Abstract: There are provided systems and methods for software development kits for point-of-sale device and mobile device interactive frameworks. A service provider, such as a payment provider, that offers online and cloud based digital wallet services may configure flexible software frameworks for a merchant's point-of-sale device and a user's mobile device. A framework for a merchant's device may allow for user check-in with the merchant, and may utilize multiple different communication protocols to receive tenders and non-tenders from the user's mobile device. Thus, the user's mobile device may communicate with the merchant device to provide tokens that may be resolved by the merchant using the payment provider and/or a payment host to receive payment processing confirmation. Moreover, the frameworks may allow for a transaction to be synchronized to the user's mobile device so that the user may receive updates after processing of the tokens.

Abstract: The present disclosure presents a method for a card based transaction between a mobile terminal and a service provider system having one or several computer servers. The mobile terminal obtains a CSC from credit card/debit card. The mobile terminal obtains a data seed. The mobile terminal applies a minimal perfect hash function to the CSC as well as the data seed to generate a temporary CSC. The mobile terminal initiates a card based transaction with the service provider system utilizing the generated temporary CSC. The service provider system obtains the temporary CSC and applies a same minimal perfect hash function to the temporary CSC until a match is found between the obtained temporary CSC and one CSC stored at the service provider system. In response to a match the service provider system continues the initiated card based transaction with the mobile terminal.

Abstract: Implementations of the present disclosure include identifying, by a relay that is communicatively linked with a first blockchain instance and a second blockchain instance in a unified blockchain network, a blockchain domain name of a first blockchain instance; identifying a blockchain domain name of the second blockchain instance; receiving, from a node of the first blockchain instance, an access request for accessing the second blockchain instance, wherein the access request including the blockchain domain name of the second blockchain instance; identifying a chain identifier of the second blockchain instance based on the blockchain domain name of the second blockchain instance, wherein the chain identifier of the second blockchain instance indicates a blockchain network configuration of the second blockchain instance; and providing access to the second blockchain instance for the first blockchain instance based on the blockchain network configuration indicated by the chain identifier of the second blockchai

Abstract: Aspects of the present disclosure provide a method and apparatus for asset management. Embodiments include receiving a request from a user to initiate management of a new asset. Embodiments include validating the request based on one or more of a characteristic of the user, a location of the asset, funding related to the asset, or a type of the asset. Embodiments include generating a data vault for the asset, wherein the data vault comprises at least an identifier. Embodiments include identifying at least one user that is an authoritative resource associated with the asset and providing the at least one user with the identifier. Embodiments include receiving, from the at least one user, descriptive data related to the asset. Embodiments include providing the descriptive data to a data store for storage in a data store component.

Abstract: Systems and methods for managing digital identities. In some embodiments, a method is provided, comprising acts of: receiving a request to validate at least one statement about a user; identifying, from the request, a reference to a distributed ledger, the reference comprising an identifier for the distributed ledger and an identifier for a transaction recorded on the distributed ledger; identifying, based at least in part on the identifier for the distributed ledger, at least one node of a network of nodes managing the distributed ledger; and communicating with the at least one node to validate the at least one statement about the user.

Abstract: A Factom protocol cost effectively separates any blockchain (such as the Bitcoin blockchain) from any cryptocurrency (such as the Bitcoin cryptocurrency). The Factom protocol provides client-defined Chains of Entries, client-side validation of Entries, a distributed consensus algorithm for recording the Entries, and a blockchain anchoring approach for security.

Abstract: An example operation may include one or more of in one or more peer nodes of a plurality of peer nodes of a blockchain network that stores a blockchain and a state database, periodically generating a state database checkpoint, obtaining a consensus on the state database checkpoint from one or more of the one or more peer nodes, and storing the consensus state database checkpoint.

Abstract: A computer-implemented method for secure de-centralized domain name system, the method comprising: recording a domain registration transaction to a blockchain, the domain registration transaction comprising a domain name, a domain primary key corresponding to a domain public key and domain certificate information for a server node; recording a domain security transaction, comprising the domain public key, to the blockchain to generate a domain name record comprising the domain name, an associated IP address, the domain public key and the domain certificate information, wherein the domain security transaction being signed using the domain primary key; transmitting, by a client node, a domain name request to a domain name node; receiving, by the client node, a domain name response from the domain name node, the domain name response comprising the domain public key, the domain certificate information and the associated IP address retrieved from the domain name record of the blockchain; and initiating a secure co

Abstract: Devices, systems, and methods enabling parties with little trust or no trust in each other to enter into and enforce value transfer agreements conditioned on input from or participation of a third party, over arbitrary distances, without special technical knowledge of the underlying transfer mechanism(s), optionally affording participation of third-party mediators, substitution of transferors and transferees, term substitution, revision, or reformation, etc. Such value transfers can occur reliably without involving costly third-party intermediaries who traditionally may otherwise be required, and without traditional exposure to counterparty risk.

Abstract: Techniques are described for generating a seal that is applicable to an object, and scanning the seal to access encoded data to be used for verifying one or more characteristics of the object. The seal may be applied to a tangible document, such as a document printed on paper. The seal may encode data that is particularly associated with the document. For example, the seal may encode a hash of at least a portion of the information (e.g., text) included in the document. In some instances, the seal may encode a digital version and/or metadata of at least a portion of the information in the document. A scan of the seal may retrieve information useable to verify the authorship, provenance, originality, and/or unaltered contents of the documents. In some instances, the seal may encode information that enables the presentation of hidden information and/or metadata associated with the document.

Abstract: The subject matter disclosed herein provides methods for detecting and mitigating fraudulent transactions conducted over a network. This method can access one or more data values associated with an online transaction between a first party and a second party. The first party can initiate the online transaction. The data values can characterize an identity of the first party and the second party. A score representing a likelihood that the online transaction is fraudulent can be generated. The generation of the score can be based on one or more models for detecting fraud using the data values. The score can be compared to one or more threshold scores. The online transaction can be authorized or rejected based on the comparing. Related apparatus, systems, techniques, and articles are also described.

Abstract: Disclosed are an identity authentication, number saving and sending, and number binding method, apparatus and device.

Abstract: System and method for extending zones of control through a hotspot for communications to and from computing devices based on specific criteria corresponding to zones of control. An encrypted virtual private network (VPN) for a browsing session may be established at a first computing device and remote server computers matching the parameters of the established zone. Then, a user of the first computing device may further establish a wireless hotspot network suited to allow additional remote computing devices to piggy-back on the one or more established encrypted virtual private networks. Thus, other connected devices using the hotspot connection to reach a broader computer network (e.g., the Internet) are then also taking advantage of the encrypted VPN being provided by the host of the hotspot. Each connected computing device may then also have various communications isolated through zonal control from the hotspot device.

Abstract: A method and system for detecting fraudulent network events in a payment card network are provided. A plurality of scored payment card transaction authorization requests are received, originating from a plurality of merchants, and data structures for each of a plurality of merchant groups are generated. Each data structure sorts the scored authorization requests into fraud score range stripes. The data structures are parsed over a plurality of time periods, and at least one cumulative metric is calculated for each merchant group for each of the time periods in each fraud score range stripe. A plurality of ratio striping values is determined for each merchant group, and a set of feature inputs is generated using the ratio striping values. A second fraud detection model is applied to the scored authorization requests. Parameters of the second fraud detection model are configured to change based on the generated set of feature inputs.

Abstract: A method and system for detecting fraudulent network events in a payment card network are provided. A plurality of scored payment card transaction authorization requests are received, originating from a plurality of merchants, and at least one data structure is generated. The data structure sorts the scored authorization requests into fraud score range stripes. The data structure is parsed over a plurality of time periods, and at least one cumulative metric is calculated for each of the time periods in each fraud score range stripe. A plurality of ratio striping values is determined, and a set of feature inputs is generated using the ratio striping values. A second fraud detection model is applied to the scored authorization requests. Parameters of the second fraud detection model are configured to change based on the generated set of feature inputs.

Abstract: In one or more embodiments, a cloud operation reservation system is provided through which cloud operations may be scheduled and managed. The cloud operation reservation system includes logic for defining a set of time windows that are available to perform one or more cloud operations on cloud targets and presenting the set of time windows to one or more tenants of a cloud service. Tenants may browse the presented set of time windows and submit reservation requests to update and/or perform other operations on cloud targets. In response to receiving, a request to reserve one or more slots in a particular time window, the cloud operation reservation system schedules one or more cloud operations to be performed on a cloud target that is available to at least one tenant.

Abstract: The present invention relates to a method, system, and program product for depositing, holding and/or distributing collateral in the form of a stable value token for a security token, the tokens being on the same underlying blockchain. Furthermore, the present invention relates to methods, systems and program products for lending digital assets, such as crypto currency, and related products.

Abstract: Disclosed are examples of systems, apparatus, devices, computer program products, and methods implementing aspects of a decentralized system for security and access control associated with digital content. In some implementations, a software stack is executed to provide fabric nodes of an overlay network. A transaction encrypted with a private key of a client can be recorded in a ledger identifying addresses of fabric nodes of the overlay network. The transaction can be identified by a transaction identifier (ID), and the private key can be part of a public/private key pair representing an account of the client on the ledger. A digital contract can be invoked, where the digital contract represents one or more terms of access for digital content stored in the overlay network. Controlled client access to the digital content can be based on an authorization token obtained from the client.

Abstract: A computer-implemented index creation method includes obtaining, by a server storing data in a blockchain ledger, an identifier, in which the identifier identifies an attribute value of a data record; determining location information of the data record in the blockchain ledger, in which the location information includes a block height of a data block in which the data record is located and an offset of the data record in the data block; and writing the location information into an index, in which the index stores a correspondence between the location information and the attribute value, the attribute value being used as a primary key in the index.

Abstract: According to one embodiment, in response to a request received at a host agent of a server from a user device of a user over a network to process user data, a system transmits a token representing the request to an executor pool having a pool of a number of executors. The system receives by the host agent executable image(s) of an executor from the executor pool, where the executor pool allocated the executor from the pool of executors in response to successfully verifying the token. The system launches a restricted operating environment within the server, including providing the executable image(s) of the executor and the user data to the restricted operating environment. The system executes the executable image(s) of the executor within the restricted operating environment, where the executor, when executed, is to process the user data without accessing an external component external to the restricted operating environment.

Abstract: A computer-implemented method is provided for authorizing utilization of a mobility service by a user. The method includes establishing a mobility database with an arbiter, wherein the database is associated with the user and includes biographic data, payment data and identification data, and wherein the identification data represents a legal form of identification issued to the user and the payment data represents a form of payment; validating the form of payment and the legal form of identification; requesting, by the user, utilization of the mobility service from a mobility operator; authenticating, by the user, to the mobility operator; requesting authorization to use the mobility service; and providing an authorization if: (a) the payment data represents sufficient funds to pay for the mobility service, and (b) the identification data represents a legal form of identification required for the mobility service.

Abstract: An information processing apparatus according to the present disclosure includes an acquisition processor that acquires position information on a designated position designated by each of a plurality of users, in a sheet displayed in a display, identification information of the each of the plurality of users, and input information input by each of the plurality of users, a first display processor that displays an identification image corresponding to the acquired identification information at a position corresponding to the designated position in the sheet, an importance determiner that determines an importance for every designated position in the sheet, based on the acquired identification information and input information, and a second display processor that displays, based on the determined importance, an object image indicating an important part in the sheet in association with the designated position.

Abstract: An improved blockchain implementation that uses proof-of-transfer to overcome the technical deficiencies of proof of work and proof-of-stake implementations is described herein. For example, the proof-of-transfer process may include elements of a single-leader election sortition, but modified to cause base chain cryptocurrency committed for the purposes of the sortition to be transferred to a burn address or at least one reward address.

Abstract: Embodiments provide methods, and systems for encrypting data for web aplication. A method includes receiving, by a server system, a cryptographic certificate including asymmetric key pair. The method includes generating a random value key that forms at least a part of a Content Encryption Key (CEK) to be generated by a web application. The method includes sending the random value key to a client device running the web application over a secure network communication channel for generating the CEK. The CEK is to be utilized for encrypting a content entered by a user of the web application on the client device and the CEK is encrypted using a public key of the asymmetric key pair for transmission over the secure network communication channel. Furthermore, the method includes translating, the CEK encrypted under public key to CEK encrypted under LMK using a private key being part of the asymmetric key pair.

Abstract: The present application discloses example methods and systems. In one example method, sound wave information associated with a data transmission is monitored within a predetermined distance from the client device, where the sound wave information including predetermined security information. In response to detecting sound wave information associated with a data transmission, the sound wave information is parsed to obtain the predetermined security information included in the detected sound wave information. Pattern information is generated based on the predetermined security information and data information to be sent. The generated pattern information is then displayed so that a second device can obtain the generated pattern information.

Abstract: Methods and systems for encrypting sensitive information are disclosed comprising hashing sensitive information by a hash function and selecting a salt or key salt based, at least in part, on the hashed sensitive information. If a salt is selected, the selected salt is combined with the hashed sensitive information to yield combined sensitive information, which is encrypted and stored. If a key is selected, such as an AES key, for example, the sensitive information is encrypted by the selected encryption key, and stored. The keys and salts may be encrypted by a cryptographic processing system that generates and stores keys, such as a key management system and/or a hardware security module, for further protection. The salts may be concatenated into a binary large object prior to encryption. Methods and systems for updating of stored records comprising encrypted sensitive information are also described.

Abstract: An example operation may include one or more of determining, by a first blockchain peer, a chaincode transaction execution needs to be offloaded, receiving bids from one or more second blockchain peers to execute the chaincode transaction, selecting a bid corresponding to a second blockchain peer, executing, by the second blockchain peer corresponding to the selected bid, the chaincode transaction, receiving, by the first blockchain peer, executed chaincode transaction results, and updating a reputation for the second blockchain peer corresponding to the selected bid.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for controlling authorization of access to user data. One of the methods includes receiving a first request that includes a first digital activity decentralized identifier (DID) and a first hash value of first digital activity data; storing the first digital activity decentralized identifier and the first hash value in a first record in a decentralized identifier blockchain that is configured to store records associated with a plurality of decentralized identifiers of a plurality of users; and controlling authorization of access to the first digital activity data stored in the first consortium blockchain using information stored in the first record in the decentralized identifier blockchain, including determining whether to authorize another user access to the first digital activity data based on the information stored in the first record in the decentralized identifier blockchain.

Abstract: An example operation may include one or more of identifying a query from a client device to locate blockchain data stored in a blockchain, performing the query and storing a query result outside the blockchain, and transmitting a query response message to the client device including a hash of the query result data.

Abstract: A computer-implemented method includes receiving a participation request from a participant requesting a blockchain resource; invoking a first smart contract that generates a random character sequence for the participant, the generated random character sequence satisfying a predetermined rule; publishing the random character sequence and identity information of the corresponding participant on a blockchain in a manner that identifies the correspondence; and invoking a second smart contract for allocating a benefit certificate corresponding to the blockchain resource to the participant, wherein the second smart contract is used to: obtain a target character sequence satisfying the predetermined rule that is generated later than the generation of the random character sequence and published on the blockchain; and allocate a first benefit certificate to the participant when the random character sequence matches the target character sequence; and publishing a matching result between the random character sequence a

Abstract: A system is described for fault-tolerant delivery of virtualized applications. A client on a client device requests access to a virtualized application. The application is launched in a server-based virtual machine and computer vision is used to determine whether the application launched successfully based on the UI produced by the application. If it is determined that the application failed to launch successfully, an alternative mechanism is used to deliver access to the application using an application storage volume (ASV), which is a mountable container containing the application. In one approach, the ASV is mounted directly to the client device. In another approach, a second virtual machine is launched and the ASV is mounted on the second virtual machine.

Abstract: The present disclosure relates to a concept of fraud handling. A data transaction request is received via a data network from at least one user account. The data transaction request is analyzed based on predefined fraud detection rules to generate a fraud score associated with the at least one user account. The at least one user account is classified as fraudulent account if the associated fraud score exceeds a predefined fraud likelihood threshold. Data transactions associated with a classified fraudulent account via the data network are done by purposely deteriorating the data transactions associated with the classified fraudulent account in comparison to data transactions associated with a classified non-fraudulent account.

Abstract: Various embodiments are generally directed to copying data to a clipboard of a mobile device from a contactless card using NFC. A mobile device may issue a request to read data from the contactless card. The contactless card may generate encrypted data in response to the request. The mobile device may receive the encrypted data via NFC and transmit the encrypted data to a server for verification. The server may verify the encrypted data and transmit an indication of an account number for the contactless card to the mobile device. The mobile device may then copy the account number to a clipboard of the mobile device.

Abstract: Dynamic management of concurrent client connections to a server is achieved by a server, in that the server monitors its load state and when the server's maximum permitted number of concurrent requests has been exceeded it reduces the clients' maximum numbers of permitted concurrent requests until such time as the overloading situation no longer persists. In this way, the capacity of each of multiple connections can be controlled by the server individually or as a group, wherein the control is dynamic, so that the client-server connections do not have to be accurately configured in advance.

Abstract: A user can request provisioning of account information for an account to a plurality of resource providing entities. The account may be a new or existing account issued by an authorization computer. The authorization computer may prompt the user to select one or more resource providing entities to which to provision a token associated with the account. Processor server computer may then tokenize the account information associated with the account by determining a token for each resource providing entity selected by the user. In some cases, a token may be provisioned to an already existing account or profile (e.g., account on file) associated with a resource providing entity. In other cases, an account or profile associated with a resource providing entity may not yet exist and thus may be created before a token may be provisioned. Subsequently, the user may utilize provisioned tokens to conduct transactions.

Abstract: A beverage order fulfillment system allows for beverage fulfillment from a mobile device without requiring a custom software application on the mobile device but uses a web connection to control beverage dispenser operations instead. The mobile device incorporates web browser software, and the web browser software is configured to initiate communication sessions with the at least one server. Data entry options are displayed on the interactive GUI for the first computer to communicate beverage selection commands to the beverage dispensing software, via the at least one server, in a respective instance of beverage fulfillment. The at least one server incorporates web socket application program interfaces (APIs) stored on the at least one server and configured to connect a communications link to the beverage dispenser and the web browser software on the first computer.

Abstract: Described herein is a network apparatus with secure element and related systems, methods, and apparatuses. A described method includes receiving a request to perform a transaction. The method also includes obtaining confirmation that a network address associated with the request corresponds to a registered physical address. The method further includes obtaining account data and conducting a transaction using the account data.

Abstract: Certain aspects of the present disclosure provide techniques for detecting errors in account numbers. One example method generally includes receiving, from a user device, an entered number associated with a user and determining, based on a first portion of the entered number, an entity associated with the entered number. The method further includes obtaining, from an account number database, a plurality of account numbers associated with the entity and generating, from the plurality of account numbers, an account number matrix. The method further includes attempting to solve a multiplication equation of the account number matrix, wherein a solution of the multiplication equation is a vector of constants, upon determining a solution to the multiplication equation, determining whether the entered vector is a valid number for the entity and upon determining the entered vector is a valid number for the entity, storing the entered number in the account number database.

Abstract: Health-related data is accessed; as is a database of payment card transaction data. At least a portion of the health-related data is linked to at least a portion of the payment card transaction data to obtain linked data. Statistical analysis is carried out on the linked data, and the results of the statistical analysis are made available to at least one appropriate party. Privacy is protected, for example, via an opt-in approach or through data aggregation.

Abstract: Systems and methods are described for generating a blockchain-based user profile. In various aspects, one or more blockchain IDs associated with a user is received, where each blockchain ID is associated with a corresponding blockchain. One or more blockchain transactions are identified that are associated with the one or more blockchain IDs, where a trust profile for the user can be generated based on the one or more blockchain transactions. The trust profile can include user information determined from the one or more blockchain transactions.

Abstract: Implementations of the present disclosure include identifying, by a relay that is communicatively linked with a first blockchain instance and a second blockchain instance in a unified blockchain network, a blockchain domain name of a first blockchain instance; identifying a blockchain domain name of the second blockchain instance; receiving, from a node of the first blockchain instance, an access request for accessing the second blockchain instance, wherein the access request including the blockchain domain name of the second blockchain instance; identifying a chain identifier of the second blockchain instance based on the blockchain domain name of the second blockchain instance, wherein the chain identifier of the second blockchain instance indicates a blockchain network configuration of the second blockchain instance; and providing access to the second blockchain instance for the first blockchain instance based on the blockchain network configuration indicated by the chain identifier of the second blockchai

Abstract: Embodiments of the invention are directed to methods and systems for software module binding. Cryptographic keys and challenge elements can be exchanged between a first software module and a second software module to create a binding between the first software module and the second software module. As a result, a first software module can securely and authentically access sensitive data and functionality at a second software module, while unauthorized software modules can be prevented from accessing the sensitive data and functionality.

Abstract: Tools and techniques are described to automate triage of security and operational alerts. Insight instances extracted from raw event data associated with an alert are aggregated, vectorized, and assigned confidence scores through classification based on machine learning. Confidence scoring enables heavily loaded administrators and controls to focus attention and resources where they are most likely to protect or improve the functionality of a monitored system. Feature vectors receive a broad base in the underlying instance values through aggregation, even when the number of instance values is unknown prior to receipt of the event data. Visibility into the confidence scoring process may be provided, to allow tuning or inform further training of a classifier model. Performance metrics are defined, and production level performance may be achieved.

Abstract: A blockchain configuration may be used to store a distributed ledger for product review verification procedure. One example method of operation may include receiving a product review for a product purchase transaction by a purchasing entity, validating the product review was submitted by the purchasing entity by referencing the product purchase transaction in a blockchain, storing the product review and product purchase transaction, creating a link to the product review, and transmitting the link to a product site where the product can be purchased.

Abstract: Systems and methods for providing identification tests. In some embodiments, a system and a method are provided for generating and serving to a user an animated challenge graphic comprising a challenge character set whose appearance may change over time. In some embodiments, marketing content may be incorporated into a challenge message for use in an identification test. The marketing content may be accompanied by randomly selected content to increase a level of security of the identification test. In some embodiments, a challenge message for use in an identification test may be provided based on information regarding a transaction for which the identification test is administered. For example, the transaction information may include a user identifier such as an IP address. In some embodiments, identification test results may be tracked and analyzed to identify a pattern of behavior associated with a user identifier. A score indicative of a level of trustworthiness may be computed for the user identifier.

Abstract: An electronic device includes a communication interface and at least one processor configured for: transmitting to or receiving from a second electronic device over proximity-based communication channel an introduction message including a first encryption key; receiving, from a server via the at least one communication interface, a challenge notification providing notification of a challenge to be completed to initiate a data process, the challenge notification including or providing access to at least one data field associated with a verification challenge; identifying, from the at least one data field, an encrypted challenge response value; decrypting the encrypted challenge response value with a key corresponding to the first encryption key; and transmitting the decrypted challenge response value to the server to complete the challenge to initiate the data process.

Abstract: An apparatus, intended for use in an authentication event, having a hardware processor, a memory, a receiver/transmitter unit, a stream block generation module adapted to enable the hardware processor to generate and store a plurality of stream blocks including at least a stream block and a first preceding stream block; a stream block streaming module adapted to enable the hardware processor to control the receiver/transmitter unit to output the stream block; and a moving window module adapted to enable the hardware processor to control the receiver/transmitter unit to output, as a stream proof, at least one of a moving window of the plurality of stream blocks in connection with an authentication event.

Abstract: A blockchain of transactions may be referenced for various purposes and may be later accessed by interested parties for ledger verification and information retrieval. One example method of operation may include one or more of monitoring a computing service via various nodes operating on a blockchain, identifying a proposed change to the computing service, storing details of the proposed change in a smart contract, storing the smart contract as a transaction in the blockchain, and validating the proposed change of the smart contract.

Abstract: A method of upgrading encryption machine, including: a controller for managing upgrading of encryption machine determines a first encryption machine to be upgraded; the controller transfers the data of the first encryption machine to a second encryption machine; and the controller sends an upgrade command for instructing the first encryption machine to conduct the upgrade to the first encryption machine. The above method solves the problem that in the process of upgrading the encryption machine in the conventional techniques, the operation is extremely complicated, which is easy to cause an operation error and interruption of user service.

Abstract: A system and method for dynamically optimizing channel interactions and account security are provided. A controller configured for analyzing user interactions is configured to determine an interaction pattern of a user during an interaction with the user over a communication channel; calculate a weighted confidence function for subsequent interactions with the user based on the determined interaction pattern, wherein the weighted confidence function defines authentication and response procedures for the subsequent interactions with the user; and merge the weighted confidence function into a custom user profile for the user across a plurality of communication channels, wherein the user profile maps account vulnerabilities based on the weighted confidence function.