Abstract: The APPARATUSES, METHODS AND SYSTEMS FOR A SECURE RESOURCE ACCESS AND PLACEMENT PLATFORM (“SRAP PLATFORM”) provides a secure supporting infrastructure within a corporate network framework and applications based thereon for use and placement of corporate resources. A non-trusted device may be authorized to access and use corporate resources, and the corporate network server may manage the placement of resources via the SRAP PLATFORM.

Abstract: Systems and methods are disclosed in which data associated with a transaction are protected with encryption. At an access device, a PIN associated with a payment account may be encrypted with a first key derived from an initial key of the access device and sensitive data associated with the payment account may be encrypted with a second key derived from the initial key. At a secure module associated with a host server encrypted sensitive data of an authorization request message may be decrypted. The secure module associated with the host server can re-encrypt the sensitive data using a zone encryption key associated with a payment processing network. A translated authorization request message including the re-encrypted sensitive data can be transmitted by the merchant server to the payment processing network.

Abstract: Disclosed is a system and method that provides a merchant associated with a point of sale (“POS”) system and a consumer associated with a portable computing device (“PCD”) to complete a purchase transaction without transmitting or presenting confidential payment credentials. In an exemplary embodiment, sound is used to transmit data between the POS and the PCD. A payment request is rendered on the PCD. The consumer reviews and authorizes via a unique cryptographic signature. The merchant approves via addition of its unique cryptographic signature. A remote service in communication with the POS verifies the signatures via previously registered public keys. The transaction is then settled to a consumer account. Confirmation is returned to the POS and PCD. Advantageously, the transaction is commenced and completed without the PCD being online. Further, the consumer payment credentials are not stored on the PCD or transmitted from the PCD to the merchant POS system.

Abstract: A system and method for facilitating electronic transactions using an intelligent instrument is disclosed. An authorization server enables users to obtain authorization credentials through the use of the intelligent instrument by issuing a challenge to an intelligent token of the intelligent instrument. The intelligent token generates a challenge response and transmits the challenge response to the authorization server, which assembles credentials including a key for the electronic transaction upon validating the response. The authorization server sends the assembled credentials to the intelligent instrument and the intelligent instrument transmits the assembled credentials to the authorization server during a subsequent transaction. The authorization server validates the assembled credentials and provides authorization for the transaction in response to the validating the assembled credentials.

Abstract: Storing and forwarding credentials securely from one RFID device to another includes a system and method of securely storing credentials onto a tamperproof module with a Poken-like Device, and using that device in connection with a Padloc, iPhone or Smartphone in a known paired relationship to securely provide a user credentials for resources the Padloc, iPhone or Smartphone applications are attempting to access.

Abstract: Present embodiments are directed to a server computer. The server computer establishes a first channel of communication to receive payment device data in a first format (e.g., chip type) and establishes a second channel to receive the payment device data in a second format (e.g., legacy type). The server computer receives an authorization request message in the second format from a merchant and generates a new authorization request message in the first format. The server computer then forwards the new authorization request to the issuer for approval.

Abstract: The enrollment process for purchasing multiple digital certificates configured using different cryptographic algorithms or hashing algorithms is streamlined. A certificate purchaser wishing to purchase two or more certificates is prompted to provide answers to common enrollment questions, such as the purchaser's contact information, payment details, web server software, and the like, using a simplified and streamlined enrollment process. Each certificate is optionally configured using a different hashing algorithm.

Abstract: A system and method facilitating purchase transactions over a computer network, including the purchase of electronically storable items. The embodiments herein encrypt “customer identifier string” in an encryption stream and cause the encryption stream to be transferred from the customer to a merchant in the purchase transaction. A verification entity receives the encryption stream which is sent by the merchant for identity verification and payment authorization. Then, the verification entity verifies the identifiers contained in the encryption stream and transfers an identity verification and payment authorization from the verification entity to the merchant.

Abstract: Herein is described a tokenless biometric method for processing electronic transmissions, using at least one user biometric sample, an electronic identicator and an electronic rule module clearinghouse. The steps for processing of the electronic transmissions comprise of a user registration step, wherein a user registers with an electronic identicator at least one registration biometric sample taken directly from the person of the user.

Abstract: A system for enabling verification in traceability of a supply chain while maintaining confidentiality of private suppliers. A group signature is applied to an undisclosed supplier. The undisclosed supplier previously receives registration to the certificate authority device, and performs a group signature based on the certificate issued by the certificate authority device. A disclosed supplier and the undisclosed supplier sign and generate a signature chain when they ship parts. A verifier device receives a signature chain with products shipped from the supplier manager device, divides a signature of the disclosed supplier from a signature chain, and verifies the undisclosed supplier from the group signature. Identification of the undisclosed supplier is performed by a third-party auditor system requested to do so by the verifier device by using a group private key.

Abstract: A multi-function identification device (ID) provides identifying information for the person to whom the ID was issued, as well as providing machine readable indicia for conducting a transaction. The ID may be a card issued by a government agency such as a driver's license or identification card. The transactions may be conducted with one or more accounts or value amounts identified using the machine readable indicia. Credit, debit and pre-paid accounts can be accessed for transactions using the machine readable indicia. Value amounts can be read and modified using this enhanced card that implements the machine readable indicia. The user can select the functionality to be added to the ID, which can optionally be used in conjunction with the identifying information to help verify identification. The machine readable indicia can be integrated in a new ID, or applied to an issued ID using an appliqué.

Abstract: Exemplary methods, systems and components enable selective control of an operational mode for a vehicle that may be subject to an administrative standard. In some instances a qualified person or entity may attain a possible consequential result related to a user-selected vehicle operation mode that may involve a vehicle operation paradigm and/or a vehicle travel route and/or a vehicle travel destination. In some embodiments, implementation of the selected vehicle operation mode may modify a conformity status of the vehicle relative to the administrative standard. Various accessible records may be maintained regarding certification of preferable consequential results available to qualified recipients based on a correlated vehicle operational mode. A further aspect may provide correlation between a selective operation mode of an electric/combustion hybrid vehicle during an applicable travel period and a preferred consequential result available to a qualified recipient associated with the hybrid vehicle.

Abstract: A user may be willing to purchase items or participate in a pay-for service offered by a service provider. A service provider may wish to verify characteristics of the user prior to allowing transactions to take place, and may want to secure the transactions once the transactions are allowed. A credential issued to a user and a transaction application uploaded to a user device may be used to secure transactions between the user and a service provider interface, such as a webserver or a point-of-sale. The transaction application may capture real-time user data and comparing the real-time user data to prior user data stored on the credential, authenticate the service provider interface to the user and the user to the service provider interface; and establish an encrypted session between the service provider interface and the transaction application adapted to authenticate the transactions between the user and the service provider interface.

Abstract: Tokenless biometric authorization of transaction between a consumer and a merchant uses an identicator and an access device. A consumer registers with the identicator a biometric sample taken from the consumer. The consumer and merchant establish communications via the access device. The merchant proposes a transaction to the consumer via the access device. The access device communicates to the merchant associated with the access device. After the consumer and merchant have agreed on the transaction, the consumer and the identicator use the access device to establish communications. The access device communicates to the identicator the code associated with the access device. The identicator compares biometric sample from the consumer with registered biometric sample. Upon successful identification, the identicator forwards information regarding the consumer to the merchant.

Abstract: A method and system for conducting an online payment transaction through a point of sale device. The method includes receiving input from a user selecting an item for purchase through the point of sale device; calculating a total purchase amount for the item in response to a request from the user to purchase the item; and sending payment authorization for the total purchase amount from the point of sale device to a payment entity, in which the payment authorization is sent to the payment entity via a mobile communication device of the user. The method further includes receiving a result of the payment authorization from the payment entity through the mobile communication device; and completing the payment transaction based on the result of the payment authorization.

Abstract: A method comprising, providing a server accessing a network through a network interface card, the network interface card receiving a message from a remote client, the message comprising credentials for performing a request, in response to the network interface card receiving the message, the network interface card preventing the credentials from being provided to the server and checking the credentials against those previously stored in a directly attached memory; and the network interface card indicating to the server the outcome of attempting to perform the request, wherein the credentials remain inaccessible to the server during the method.

Abstract: A system and method for facilitating electronic transactions using an intelligent instrument is disclosed. An authorization server enables users to obtain authorization credentials through the use of the intelligent instrument by issuing a challenge to an intelligent token of the intelligent instrument. The intelligent token generates a challenge response and transmits the challenge response to the authorization server, which assembles credentials including a key for the electronic transaction upon validating the response. The authorization server sends the assembled credentials to the intelligent instrument and the intelligent instrument transmits the assembled credentials to the authorization server during a subsequent transaction. The authorization server validates the assembled credentials and provides authorization for the transaction in response to the validating the assembled credentials.

Abstract: Exemplary embodiment of the present invention would provide systems, including Internet-based systems, and computer-implemented methods, for providing online Buyers and Sellers who physically transact an exchange of an item at a local meeting place, indicia of confirmation of the exchange on which to base a background online payment. In particular, exemplary embodiments of the present invention would provide a way for Buyers and/or Sellers to input an identifier for online authentication to confirm that a physical exchange of an item sold had been transacted and that would accordingly provide an online system with a basis to charge the relevant Buyer's account for a sale amount and pay the Seller for the item sold.

Abstract: An identification module receives a password request for a specified user and communicates an encrypted password field in response thereto, wherein the encrypted password field references a directory object corresponding to the specified user. The present invention also teaches an authentication module that communicates the password request to the identification module and receives the encrypted password field therefrom. Upon receiving the encrypted password field, the authentication module authenticates the specified user against the referenced directory object. In some embodiments, the encrypted password field is stored in an identification data store of an identification server and the directory object is stored in an authentication data store of an authentication server.

Abstract: Embodiments of methods and apparatus for tag-based personalization of kiosk computing devices are disclosed. In embodiments, an authentication server/system may receive, from a mobile device, a plurality data packets having data associated with a display tag of a kiosk computing device. The authentication system/server may, in response, instruct the kiosk to activate an account-specific mode based on an account associated with the mobile device. Other embodiments may be described and/or claimed.

Abstract: A system and method for facilitating electronic transactions using an intelligent instrument is disclosed. An authorization server enables users to obtain authorization credentials through the use of the intelligent instrument by issuing a challenge to an intelligent token of the intelligent instrument. The intelligent token generates a challenge response and transmits the challenge response to the authorization server, which assembles credentials including a key for the electronic transaction upon validating the response. The authorization server sends the assembled credentials to the intelligent instrument and the intelligent instrument transmits the assembled credentials to the authorization server during a subsequent transaction. The authorization server validates the assembled credentials and provides authorization for the transaction in response to the validating the assembled credentials.

Abstract: Systems and methods are configured to manage data sets associated with a transaction device. For example, a method is provided for facilitating the management of distinct data sets on a transaction device that are provided by distinct data set owners, wherein the distinct data sets may include differing formats. The method includes the steps of: adding, by a read/write, a first data set to the financial transaction device, wherein the first data set is owned by a first owner; adding, by the read/write device, a second data set to the financial transaction device, wherein the second data set is owned by a second owner; and storing the first data set and the second data set on the financial transaction device in accordance with an owner defined format. The first and second data sets are associated with first and second owners, respectively, and are configured to be stored independent of each other.

Abstract: A system for transacting in a network includes a service broker connected to the network, having access to necessary credentials, a service provider connected to the network, requiring credentials for transacting in regard to a client, and a client station connected to the network. A client using the client station sends a preliminary request for a transaction to the service broker, which initiates, at the appropriate time, the transaction for the client by a request to the service provider, accompanied by the appropriate credentials, and the service broker monitors the service provider after the write request for an acknowledgement of the request.

Abstract: A system for secure transfer of encrypted data involves a sender client (36), a recipient client (38), a main server (40), and a key server (42). The sender client (36) receives instructions from a first user identifying transfer data and a recipient identifier, creates an encoding key, encodes the transfer data using the key, and communicates the key and the recipient identifier to a main server (40). The main server (40) communicates the key and the recipient identifier to the key server (42), which associates the recipient identifier with a secure package identifier and communicates the secure package identifier to the main server (40), which communicates the secure package identifier to the sender client (36).

Abstract: Embodiments of the present invention relate to systems, apparatus, methods and computer program products for integrated risk management. More specifically, embodiments of the present invention provide for monitoring financial institution data from a plurality of financial institutions, including transactional data associated with multiple products and channels, to identify suspicious activity potentially associated with identity theft incidents and, in specific embodiments, communicate suspicious activity and/or identity theft alerts and/or reports in response to identifying the suspicious activities and/or confirming an identity theft incident associated with the suspicious activity. In further embodiments, the monitored financial institution may include one or more, and in some embodiments all of, account data, asset data, liability data, negative file data, customer data, device data, credit data, or biometric data.

Abstract: A method that comprises obtaining a currently received signature from a device; obtaining a candidate identifier associated with the device; consulting a database to obtain a set of previously received signatures associated with the candidate identifier; and validating the currently received signature based on a comparison of the currently received signature to the set of previously received signatures associated with the candidate identifier. Also, a method that comprises obtaining a currently received signature from a device; decrypting the currently received signature to obtain a candidate identifier; and a candidate scrambling code; consulting a database to obtain a set of previously received scrambling codes associated with the candidate identifier; and validating the currently received signature based on a comparison of the candidate scrambling code to the set of previously received scrambling codes associated with the candidate identifier.

Abstract: At each of a plurality of transit readers of a transit system, for each of a plurality of riders, where each rider seeks to conduct an access transaction with the transit system for access into the transit facility by using a payment device issued by an issuer in a payment system, data is read from the payment device. The data includes an encryption code that uniquely corresponds to the payment device and was created by the issuer using one or more encryption keys and a predetermined algorithm. A check will be performed, remotely and/or locally, of one or more lists of other encryption codes to determine if the encryption code is on the list. On the basis of whether the encryption code is on the list, the rider is permitted access to the facility of the transit system. The payment device need not be changed for the rider's fare. Decryption of the encryption code read from the payment device is not required to complete the access transaction.

Abstract: A payment method includes: inputting identity information and a password through a handheld device, comparing the identity information and the password through a host server to determine whether the customer is an authorized user, encrypting the identity information to generate authentication information, generating a barcode which includes the authentication information and a deadline for use, acquiring the barcode on the handheld device, decoding the barcode by a barcode reading unit of a point of sale device, inputting a price the customer wants to pay, decrypting the authentication information to obtain the identity information, comparing the identity information decrypted to determine whether the identity information is correct, and transmitting a success notification to the point of sale device for indicating that the payment is completed.

Abstract: The invention discloses a secure payment method, a mobile device and a secure payment system. The secure payment method including steps of: transmitting an encrypted payment request packet from a payment service provider to a mobile device; receiving the encrypted payment request packet by a first operating system running within a normal domain of the mobile device; bypassing the encrypted payment request packet to a second operating system running within a secured domain on the mobile device; decrypting payment request data from the encrypted payment request packet under the secured domain; generating payment response data according to the payment request data under the secured domain; encrypting the payment response data into an encrypted payment response packet under the secured domain; bypassing the encrypted payment response packet to the first operating system under the normal domain; and, transmitting the encrypted payment response packet to the payment service provider.

Abstract: Methods and systems for electronic checking are described. A graphical representation of an electronic check may be provided for presentation to a providing user from which an electronic funds transfer may be initiated. The electronic check may be generated when desired. A payment date selection may be received for an electronic check on a date within the electronic account register and the electronic check may be indicated for the particular date in the electronic account register. The electronic check may be received and associated with a receiving user. An estimated charge for an actual charge may be replaced in the electronic account register in accordance with analyzing one or more actual charges.

Abstract: An authentication-authorization system for a mobile communication terminal and a method therefor are provided. When a mobile communication terminal is in a connect state, code data randomly generated by a remote encoding terminal is continuously provided to the terminal and data management terminal. When an application service program on the mobile communication terminal or an application service terminal connected to the mobile communication terminal need to execute an authentication-authorization, identification data of the mobile communication terminal and its card and code data can be offered to the data management terminal to carry out a bidirectional dynamic authentication-authorization, to determine whether allow the application service program or the application service terminal to keep providing an application service or not.

Abstract: A method is disclosed that includes receiving a request for a transaction from a customer at a seller server system via an electronic-commerce website and identifying a customer account stored at the seller server system based on an identity of the customer. A plurality of financial instruments is associated with the customer account. The plurality of financial instruments has a customer-specific sequence including at least a first financial instrument pre-selected by the customer and a second financial instrument. The method includes automatically attempting to collect a particular payment associated with the transaction from a first financial service provider corresponding to the first financial instrument and automatically attempting to collect the particular payment from a second financial service provider corresponding to the second financial instrument in response to data received at the seller server system indicating a denial of the payment.

Abstract: To improve security and simplify financial transactions in electronic communications environments, a cryptographic Private Key is securely stored in a storage device of a user. A Public Key Certificate corresponding to the Private Key is also created and can be stored in an online repository for merchant access. The Public Key Certificate identifies a payment card of the user, and is signed by or on behalf of a financial institution issuing the payment card. When initiating a payment card transaction with a merchant, a data item is signed using the Private Key. The signed data item and the Public Key Certificate are conveyed to the merchant, which enables the merchant to authenticate the transaction without needing to communicate with the user's financial institution, and while avoiding the inconvenience and privacy issues associated with obtaining other card details and user details.

Abstract: In one embodiment, a network element comprises one or more processors, and a memory module communicatively coupled to the processor. The memory module comprises logic instructions which, when executed by the processor, configure the processor to receive, via a first communication channel, a primary authentication request transmitted from a user from a first device, process the primary authentication request to determine whether the user is authorized to access one or more resources, in response to a determination that the user is authorized to access one or more resources, initiate, a secondary authentication request, and transmit the secondary authentication request from the network element to the user via a second communication channel, different from the first communication channel.

Abstract: Methods and systems for facilitating the propagation of personal data include a Personal Data Propagation Environment (“PDP environment”) that facilitates the propagation of personal data items between secure personal data stores and various consumers of the personal data items. One PDP environment includes a personal data manager and a personal data subscriber. The personal data manager manages personal data items on a secure data store associated with a user computing device. The personal data manager provides access to personal data items stored on the secure data store in accordance with a personal data subscription associated with the personal data subscriber.

Abstract: A method and apparatus for executing electronic transactions using cryptographically-enabled accounts stores cryptographically-enabled account information and instructions, receives a cryptographically-encoded permission certificate, and processes the received permission certificate to execute the transactions.

Abstract: There is described an image forming apparatus, which make it possible to appropriately print each of a valid print object and an invalid print object. The apparatus includes: a printing section to conduct a printing operation based on the print data, so as to create the print product; and a control section to determine whether the digital signature is valid or invalid so as to control the printing operation, based on the determined result. When the plurality of print objects includes both a valid print object for which the digital signature is determined as valid and an invalid print object for which the digital signature is determined as invalid, the control section controls the printing operation, so as to enable the valid print object to be printed, based on the print data, while disable the invalid print object to be printed, based on the print data.

Abstract: An electronic money system is directed to avoid unauthorized use of certificate-type electronic money. The electronic money system is provided with a management server, a verification sever, a remittance terminal, and a receptor terminal. In response to a request from the remittance terminal, the management server issues an inactive electronic certificate including a certificate ID and notifies the verification server of the certificate ID. The remittance terminal gives a group signature to the inactive electronic certificate to generate an active electronic certificate. The reception terminal verifies the active electronic certificate obtained from the remittance terminal on the basis of the group signature. The verification server matches the certificate ID notified from the management server with the certificate ID included in the active electronic certificate verified by the reception terminal to verify availability of the active electronic certificate.

Abstract: A method for implementing volatile cipher key and separate verification module by collecting physical features includes the steps of setting physical features sensor on a handset, collecting physical features information of every user in advance by a physical features sensor, transmitting the physical features to a control module, storing the physical features in a user database, resetting a cipher temporary storage unit after physical features sensor is away from the user's body, retrieving cipher data in the user database when registered user operates the handset, and checking by the control unit the user database has an identical record which matches the user's physical features.

Abstract: A retail system enabling a first party to purchase a gift and to deliver the gift to a second party comprises a retailer computer and a communication network enabling a user device to communicate with the retailer computer. The retailer computer is programmed to provide a gift website accessible by the first party via the user device and includes a merchandise module and a delivery module. The merchandise module enables the first party to purchase a gift. The delivery module is adapted to receive an e-mail address or pseudonym of the second party from the first party, to procure shipping addresses associated with the e-mail address or pseudonym, to enable the first party to select one of the shipping addresses, and to cause the gift to be shipped to the selected shipping address without revealing the selected shipping address to the first party. Other systems and methods are also disclosed.

Abstract: The invention relates to multipurpose electronic payment method and system. The inventive method consists in transmitting (A) from a multimedia terminal (TM) a payment order (MP) issued from at least one multimedia application hosted in the (TM) to a local proxy for payment (PP), in discriminating (B) said payment order in (PP) upon a specific local processing criterion respectively remote, in carrying out (C) a local payment upon the retained local payment specific criterion, if not in transmitting (D) the payment order to a remote system (SD) for carrying out a remote payment. Said invention is usable for proximity payment transitions, external payment or for electronically carrying out a telepayment.

Abstract: A digital downloading jukebox system including a mechanism for delivering custom services to a recognized user, including services for creating playlists, communicating with others, accessing other features, etc. is provided. In some exemplary embodiments, after a user is recognized, the jukebox system allows users to access a special front-end via an Internet-enabled device or on an actual jukebox. Then, the user may, for example, create playlists, share songs with friends, send messages to friends, and access other value-added content. Such a system preferably learns about networks of friends, and enables managers to send similar messages to regular customers and/or others known to the system. In some exemplary embodiments, changes via a first user interface on a first device are reflected on second user interface on other properly-configured devices.

Abstract: Payment systems are provided that utilize a portable device, and in particular, payment systems that utilize a first portable device that belongs to a seller and a second portable device that belongs to a buyer, but do not utilize a point of sale (POS) device.

Abstract: A method for providing a warranty relating to a transaction between two parties, each party being a client of at least one respective institution which provides services to the respective party, the method including: transmitting a request for a warranty from one party to the transaction which is a client of the respective institution to a respective location associated with the respective institution, which request includes information identifying the other party to the transaction and information about the nature of the transaction; conducting an exchange of information between the respective location and a location associated with a institution of which the other party is a client; and transmitting a response to the request from the respective location to the one party.

Abstract: Methods and systems are described for transferring funds from a sender to a recipient. Source funds are received from a sender. An amount of recipient funds is determined from a value of the source funds. A transfer identifier associated with the recipient funds is generated and provided to the sender. The transfer identifier is received from the recipient, prompting a transfer in control of the recipient funds to the recipient. At least one of the source funds and the recipient funds are in the form of one or more electronic tokens. Each such electronic token has a currency amount and a digital signature identifying a financial institution that backs the electronic token for the currency amount.

Abstract: Methods and systems are provided for a proactive approach for computer forensic investigations. The invention allows organizations anticipating the need for forensic analysis to prepare in advance. Digital representations are generated proactively for a specified target. A digital representation is a digest of the content of the target. Digital representations of a collection of targets indexed and organized in a data structure, such as an inverted index. The searching and comparison of digital representations of a collection of targets allows quick and accurate identification of targets having identical or similar content. Computational and storage costs are expended in advance, which allows more efficient computer forensic investigations. The present invention can be applied to numerous applications, such as computer forensic evidence gathering, misuse detection, network intrusion detection, and unauthorized network traffic detection and prevention.

Abstract: Techniques are described for providing enhanced security for electronic communications, such as by including in a message sent between two services a digital signature that is generated by using secret information known to the services, so that the recipient receives assurance regarding the sender's identity if the recipient can replicate the received digital signature using the secret information known to the recipient. In some situations, the enhanced security is used in communications to and/or from an access manager system that provides single sign-on functionality and other functionality to other services for use with those services' users, such as to prevent malicious phishers from inappropriately gaining access to user information. Various services may use the enhanced security techniques when interacting with the access manager system at various times, such as to initiate sign-on for a user and/or to take subsequent action on behalf of a signed-on user.

Abstract: Example embodiments of methods and apparatus for challenging an online user. In an example embodiment, a method includes receiving, at an online service provider, a request from a user to access one or more features of an online service running on a host server and also receiving an indication of a geography associated with the user. The example method further includes sending, to the user, information associated with the indicated geography in combination with information not associated with the indicated geography and a request that the user select the information associated with the indicated geography from the combined information or select the information not associated with the indicated geography from the combined information. The example method still further includes receiving, at the online service provider, a selection from the user and, in the event the selection correctly corresponds with the request, allowing the user access to the one or more features.

Abstract: Electronic documents corresponding to executed paper documents are certified. A certifying agent receives an electronic document and a corresponding paper document that had been executed pursuant to some transaction. The certifying agent compares the information contained in the paper to that in the electronic mortgage document. If the paper adequately corresponds to the electronic document and is otherwise sufficient, then the certifying agent certifies the electronic document so that other parties can reliably engage in transactions involving the electronic document without having to possess or otherwise inspect the executed paper document. Certification involves application of some form of indicia of certification to the electronic document, such as updating the value of a field corresponding to certification in the electronic document and/or applying a digital or electronic signature corresponding to the certifying agent to the electronic document.

Abstract: Methods and systems for facilitating the propagation of personal data include a Personal Data Propagation Environment (“PDP environment”) that facilitates the propagation of personal data items between secure personal data stores and various consumers of the personal data items. One PDP environment includes a personal data manager and a personal data subscriber. The personal data manager manages personal data items on a secure data store associated with a user computing device. The personal data manager provides access to personal data items stored on the secure data store in accordance with a personal data subscription associated with the personal data subscriber.