Abstract: Methods and systems for facilitating the propagation of personal data include a Personal Data Propagation Environment (“PDP environment”) that facilitates the propagation of personal data items between secure personal data stores and various consumers of the personal data items. One PDP environment includes a personal data manager and a personal data subscriber. The personal data manager manages personal data items on a secure data store associated with a user computing device. The personal data manager provides access to personal data items stored on the secure data store in accordance with a personal data subscription associated with the personal data subscriber.

Abstract: Methods, systems, and computer program products are provided for token-based content subscription. Embodiments include receiving a request for content subscription; receiving from a user a subscription token; and delivering content to a device associated with the subscription token.

Abstract: Regularity information such as time codes embedded preliminarily through an electronic watermark is detected from a predetermined number of pieces of continuous frame data of video content through the electronic watermark. In the case where the electronic watermark is not detected from the predetermined number of pieces of continuous frame data, a non-detection count is calculated, and falsification of the predetermined number of pieces of frame data is determined on the basis of the detected regularity information and the non-detection count. Accordingly, falsification such as deletion, addition, and replacement of video content is detected with high accuracy using the electronic watermark.

Abstract: In an electronic transaction, the invention provides a process and system for blocking a user's account until a verifier verifies the identity of the user. The process comprises pre-enrolling the user and the user's personal communication device. Optionally, one or more of the user's accounts are enrolled. At the time a transaction is initiated, the verifier sends an identification verification request to the portable communication device of the person initiating the electronic-transaction. The person then verifies his/her identity as the user. Optionally, the user authorizes the amount of the transaction. Optionally, the verifier issues to the user a proxy transaction card which the user uses to initiate electronic transactions that will be billed to one of the user's pre-enrolled accounts. Using information obtained from the user's proxy transaction card, the retailer/merchant's bank opens a communications link to the verifier, and the verifier then verifies the user's identity.

Abstract: An authentication program on a network authenticator establishes a secure communication channel with an embedded device. The authentication program receives security credentials from an embedded device. The authentication program receives from the embedded device via the secure communication channel either a secret for the embedded device or a request to generate the secret for the embedded device. The authentication program registers the secret for the embedded device.

Abstract: Exemplary embodiment of the present invention would provide systems, including Internet-based systems, and computer-implemented methods, for providing online Buyers and Sellers who physically transact an exchange of an item at a local meeting place, indicia of confirmation of the exchange on which to base a background online payment. In particular, exemplary embodiments of the present invention would provide a way for Buyers and/or Sellers to input an identifier for online authentication to confirm that a physical exchange of an item sold had been transacted and that would accordingly provide an online system with a basis to charge the relevant Buyer's account for a sale amount and pay the Seller for the item sold.

Abstract: According to one aspect, the invention provides a system for authenticating identities of a plurality of users. In one embodiment, the system includes a first handheld device including a wireless transceiver which is configured to transmit authentication information, a second device including a wireless receiver, where the second device is configured to receive the authentication information.

Abstract: A method of optimizing the retrieval of object-associated information may include identifying data associated with an object identification. At least one optimization parameter for the retrieval of data associated with an object identification is also identified. An amount of the associated data for transmission is determined using the at least one optimization parameter.

Abstract: A system, method, and computer-usable medium are disclosed for identifying transactions resulting from the access of a financial account while a user is under duress. A user provides a duress shared secret. Instructions associated with the duress shared secret are processed and available financial account operations, along with associated financial account information, are displayed according to the associated instructions. The cash or electronic funds proceeds of a financial transaction operation are tagged with electronic fraud identification data. Tagged funds received by a financial institution are processed to extract their associated fraud identification data, which is then used to generate fraud trail data. If the tagged funds are used to originate follow-on financial transactions, they are likewise tagged with fraud identification data, which is likewise used to generate fraud trail data.

Abstract: Herein is described a tokenless biometric method for processing electronic transmissions, using at least one user biometric sample, an electronic identicator and an electronic rule module clearinghouse. The steps for processing of the electronic transmissions comprise of a user registration step, wherein a user registers with an electronic identicator at least one registration biometric sample taken directly from the person of the user. A formation of a rule module customized to the user in a rule module clearinghouse, wherein at least one pattern data of a user is associated with at least one execution command of the user. A user identification step, wherein the electronic identicator compares a bid biometric sample taken directly from the person of the user with at least one previously registered biometric sample for producing either a successful or failed identification of the user.

Abstract: A system and method facilitating purchase transactions over a computer network, including the purchase of electronically storable items. The embodiments herein encrypt “customer identifier string” in an encryption stream and cause the encryption stream to be transferred from the customer to a merchant in the purchase transaction. A verification entity receives the encryption stream which is sent by the merchant for identity verification and payment authorization. Then, the verification entity verifies the identifiers contained in the encryption stream and transfers an identity verification and payment authorization from the verification entity to the merchant.

Abstract: A system receives account access information from a user. The account is then accessed using the received access information. Data is harvested from a web page associated with the account or received from another financial data source. The user's ability to access the account is authenticated based on the obtained information.

Abstract: Systems and methods for token authentication analyze token data over one or more read operations to compute a characteristic master signature for the token. This can be accomplished, for example by analyzing the token data statistically to compute a characteristic signature for the token. Similar techniques can be used to generate a subsequent signature that can be verified against the original characteristic signature to authenticate the token. For example, a signature can be generated on a per use basis and that signature verified against the characteristic signature to validate the token upon use.

Abstract: A reputation server is coupled to multiple clients via a network. Each client has a security module that detects malware at the client. The security module computes a hygiene score based on detected malware. The security module provides the hygiene score and an identifier of a visited web site to a reputation server. The security module also provides identifiers of files encountered at specified web sites to the reputation server. The reputation server computes secondary hygiene scores for web sites based on the hygiene scores of the clients that visit the web sites. The reputation server further computes reputation scores for files based on the secondary hygiene scores of sites that host the files. The reputation server provides the reputation scores to the clients. A reputation score represents an assessment of whether the associated file is malicious.

Abstract: An electronic transaction payment system is provided having a vendor terminal associated with a vendor who provides goods or services to a purchaser, a vendor smart-card and a vendor smart-card reader for transmitting data to and receiving data from the vendor smart-card. The system also includes a purchaser smart-card reader which is connected to the vendor terminal and which is operable for transmitting data to and receiving data from a purchaser smart-card. In operation, payment for goods purchased by the purchaser is made between the purchaser smart-card and the vendor smart-card. In a preferred embodiment, the payment data is encrypted using an encryption key specific to the transaction between the purchaser and the vendor. A third party registry terminal may also be provided for providing validation of the vendor and/or the purchaser.

Abstract: A system and method for engaging in a credit or debit transaction do not transmit an individual's account number to a vendor or merchant. The individual provides the account number to a transaction acquiring device (TAD). The TAD requires the individual to provide one or more pseudo-random numbers that identify the individual. These numbers are only obtainable from an authentication device that can be unlocked only by passing an authentication challenge. The TAD then provides transaction data to a credit or debit issuer and the vendor, but does not provide or store the account number. The issuer provides the merchant with an identifier other than the account number that is nevertheless unique to the individual. This identifier may be used to track the individual's purchase history or perform other business functions.

Abstract: Disclosed is a payment system and method for supporting user verification in VoIP configuration by receiving secret number or VoIP phone number of a user as payment information on Internet and completing the payment by user verification and occupancy verification. The payment system includes a user terminal for inputting secret number or VoIP phone number as payment information, a payment gateway server for receiving the payment information from the user terminal to intermediate user verification and approving payment by occupancy verification, and a central communication company server for receiving the payment information from the payment gateway server to verify the user and receiving a final payment approval to add a payment amount to communication charges of the user terminal and bill the charges. The payment system prevents illegal payment by fraudulent use of the user information.

Abstract: Systems and methods are provided for data protection across connected, disconnected, attended, and unattended environments. Embodiments of the inventions may include differential encryption based on network connectivity, attended/unattended status, or a combination thereof. Additional embodiments of the invention incorporate “trust windows” that provide granular and flexible data access as function of the parameters under which sensitive data is accessed. Further embodiments refine the trust windows concept by incorporating dynamic intrusion detection techniques.

Abstract: An entering and leaving management system is provided. The management system includes a management terminal including: an authentication history information acquisition section configured to acquire authentication history information; a registered person image acquisition section configured to acquire a registered person image recorded associated with personal identification data of the authentication history information; an image acquisition section configured to acquire an image of a person to be authenticated, recorded associated with an authentication time of the authentication history information; and a listing section configured to list the registered person images and the image of the person to be authenticated on the operation screen side by side with the authentication history information.

Abstract: Various aspects of the present system provide methods and systems for identifying an individual who operates a remote computer. One aspect provides a technique to generate fingerprint of computer and its user based on the information collected through the actions a user conducts on internet. Another aspect of the system provides a technique to compute the fingerprints and find relations between users and computers. Another aspect of the system provides a trust ranking to a user based on the consistency of information collected from the user's various actions.

Abstract: Systems and methods are provided for providing a more seamless purchasing experience using a mobile device. The mobile device acquires data, such a barcode image, an image of an object or text, or audio data. A non-limiting example of a barcode is a Quick Response (QR) barcode. The acquired data is then used to obtain a network address of a payment website or webpage, which allows a user to make a purchase for a given product or service. The mobile device then launches the payment website or webpage. A user can enter into the mobile device, through the payment website or webpage, a supplemental ID used for authenticating the transaction.

Abstract: A mobile communication device 130 obtains a password of a customer for processing a payment transaction. The mobile communication device 130 stores the password in volatile memory in a buffer that is locked to prevent transference into a nonvolatile medium. The mobile communication device encrypts the password using a public key and then erases the unencrypted password from the buffer in volatile memory after the encrypted password is created. The mobile communication device 130 transfers the encrypted password over a network 140 to a transaction host 160 that utilizes the password in performing the payment transaction.

Abstract: A two-varying-password generator having two varying passwords of different digit lengths and different time intervals is disclosed. A two-varying-password generator has a printed circuit board where a processor is soldered onto, a battery, a display window and an on/off key and code key. The processor is loaded with two predetermined programs that can produce two passwords (or more than two passwords) of different digit length and different time interval. Meanwhile, the host computer also stores these two programs in the customer's account. As the clocks of both two-varying-password generator and host computer work in synchronously, both of them can produce two identical passwords of the same moment. Application of two-varying-password generator can counter phishing sites, fight credit card forgery and unauthorized transaction, tackle cloned ATM card.

Abstract: A mobile communication device 130 Obtains a password of a customer for processing a payment transaction. During entry of the password, the mobile communication device 130 disables tone emissions to protect the PIN from discovery. The mobile communication device encrypts the password using a public key and transfers the encrypted password over a network 140 to a transaction host 160 that utilizes the password in performing the payment transaction.

Abstract: A method for connecting a human key identification to objects and content or identification, tracking, delivery, advertising, and marketing. An Independent Clearing House Agent (ICHA) server is connected to a human key server. The human key server is connected to a translation server and universal virtual world (UVW) server for the management of a plurality of methods and device integrally working as one system. A virtual world airport (VWA) server is connected to a Mobile, Handheld, and Independent Device Application Development (MHIDAD) server which in turn communicates with an illumination transformer audio video manager interactive server transmitter (ITAVMIST which communicates with a virtual cash virtual currency (VCVC) server. The authentication unit also creating identification data; and sending to verification; a match combined with 9 out of 17 positive point evaluations returns, via an Internet connection to the mobile device.

Abstract: A device is configured to allow a user to select any of a plurality of accounts to employ in a financial transaction. The user device includes a biometric sensor configured to receive a biometric input provided by the user, a user interface configured to receive a user input including secret information known to the user and identifying information concerning an account selected by the user from the plurality of accounts. The user device includes a communication link configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, the user interface, and the communication link.

Abstract: Methods and systems for locking an application are described. A method includes receiving, over a communication network from a remote applicant, a signature for an application. The signature includes a date and time, an indication of agreement to the terms of the application, and verification information personal to the applicant and capable of confirming the applicant's identity. Based on the application and signature an internal checksum can be generated. The internal checksum is sent to a third party for generation of a second, external checksum. The external checksum is based on the internal checksum and the date and time the external checksum was generated. The internal and external checksums are associated with the application and then stored along with the application and signature.

Abstract: An apparatus for connecting a human key identification to objects and content or identification, tracking, delivery, advertising, and marketing. An Independent Clearing House Agent (ICHA) server is connected to a human key server. The human key server is connected to a translation server and universal virtual world (UVW) server for the management of a plurality of methods and mechanism integrally working as one system. A virtual world airport (VWA) server is connected to a Mobile, Handheld, and Independent Device Application Development (MHIDAD) server which in turn communicates with an illumination transformer audio video manager interactive server transmitter (ITAVMIST which communicates with a Virtual Cash Virtual Currency (VCVC) server. The authentication unit also creating identification data; and sending to verification; a match combined with 9 out of 17 positive point evaluations returns, via an Internet connection to the mobile device.

Abstract: A method for conducting transactions, includes: encoding concatenated transaction information at a cash point; sending the encoded concatenated transaction information from the cash point to a mobile device; receiving verification information from the mobile device formed in response to the encoded concatenated transaction information; confirming the received verification information; completing a transaction in the event of successfully confirming the received verification information.

Abstract: A system for managing digital interactions comprising an identity module for creating an identity, wherein the identity includes a unique identifier associated with a first party and a plurality of proposed terms for a relationship with a second party; and a relationship module, in communication with the identity module, for receiving and evaluating the plurality of proposed terms, including accepting or rejecting the plurality of proposed terms and, if accepted, for allowing the first party to communicate with the second party in accordance with the plurality of proposed terms.

Abstract: A prescribed virtual person was created for allowing a real person (user) in the actual world to pretend to be the virtual person (virtual person) and act as the virtual person when acting on a network and registered in a database 12a of a financial institution 7 for enabling the user to make shopping or the like as the virtual person with an electronic certificate issued by the financial institution 7 for the virtual person when pretending to be the virtual person and acting on the network, and the address of the virtual person necessary as the destination of a purchased article was set to a nearby convenience store. When acting on the network as the virtual person, cookies are rendered easily acceptable as compared with the case of the real person.

Abstract: An electronic trading system facilitates electronic trades of fungible trading elements. Fungible trading elements are electronically displayed and the system facilitates the trading operations. A risk factor for a particular transaction may be determined and based on this risk factor, the electronic trading system may elect straight through processing (STP) operations to conclude a trade. Otherwise the risk factor may indicate avoiding the STP and allowing other settlement means. The electronic trading system also include the dematerialization of the trading elements, therefore verifying ownership prior to exchange and as such as more robust and secure trading platform.

Abstract: The delivery of services is managed by a system that includes a portable device and a management apparatus which receives and decrypts a first identifier generated and encrypted by the portable device. One of the devices also digitally signs a second identifier, which is validated at the other device.

Abstract: A terminal and a method for exchanging electronic business cards that can guarantee privacy and guarantee complete and consistent communications to the user are provided. The terminal for exchanging electronic business cards with a device connected via a communications network stores the first public key and the first secret key, the first electronic certificate that includes the first public key and components of an electronic business card. The terminal prepares a first electronic business card from the components of an electronic business card that have been read from the memory, transmits the first electronic business card, together with the first electronic certificate that has been read from the memory, receives data encrypted by using the first public key, and decodes the encrypted data that has been received by using the first secret key that has been read from the memory.

Abstract: A digital downloading jukebox system including a mechanism for delivering custom services to a recognized user, including services for creating playlists, communicating with others, accessing other features, etc. is provided. In some exemplary embodiments, after a user is recognized, the jukebox system allows users to access a special front-end via the Internet or on an actual jukebox. Then, the user may, for example, create playlists, share songs with friends, send messages to friends, and access other value-added content. Other exemplary embodiments allow users to become certified, charging them for services without requiring constant inputting of coinage or credit card information. Such a system preferably learns about networks of friends, and enables managers to send similar messages to regular customers and/or others known to the system.

Abstract: A method for authenticating a financial transaction at a point of sale (POS) includes storing an application program in a first secure element of a mobile phone. The application is configured to generate instruction codes to effect the financial transaction upon verification of a user's identity. The user's credentials are stored in a second SE of the phone, which is operable to verify the user's identity from a biometric trait of the user input to the phone and to generate data authenticating the financial transaction in response to the verification of the user's identity. At the POS, the user invokes the application and then inputs a biometric trait to the phone. The second SE verifies the user's identity, and upon verification, generates data authenticating the transaction. The financial transaction data, including the instruction codes and the authenticating data, are then transmitted from the phone to the POS.

Abstract: A system and method are provided for managing financial market information. According to certain embodiments, the system includes a computer having a memory, processor, and display. The processor is capable of generating a graphical depiction of the financial market information on the display. The graphical depiction includes a multidimensional representation of a broad range of market information for at least two financial instruments. The graphical depiction resides in a single window on the display. The financial instruments may include multiple different classes of financial instruments, such as treasuries and futures. Different instruments may be selected and information, including basis information, relevant to the selected instruments may be displayed in a second window.

Abstract: The invention relates to the carrying out of verification processes with regard to authorization of user and/or payment processes by means of a mobile telephone terminal, whereby an identifier associated with an authorized user and/or payer is provided in such a way that it can be called up and represented on a display device of a mobile telephone terminal associated with the authorized user and/or payer. On the instructions of the authorized user and/or payer, the identifier is represented on the display device and optically scanned in an interrogation station. A control message with a request for confirmation of a process verifying the authorization of use and/or payment process is transmitted to the mobile telephone terminal. In order to grant use and/or carry out payment, the control message receives a reply by transmitting a confirmation message from the mobile telephone terminal to the interrogation station.

Abstract: Various aspects of the present system provide methods and systems for authenticating online purchase by tracing internet actions to a remote computer and to an individual who operates the computer. One aspect provides a technique to generate fingerprint of computer and its user based on the information collected through the actions a user conducts on internet. Another aspect of the system provides a technique to compute the fingerprints and find relations between users and computers. Another aspect of the system provides a trust ranking to a user based on the consistency of information collected from the user's various actions.

Abstract: There is provided a method and a system for documenting a transfer of authority of control for a container from a first entity of a transportation chain to a second entity of the transportation chain. The first entity transfers an electronic container control certificate to an electronic seal of the respective container, which electronic container control certificate comprises a cryptographic key associated to the second entity, and which container control certificate is digitally signed by the first entity. The container control certificate is stored in a log of the electronic seal.

Abstract: A method for providing a warranty relating to a transaction between two parties, each party having a data communications device, in a system which includes an infrastructure composed of a plurality of locations each associated with a respective institution which provides services to clients, each location having a computer system, a database coupled to the computer system and storing information about each client of the institution and a data communications device coupled to the computer system for communication with the data communications device of any one party, each party being a client of at least one of the institutions, the method containing the steps of: transmitting a request for a warranty from one party to the transaction which is a client of the respective institution to a respective location associated with the respective institution, which request includes information identifying the other party to the transaction and information about the nature of the transaction; conducting an exchange of

Abstract: A method for measuring trust in a transaction over a public key certificate network includes associating each edge KA?KB of an public key certificate network connecting two public keys KA and KB with a probability p that information about KB is reliable, and a confidence c that is a total dollar amount of transactions which have involved using edge KA?KB. One or more authentication paths are formed in the public key certificate network starting from public key KS and ending with a target public key KT. A limit l of an amount of insurance that an owner of KS is willing to provide to a user interested in a transaction with an owner of KT is calculated, and for each amount m<l, a premium for which the owner of KS is willing to sell insurance to the user for an amount of m is calculated.

Abstract: An identification token such as a proximity payment device may be integrated with a wristwatch. For security purposes, the identification token may be disabled when removed from the user's wrist. The identification token may be re-enabled by interaction with a docking station or personal computer at the user's residence.

Abstract: The disclosure is directed to systems, apparatus, and methods for online purchasing. In one example, a system includes a web server that presents purchase options and receives user input. The system may also include an application server that attempts to authenticate users to existing accounts using an account identifier, such as a user ID or email address. If a user does not provide an identifier corresponding to an existing account, the application server may create a new account. If the user provides an identifier corresponding to an existing account, but does not provide a valid password, the application server may create a provisional account. The application server may also associate purchases with the user's account and provide access to the purchased product. Purchases associated with a provisional account may be resolved with an existing or newly-created permanent account when additional user information is received, such when the product is registered.

Abstract: A system and method are disclosed. The method includes receiving, at a server computer, a transaction clearing request for a transaction, and then determining, using the server computer, if the transaction satisfies a stored blocking parameter. The method further includes allowing, using the server computer, the transaction clearing request if the transaction does not satisfy the stored blocking parameter, and denying, using the server computer, the transaction clearing request if the transaction satisfies the stored blocking parameter.

Abstract: A method to prepare an Extensible Business Reporting Language (XBRL) document in a web-hosted server includes authenticating a user, uploading financial information from a spreadsheet, storing the information, and processing the data into an XBRL compliant document for transmittal to a financial regulatory agency. The process takes an input from an Excel™ spreadsheet and produces a financial statement in XBRL format while providing a full audit trail for the document conversion and authorization including manual inputs to the final-form submission.

Abstract: A wireless network and method are disclosed that provide temporary data service to a party. For the invention, a temporary data service system receives a request from a first party to establish temporary data service for a second party. The temporary data service system then configures the wireless network to establish temporary data service for the second party, such as by setting up a temporary subscriber profile or temporary account for the second party in the wireless network. A notification system then generates a notification message indicating that the temporary data service has been established for the second party, and transmits the notification message to the second party. The second party may use the temporary data service to access some type of data message or data file, such as a picture message sent by the first party.

Abstract: Tokenless biometric authorization of transaction between a consumer and a merchant uses an identicator and an access device. A consumer registers with the identicator a biometric sample taken from the consumer. The consumer and merchant establish communications via the access device. The merchant proposes a transaction to the consumer via the access device. The access device communicates to the merchant associated with the access device. After the consumer and merchant have agreed on the transaction, the consumer and the identicator use the access device to establish communications. The access device communicates to the identicator the code associated with the access device. The identicator compares biometric sample from the consumer with registered biometric sample. Upon successful identification, the identicator forwards information regarding the consumer to the merchant.

Abstract: A method and system us disclosed for detecting fraud is non-personal transactions. The method and system comprise transmitting the purchaser's data, includes a ship-to address for the transaction, to a fraud-detection system; processing the purchaser's data to determine whether the transaction is potentially fraudulent; and returning the relative risks of fraudulent activity associated with the transaction. The method and system may include any of the following additional steps: checking to determine whether the purchaser's ship-to address exists, checking the purchaser's ship-to address against an historical database to determine whether a prior history of fraud exists, checking the purchaser's ship-to address against an historical database to determine whether a pattern of fraudulent activity exists for the ship-to address; and checking the purchaser's ship-to address against a modeling engine to determine whether elements exist in the demographic data which correlate with fraudulent trends.

Abstract: A method and apparatus for executing electronic transactions using cryptographically-enabled accounts stores cryptographically-enabled account information and instructions, receives a cryptographically-encoded permission certificate, and processes the received permission certificate to execute the transactions.