided for managing user information. For example, instructions for implementing a background process configured to manage a first set of data types may be received from a service provider. A data download that includes information about the new data type may also be received from the service provider. A request to access data corresponding to the new data type may be received from an application. Additionally, in some examples, the data corresponding to the new data type may be provided to the application based at least in part on interpreting the data download.

Abstract: Provided is a data processing system having a processor and a storage apparatus coupled to the processor, wherein: the storage apparatus holds a plurality of encrypted data that are generated by encrypting a plurality of plain text data, and a plurality of encrypted queries for retrieving the plurality of encrypted data directly in an encrypted state; and the processor retrieves each of the encrypted data using each of the encrypted queries and thereby calculates the number of appearances of encrypted data that are retrieved using each of the encrypted queries, changes at least two of the plurality of encrypted data on the basis of the number of appearances of encrypted data that are retrieved using each of the encrypted queries so that predetermined anonymity is satisfied, and outputs a plurality of encrypted data.

Abstract: The invention contemplates a method of transfer, involving opening one or more trust accounts associated with a plurality of accounts with at least one financial institution, creating a plurality of money account cards with each of the plurality of money account cards associated with a live account associated with the entire amount in the trust account opened and maintained by company with at least one financial institutions, distributing the money account cards to retailers, retailing the money account cards to customers for distribution of the cards to cardholders, receiving money from the customers, applying the money to predetermined accounts of the plurality of accounts, receiving requests from cardholders to access the money in the predetermined accounts, and dispersing funds from the predetermined accounts in response to the requests from cardholders.

Abstract: An encrypted device system is disclosed that includes an interface for providing the transmission of data between an encrypted data storage medium and a computer system such that a user-interactive application program may be accessed and used via the computer system.

Abstract: A user device receives a communication that contains a link or an attachment and sends the link or the attachment to a virtual user device stored externally with respect to the user device. Actions to be performed with respect to the user device are executed on the virtual user device. The virtual user device determines whether the link or attachment is malicious. The user device receives an indication of whether the link or the attachment is malicious and displays an indication that the link or the attachment is safe to open when the link or attachment is not malicious.

Abstract: A labor marketplace exchange (LME) computing system and method are provided. The LME computing system communicates with communications devices of service providers and service users. The LME computing system receives service provider profile data from the service providers. Service users can submit service queries to the LME computing system. Based on the parameters of the service query, service providers are identified by the LME computing system. A service request is then sent to a service provider identified by the LME computing system and selected by the service user.

Abstract: A method for protecting user privacy for a privacy protection application, includes: receiving a request for user data of a user from a third-party service; receiving, from the user, an authorization for the request for the user data; acquiring the user data from a plurality of different storage facilities; processing the acquired user data with a data model provided by the third party service, wherein the data model comprises a multi-party computation model configured to generate processed user data based on the user data stored at the plurality of different storage facilities; encrypting the processed user data using a third-party public key associated with the third-party service; and transmitting the encrypted processed user data to the third-party service to enable the third-party service to decrypt the encrypted processed user data to obtain the processed user data.

Abstract: A system is provided for retargeting advertisements and is based on a database storing user behavior data related to information for a plurality of consumers. An index-lookup processes the user behavior data and translates the user behavior data into a plurality of indices. A data loading module processes the plurality of indices and generates a multi-indexed user behavior cube. An online query module receives a request for an advertisement and processes the request to determine one or more related user attributes and retrieves user behavior data from the multi-indexed user behavior cube using the related user attributes. An ad recommendation module receives the set of user behaviors and generates a list of recommended advertisements using the set of user behaviors data and an advertiser retargeting criterion.

Abstract: A method of displaying an interface for providing a social networking service (SNS) through an anonymous profile, performed by a user terminal, includes displaying a first list of at least one anonymous chatroom created by a user account for an instant messaging service (IMS) using a first region on a first page in an interface for the IMS, displaying a second list of at least one anonymous profile created to be interlinked with the user account using a first region on a second page in the interface for the IMS, and displaying, in response to an input of selecting any one anonymous profile in the second list, an interface for providing the SNS through the selected anonymous profile.

Abstract: A communications system configured to execute data transmission between a transponder having no radio wave generating source thereof and a reader/writer is provided. The communications system includes, a service permission level notifier configured to tell a service permission level for associated with a received signal level for permitting service acceptance from the reader/writer to the transponder, and an access controller configured to determine in the transponder whether the received signal level from the reader/writer is at the notified service permission level to determine accessibility to the transponder from the reader/writer.

Abstract: The present disclosure relates to the field of Internet technologies, and discloses an information exchange method and a server. The method includes: receiving a request message sent by a terminal; sending the request message to a third-party server that corresponds to a public identifier, so that the third-party server receives the request message, obtains response information according to request information in the request message, and returns the public identifier, an Internet application identifier, and the response information; receiving the public identifier, the Internet application identifier, and the response information that are returned by the third-party server, and sending the public identifier and the response information to the terminal that corresponds to the Internet application identifier.

Abstract: Techniques are provided to allow full search for encrypted data within a database. In some embodiments, searchable data may be separated into different searchable tables in a database in such a way that encrypted data is stored as plaintext but has no usable link to other data within the source database. In some embodiments, performing a query on a particular user data may result in the retrieval of an encrypted identifier, which may then be decrypted via an encryption module. A second search based on the decrypted identifier may produce a set of relevant search results from a source table.

Abstract: Systems, techniques, and apparatuses facilitate selecting, defining, controlling, verifying, and auditing privacy-impacting behaviors of devices in alignment with the privacy behavior expectations of individuals and other entities. Techniques and systems, including apparatuses, are presented to facilitate controlling and verifying the privacy behaviors of privacy-impacting devices. “Privacy enunciator” apparatuses announce the presence of entities in a device's range of action or influence. Techniques and systems for defining and sharing individualized privacy behavior preferences are described. Techniques and systems are disclosed for privacy preference resolution protocols that allow for the automated or interactive resolution of conflicts that arise between individuals in multi-actor environments or ambiguous contexts. Accountability and audit mechanisms verify the control state of devices with respect to their privacy behavior preference inputs.

Abstract: An electronic voting system including a terminal, authentication servers, and voting servers is provided. Each authentication server includes an authentication processor that authenticates a voter using authentication data including a first identifier associated with the voter and authentication information regarding the voter, and a first synchronizer that synchronizes a first blockchain including first transaction data indicating that the voter has been authenticated. Each voting server includes a voting processor that receives, from the terminal, voting data including a second identifier associated with a vote cast by the voter, and voting information indicating the vote. Each voting server further includes a second synchronizer that synchronizes a second blockchain including second transaction data and dummy transaction data with at least one other voting server.

Abstract: An electronic voting system includes a terminal, authentication servers, and voting servers. Each authentication server includes an authentication processor that authenticates a voter using authentication data, and a first synchronizer that synchronizes a first blockchain including first transaction data with at least one other authentication server. The authentication data including a first identifier and authentication information. Each voting server includes a voting processor that receives voting data including a second identifier and voting information, and a second synchronizer that synchronizes a second blockchain including the voting information as second transaction data with at least one other voting server. Each voting server further includes a block generator that connects a block including the second transaction data to the second blockchain, and a determiner that determines the block to include the second transaction data.

Abstract: The current invention relates to a computing system for obtaining a privacy-filtered response to a query of a user, the computing system comprising a server, the server comprising a server processor, tangible non-volatile server memory, server program code present on said server memory for instructing said server processor; a computer-readable medium, the computer-readable medium comprising a database, said database comprising privacy settings comprising a privacy threshold; a device, said device comprising a device processor, tangible non-volatile device memory, device program code present on said device memory for instructing said device processor; wherein said server is configured for receiving raw transaction data from an external source such as a raw transaction database or a raw transaction feed.

Abstract: An authentication server authenticates a voter using authentication data including a first identifier (ID) associated with the voter and authentication information regarding the voter. The authentication server further synchronizes a first blockchain. The first blockchain includes first transaction data indicating that the voter has been authenticated with one or more of other authentication servers. A voting server receives, from a terminal, voting data including a second ID associated with a vote cast by the voter and voting information indicating the vote. The voting server synchronizes a second blockchain including, as second transaction data, the voting information included in the voting data with one or more of other voting servers. The terminal transmits the authentication data to the authentication server and, after the authentication is successfully completed, transmits the voting data to the voting server.

Abstract: A method includes receiving a plurality of data sets. Each data set includes a customer identifier field specifying a unique customer identifier associated with each entry in each data set. The plurality of data sets includes a first group of data sets and a second group of data sets. The method further includes storing the plurality of data sets, and generating a key map including the customer identifier field including unique customer identifiers of the first group of data sets of the plurality of data sets, and an anonymous identifier field including unique anonymous identifiers. Each anonymous identifier corresponds to a customer identifier of the key map. The method further includes replacing each unique customer identifier in the second group of data sets with the corresponding anonymous identifier.

Abstract: This invention is directed to a computerized system for encryption and transmission of digital information comprising: an encryption server in communications with a sender computer device and a recipient computer device; and, a set of encryption server computer readable instructions included on the encryption server that, when executed by a processor, preform the steps of: receiving an original information set from the sender computer device, generating a sender symmetrical key, encrypting a portion of the original information set with the sender symmetrical key, generating an asymmetric key pair having a public and private key pair, encrypting the sender symmetrical key with the public key of the asymmetrical key pair, encrypting the private key of the asymmetrical key pair with a master key, generating a hyperlink to the encrypted portion of the original information set, transmitting the hyperlink to the recipient computer device.

Abstract: The creation of a private sub-blockchain from a main blockchain is disclosed including receiving a request including a trust requirement and an agility requirement, receiving monitoring data from at least one of a plurality of validator nodes of the main blockchain, the monitoring data generated by monitoring the execution of transactions and the exchange of consensus messages by one or more of the plurality of validator nodes, determining a minimum number of validator nodes required to meet the trust requirement, identifying a subset of the plurality of validator nodes of the main blockchain that meets the agility requirement based on the received monitoring data, the subset containing at least the determined minimum number of validator nodes required to meet the trust requirement, and creating a private sub-blockchain of the main blockchain, the private sub-blockchain including the identified subset of the plurality of validator nodes of the main blockchain.

Abstract: Disclosed herein are system, method, and computer program product embodiments for performing transactions or atomic swaps using zero-knowledge proofs (“ZKPs”). A first system may propose a transaction between with a second system. The first system may generate a first ZKP indicating that the first system has possession of an asset desired by the second system and that the first system is committing the asset to the transaction. The second system may also similarly generate a second ZKP. These ZKPs may be encrypted and exchanged. The second system may receive an encrypted version of the first ZKP, perform a decryption using a key specific to the second system, and verify the ZKP. When the parties verify the ZKPs, this confirms that each party has committed the requested asset and that the transaction may proceed. The transaction may be committed to a blockchain.

Abstract: In some aspects, a key establishment protocol is executed to generate a shared secret. A first entity calculates a first image curve EA representing an image of an elliptic curve E under a first isogeny ?A; calculates a first pair of elliptic curve points {?A(PB), ?A(QB)}; calculates secret integers {c, d}; sends the first image curve EA and the first pair of elliptic curve points {?A(PB), ?A(QB)} to a second entity; receives a second image curve EBA and a third pair of elliptic curve points {?B(R), ?B(S)} from the second entity; calculates a third image curve EÃBA representing an image of the second image curve EBA under a second isogeny {tilde over (?)}A, wherein the second isogeny {tilde over (?)}A is identified based on the secret integers {c, d} and the third pair of elliptic curve points {?B(R), ?B(S)}; and calculates the shared secret based on the third image curve EÃBA.

Abstract: Flexible, high-accuracy data processing techniques and accompanying systems avoid criticality in intermediate computations through intelligent, low cost sanitization of data operations. A data processing operation including one or more plans is received, with each plan having a data operation described as a tree based-structure. The plans that are determined to create criticality on execution are sanitized by transforming the plan itself, ancestors, and/or children of the plan. Determining whether execution of a plan creates criticality is based on the determination of whether a set of criticality conditions includes data signals that are associated with the plan. After sanitization, the data processing operation can be fully executed without criticality arising in intermediate operations.

Abstract: The SECURE ANONYMOUS TRANSACTION APPARATUSES, METHODS AND SYSTEMS (“SAT”) transform hardware-verified user authentication requests via SAT components into secure transaction notifications. In one implementation, the SAT obtains a secure anonymous transaction user authentication request. The SAT verifies the authenticity of a user, using the secure anonymous transaction user authentication request. The SAT obtains an authenticated purchase order, in response to which it generates a one-time anonymous card account. Using the one-time card account, the SAT generates an anonymized purchase order for a merchant, and provides the anonymized purchase order. On obtaining a purchase notification for the anonymized purchase order, the SAT provides real-time notification for a user of the purchase notification.

Abstract: A system is provided for retargeting advertisements and is based on a database storing user behavior data related to information for a plurality of consumers. An index-lookup processes the user behavior data and translates the user behavior data into a plurality of indices. A data loading module processes the plurality of indices and generates a multi-indexed user behavior cube. An online query module receives a request for an advertisement and processes the request to determine one or more related user attributes and retrieves user behavior data from the multi-indexed user behavior cube using the related user attributes. An ad recommendation module receives the set of user behaviors and generates a list of recommended advertisements using the set of user behaviors data and an advertiser retargeting criterion.

Abstract: Protecting personal information by generating entity-specific aliases for use in communication with third parties is disclosed.

Abstract: Protecting personal information by generating entity-specific aliases for use in communication with third parties is disclosed.

Abstract: Protecting personal information by generating entity-specific aliases for use in communication with third parties is disclosed.

Abstract: In particular embodiments, a data processing data inventory generation system is configured to: (1) generate a data model (e.g., a data inventory) for one or more data assets utilized by a particular organization; (2) generate a respective data inventory for each of the one or more data assets; and (3) map one or more relationships between one or more aspects of the data inventory, the one or more data assets, etc. within the data model. In particular embodiments, a data asset (e.g., data system, software application, etc.) may include any entity that collects, processes, contains, and/or transfers personal data (e.g., a software application, database, website, server, etc.). A data asset may include any software or device (e.g., server or servers) utilized by a particular entity for such data collection, processing, transfer, storage, etc. The system may then utilize the generated model to fufill a data subject access request.

Abstract: Embodiments disclosed herein may intercept, quarantine, and moderate communications internal to an uncontrolled system. An example of an uncontrolled system may be a web application associated with a social networking site. In accessing the social networking site, a user may type in a message. An instance of the uncontrolled system running on the user's device may prepare a request containing the message. Some embodiment disclosed herein may determine that the message is subject to moderation, intercept the request, and place the message in a queue. This determination may be based on the destination of the request as well the type of the message. Some embodiments may reconstruct the original request for resubmission. If the session is expired, some embodiments may log in for the user and resubmit the reconstructed request. Some embodiments may wait for the next time the user logs in to resubmit the reconstructed request.

Abstract: A method of authentication by leveraging mobile devices for expediting user login and registration processes provides a generic method for remotely authenticating login sessions using a portable computing device. An authentication initiation code (AIC) is generated and then displayed on the portable computing device. The AIC is inputted into a login feature of a relying party and a user entry is received through the login feature. An authentication request is sent to the portable computing device. User verification data is located for the relying party within a secure vault of personal identification data. The user is prompted to approve or deny the authentication request if the user verification data for the relying party is found within the secure vault. The user verification data is then used to grant access to restricted portions of the relying party if the authentication request is approved through the portable computing device.

Abstract: A money transfer system is promoted by providing a user access to a game or contest generated by a promotions engine computer. The user is directed to a customer relations portal accessible via an access device to participate in the game or contest. The customer relations portal comprising a server configured to manage the game or contest and associated with the promotions engine computer. A response is received from the user at the server related to the user's participation in the game or contest. The server determines whether the user is to receive a reward or prize based on the response from the user, and an output is provided to the user on the access device indicating whether the user is to receive the reward or prize.

Abstract: In a general aspect, a supersingular isogeny-based cryptography process is performed. In some aspects, a secret integer of a first entity is obtained. A public key of a second entity includes a first image curve and a first pair of elliptic curve points. A first pairing value is computed based on a second pair of elliptic curve points defined by a supersingular isogeny-based cryptosystem. A second pairing value is computed based on the first pair of elliptic curve points. Validating the public key includes verifying whether the first pairing value matches the second pairing value. A second image curve is computed based on the secret integer and the first pair of elliptic curve points. A shared secret value, shared by the first entity and the second entity, is computed based on the second image curve.

Abstract: Techniques are provided to allow full search for encrypted data within a database. In some embodiments, searchable data may be separated into different searchable tables in a database in such a way that encrypted data is stored as plaintext but has no usable link to other data within the source database. In some embodiments, performing a query on a particular user data may result in the retrieval of an encrypted identifier, which may then be decrypted via an encryption module. A second search based on the decrypted identifier may produce a set of relevant search results from a source table.

Abstract: A message is created, by a first device associated with a first attendee, for an instant message group conversation among a plurality of attendees that includes the first attendee. At least one non-anonymous attendee and at least one anonymous attendee of the plurality of attendees are identified. The message is transmitted, by the first device to devices associated with others of the plurality of attendees. A response is received, by the first device as part of the instant message group conversation, to the message from a second device associated with the at least one anonymous attendee who is not identified, to at least one attendee of the plurality of attendees, as an author of the response.

Abstract: At each of a plurality of point of sale terminals (POS) of a merchant, for each of a plurality of consumers, where each consumer seeks to conduct a transaction with the merchant for a good or service at a cost by using a payment device issued by an issuer in a payment system, data is read from a payment device. The data can include an identifier for an account issued by an issuer. Information is stored for each transaction and the consumer is permitted to receive the good or service from the merchant. After the consumer has received the good or service, a batch of the transaction are processed to derive there from the respective costs that are assessable to the respective accounts, where the merchant can be a transit system, the consumer a rider thereon, and the transaction can be access to a facility thereof.

Abstract: Disclosed are various embodiments for controlling access to personal data of a user. In one embodiment, content is requested from a network site using an authentication token. It is determined that the content includes a placeholder for personal data. The personal data is received from a personal data service, where the service is configured to limit access to the personal data to a client authorized by the user who owns the personal data. The content is modified to replace the placeholder with the personal data, and the content is then rendered for presentation.

Abstract: A money transfer system is promoted by providing a user access to a game or contest generated by a promotions engine computer. The user is directed to a customer relations portal accessible via an access device to participate in the game or contest. The customer relations portal comprising a server configured to manage the game or contest and associated with the promotions engine computer. A response is received from the user at the server related to the user's participation in the game or contest. The server determines whether the user is to receive a reward or prize based on the response from the user, and an output is provided to the user on the access device indicating whether the user is to receive the reward or prize.

Abstract: In an approach to providing completion support and on demand validation in a web tool that operates on live resources, one or more computer processors create one or more lists of content, where the one or more lists of content include one or more references to one or more runtime objects. The one or more computer processors parse the one or more lists of content. The one or more computer processors populate one or more lists of one or more choices with the parsed one or more lists of content. The one or more computer processors create one or more callbacks for one or more runtime objects referenced by the one or more lists of one or more choices.

Abstract: A method and apparatus for in-line processing a data packet while routing the packet through a router in a system transmitting data packets between a source and a destination over a network including the router. The method includes receiving the data packet and pre-processing layer header data for the data packet as the data packet is received and prior to transferring any portion of the data packet to packet memory. The data packet is thereafter stored in the packet memory. A routing through the router is determined including a next hop index describing the next connection in the network. The data packet is retrieved from the packet memory and a new layer header for the data packet is constructed from the next hop index while the data packet is being retrieved from memory. The new layer header is coupled to the data packet prior to transfer from the router.

Abstract: Systems and methods for network curation are disclosed. In some embodiments, a method comprises scanning, by a mobile device, an area to identify a network device for accessing a network, receiving, by the mobile device, a network identifier associated with the network device, providing a curation indicator request to a curation server, the curation indicator request comprising the network identifier, receiving a curation indicator from the curation server, the curation indicator being retrieved, based on the network identifier, from a database of a plurality of curation indicators, the curation indicator associated with a likelihood of intent to publicly share the network by the network device, comparing the curation indicator to an access setting, the access setting indicating acceptability of network access based on the likelihood of intent to publicly share the network by the network device, and accessing the network via the network device based on the comparison.

Abstract: A method of managing access to a physical mailing address using a virtual mailing address is presented. The method includes: setting up a proxy system as a server, assigning, by a server, a virtual mailing address identifier to natural or juristic person that registers with the server; linking, by the server, a physical mailing address entered by the user to the virtual mailing address identifier to generate the virtual mailing address; and enabling, by the server, a second natural person to manually access the physical mailing address when the server determines that the second user has permission to access the virtual mailing address; enabling, by the server, an institute or business (juristic person) to access the physical mailing address automatically using an Application programming interface (API) through a computer system when the server determines that the second user has permission to access the virtual mailing address.

Abstract: An online service may receive a request by a first user to provide a notice or other communication to a second user. The request may specify an email address or other communication address in order to identify the second user. The specified email address may be different than the primary email address by which the second user is known to the online service. Upon receiving such a request, the online service emails the second user using the specified email address and asks the second user to log on to the online service. When the second user logs on, the online service adds the specified email address to the account information of the second user as a secondary email address. When a subsequent request specifies the secondary email address, the notice is sent instead to the primary email address of the second user.