Intelligent Token Patents (Class 713/172)
  • Patent number: 11122036
    Abstract: Systems and methods are provided for use in enabling, providing, and managing digital identities in association with mobile communication devices. One exemplary method includes capturing an image of a physical document comprising a biometric of a user associated with the physical document, and extracting the biometric from the image and converting it to a biometric template. The method also includes capturing a biometric of the user and comparing it to the biometric template. The method then includes, when the captured biometric matches the biometric template, transmitting a message to an identification provider comprising at least the image of the physical document and the biometric template, whereby the biometric template is verified against a repository, and binding data representative of the mobile communication device, a mobile application included therein, and the biometric template and/or the captured biometric of the user into a token.
    Type: Grant
    Filed: September 18, 2018
    Date of Patent: September 14, 2021
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Sumeet Bhatt, Ashfaq Kamal
  • Patent number: 11107078
    Abstract: A computer system is configured to provide a payment card security application programming interface (API) for providing a payment card security score to a partner entity computer system. Responsive to receipt of user identification data for a card holder from the partner entity computer system via the API, the computer system retrieves payment card electronic funds transfer (EFT) transaction data records corresponding to the card holder, and determines a transaction type and security level associated for the user's transactions. The computer system generates, based on the determined security level for each of the transactions, a security score for the card holder. The partner entity computer system provides the user identification data for the card holder to the payment card security API responsive to receipt of an authorization request for a new transaction. The partner entity computer system may determine whether to approve or deny the new payment card EFT transaction based upon the security score.
    Type: Grant
    Filed: July 6, 2018
    Date of Patent: August 31, 2021
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Murugalakshmanan Mariappan, Joshua J. Baron, Todd Healy
  • Patent number: 11107075
    Abstract: Implementations of the present specification disclose blockchain data processing methods, apparatuses, devices, and systems, including a computer-implemented method for blockchain data processing. Blockchain transaction data of a plurality of transaction participants is received. Each of the plurality of transaction participants provides a respective certificate indicating a respective legal membership in a blockchain. The respective legal membership enables processing of the blockchain transaction data. A mutual identity querying is performed to confirm whether each of the plurality of transaction participants has the respective legal membership in the blockchain. Supervision keys of a supervision node in the blockchain are determined, where the supervision node corresponds to a supervisor, and where the supervision keys are dynamically updated based on a predetermined rule. The blockchain transaction data is encrypted by using the supervision keys. The blockchain transaction data is stored.
    Type: Grant
    Filed: May 9, 2019
    Date of Patent: August 31, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Xuming Lu, Hushen Wang
  • Patent number: 11095440
    Abstract: A device may receive, from a client device, a request with a single packet authorization (SPA) packet that includes data identifying a universal client device identifier (UID), a counter, a first one-time password generated based on a first shared key, the UID, and the counter. The device may generate a second shared key associated with the UID, and may compare the SPA packet to a comparison message authentication code (MAC) generated based on the second shared key, the UID, and the counter. The device may determine whether the SPA packet matches the comparison MAC, and may validate the client device when the SPA packet matches the comparison MAC. The device may provide a MAC associated with the SPA packet to the client device to enable the client device to validate the device for a secure communication based on establishing a pre-master key with the client device.
    Type: Grant
    Filed: November 29, 2019
    Date of Patent: August 17, 2021
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Junaid Islam, William F. Copeland, Mohammed M. Rahman, Gina L. Otts, Brent R. Bilger
  • Patent number: 11080371
    Abstract: The present invention involves with a method and system of state consistency protection for Intel software guard extension (SGX). In a method of state consistency protection for a central processing unit capable of creating enclaves, the central processing unit supports creation of at least one enclave, wherein the central processing unit communicates with a remote server providing services for the central processing unit through remote communication and the remote server has a remote attestation module, configuring the remote attestation module to facilitate the completion of every execution state storing operation and/or every execution state restoring operation, wherein the remote attestation refers to an attestation mechanism by which the central processing unit proves to the remote server that it has created the specific enclave in a local platform so that the remote server trusts the specific enclave. The present invention does not require special hardware and is favorable to cross-platform migration.
    Type: Grant
    Filed: October 24, 2018
    Date of Patent: August 3, 2021
    Assignee: Huazhong University of Science And Technology
    Inventors: Hai Jin, Weizhong Qiang, Zezhao Dong
  • Patent number: 11038860
    Abstract: In virtualized environments a method of determining authorization to a resource cannot use a hardware specific identifier, such as a MAC address. As a result upgrading a virtual host may cause licenses associated with that host to be invalid, even though the upgraded virtual host should be authorized. Authentication methods and systems are disclosed such that a key may be shared with a second host along with a license file and, provided at least the second host has a key associated with its system identifier and a key associated with a license file, access to a licensed resource may be authorized.
    Type: Grant
    Filed: April 10, 2018
    Date of Patent: June 15, 2021
    Assignee: Extreme Networks, Inc.
    Inventors: William T. Walker, Aabha Biyani
  • Patent number: 11025611
    Abstract: A method of a responding entity for creating a secure link with a requesting entity in an embedded universal integrated circuit card (eUICC) environment is provided. The method includes: receiving, from the requesting entity, a secure link creation message including signature information of the requesting entity; verifying the signature information of the requesting entity by using trust information of the requesting entity, the trust information of the requesting entity being generated by a certificate authority (CA) and transferred to the responding entity; generating a shared key used for communication between the responding entity and the requesting entity; and creating the secure link with the requesting entity by using the shared key.
    Type: Grant
    Filed: November 21, 2018
    Date of Patent: June 1, 2021
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Chul Hyun Park, Kwan Lae Kim, Jin Hyoung Lee, Joo Young Kim
  • Patent number: 10965449
    Abstract: Various methods and systems are provided for autonomous secrets management for a key distribution service (“KDS”). A KDS server performs centralized management and distribution of keys for client devices in a distributed computing system, which obviates key management and distribution at the client devices. In operation, a key request is received at a KDS server from a KDS client device. The key request is generated using a data protector and a KDS client component of the KDS client device. The key request is associated with a caller and a security token of the caller. The caller is authenticated at a security token service (STS) based on a security token. An encryption key or decryption key associated with the key request is generated. The encryption key or the decryption key is generated based on an interval-based key derivation scheme. The encryption key or the decryption key is communicated to KDS client.
    Type: Grant
    Filed: May 31, 2018
    Date of Patent: March 30, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Kahren Tevosyan, Kamran Riaz Khan, Brian S. Lounsberry, Cristian Stefan Salvan
  • Patent number: 10922714
    Abstract: A virtual universe system has a system and method for identifying spam avatars based upon the avatar's behavior characteristics through the use of Turing tests. The system may provide a Turing test unit for performing Turing tests and an analysis unit that compares the behavior characteristics of new or newly changed avatars against the behavior characteristics of known spam avatars to determine if the avatar has known spam avatar characteristics. It may further have a scoring system to calculate a spam score based upon similarities of the comparison and identifying the avatar as a spam avatar based upon the calculated spam score. It may further compare the calculated spam score with a spam score threshold wherein the avatar is identified as a spam avatar if the calculated spam score is equal to or greater than the calculated spam score.
    Type: Grant
    Filed: May 2, 2017
    Date of Patent: February 16, 2021
    Assignee: International Business Machines Corporation
    Inventors: Christopher J. Dawson, Rick A. Hamilton, II, Brian M. O'Connell, Clifford A. Pickover, Keith R. Walker
  • Patent number: 10924268
    Abstract: A key distribution method is disclosed. In this method, a key request can be received by a key management system (KMS) from a mobile operator network element (MNO). The key request can carry a public key of UE. At least one PVT and one SSK can be allocated to the US based on an IBC ID. The at least one PVT and SSK can be encrypted based on the public key to generate ciphertext; and an object can be signed based on a preset digital signature private key (DSPK) to generate a digital signature. The object can include the public key and the ciphertext. Still, a signature validation public key associated with the DSPK can be determined and a key response can be returned to the MNO. The key response can carry the signature validation public key, the public key of the UE, the ciphertext, and the digital signature.
    Type: Grant
    Filed: April 12, 2019
    Date of Patent: February 16, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Haiguang Wang, Yanjiang Yang, Xin Kang, Zhongding Lei
  • Patent number: 10922392
    Abstract: This disclosure relates generally to digital telecommunications, and more particularly to systems and methods for generating and managing composite digital identities. In one embodiment, a system and method for generating and managing digital identities is disclosed. The method includes receiving, from an identity seeker, a request having an identifier associated with an entity, the request includes a context associated with a transaction. An encrypted token corresponding to the identifier is identified from encrypted tokens stored in a database and is further decrypted to obtain context matrix on which analysis is performed with respect to the request. An activity status associated with the transaction is determined based on analysis to generate composite provisional digital identity (CPDI) specific to the transaction.
    Type: Grant
    Filed: January 10, 2018
    Date of Patent: February 16, 2021
    Assignee: TATA CONSULTANCY SERVICES LIMITED
    Inventors: Narendran Sivakumar, Sankaranarayanan Viswanathan, Radhika Kannan
  • Patent number: 10915922
    Abstract: A system and method in a virtual universe (VU) system for identifying spam avatars based upon the avatars' multimedia characteristics may have a table that stores multimedia characteristics of known spam avatars. It further may have an analysis unit that compares the multimedia characteristics of avatars against the multimedia characteristics of known spam avatars to determine if the avatar has known spam avatar characteristics. It may further have a scoring system to calculate a spam score based upon the similarities of the comparison and identifying the avatar as a spam avatar based upon the calculated spam score. It may further compare the calculated spam score with a spam score threshold wherein the avatar is identified as a spam avatar if the calculated spam score is equal to or greater than the calculated spam score. Multimedia characteristics include graphics, audio, movement, interactivity, voice, etc.
    Type: Grant
    Filed: May 2, 2017
    Date of Patent: February 9, 2021
    Assignee: International Business Machines Corporation
    Inventors: Christopher J. Dawson, Rick A. Hamilton, II, Brian M. O'Connell, Clifford A. Pickover, Keith R. Walker
  • Patent number: 10909229
    Abstract: The disclosure includes a system and method in which one or more virtual resources are presented to a secure element; and the one or more virtual resources are mapped to available resources based on a model architecture for the secure element in order to provide hardware abstraction, the available physical resources varying based on the model architecture and an associated host device, the virtual resources allowing consistent interaction with the virtual resources regardless of variation in the physical resources available and their location. The hardware abstraction increases the versatility of the secure element and may contribute to the secure element's functionality. The secure element providing functionality to replace most items carried in an individual's pockets, e.g., logical and physical keys, a thumb drive, identification, credit and debit cards, etc.
    Type: Grant
    Filed: January 3, 2018
    Date of Patent: February 2, 2021
    Assignee: Proxense, LLC
    Inventor: John Joseph Giobbi
  • Patent number: 10893418
    Abstract: Embodiments are directed to access point deployment in a network including a centralized system and a distributed system. An embodiment of an apparatus includes a memory and a processor executing instructions stored in the memory. The instructions include instructions to receive a message from an access point (AP) requesting a role in a network and, based on reception of the message, to access a deployment policy. The instructions further include instructions to determine whether the deployment policy is defined for the AP and, based on a determination that the deployment policy is defined for the AP, to assign the role to the AP corresponding to the deployment policy and corresponding to at least one of a centralized system or a distributed system of the network.
    Type: Grant
    Filed: March 8, 2018
    Date of Patent: January 12, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Hsiu-Wei Liu, Jikui Pei, Ben Dunsbergen, Rajini Balay
  • Patent number: 10893045
    Abstract: A method of accessing data at a device, wherein the data is stored remotely from the device or in removable storage. The method may the following steps: (i) sending a request from the device to access the data, the request including an identification code of a secure element or a memory card associated with the device, (ii) verifying, based at least partly on the identification code, whether access to the data is to be allowed or denied, and (iii) allowing or denying the device access to the data accordingly.
    Type: Grant
    Filed: August 29, 2014
    Date of Patent: January 12, 2021
    Assignee: Liberty Labs Limited
    Inventors: Christopher Iain Johnston, Michel Leduc
  • Patent number: 10855735
    Abstract: Example media monitoring apparatus disclosed herein include means for accessing, at a first server, a first adaptive bitrate streaming URL collected by a meter executing on a mobile platform, the first adaptive bitrate streaming URL collected from a first message to be sent by the mobile platform to a second server to stream first media according to an adaptive bitrate streaming protocol, the first adaptive bitrate streaming URL received at the first server in a report sent from the meter executing on the mobile platform. Disclosed example apparatus also include means for requesting network log information corresponding to the first adaptive bitrate streaming URL from a service provider providing network access for the mobile platform. Disclosed example apparatus further include means for monitoring presentation of the first media on the mobile platform using the network log information.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: December 1, 2020
    Assignee: The Nielsen Company (US), LLC
    Inventor: Jan Besehanic
  • Patent number: 10848488
    Abstract: A system and a method of authentication to improve security communication between machines are disclosed. The system includes a retrieving unit (120) that identifies a critical component (102) of an apparatus (110) in response to an authentication request for the apparatus (110) and retrieves authentication information for the critical component (102) comprising expected physical and digital signatures for the critical component (102) and one or more associated additional components (104). An acquiring unit (160) that acquires present signatures for the components (102, 104). A checking unit (180) that checks validity of each present signature with the corresponding expected signature, in order to authenticate the apparatus (110). The authentication process is enhanced by strategically extending the biometric concept, that is, measurement and analysis of unique physical or behavioral characteristics for verifying identity purposes, to interactions between machines.
    Type: Grant
    Filed: February 28, 2018
    Date of Patent: November 24, 2020
    Assignee: The Boeing Company
    Inventors: Victor Perez Villar, Grzegorz M. Kawiecki
  • Patent number: 10848965
    Abstract: A method of detecting compromised message information includes: wirelessly receiving, at a mobile wireless communication device, present unprotected information and present protected information; retrieving previous unprotected information, corresponding to the present unprotected information, and previous protected information, corresponding to the present protected information, from a memory of the mobile wireless communication device; comparing the present unprotected information to the previous unprotected information to determine that an unprotected information change has occurred; comparing the present protected information to the previous protected information to determine whether a protected information change has occurred; and determining that the present unprotected information is valid in response to the protected information change having occurred and being consistent with the unprotected information change, or that the present unprotected information is invalid otherwise.
    Type: Grant
    Filed: February 24, 2020
    Date of Patent: November 24, 2020
    Assignee: QUALCOMM Incorporated
    Inventors: Krishna Ram Budhathoki, Ankur Bhattacharjee, Mattias Kaulard Huber, Subrato Kumar De
  • Patent number: 10839412
    Abstract: A method for generation and distribution of protected user-specific information includes encrypting, by a processing device of a computer system, using a first encryption key of an encryption key pair, predetermined digits of a payment account number, the encryption yielding an encrypted identifier. The processing device of the computer system then generates a machine-readable code that is encoded with the encrypted identifier and additional data. A transmitting device of the computer system transmits, via an electronic communication, the generated machine-readable code to an electronic device of a user and transmits a second encryption key, of the encryption key pair, to a specialized computer system, wherein the second encryption key is associated with the first encryption key used to yield the encrypted identifier.
    Type: Grant
    Filed: October 10, 2017
    Date of Patent: November 17, 2020
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventor: Rohit Chauhan
  • Patent number: 10832240
    Abstract: The invention relates to a method for processing transactional data, implemented within a secured intermediate server, connected to a communications network. Such a method comprises: reception, by the secured intermediate server, of a request for payment comprising a piece of data representing an identification of a communications terminal used by a user to carry out a purchase operation with a merchant server connected to said communications network; setting up a secured point-to-point link with a payment module of the communications terminal; transmission, to said payment module, of a request for execution of payment; reception, by the payment module, of a piece of information on payment; transmission of a message of information to the merchant server.
    Type: Grant
    Filed: April 10, 2015
    Date of Patent: November 10, 2020
    Assignee: INGENICO GROUP
    Inventor: Jean-Louis Sarradin
  • Patent number: 10817231
    Abstract: A local login processing method of an image forming apparatus is provided. The local login processing method include generating session information according to a remote login request upon receiving the remote login request from a mobile terminal, transmitting the session information to the mobile terminal, receiving, from the mobile terminal, a local login request including local login information generated by using at least some of the session information, and approving the local login request by comparing the session information and the local login information.
    Type: Grant
    Filed: October 12, 2018
    Date of Patent: October 27, 2020
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventor: Jinkyu Kook
  • Patent number: 10783267
    Abstract: A method and system are provided that may centralize the management of applications that access the data of social networks via API calls. A central service may generate tokens at a generation rate that permit an application to access an API. The tokens may be distributed to queues associated with certain content types. The relative distribution of tokens to each queue may be determined by rules. A queue may release tokens to applications that function to access the content type associated with the queue. The token generation rate and rules may be selected to prevent violation of the rate limits for the API.
    Type: Grant
    Filed: February 15, 2019
    Date of Patent: September 22, 2020
    Assignee: salesforce.com, inc.
    Inventors: Michael Gordon Luff, Kang Li, Stuart Douglas McClune
  • Patent number: 10783736
    Abstract: Various embodiments are generally directed to copying data to a clipboard of a mobile device from a contactless card using NFC. A mobile device may issue a request to read data from the contactless card. The contactless card may generate encrypted data in response to the request. The mobile device may receive the encrypted data via NFC and transmit the encrypted data to a server for verification. The server may verify the encrypted data and transmit an indication of an account number for the contactless card to the mobile device. The mobile device may then copy the account number to a clipboard of the mobile device.
    Type: Grant
    Filed: July 25, 2019
    Date of Patent: September 22, 2020
    Assignee: Capital One Services, LLC
    Inventors: Daniel Herrington, Jeffrey Rule, Colin Hart, Jason Ji
  • Patent number: 10771970
    Abstract: A method of authenticating the communication of an authentication device and at least one authentication server using a local factor with creation of secret information shared by the authentication device and the authentication server; the reference information is derived from the secret information shared by the authentication device and the authentication server, where the manner of derivation is the same on the authentication device and on the authentication server; furthermore, the authentication device creates transformed reference information by means of cryptographic transformation from the reference information, where the local factor chosen and entered by the user or obtained from a medium or from the surrounding environment is used as an input in this cryptographic transformation, and where only the transformed reference information is stored on the authentication device and only the reference information is stored on the authentication server.
    Type: Grant
    Filed: July 6, 2016
    Date of Patent: September 8, 2020
    Assignee: ADUCID S.R.O.
    Inventors: Libor Neumann, Vlastimil Klima
  • Patent number: 10771263
    Abstract: A system and method for a distributed security model that may be used to achieve one or more of the following: authenticate system components; securely transport messages between system components; establish a secure communications channel over a constrained link; authenticate message content; authorize actions; and distribute authorizations and configuration data amongst users' system components in a device-as-a-key system.
    Type: Grant
    Filed: April 26, 2019
    Date of Patent: September 8, 2020
    Assignee: DENSO CORPORATION
    Inventors: Eric John Smith, Raymond Michael Stitt, David Stuckless Meyer, Brian Ensink
  • Patent number: 10748364
    Abstract: Aspects of the present disclosure include methods, apparatuses, and computer readable media for controlling access including receiving registration information associating a mobile device with an access device, wherein the access device provides an access privilege to an access-controlled point, associating the mobile device with the access device, receiving a blocking request from the mobile device to suspend the access privilege to the access-controlled point provided by the access device, authenticating the blocking request, and suspending, in response to authenticating the blocking request, the access privilege to the access-controlled point provided by the access device.
    Type: Grant
    Filed: July 16, 2019
    Date of Patent: August 18, 2020
    Assignee: Sensormatic Electronics, LLC
    Inventors: Himanshu Kulshrestha, Kuldeep Sharma, Pawan Sharma, Mohd Arif
  • Patent number: 10733310
    Abstract: A method, system and computer-readable storage medium for controlling access to application data associated with an application configured on a computing device. The method comprises: storing data comprising, for each of a plurality of access levels associated with the application, first data indicative of a combination of one or more credentials associated with the respective access level and an access level key corresponding to the respective access level, the access level key being encrypted by the combination of one or more credentials associated with the respective access level; determining, based on the first data, an access level in the plurality of access levels corresponding to a combination of one or more credentials available to the application; decrypting the access level key in the stored data corresponding to the determined access level; and providing access to encrypted application data associated with the application and corresponding to the determined access level.
    Type: Grant
    Filed: August 6, 2018
    Date of Patent: August 4, 2020
    Assignee: BlackBerry Limited
    Inventors: Sean Michael Quinlan, Haniff Somani, Sanjiv Maurya, Peter Barker, Siavash James Joorabchian Hawkins
  • Patent number: 10681023
    Abstract: Methods and apparatuses for managing access to hosts in a computerized system are disclosed. A request for an authenticator for enabling access to at least one host in the computerized system is communicated from an user to a portal. The portal verifies the right of the user to make the request, and in response to positive verification authorizes the user to make the request and sends the request to an authenticator manager to trigger providing of an authenticator for enabling access to at least one host in accordance with the request. The authenticator manager provides the authenticator for enabling access to the at least one host in accordance with the request. Acceptance of the request by an administration process according a predefined rule is required before said providing of the authenticator.
    Type: Grant
    Filed: June 30, 2014
    Date of Patent: June 9, 2020
    Assignee: SSH Communications Security OYJ
    Inventors: Roman Hernandez, Tomi Salo, Antti Huima, Tatu J. Ylonen
  • Patent number: 10674339
    Abstract: There is provided an information processing device including a processing unit that authenticates a communication target device on a basis of predetermined information transmitted from the communication target device by broadcast in communication in a first communication scheme, the predetermined information being used in a process to be performed in communication in a second communication scheme that is different from the first communication scheme, and establishes the communication with the communication target device in the first communication scheme in a case in which authentication is completed.
    Type: Grant
    Filed: September 13, 2016
    Date of Patent: June 2, 2020
    Assignee: SONY CORPORATION
    Inventors: Masahiro Sueyoshi, Tomohiko Nagayama
  • Patent number: 10667019
    Abstract: Apparatus and methods for managing provision of content to devices in a content delivery network. In one exemplary embodiment, content with a high probability of viewership is sent to consumer premises equipment (CPE) during off-peak periods and stored prior to viewing. An application is utilized to manage decisions related to content provision. The computer program will identify content that is likely to be of interest users associated with respective CPE, and schedule provision of that content in advance of viewing. Then, the system will develop a plan for optimal scheduling of transmission of content to CPEs, often including the use of trickle downloads. The scheduling plan is based collected statistical and historical data on network resource demand to make scheduling decisions. The system allows for the shifting of bandwidth utilization from periods of high demand to those of low demand, and increased performance with regard to user experienced latency.
    Type: Grant
    Filed: December 28, 2018
    Date of Patent: May 26, 2020
    Assignee: TIME WARNER CABLE ENTERPRISES LLC
    Inventors: Howard Pfeffer, Daniel Stoller, Chris Stengrim
  • Patent number: 10645089
    Abstract: An example terminal includes a communication circuitry configured to communicate with a server; and a data processor configured to request the server to include a second user in a relationship group of a first user and to extend, to the relationship group, a range of authorization for an Internet of Things (IoT) apparatus registered as an apparatus of the first user.
    Type: Grant
    Filed: August 20, 2015
    Date of Patent: May 5, 2020
    Assignees: SAMSUNG ELECTRONICS CO., LTD., KOREA ELECTRONICS TECHNOLOGY INSTITUTE
    Inventors: Ji-min Chung, Seung-woo Kum, Young-sun Ryu, Tae-beom Lim
  • Patent number: 10637861
    Abstract: Some embodiments of the present invention include a system and method for validating state change requests and include generating one or more permission tokens based on a user's session identification (ID), each of the permission tokens associated with a record ID of a record, the one or more permission tokens and corresponding associated record IDs communicated to an application associated with the user. The system receives a state change request from the application, the state change request includes a first permission token from the one or more permission tokens and a record ID associated with the first permission token. In response to receiving the state change request, the system generates a second permission token based on the session ID and the record ID included in the state change request. The system then validates the state change request based on the first permission token matching the second permission token.
    Type: Grant
    Filed: September 16, 2016
    Date of Patent: April 28, 2020
    Assignee: salesforce.com, inc.
    Inventor: Vinayendra Turuvekere Nataraja
  • Patent number: 10636025
    Abstract: A method, system, and apparatus for facilitating a payment transaction is disclosed. A server receives an event-setup request from an event organizer to set up an event-based payment session to obtain payments for one or more attendees of a subsequent event. In response to receiving the event set-up request: the server sets up the event-based payment session in accordance with the event-setup request; and provides a payment invitation corresponding to the payment session to each of one or more invitees of the subsequent event in accordance with the event-setup request. The server then receives from at least a first invitee of the one or more invitees, a conditional acceptance to the payment invitation, the acceptance being conditioned on one or more predefined criteria.
    Type: Grant
    Filed: January 11, 2016
    Date of Patent: April 28, 2020
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventor: Yumiao Zhang
  • Patent number: 10621572
    Abstract: Performing a financial transaction via a mobile device and a point-of-sale (POS) system may include utilizing the POS system to generate a digital code, communicating the digital code from the POS system to the mobile device, connecting the mobile device to a wireless network using the digital code as a password, forwarding a mobile identifying code, forwarding a network identifying code, transmitting transaction data associated with information regarding the financial transaction, the digital code, the mobile identifying code, the network identifying code, and account information associated with the POS system from the POS system to a payment system via a first digital network path, and transmitting the digital code, the mobile identifying code, the network identifying code, and account information associated with a user of the mobile device from the mobile device to the payment system via a second digital network path.
    Type: Grant
    Filed: October 1, 2019
    Date of Patent: April 14, 2020
    Assignee: Sqwin SA
    Inventor: Victor Gulchenko
  • Patent number: 10592878
    Abstract: Identification information is received from a transaction card at a transaction machine. The transaction card is associated with an account holder using the transaction machine and includes a transaction card type. Using the identification information, activity profile information is accessed for the account holder. The account holder's transaction machine usage is monitored and activity profile information related to the account holder's transaction machine usage is stored. A custom sequence of user interfaces to be displayed to the account holder is generated based on the transaction card type.
    Type: Grant
    Filed: September 21, 2018
    Date of Patent: March 17, 2020
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Michael R. Thomas, Elizabeth Schrag, Jimmy C. Wang, Jerome Rhodes
  • Patent number: 10587586
    Abstract: The method provides a multi system trust chain between a client system and a remote system in a secure connection, wherein an intermediary system associated with the network flow path serves as a signing entity to establish an end to end transitive trust. The intermediate system is a corroborative entity in the operations technology (OT) realm of the client system. The remote system serves as the host for a plurality of services in the information technology (IT) realm. A two way handshake during the initial secure exchange protocol between a local client application and a remote service is extended to a three way handshake that includes a nonce issued by the remote service on the remote system and a digital signature for the nonce issued by a signature service on an associated intermediate system. The nonce signature is verified authoritatively at the remote system based on the signing certificate of the intermediate system for explicit proof of association.
    Type: Grant
    Filed: February 10, 2017
    Date of Patent: March 10, 2020
    Assignee: MOCANA CORPORATION
    Inventors: Srinivas Kumar, Gopal Raman, Atul Gupta, Shashank Jaywant Pandhare
  • Patent number: 10547589
    Abstract: One embodiment provides a system that facilitates schematized access control in a content centric network. During operation, the system generates, by a content producing device, a secret key for a user based on a schema, wherein the schema is a regular expression which corresponds to one or more names and allows a user access to content associated with the names, wherein a name is a hierarchically structured variable length identifier that includes contiguous name components ordered from a most general level to a most specific level. The system receives an interest with a name that corresponds to the schema. The system encrypts a payload of a responsive content object based on the interest name. The system transmits the responsive content object with the encrypted payload to the user, which allows the user to decrypt the encrypted payload with the secret key.
    Type: Grant
    Filed: May 9, 2016
    Date of Patent: January 28, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Christopher A. Wood, Glenn C. Scott
  • Patent number: 10521616
    Abstract: As a PUF device ages, the response characteristics of the device change. Thus, mappings made on the original PUF outputs can drift and become invalid. Re-enrollment or re-mapping of hidden values to PUF response characteristics can resolve the changing nature of the PUF. Unfortunately, an adversary may tamper with the PUF during re-enrollment compromising security of the PUF. Accordingly, techniques of securely and remotely re-enrolling a PUF device are described. During an initial enrollment of the PUF device, multiple sets of enrollment values of the PUF device can be generated. For remote re-enrollment, a first initial set of enrollment values can be used to authenticate the PUF device. Upon authentication using the first initial set, the PUF device can re-enroll the PUF device and account for changes in PUF characteristics. A second set of initial enrollment values can then be used to verify that the PUF device is unaltered.
    Type: Grant
    Filed: November 8, 2017
    Date of Patent: December 31, 2019
    Assignee: Analog Devices, Inc.
    Inventor: John Ross Wallrabenstein
  • Patent number: 10491597
    Abstract: Techniques for enforcing data security in a cleanroom data processing environment are described herein. In one or more embodiments, a virtual private cloud environment stores a first set of data provided by a first user account and a second set of data provided by a second user account, where the first user account is associated with a first set of one or more security credentials and the second user account is associated with a second set of security credentials and where the first user account is prevented from accessing at least the second set of data and the second user account is prevented from accessing at least the first set of data. In response to receiving, from the first user account or the second user account, a request to destroy the virtual private cloud environment, at least the first set of data and the second set of data are deleted.
    Type: Grant
    Filed: January 3, 2019
    Date of Patent: November 26, 2019
    Assignee: Oracle International Corporation
    Inventors: Jeremy Ryszard Plichta, Andrew V. Baird, Roger Siggs, Kevin Scott DiMichel, Robert J. Cuthbertson, David Michael Mitchell
  • Patent number: 10423610
    Abstract: The invention relates to a method for exchange of information between a computing unit of a first entity and a computing unit of at least one second entity. A computing unit of at least one second entity is detected and information on a token associated to the second entity from the computing unit is requested and received. On the basis of the received information, the token associated to the at least one second entity, is retrieved and a token associated to the first entity is modified at least partly with information of the received token associated to the at least one second entity. Finally, the modified token is utilized at least in the service the computing unit of the first entity belongs to. The invention relates also to a system and a computing unit implementing the method.
    Type: Grant
    Filed: February 24, 2012
    Date of Patent: September 24, 2019
    Assignee: TEKNOLOGIAN TUTKIMUSKESKUS
    Inventors: Ville Ollikainen, Juha-Matti Lehtinen, Antti Tammela, Kristiina Kantola, Raimo Launonen
  • Patent number: 10425465
    Abstract: A method of serving an API request includes receiving the API request at a local API proxy deployed at a local deployment environment. The method includes utilizing the local API proxy to service the API request at the local deployment environment, establishing a connection with a remote API management server, and providing to the remote API management server, via the connection, at least metadata about the API request.
    Type: Grant
    Filed: July 29, 2016
    Date of Patent: September 24, 2019
    Assignee: Google LLC
    Inventors: Prabhat Jha, Akhil Arora, Gregory Brail, Martin Nally, Peter Johnson
  • Patent number: 10394654
    Abstract: A computer boot apparatus and related method use a primary boot component (PBC) that is fixedly mounted in the computer. The PBC has a firmware element that is a non-volatile memory comprising a boot critical portion with instructions that initiate a boot of the computer. The PBC also has a policy manager and a version identifier. The PBC initializes the computer boot via the boot critical portion. The policy manager verifies and authenticates a secondary boot component that is removably attached to the computer.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: August 27, 2019
    Assignee: Intel Corporation
    Inventors: Krishna Kumar Ganesan, Karunakara Kotary
  • Patent number: 10394944
    Abstract: A system and method of tagging utterances with Named Entity Recognition (“NER”) labels using unmanaged crowds is provided. The system may generate various annotation jobs in which a user, among a crowd, is asked to tag which parts of an utterance, if any, relate to various entities associated with a domain. For a given domain that is associated with a number of entities that exceeds a threshold N value, multiple batches of jobs (each batch having jobs that have a limited number of entities for tagging) may be used to tag a given utterance from that domain. This reduces the cognitive load imposed on a user, and prevents the user from having to tag more than N entities. As such, a domain with a large number of entities may be tagged efficiently by crowd participants without overloading each crowd participant with too many entities to tag.
    Type: Grant
    Filed: August 14, 2017
    Date of Patent: August 27, 2019
    Assignee: VoiceBox Technologies Corporation
    Inventors: Spencer John Rothwell, Daniela Braga, Ahmad Khamis Elshenawy, Stephen Steele Carter
  • Patent number: 10389797
    Abstract: A method, system, and medium are provided for sharing items residing on a computing device. Items selected for sharing can be made simultaneously available to users on a local network and to users outside of the local network. A remote sharing service allows access to copies of items based on user identifiers associated. Local attributes associated with items are modified such that the user identifiers are associated with the items for providing access via a local network.
    Type: Grant
    Filed: January 13, 2017
    Date of Patent: August 20, 2019
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Lindsey R. Noll, Steve Seixeiro, Jerry K. Koh, Anshul Rawat, Sunil P. Gottumukkala
  • Patent number: 10373463
    Abstract: A physical wallet separation alert system capable of detecting, alerting, and defining a potentially-dangerous separation between a physical wallet and a mobile communication device is disclosed. In one example, the potentially-dangerous separation involves a user-defined “excessive” separation (e.g. a few meters, ten meters, twenty meters, etc.) between the physical wallet and the mobile communication device that may suggest a potential loss or theft of the physical wallet or the mobile communication device during a real-time tracking of the separated distance by a wallet separation prevention application executed by the mobile communication device. A physical wallet separation alert may be visual, aural, textual, or a combination thereof. The physical wallet separation alert system is capable of simultaneously tracking multiple physical wallets that are registered with the system.
    Type: Grant
    Filed: March 19, 2018
    Date of Patent: August 6, 2019
    Inventor: Romare Herring
  • Patent number: 10367642
    Abstract: A first cryptographic device determines multiple sets of passcodes for possible release in association with a corresponding one of a plurality of epochs, and transmits a message to a second cryptographic device over an auxiliary channel embedded in one or more passcodes released by the first cryptographic device to the second cryptographic device. For example, the first cryptographic device can determine multiple sets of passcodes by precomputing and storing the multiple sets of passcodes, or by generating one or more data sets from which the multiple sets of passcodes can be computed. The first cryptographic device transmits the message over the auxiliary channel by selecting a particular one of the multiple sets of passcodes based on content of the message and releasing a passcode from the selected set. The first cryptographic device may comprise an authentication token and the second cryptographic device may comprise an authentication server.
    Type: Grant
    Filed: December 12, 2012
    Date of Patent: July 30, 2019
    Assignee: EMC IP Holding Company LLC
    Inventor: Ari Juels
  • Patent number: 10362062
    Abstract: System and method to evaluate a plurality of security entities in a network environment is disclosed. Communication between a user computer and a destination computer is monitored by a security appliance. Selective information from the communication is extracted by the security appliance. The selective information is indicative of a value for one or more attributes of the plurality of security entities. A first value indicative of occurrence of each of the values for each of the attributes is generated. A second value indicative of occurrence of each of the values for each of the attributes for each of the security entity is generated. A third value is calculated based on the first value and the second value for each of the attribute value for each of the security entity, wherein the third value is indicative of significance of the value of the attribute for the security entity.
    Type: Grant
    Filed: April 22, 2016
    Date of Patent: July 23, 2019
    Assignee: Awake Security, Inc.
    Inventors: Debabrata Dash, Chunsheng Victor Fang, Gary Golomb
  • Patent number: 10341126
    Abstract: An example method is provided in one example embodiment and may include generating a content token, wherein the content token is generated for a particular content type of a particular application service based on a trust relationship established between the particular application service and a mobile service provider; and embedding the content token in one or more packets of a plurality of packets sent to a user equipment (UE) for one or more Internet Protocol (IP) flows associated with the particular content type, wherein the content token is embedded in an unencrypted portion of each packet that is separate from an encrypted data payload portion of each packet.
    Type: Grant
    Filed: June 15, 2017
    Date of Patent: July 2, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Timothy P. Stammers, Ian McDowell Campbell
  • Patent number: 10341093
    Abstract: The present disclosure discloses a method, an apparatus and a system for device identification. A specific implementation of the method comprises: receiving a device identification request sent from a terminal device, the device identification request comprising a current user identifier of a current user of the terminal device; acquiring a public key in a preset asymmetric key pair to serve as a first public key; sending the first public key and a randomly-generated first random number to the terminal device; receiving device characteristic information sent from the terminal device, the device characteristic information being generated by the terminal device based on the current user identifier, the first public key, the first random number and a device identifier of the terminal device; and identifying the terminal device based on the current user identifier, the first random number and the device characteristic information.
    Type: Grant
    Filed: June 9, 2017
    Date of Patent: July 2, 2019
    Assignee: BAIDU ONLINE NETWORK TECHNOLOGY (BEIJING) CO., LTD.
    Inventors: Yu Ding, Tao Wei, Yulong Zhang
  • Patent number: 10333707
    Abstract: Systems and methods for authenticating an electronic transaction are described. A request to complete an electronic transaction is initiated using a third party application installed on a computing device. The third party application receives, from a remote server, a temporary URL including a token. A background application installed on the computing device decrypts the token. The computing device displays details of the request provided by a user of the computing device and prompts the user to provide biometric information to verify the request. A biometric hardware device in communication with the computing device receives biometric information and passes it to a hardware abstraction layer of the computing device, which maps the biometric information to generate a key. The background application encrypts the key and sends the encrypted key to the remote server. The computing device receives a verification result for the request, e.g., via the third party application.
    Type: Grant
    Filed: May 23, 2018
    Date of Patent: June 25, 2019
    Assignee: FMR LLC
    Inventors: Kshitij Pathak, Sethu Subramanian Chettiar