Abstract: A method may be performed using a server. The method may include receiving an identity authentication request associated with a user, generating authentication information based on the identity authentication request, and generating candidate information based on the authentication information such that the authentication information is a subset of the candidate information. The candidate information may be displayed at a randomly selected location. The user may provide input through a graphic input interface to select the authentication information from among the candidate information.

Abstract: A method for offloading a data segment includes receiving a probe request from a user device to offload the data segment, where the probe request includes a segment identification. The method further includes sending a probe response to the user device, where the probe response includes an approval or decline of an action to be executed by the user device, the action being one of an upload or a request to retry offloading the data segment at a later time. The method further includes sending a challenge to the user device.

Abstract: The present disclosure is applied to the field of communication technology, and provides a method, device for authenticating an accessing terminal and a system. The method includes: receiving a connection request sent by the terminal, the connection request carrying first terminal operation information; obtaining pre-stored second terminal operation information, and matching the first terminal operation information with the pre-stored second terminal operation information according to a preset matching strategy; sending, when the terminal operation information matches the pre-stored second terminal operation information, authentication success information to the terminal, and establishing communication with the terminal.

Abstract: A payment method and device are provided. The payment method includes: a server receives a passwordless payment request transmitted from a terminal, and receives a current neighboring apparatus identifier search-detected and reported by the terminal; the server performs, according to the current neighboring apparatus identifier, and a corresponding relationship of a preconfigured terminal and a neighboring apparatus identifier, risk evaluation on the terminal, to obtain an overall risk evaluation score; and the server determines, according to the overall risk evaluation score, a passwordless payment strategy corresponding to the passwordless payment request.

Abstract: Described herein are apparatuses (e.g., garments, including but not limited to shirts, pants, and the like) for detecting and monitoring physiological parameters, such as respiration, cardiac parameters, and the like. Also described herein are methods of forming garments having one or more stretchable conductive ink patterns and methods of making garments having one or more highly stretchable conductive ink pattern formed of a composite of an insulative adhesive, a conductive ink, and an intermediate gradient zone between the adhesive and conductive ink. The conductive ink typically includes between about 40-60% conductive particles, between about 30-50% binder; between about 3-7% solvent; and between about 3-7% thickener. The stretchable conductive ink patterns may be stretched more than twice their length without breaking or rupturing.

Abstract: A method protects a technical installation that enables physical entry by persons to the installation and a computerized access to a computer device of the installation. Persons who have current access to the computer device are registered as persons accessing the computer device leading to a formation of registered computer user data, and persons who are present in the installation are registered as persons present on site leading to a formation of registered on-site data. In the event of a new desired entry or a new desired access, a plausibility check is carried out in which a check is made as to whether the desired entry is plausibly compatible with the registered computer user data or whether the desired access is plausibly compatible with the registered on-site data.

Abstract: One aspect of the present invention discloses a license authentication method in a wireless access point (AP). The method comprises receiving a license authentication request including license information from a client; calculating a distance of the client from the wireless access point in response to the received license authentication request; based on the calculated distance, determining whether the client exists within a range of allowed positions for license authentication related to license location information for allowing authentication of a license included in the license information; and determining whether to authenticate in response to the license authentication request based on the determination result.

Abstract: Some embodiments provide a method for presenting packets captured in a network. The method identifies a first set of packets from a first packet group of multiple captured packet groups. The method identifies a second set of packets, that corresponds to the first set of packets, from a second packet group of the multiple captured packet groups. The method displays representations of the multiple captured packet groups. At least one of the first set of packets and the second set of packets are presented with a different appearance from other packets of their respective packet group.

Abstract: In one embodiment, a method includes: receiving, from a mobile gateway associated with the computing system, a first request for first content provided by a content publisher, the first request being sent from a mobile device; determining, based on information associated with the first request and one or more policies, that the first content is to be provided to the mobile gateway through one or more caching gateways associated with the mobile gateway; identifying at least one of the one or more caching gateways to provide the requested first content; and sending, to the mobile gateway, first instructions configured to cause the mobile gateway to obtain the requested first content from the identified at least one caching gateway.

Abstract: A system is provided which utilizes multiple combinations of object location technology to locate objects and direct users to them, and which provides reliable owner recognition and ownership verification with the use of displayed augmented reality with a predefined image of the object and/or the user. Further, the system utilizes augmented reality fingerprint markers. When the augmented reality fingerprint marker is positioned on an object and scanned with a smart device, information relating to the object is superimposed on the object displayed on the smart device.

Abstract: A method for regulating document access, the method comprising providing a set of access keys for a user, respective ones of the keys providing different user access privileges for components of a composite document, selecting multiple nodes in a distributed storage system, distributing data representing N fragments of encrypted or unencrypted versions of the set of access keys and/or at least one of the individual keys and/or a symmetric key. K, associated with the user across N selected nodes of the distributed storage system, wherein the encrypted versions are encrypted using the symmetric encryption key. K, associated with the user, encrypting data relating to address information of the N selected nodes using a public encryption key of the user to generate a location object and storing the location object as a component of the composite document.

Abstract: The car sharing system includes a car share device and an encryption code updating unit. The car share device is configured to perform wireless communicate with a mobile terminal that is operable as a vehicle key. The encryption code updating unit updates a first encryption code, which was used during a previous connection of the mobile terminal and the car share device, to a second encryption code, which differs from the first encryption code, when the mobile terminal and the car share device are reconnected.

Abstract: Disclosed are various embodiments for validating documents using a blockchain data. Multiple documents can be included in the validation process using a merge and hash process and a summary terms document. Validation can be performed by hashing and merging operations, followed by comparing hash values.

Abstract: The authentication of a client to multiple server resources with a single sign-on procedure using multiple factors is disclosed. One contemplated embodiment is a method in which a login session is initiated with the authentication system of a primary one of the multiple server resources. A first set of login credentials is transmitted thereto, and validated. A token is stored on the client indicating that the initial authentication was successful, which is then used to transition to a secondary one of the multiple resources. A second set of login credentials is also transmitted, and access to the secondary one of the multiple resources is granted on the basis of a validated token and second set of login credentials.

Abstract: Systems and methods are provided for checking many users in to a location using a Bluetooth® low energy (BLE) beacon. The provided systems and methods may allow a BLE beacon to facilitate a check in with a remote server that processes check ins and then disconnect from the device used to check in. The device may be assigned a unique identifier that may be broadcast from the device during the check in so that the BLE beacon can quickly scan for the identifier and connect with the device based on the identifier to provide content and other information to the device.

Abstract: A network system includes at least one server device and at least one terminal device that accesses any of the at least one server device. The terminal device authenticates a network address between the terminal device and any of the at least one server device and communicates data with any of the at least one server device. When the server device receives a request from the terminal device, it provides a service in accordance with the authenticated network address held by the terminal device that has issued the request.

Abstract: A data management process in a storage system comprises a two-step deletion process with a confirmation hold. Data identified in a service request for deletion is encrypted using a one-time use public key to render the data inaccessible to users and system processes. The data is decrypted using a corresponding private key and verified that the data corresponds to the data and is quarantined to prevent access by changing permissions. The quarantined data is further analyzed using a set of criteria that to determine whether access to the data by system users or process is still needed. If not, the data is permanently deleted by securely deleting the encryption and decryption keys.

Abstract: Electronic medical records (EMRs) with the results of the monitoring can be stored in a cloud-computing environment. All communications with the cloud-computing environment are performed via a secure connection. Each of the EMRs can be associated with an identifier that is provided with the results of the monitoring data. The EMRs can be created, viewed, and modified using a mobile application. The mobile application can use a scanner in the mobile device on which the application executes to obtain an identifier and uses the identifier to direct actions of the user towards the appropriate EMR. The mobile application can further provide additional user access verification. Alerts can further be provided through the mobile application. The mobile application deletes from the mobile device all information that has been transmitted or received from the cloud-computing environment once the information is no longer used.

Abstract: The described technology provides for plural application processes including at least one application in a browser to reliably acquire device information that can be used by other processes to accurately determine whether the plural applications are running on the same client device and/or are associated with aspects of the same client device. The more reliable determination of the devices associated with respective application processes can be used for various purposes such as, for example, user access management capabilities such as improved single sign-on (SSO) capability and/or improved multiple login prevention (MLP) capability.

Abstract: Provided are a method and device for providing service via wireless communication. A device which provides a service includes a wireless communication unit which receives, from an external device, information about at least one content that is being reproduced by the external device; and a controller which is configured to request an object for using a service related to the at least one content from a server, and to receive the object from the server, and to output the object via an output unit.

Abstract: A car sharing system includes a first server configured to manage a first sharing service, a second server configured to manage a second sharing service, and a management server configured to manage virtual user IDs. When a user has performed utilization registration for the first sharing service only, the user makes, to the first server, utilization application for the second sharing service operated by another business operator, from a communication terminal. The first server which has received the utilization application transmits user information to the management server. When the management server receives the user information, the management server allocates the user information to a virtual user ID, and notifies the second server of allocation information. The second server provides the second sharing service using the virtual user ID to which the user information is allocated.

Abstract: A computerized system conducts customer identification processing for customers who remotely open accounts with personal identification information that cannot be verified through available data sources.

Abstract: Apparatuses, methods, systems, and program products are disclosed for authenticating use of an application. An apparatus includes a processor and a memory that stores code executable by the processor. The memory stores code executable by the processor to receive a location identifier for a first device that provides an application that requires authentication for use. The memory stores code executable by the processor to receive a location identifier for a second device that is used to authenticate a user who intends to use the application that the first device provides. The memory stores code executable by the processor to provide access to the application that the first device provides in response to the location identifier for the first device matching the location identifier for the second device.

Abstract: A messaging application for a messaging service for an electronic communications device including a data store, the application being configured to: store, in encrypted form, message data for an identity registered on the messaging service as a database file on the electronic communications device; require a user to input a predetermined access code for the registered identity before giving the user access to the stored message data; and delete from the device the database file containing the encrypted message data in the event that a particular different predetermined code other than the predetermined access code is provided in place of the predetermined access code.

Abstract: Certain example embodiments relate to web applications. In certain example embodiments, an instance of a web application is executed using a client device. In response to the instance being started up, metadata is retrieved using a service embedded in the application and invoked at a bootstrap hook. The metadata is associated with earmarked programmatic elements in the application. At the client device and using an evaluation service injected into operation of the instance, one or more configured rules are evaluated against input. The rules are definable in relation to the earmarked programmatic elements using the retrieved metadata. They specify behavior of the web application and are dynamically (re)configurable while the instance of the web application is running. The (re)configured rules are dynamically effective without requiring web application redeployment, even if (re)configured while the instance of the web application is running. The instance is controllable responsive to the evaluation.

Abstract: One example method of operation may include receiving an access attempt from a user device, retrieving a user identifier associated with the user device stored in a database, creating a data tuple having three or more data elements based on the access attempt from the user device, storing the data tuple in the database, the data tuple includes at least a one-time code generated by an access device, a current time and the user identifier, and logging a successful access attempt by the user device when the user identifier is identified as being part of a list of user identifiers.

Abstract: An interactive identity verification system for gathering, identifying, authenticating and registering biometric data of a consumer verified through government agencies while monitoring, tracking, analyzing, storing and distributing dynamic biometric data to ensure access to the secured system remains authorized via monitoring of consumer data and to control authorized access to participating computer systems and programs. Consumer identity is verified with markers gathered from biometric detection and collection devices provided within the system, correlated with unique personal information and geo-location coordinates allowing authorized access to a secure computer system. Dynamic monitoring of consumer biometric data is required to guarantee online identity verification while operating under an alias or avatar to maintain public anonymity, participate in marketing incentive programs and increase security.

Abstract: A computing device may include a memory and a processor coupled to the memory. The processor may be configured to identify entry of an electronic device within a geographic boundary, and pre-launch a session for a user of the electronic device in response to identification of entry of the electronic device, with the session being inaccessible to the user at a time of startup of the session. The processor may be further configured to provide access to the session with use of the electronic device upon entry of the electronic device within the geographic boundary and based on an identifier of the user.

Abstract: A device may obtain registration data associated with a registration of an individual. The registration data may include an image that depicts a physical key and a reference object. The device may process the image to identify a first feature of the physical key and a first measurement of the first feature based on the size of the reference object. The device may store first feature data based on the first feature and the first measurement. The device may obtain second feature data based on a second feature of the physical key and a second measurement of the second feature identified from an insertion of the physical key into a keyhole of an authentication mechanism. The device may determine whether the first feature data corresponds to the second feature data. The device may authenticate the individual based on determining that the first feature data corresponds to the second feature data.

Abstract: An in-vehicle communication device is an in-vehicle communication device that performs a relay process of relaying data between functional units in an in-vehicle network, and includes a communication unit that performs the relay process using correspondence information indicating a correspondence relation between an Internet protocol (IP) address and a media access control (MAC) address of one or more functional units, an address managing unit that generates the correspondence information, and an authenticating unit that performs an authentication process for the functional unit, in which the authenticating unit performs the authentication process for the functional unit in which an IP address and a MAC address are newly registered in the correspondence information by the address managing unit, and the address managing unit deletes the correspondence relation of the functional unit from the correspondence information when the authentication process for the newly registered functional unit is not successfully

Abstract: A method for accessing a network by a terminal device by using a wireless means in the field of communications technologies, includes: receiving, by a resident node in a communications network, a first message from a terminal device, where the first message includes an authorization request; sending, by the resident node, a second message, where the second message is processed by a network node into a third message; and receiving, by the resident node, authorization result information from the network, and sending the authorization result information to the terminal device.

Abstract: A vehicle may include a plurality of seats including at least one front seat provided with a driver seat and at least one back seat located behind the front seat, an authentication module configured to perform authentication of a user, and a controller configured to provide a connected vehicle service according to whether authentication is completed by the authentication module, wherein the controller determines whether the user is accommodated on the back seat, and controls the authentication module to perform authentication of the connected vehicle service executable in the back seat on the basis of the determined result.

Abstract: An example electronic device includes a communication interface; an embedded subscriber identity module; a processor electrically connected to the communication interface and the embedded subscriber identity module; and memory electrically connected to the processor. The memory, if during execution the processor determines the type of subscriber identification information stored in the embedded subscriber identity module and the subscriber identification information is the shared subscriber identification information according to the determination result, confirms at least one communication service providing server connectable in the electronic device among a plurality of communication service providing servers, and can store instructions for accessing a communication service providing server selected from at least one communication service providing server with has been confirmed, by means of the communication interface.

Abstract: Aspects of the invention are directed towards method system and devices assisting a user in providing seamless access to a user through an access point of the access system. The invention describes estimating various factors such as time, distance, and signal strength enabling frictionless access to the user. The invention describes adjusting the time interval and the signal strength according to the needs of the user. Various other embodiments of the invention describes estimating a threshold signal strength and time interval based on a distance of the user from the access point.

Abstract: A method for the automatic pairing of a device (401) wirelessly with a user's secure WLAN provided by an access point (403), the pairing access point (403), that provides the secure wireless LAN and a second wireless LAN (e.g. a public Wi-Fi hotspot). A connection is established automatically between the device (401) and a wireless LAN provided by an available access point (410) using security credentials stored on the device (401). If it is determined that the available access point (410) is also the pairing access point (403), using the established connection to securely transfer second security credentials from the available access point (410) to the device (401). The transferred second security credentials can then be used to establish a secure connection between the device (401) and the first secure wireless LAN provided by the pairing access point (403).

Abstract: Device(s) and computer program products for creating custom music/video messages to facilitate and/or improve social interaction. The created music/video messages include at least portions of: music, video, pictures, slideshows, and/or text. The music/video messages enable feelings or emotions to be communicated by the user of the device to one or more recipient device(s).

Abstract: Among other disclosures, a method may include collecting historical communication data and personal data relating to a portion of a plurality of communications, a sender of one or more of the communications or one or more recipients of the communications. The method may include depositing the collected data into a repository of historical communication data and personal data. The method may include presenting one or more items in the repository on a mobile device, in response to user behavior.

Abstract: A client-server security architecture is disclosed that uses a masked grid, a seed, and mutual unlocking techniques to authentication a client device with a server machine using a one-time code (OTC). The client device in the client-server architecture stores a masked grid that is used to unlock an authentication code using a seed. Once mutually unlocked, the client device may generate an OTC to attempt to authenticate the client device with a server machine. The server machine validates that OTC with the OTC stored at the server to confirm they match. Each subsequent access may repeat the aforementioned steps. Moreover, in a multi-device ecosystem, a plurality of client devices may leverage a primary client device to connect with the server machine. For example, one or more subordinate client devices may connect to the primary client device to then tunnel through to the server machine in a secure manner.

Abstract: Methods and systems for secure authentication of users based on unique device identifiers are described herein. A computing device may receive, from a user device, a device registration. The device registration may comprise authentication credentials, device information, and/or a public key. Based on the authentication credentials and/or the device information, a unique device identifier may be generated. A token may be generated based on the unique device identifier and sent to the user device. A request for content may be received from the user device. A nonce may be sent to the user device. The token and a signed version of the nonce may be received from the user device. The nonce may have been signed using a private key corresponding to the public key. Access to the content may be provided based on the token, the unique device identifier, and/or the signed version of the nonce.

Abstract: A technique is provided that integrates authentication from a mobile device (e.g., using biometrics, social informational data, questions and answers, and more) to allow login to laptops and desktops while they are disconnected from the Internet using a USB cable connection, Bluetooth or local wifi or any other similar protocol and/or connected to Internet without USB. The technique provides a cloud clearinghouse that ties a person's or entity's mobile device(s) to an identity that's used to authenticate a person (could be the same person) on a laptop, desktop, or similar computer system.

Abstract: A method for utilizing a block chain infrastructure to define a trusted circle including at least two nodes of a plurality of nodes, the method includes receiving, by a first node, notification information identifying a trusted user circle including the first node and a second node, wherein the first node and the second node are configured to define a private block chain; and maintaining private block chain data within the trusted user circle according to pre-defined settings, wherein the private block chain data is divided between nodes of the trusted user circle based on the pre-defined settings.

Abstract: A server which performs secure authentication on a source code for smart contract may comprise a communication unit receiving a smart contract source code from the server requesting secure authentication; and a controller checking security vulnerability based on the received smart contract source code, wherein the controller comprises a source code vulnerability checking unit reading a source code of a smart contract and checking vulnerability in the source code; a communication interval checking unit checking a communication interval for execution of the source code; an execution vulnerability checking unit checking app and web vulnerability on a browser in which the source code is executed; a certificate issuing unit issuing a certificate if it is found from a checking result that a security level satisfies a required criterion and storing the certificate together with the source code in a blockchain block where the source code of the smart contract is stored.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for decentralized-identifier creation. One of the methods includes: receiving a request from a first entity for obtaining a new decentralized identifier (DID) for a second entity; determining an existing DID associated with the first entity based on the request; generating a cryptographic key pair associated with the second entity comprising a public key and a private key; creating, based on the public key, a DID document associated with the new DID, wherein the DID document comprises the existing DID associated with the first entity; generating a blockchain transaction for adding the DID document to the blockchain; signing the blockchain transaction using the private key of the cryptographic key pair associated with the second entity; and sending, to a blockchain node associated with the blockchain, the signed blockchain transaction for the blockchain node to add to the blockchain.

Abstract: Disclosed is a security system including: a first gateway comprising a security access gateway; a first sensor comprising a security sensor, the first sensor engageable to obtain access through the first gateway; a controller operationally connected to the first gateway and the first sensor, the controller being configured for: rending a first determination that the first sensor senses a first security access credential is being presented, and thereafter: rendering a second determining to monitor for compliance with protocols identifying a sequence and a timing scheme for presenting additional security access credentials; rending a further determination including one of: a determination to grant access if the presenting of additional security access credentials complies with the protocols; and a determination to deny access if the presenting of additional security access credentials fails to comply with the protocols.

Abstract: Included are embodiments for tokenizing sensitive data. Some embodiments of systems and/or methods are configured to receive sensitive data from a vendor, determine a token key for the vendor, and utilize a proprietary algorithm, based on the token key to generate a vendor-specific token that is associated with the sensitive data. Some embodiments include creating a token identifier that comprises data related to the token key sending the vendor-specific token and the token identifier to the vendor.

Abstract: One or more non-transitory computer-readable storage mediums having instructions stored thereon that, when executed by one or more processors, cause the one or more processors to receive, from a sensor, identifying information associated with an individual, query a database to retrieve context information corresponding to the individual, the database comprising a number of entities corresponding to two or more of spaces, equipment, people, or events and a number of relationships between the entities, the context information determined based on the entities and relationships of the database, determine a purpose of the individual based on the context information, dynamically generate a user interface element for a display based on the purpose of the individual, and control the display to display the user interface element.

Abstract: A method includes receiving, over an audio channel at a first audio input device, a first audio signal. The method also includes analyzing the first audio signal to identify at least a first portion of authentication data transmitted from an authentication token. The method further includes verifying transmittal of the authentication data by the authentication token utilizing at least a second audio signal. The second audio signal is received at a second audio input device, and the second audio signal comprises at least a second portion of the authentication data. The method further includes providing the authentication data to a validating application responsive to verifying transmittal of the authentication data by the authentication token.

Abstract: Systems and methods are disclosed for security breach notification. In one implementation, an indication of a security breach is received, at a first device with respect to a user account. Based on the indication of the security breach, a processing device generates a security breach notification, the security breach notification including an instruction to initiate at an account repository one or more actions with respect to the user account. An attempt is made to transmit the security breach notification to the account repository via a first communication interface of the first device. In response to a determination that the security breach notification was not successfully transmitted to the account repository, the security breach notification is transmitted to a second device via a second communication interface of the first device.

Abstract: A method at a primary communication device for participating in log-in of a secondary communication device where, upon recognizing a successful log-in of the primary communication device, a request for extended log-in to the secondary communication device is received from the secondary communication device. Instruction to initiate the requested extended log-in is transmitted to the secondary communication device. After having received physiological data, associated with the user of the secondary communication device, the first physiological data is compared with the physiological data provided from the secondary device for determining whether there is a match between the compared physiological data. In case of a match at least one credential is transmitted to the secondary communication device, whereas no credential is transmitted to the secondary device if no match is determined.

Abstract: Techniques for providing data security services with respect to cloud-based services are described. Examples include a security service provider (“SSP”) configured to perform or provide one or more security-related services or functions with respect to or on behalf of some other system or service. The other system or service may be, for example, a cloud-based system that provides network-accessible services. The SSP allows a user of the cloud-based service to provide and manage one or more security-related services, such as data storage, encryption, decryption, key management, and the like. By using and controlling the SSP, the user can be confident that his or her data is being securely represented and stored, even though it is being operated upon by a cloud-based service that is not under the user's control.