Abstract: Transaction processing of online transactions at merchant sites determines the likelihood that such transactions are fraudulent, accounting for unreliable fields of a transaction order, which fields do not reliably identify a purchaser. A scoring server using statistical model uses multiple profiles associated with key fields, along with weights to indicate the degree to which the profiles identify the purchaser of the transaction.

Abstract: A system and method for embedding a written signature into a secure electronic document is disclosed. The method includes forming a placeholder electronic document containing content to be attested to by a signature. A signing individual can be selected from a signer list. A signature tag can be placed into the placeholder electronic document at a selected signature location. The signature tag is associated with the signing individual and defines the signature location for the signing individual to sign. The placeholder electronic document can be secured to form a secure electronic document having content configured to be uneditable. A signature can be captured with a signature capture device configured to enable the signing individual to write the signature to be embedded into the secure electronic document at the location indicated by the signature tag to mimic a real world experience of signing paper documents.

Abstract: A secure, closed virtual payment system comprising registered buyers and sellers for ordering and paying for goods, services, and content over an internetwork is disclosed. A buyer becomes registered by applying for a virtual payment account. A seller becomes registered by applying for a seller account. A credit processing component (53) immediately evaluates the buyer's application and assigns a credit limit to the account. Once an account is established, a digital certificate is stored on the registered participant's computer. The buyer can then order goods, services, or content from a seller and charge it to the virtual payment account. When the product is shipped, the seller notifies a commerce gateway component (52), which, in turn, notifies the credit processing server, which applies the charges to the buyer's virtual payment account.

Abstract: A system for enabling verification in traceability of a supply chain while maintaining confidentiality of private suppliers. A group signature is applied to an undisclosed supplier. The undisclosed supplier previously receives registration to the certificate authority device, and performs a group signature based on the certificate issued by the certificate authority device. A disclosed supplier and the undisclosed supplier sign and generate a signature chain when they ship parts. A verifier device receives a signature chain with products shipped from the supplier manager device, divides a signature of the disclosed supplier from a signature chain, and verifies the undisclosed supplier from the group signature. Identification of the undisclosed supplier is performed by a third-party auditor system requested to do so by the verifier device by using a group private key.

Abstract: The claimed subject matter relates to an architecture or arrangement that can limit access to sensitive information by means of encryption. In particular, data obtained from a payment instrument at, e.g., a Point-Of-Sale (POS) location can be encrypted at an early stage such that a POS (or another) application does not have access to the data in an unencrypted form and/or does not have access to a means for decrypting the data. For example, a Public Key Infrastructure (PKI) arrangement can be employed such that a back-end payment processor can define encryption algorithms, associate itself with a public key, and maintain a private key for decryption. The public key can be delivered to the POS location and employed for data encryption, and, moreover, the PKI can be regulated by the more trusted parties.

Abstract: A method of managing reliance in an electronic transaction system includes a certification authority issuing a primary certificate to a subscriber and forwarding to a reliance server, information about the issued primary certificate. The reliance server maintains the forwarded information about issued primary certificate. The subscriber forms a transaction and then provides the transaction to a relying party. The transaction includes the primary certificate or a reference thereto. The relying party sends to the reliance server a request for assurance based on the transaction received from the subscriber. The reliance server determines whether to provide the requested assurance based on the information about the issued primary certificate and on the requested assurance. Based on the determining, the reliance server issues to the relying party a secondary certificate providing the assurance to the relying party.

Abstract: A system and method are disclosed. The method includes receiving, at a server computer, a transaction clearing request for a transaction, and then determining, using the server computer, if the transaction satisfies a stored blocking parameter. The method further includes allowing, using the server computer, the transaction clearing request if the transaction does not satisfy the stored blocking parameter, and denying, using the server computer, the transaction clearing request if the transaction satisfies the stored blocking parameter.

Abstract: A system and method of obtaining and storing a signed agreement authorizing the use of a user's biometric data for the purpose of offering legal consent to agreements and transactions with one or more operators. The present invention imparts a process by which merchants and other service providers can access a verifying agreement indicating a user's intent to submit biometric data as a substitute for a written signature and the user's consent to abide by the terms and conditions of any agreements entered into by the submission of biometric data.

Abstract: According to one aspect, the invention provides a system for validating an identity of a user to enable or prevent an occurrence of an event. In one embodiment, the system includes a first device including a wireless transmitter which is configured to transmit validation information, a second device including a wireless receiver, where the second device is configured to receive the validation information and further transmit the validation information; and a secure system in communication with the second device. According to one embodiment, the secure system includes a database. In a further embodiment, the secure system is configured to receive the validation information transmitted from the second device, and to transmit additional information to the second device following a receipt of the validation information to assist the second device in either enabling or preventing the occurrence of the event.

Abstract: Disclosed herein is a financial card system. The system includes a communications device on which a non-contact integrated circuit chip is installed; and an authentication terminal having a reader/writer allowing reading/writing information on the communications device and capable of transmission and reception of information with the communications device through the reader/writer. The communications device has a storage block, a common area information transmission block, and an individual area information transmission block. The reader/writer of the authentication terminal has a storage block, a common area information reception block, and an individual area information reception block.

Abstract: An entrustee information transmitting method includes an entrustment managing storage storing entrustment relationship information indicating correspondence between entrusters who are voters performing entrustment and entrustees who are voters entrusted by the entrusters in an entrustment managing storage unit; an attendance managing storage storing attendance information of respective voters in an attendance managing storage unit in units of bills; an indirect-entrustment voter extracting operation of extracting one or more indirect-entrustment voter who indirectly entrust an attendee by using the entrustment relationship information and the attendance information; an entrustee determining operation of determining attendees who are indirectly entrusted by the indirect-entrustment voters to be recommended entrustees; and an entrustee information transmitting operation of transmitting information of the recommended entrustees.

Abstract: A method and apparatus for executing electronic transactions using cryptographically-enabled accounts stores cryptographically-enabled account information and instructions, receives a cryptographically-encoded permission certificate, and processes the received permission certificate to execute the transactions.

Abstract: A buyer (110) wishes to use a payment instrument as part of an online commerce transaction with a seller (120) and it is desired to authenticate that the buyer (110) has authority to use the payment instrument. A separate authentication service (130) determines whether the buyer (110) has access to certain secret information without revealing the secret information to the seller (120). Access to the secret information would verify that the buyer (110) has authority to use the payment instrument. The authentication service (130) informs the seller (120) whether the buyer (110) is authorized to use the payment instrument.

Abstract: In order to prevent without fail the abuse of certificate information which are exchanged on a network, an orderer inputs the certificate information to a certificate terminal when placing an order for a commodity, the certificate terminal encrypts the certificate information to send it to an order receiver and holds the certificate information and a decryption key. A deliveryman, at the time of commodity delivery, inputs the encrypted certificate information to the certificate terminal, and the orderer inputs data of terminal certification to the certificate terminal.

Abstract: Control system of an electronic instrument for metrological measurements, comprising an electronic local processing unit including a handling application of said instrument. The system includes a control application for said handling application, which can be associated with said local processing unit, said control application being suitable for generating a univocal certification code for the application.

Abstract: An identity monitoring system notifies legal guardians of potentially fraudulent activity associated with their children's identities. The monitoring system may determine if credit files for respective enrolled minors exist and monitor any credit files of the enrolled minors, such as via periodic requests for credit data and comparison of certain returned credit data, in order to determine if potentially fraudulent activity associated with the minor has occurred. The monitoring system provides periodic notifications, such as via email and/or Internet-accessible user interfaces, regarding potentially fraudulent use of their children's identities. In one embodiment, the monitoring system also provides legal guardians with useful information and resources for how they can further protect the identity of their children.

Abstract: Methods, systems, and devices for secure transaction management are provided. Embodiments include a method for providing secure transactions that include receiving an identifier of a financial account at a payment processor system. A token may be generated that is linked with the identifier of the financial account at the payment processor system. The identifier of the financial account and the token may be stored securely at the payment processor system. The token may be transmitted without the identifier of the financial account to at least a recipient system or a recipient device where the token replaces the identifier of the financial account.

Abstract: Data and financial transactions are secured on a mobile electronics device, with three downloadable modules. A first module provides for the mobile electronics device and a network server to interactively register a cryptographic abstract of an object usually carried by the user. These objects represent physical passwords from which processing can derive characterizing information. A second module is invoked by a transaction and signals the mobile electronics device to collect a new sample of the physical password. A cryptographic abstract of it is distilled and compared to preregistered cryptographic abstracts. A third module is a key recovery process for use when the preregistered physical password sound or object is no longer available to the user.

Abstract: Tokenless biometric authorization of transaction between a consumer and a merchant uses an identicator and an access device. A consumer registers with the identicator a biometric sample taken from the consumer. The consumer and merchant establish communications via the access device. The merchant proposes a transaction to the consumer via the access device. The access device communicates to the merchant associated with the access device. After the consumer and merchant have agreed on the transaction, the consumer and the identicator use the access device to establish communications. The access device communicates to the identicator the code associated with the access device. The identicator compares biometric sample from the consumer with registered biometric sample. Upon successful identification, the identicator forwards information regarding the consumer to the merchant.

Abstract: A hand-held token can be operated to generate an acoustic or other wireless signal representing a digital signature produced from the private key of a public key/private key pair, with the public key being confidential in that it is known only to authorized entities, such as bank computers. The signal from the token can be received by, e.g., a receiver at a bank ATM that also requires a PIN for account access. The user enters the PIN into the ATM, and the ATM encrypts the signal from the token with the PIN and sends it on to the bank computer over a link that need not be secure, since even if the PIN is guessed there is no way to verify that it is the correct PIN without also knowing the confidential public key held by the bank computer.

Abstract: Techniques are described for facilitating interactions between computing systems, such as by performing transactions between parties that are automatically authorized via a third-party transaction authorization system. In some situations, the transactions are programmatic transactions involving the use of fee-based Web services by executing application programs, with the transaction authorization system authorizing and/or providing payments in accordance with private authorization instructions previously specified by the parties. The authorization instructions may include predefined instruction rule sets that regulate conditions under which a potential transaction can be authorized, with the instruction rule sets each referenced by an associated reference token.

Abstract: An improved interactive network system is provided that allows the Network Operator to control the transfer of information to and from the network end users, the system preferably using triggers or markers embedded within the programming broadcast to users via the network. As a consequence of this system, the Network Operator is able to efficiently garner revenues from third parties transacting business over the network and to control the look and feel of programming offered to network users. Additionally the system can be used as a means of limiting network access, filtering programming, providing on-screen graphics or audible signals for particular programming types or providers, bookmarking programming, profiling network users, targeting advertising, and simplifying network transactions.

Abstract: Aspects of the invention provide a method, system and computer program product for managing multiple user identities for a user of an electronic commerce (e-commerce) site. The method comprises defining the e-commerce site as one or more security domains; and in response to a user's request to invoke an operation of the e-commerce site: determining a one of the one or more security domains to which the operation relates; performing one of a) creating a session and b) reusing a session for the user automatically in accordance with the determined security domain, said session associated with a user identity and a role indicating privileges for invoking operations of the e-commerce site in at least the determined security domain; and persisting said session for reuse. The user's request may be received in association with one or more sessions persisted for the user and a one of the sessions selected in accordance with the determined security domain. In response, either a session may be created or reused.

Abstract: A system and method for facilitating electronic transactions using an intelligent instrument is disclosed. An authorization server enables users to obtain authorization credentials through the use of the intelligent instrument by issuing a challenge to an intelligent token of the intelligent instrument. The intelligent token generates a challenge response and transmits the challenge response to the authorization server, which assembles credentials including a key for the electronic transaction upon validating the response. The authorization server sends the assembled credentials to the intelligent instrument and the intelligent instrument transmits the assembled credentials to the authorization server during a subsequent transaction. The authorization server validates the assembled credentials and provides authorization for the transaction in response to the validating the assembled credentials.

Abstract: An information management system is described comprising one or more workstations running applications to allow a user of the workstation to connect to a network, such as the Internet. Each application has an analyzer, which monitors transmission data that the application is about to transmit to the network or about to receive from the network and which determines an appropriate action to take regarding that transmission data. Such actions may be extracting data from the transmission data, such as passwords and usernames, digital certificates or eCommerce transaction details for storage in a database; ensuring that the transmission data is transmitted at an encryption strength appropriate to the contents of the transmission data; determining whether a check needs to be made as to whether a digital certificate received in transmission data is in force, and determining whether a transaction about to be made by a user of one of the workstations needs third party approval before it is made.

Abstract: An eVault system securely stores personal data and documents for citizens and allows controlled access by citizens and optionally by service providers. The eVault may be adapted to allow processes involving the documents to be carried out in a secure and paperless fashion. Documents are certified, and biometric matching is used for security. On effecting a match with a biometric identifier presented by a user, the user is allowed access to his personal eVault and to access a personal cryptographic key stored therein. One or more of these personal keys may be securely applied within the eVault to generate an electronic signature, amongst other functions.

Abstract: Systems and methods that manage financial market data with hidden information. The systems and methods may receive market data about a plurality of financial instruments. The plurality of financial instruments comprises at least two different kinds of financial instruments. Hidden information is generated, based on the market data. The hidden information is viewable only after scrolling a cursor over a graphical element. The systems and methods also generate, based on the market data, a first graphical element that is embedded with hidden information. The first graphical element is displayed on a display. An indication is received indicating that the cursor has scrolled over the first graphical element. In response to the indication, the hidden information that is embedded in the first graphical element is displayed on the display.

Abstract: A method that uses a computer network to provide a single point of access between a plurality of video & audio devices and a plurality of video & audio content provider systems. The present invention is a method for providing a searchable, aggregated directory view of available video & audio content from multiple content providers as well as additional services such as content renting. The present invention includes a method for identifying users as subscribers of content providers' memberships.

Abstract: A computer system can evaluate electronic messages based on probabilistic analysis, including Bayesian analysis. In one embodiment, a data processing system comprises logic configured for perform training a probabilistic filter using first properties of one or more first network resource identifiers obtained from a whitelist; training the probabilistic filter using second properties of one or more second network resource identifiers obtained from a blocklist; testing third properties of a third network resource identifier using the probabilistic filter, resulting in creating a probability output; and adding the third network resource identifier to the blocklist when the probability output is greater than a specified threshold. The blocklist can be communicated to messaging gateways in the field for local use in evaluating messages that contain spam or other threats.

Abstract: Methods for producing and applications for single-use transaction numbers. The transaction numbers are single-use in that the numbers are only valid for a single transaction. The transaction numbers can be generated just prior to being used, minimizing the amount of time during which they can be lost or stolen. The transaction numbers can be generated using encryption technology such as dynamic password technology. The encryption technology makes it very difficult if not impossible to predict what the next transaction number generated will be. The transaction numbers are unique to the user and can be validated or authenticated by an issuing institution that maintains an ability to generate the same transaction numbers issued to the user.

Abstract: The present invention relates to a method for a cell phone based dating service. The method uses telecommunication in the form of phones, cell phones or email. The invention proposes a method or way to exchange the information of two people in a fast way by the Internet or telephone or cell phones, making it possible divide peoples personal information in small portions and to give out these portions step by step. In the invention proposes a system-administrator, the system, will coordinate the exchange of information between the meeting people. The invention uses a computer based partner service system in which a participant can order the system to give out its personalized information in defined modifications.

Abstract: An intelligent agent and method of negotiating therewith incorporate a number of features, used alone or in combination, to enhance the productivity, security, efficiency and responsiveness of the agent in negotiations with other parties. One feature incorporates randomization of one or more aspects of an agent's behavior to disguise its negotiation strategy from other negotiating parties and thereby prevent such parties from gaining a negotiating advantage at the expense of the agent. Another features incorporates limiting unproductive negotiations by constraining one or more aspects of an agent's behavior based upon the behavior of a negotiating party and/or the duration of the transaction, and thereby making it more likely that unproductive negotiations will be terminated. An additional feature incorporates dynamic value determination to determine the desired value of a desired transaction by weighting and normalizing estimated values retrieved from a plurality of information sources.

Abstract: A method and system automatically harmonizes access to a given software application program via different access devices. Through use of the method and system, a financial institution can provide access to a given application (such as, for example, automatic bill payment services) to customers using different access devices such web browsers, screen phones and personal computers. A single application program is all that needs to be written and maintained by the financial institution. Also, the method and system enables financial institutions to “leverage” existing programs because now the institution can automatically “project” its existing stock of program services unto new access devices—devices which may not have even existed at the time the program was created. By receiving information from the user via the user's access device, including information identifying the type of device being used and the application program the user wishes to access, the present invention solves these problems.

Abstract: The present invention provides methods and apparatuses for obtaining selected metadata from a user device. The user device has a metadata engine that stores and accesses metadata in response to a metadata query. A metadata broker verifies the authenticity of the metadata query from a service provider and returns selected metadata if the service provider has rights to obtain the metadata. The user device has a communications interface that sends a service request that is indicative of the selected service over a communications channel and receives the metadata request that is indicative of the selected metadata. An authorization center receives a metadata request from a service provider, accesses a rule set to determine selected metadata in accordance with predetermined rights, and returns a signed metadata request to the service provider. The signed metadata request has an electronic signature of an authorizing party and is indicative of the selected metadata.

Abstract: A method and apparatus for performing secure online transactions provides a user interface that is intuitive and easily to understand. The invention integrates an online wallet service with credit card issuers that provide online credit card authentication services. The method provides a keypad interface for PIN entry, or an interface that resembles an offline transaction receipt. The apparatus that stores personal information and credit card information uses a level-two authentication password to protect the user's credit card information. The invention integrates with the credit card issuer when a personal identification number is required for the user to perform online transactions by the credit card issuer. The embodiments include integrations when the level-two authentication password is equivalent to the personal identification number and that when they or not equivalent.

Abstract: Disclosed is a digital document management program capable of achieving a third-party certification of document information with reduced amount of meta data. At the registration time of new document information, the digital document management program manages a digital signature created in association with document information. At the correction time of the document information, the program acquires partial identification information related to a corrected part of the document information before correction, creates a digital signature to be appended to the corrected document information, and manages the digital signature and partial identification information related to the corrected part of the document information in association with the corrected document information.

Abstract: A transaction network contains a networked certificate authority, by which one or more virtual certificates may be remotely defined and stored, such as by an issuer user through a issuer web portal interface. An acquirer user, through an acquirer web portal interface, may acquire one or more virtual certificates, which contain a secret public key portion, as well as a corresponding private key, which is established by the acquirer at the time of acquisition, and is stored at the certificate authority. At a redemption location associated with an acquired certificate, the acquirer (or an alternate recipient of an acquired certificate to whom the acquirer has communicated the established private key), submits the certificate information, along with the established private key, to redeem the certificate.

Abstract: A data transfer method performed at a proxy server includes intercepting a data request from a client computer that is directed to a target server, encrypting profile information, augmenting the data request by adding the encrypted profile information to the data request, and sending the augmented data request to the target server. A data transfer method that is performed at an information server includes receiving a data request from a proxy server, extracting profile information added to the data request by the proxy server, using the extracted profile information to generate a response, and sending the response to the proxy server.

Abstract: A method, apparatus and system for preventing unauthorized equipment usage that involves providing equipment, such as beverage making equipment, to a customer. Authorized product is provided to the customer in packaging that has a technological measure attached. The equipment includes a technological measure reader to read information from the technological measure to set the equipment to perform an authorized number of food or beverage making cycles. An authorization deactivator may also be provided in association with the equipment to erase, decrement, or otherwise prevent the technological measure from being reused.

Abstract: In one embodiment, methods and apparatus to protect management frames are generally described herein. Other embodiments may be described and claimed.

Abstract: A system and method are provided for managing financial market information. According to certain embodiments, the system includes a computer having a memory, processor, and display. The processor is capable of generating a graphical depiction of the financial market information on the display. The graphical depiction includes a multidimensional representation of a broad range of market information for at least two financial instruments. The graphical depiction resides in a single window on the display. The financial instruments may include multiple different classes of financial instruments, such as treasuries and futures. Different instruments may be selected and information, including basis information, relevant to the selected instruments may be displayed in a second window.

Abstract: A verification method for encrypter operation and an electronic voting verification system using the same, which can verify the operation of the encrypter without having to execute corresponding decryption. In the verification method, the encrypter creates a plurality of ciphertexts corresponding to the plain text and presenting the ciphertexts to a user. The user selects one of the ciphertexts, the encrypter dispenses a certificate where information used by the encrypter during encryption is recorded, in response to the ciphertexts which are not selected by the user; and the user creates a ciphertext in person and verifies whether or not the user-created ciphertext is identical with the user-selected ciphertext. Then, the user can verify the encryption results inside and outside a polling booth.

Abstract: For transmitting transmission data generated by a transmission data generator of a communication terminal device, a packet unit determining unit determines a packet unit for a lowest data communication rate for the transmission of the transmission data, among packet units (packet sizes) that can be recognized by a destination communication terminal device and that can be transmitted from the communication terminal device. A packet generator packetizes the transmission data according to the packet unit determined by the packet unit determining unit, and transmits the packetized transmission data to the destination communication terminal device.

Abstract: Methods and Apparatus related to generating representations of information. The information may include menu information for merchants such as restaurants. Referring to menus, methods may include receiving potential information for a first menu, and receiving indications of associations of the information with the first menu and/or any number of additional menus. Information and/or associations may later be updated by a desired set of users.

Abstract: A capability key is generated that provides access to sensitive information within a selectively encrypted data unit created from an unencrypted data unit. A user specifies access rights as a monotone boolean relationship between a selection of a list of attributes related to the unencrypted data unit. This relationship is used to compute a key descriptor. Next one or more shares of a master secret is generated responsive to the monotone boolean relationship and a random number. Next a unique capability key is computed from one or more cryptosystem parameters, the one or more shares and the random number. The unique capability key and the key descriptor together enable decryption of sensitive information within a selectively encrypted data unit created from an unencrypted data unit. Finally, the unique capability key and the key descriptor are provided to allow decryption of sensitive information within the selectively encrypted data unit.

Abstract: An authentication-authorization system for a mobile communication terminal and a method therefore are provided. When a mobile communication terminal is in a connect state, code data randomly generated by a remote encoding terminal is continuously provided to the terminal and data management terminal. When an application service program on the mobile communication terminal or an application service terminal connected to the mobile communication terminal need to execute an authentication-authorization, identification data of the mobile communication terminal and its card and code data can be offered to the data management terminal to carry out a bidirectional dynamic authentication-authorization, to determine whether allow the application service program or the application service terminal to keep providing an application service or not.

Abstract: A method and system for detecting and preventing Internet fraud in online transactions by utilizing and analyzing a number of parameters to uniquely identify a computer user and potential fraudulent transaction through predictive modeling. The method and system uses a delta of time between the clock of the computer used by the actual fraudulent use and the potentially fraudulent user and the clock of the server computer in conjunction with personal information and/or non-personal information, preferably the Browser ID.

Abstract: A virtual payment system for paying for goods, services and content ordered over an internetwork comprising a commerce gateway component and a credit processing server component (53) is disclosed. Buyers and sellers becomes registered participants by applying for virtual payment buyer and seller accounts. Once an account is established, a digital certificate is stored on the registered participant's computer. A buyer can then order a product, i.e., goods, services or content from a seller and charge it to the virtual payment account. When the product is shipped, the seller notifies the commerce gateway component, which in turn notifies the credit processing server, which applies the charges to the buyer's virtual payment account. The buyer can settle the charges using a prepaid account, a credit account, or by using reward points earned through use of the virtual payment card. A buyer may create sub-accounts.

Abstract: A method of conducting an online transaction, said method including the steps of providing a transaction manager, registering a user with the transaction manager, registering a merchant with the transaction manager, the user requesting a unique transaction identifier from the transaction manager to cover the purchase, the transaction manager providing the user with a unique transaction identification, the user requesting the merchant for a transaction to purchase a product or service, the user providing the transaction identification to the merchant, the merchant providing the transaction identification to the transaction manager, the transaction manager validating the transaction identification, the transaction manager providing the merchant with a unique transaction number if the transaction identification is valid, and the transaction manager depositing payment into the merchant's financial institution account.

Abstract: A system and method are disclosed for conducting electronic commerce such as a virtual purchase transaction with an on-line merchant. A user is provided with an intelligent token, such as a smart card containing a digital certificate. The intelligent token suitably authenticates with a wallet server on a network that conducts all or portions of the transaction on behalf of the user with out requiring changes to the merchant's server. The wallet server interacts with a security server of a selected financial service to provide authentication of the transaction. Upon authentication, the digital wallet pre-fills forms which are transmitted to the merchant who contacts the security server for validation of the forms and upon validation, completes the transaction with the user.