343 results about "Internet privacy" patented technology

Systems, devices and process for secure storage, retrieval and management of files using cloud-based hosting services are supported with a real identity authentication device and process. Biometric authentication is required for encryption/decryption of files. The real identity authentication processes are integrated with file exchange processes and API's related to the hosting services. Systems for enabling third parties to request encrypted files, and for notifying a file owner of such requests, are supported.

According to an embodiment of the present invention, a method for determining a transaction authentication level includes receiving transaction information associated with a transaction between a user and a relying party, receiving relying party preferences, and determining a relying party authentication level based on the transaction information and the relying party preferences. The method also includes accessing user preferences, and determining a user authentication level based the transaction information and the user preferences. The method further includes determining the transaction authentication level using the user authentication level and the relying party authentication level.

A mobile wallet token is received from an account issuing entity. Next, the mobile wallet token is stored in memory within a portable computing device payment platform. A selection of an account for payment in a transaction is received from the PCD. The selected account is matched with the mobile wallet token and then the mobile wallet token is transmitted over a communications network. A pattern preserving token is then received from the communications network with the portable computing device payment platform for use to authorize payment in the transaction. The mobile wallet token corresponds to at least one of: a credit card account, an alternative or non-traditional payment account, a stored value account, an account from a financial institution, and a merchant based card account. A mobile wallet token may be generated by using an on-line portal to indicate the mobile payments are desired by the account holder.

A system and method to detect and contain threatening executable code by employing a threat monitor, verifier, endpoint agent, and a security information and event management module.

A method of authenticating users to reduce transaction risks includes indicating a desire to conduct a transaction and determining whether the transaction requires access to protected resources. Moreover, the method determines whether inputted information is known, determines a state of a communications device when the inputted information is known, and transmits a biometric authentication request from a server to an authentication system when the state of the communications device is enrolled. Additionally, the method includes validating the communications device, capturing biometric authentication data in accordance with a biometric authentication data capture request with the communications device, biometrically authenticating the user, generating a one-time pass-phrase and storing the one-time pass-phrase on the authentication system when the user is authenticated, comparing the transmitted one-time pass-phrase against the stored one-time pass-phrase, and granting access to the protected resources when the transmitted and stored one-time pass-phrases match.

A computer-based system converts cryptocurrency into a virtual asset. The system includes a user account database server configured to store data of a plurality of user accounts. The stored data pertains to each user account and indicates an accounting of obligations of the system to the user. The system also includes a cryptocurrency account server configured to receive, from a networked device of a user, a transfer of crypto currency, from an external cryptocurrency account. In response to receipt of such a transfer, the cryptocurrency account server is configured to update the data pertaining to the obligations of the system to the user. The system also includes a user interface server configured to receive a request from the user for conversion of cryptocurrency to an asset. In response to receipt of the request, the system updates the data pertaining to the user account of the user.

Systems and methods of tracking activity over networks and, in particular, tracking web activity over the Internet are described. Exemplary systems and methods may include a receiver for receiving a request from a visitor for a data object, a processor for providing a cookie to track the visitor's web activity, and a transmitter for transmitting the cookie to the visitor in response to the request. The cookie may comprise tracking information for a plurality of web sites visited by the visitor.

The method of the present invention functions to perform signature and identity authentication using a third party witness whereby the parties are enjoined via a video conference and whereby an authorized identity document is created. The invention is suited to transactions that require a legally binding, traditional witnessed authentication. The method of the present invention creates legally binding documents that comprise biometric information, including at least one of the group of, a passport, a drivers license, government issued identity card, or an corporate identity document.

Systems and methods of the present inventions allow for providing website hosting overage protection. An exemplary method may comprise the steps of hosting a website on a first server, monitoring a website usage parameter, transferring the website to an overflow server when the website usage parameter exceeds a first predetermined value, and redirecting a plurality of traffic to the overflow server. The website transfer may be accomplished by generating a copy of the website and installing the copy on the overflow server. The website may be retained on the first server. When the website usage parameter falls below a second predetermined value, traffic may be redirected back to the first server.

A three-party signing protocol uses a Trusted Third Party (denoted T) to simulate a two-party protocol in which a sender, designated party A, anonymously signs data intended for a particular receiver, designated party B, such that B can verify the signature on the data without learning A's true identity, and data and signatures received by different receivers cannot be cross-linked, aggregated, or associated with a single sender. In this three-party signing protocol, A has only one public/private signature key-pair. In the three-party signing protocol, T is permitted to "see" signatures generated by A, but B is not permitted to "see" signatures generated by A, unless they are randomized or encrypted, since doing so would permit A's generated signatures and signed data to be cross-linked. Thus, in the three-party signing protocol, T is used to "vouch to B on behalf of A" that signatures generated by A are valid.

Techniques are provided for dynamically establishing and managing authentication and trust relationships. An identity service acquires and evaluates contracts associated with relationships between principals. The contracts permit the identity service to assemble authentication information, aggregated attributes, and aggregated policies which will drive and define the various relationships. That assembled information is consumed by the principals during interactions with one another and constrains those interactions. In some embodiments, the constraints are dynamically modified during on-going interactions between the principals.

Systems and methods are provided for manual and/or automatic initiation of simultaneous multi-encrypted rotating key communication. Specifically, decryption of data between a first user and one more other users during a communication session may occur using a plurality of keys that rotate or change after an event has occurred, such as an amount of time has elapsed during the communication session or an amount of data has been transmitted during the communication session. The first user and the one or more other users may have a repository for the storage of the plurality of keys to use during the communication session.

A system and method of employing user information during a biometric authorization. A user's biometric system records and biometric third party records are monitored for negative, positive, and neutral data in order to maintain user record accuracy and to prevent fraudulent behavior.

A system automatically changes the user data such as e-mail address registered in reception designation lists used in a reception designation service according to notification of user data change. Reception designation service lists are provided for storing user data of each of users of a reception designation service. A first server has a capability of sending a notification of user data change according to a request from a terminal device of a user, the notification containing a change from a former user data to a new one. A second server has a capability of receiving the notification and changing the former user data to the new one in a corresponding one of the lists to the terminal device according to the notification. When the corresponding one of the lists is set to be changeable, the second server changes automatically the former user data to the new one in the corresponding one of the lists.

An anti-fraud token system is disclosed in which the authentication process is performed primarily on the client side. A client according is provided with an authentication list of websites for which authentication is required, and their respective authentic addresses. The client also asks a user to select a token, which may include graphics, text, and/or sound. When the user accesses an information source from the authentication list, the client notes that the address which the user is accessing is on the list. The client then displays the token as previously selected by the user to the user along with the accessed information, so that the user knows that the information he/she is accessing is authentic.

A method and system for protection of and secure access to a computer system or computer network from a portable device. The method includes the steps of receiving a first login account identifier, such as a user name from a user in communication with the computer system or network. A determination is made if the user is recognized and enrolled from the first login account identifier. If the user is recognized, a series of randomly generated visual images is displayed including one visual image from an image category which has been pre-selected by the user upon enrollment. An image category identifier is randomly assigned to each visual image in the series. An image category identifier is entered and received. If the login account identifier and the image category are validated, access is permitted to the computer system or network from the portable device.

A system architecture is disclosed that includes a privacy management system.

Methods, systems, and computer programs are presented for securing a computing device. One security device includes a processor, memory and a connector. The memory includes a computer program that, when executed by the processor, performs a method. The method includes operations for detecting that the connector is coupled to a second computing device, and for determining a user associated with the security computing device. In addition, the method includes operations for receiving periodic images from an image capture device coupled to the second computing device, and for performing continuous authentication operations to validate an identification of the user based on the periodic images. The user is disabled from using the second computing device after an authentication operation fails.

An electronic balance checking and credit approval system includes consumer transaction accounts, tokens, input devices, authentication hardware and software, and output devices. The consumer transaction account is held in trust on behalf of a consumer by a credit extending company. The token is specific to and held by the consumer, and includes a consumer account identifier that is associated with the consumer transaction account. The input device receives the consumer account identifier concurrent with a consumer-initiated request for account balance information. The authentication hardware and software verifies the consumer-initiated request and the consumer account identifier and authorizes access to the consumer transaction account. The consumer interface apparatus provides the consumer with a real-time account balance datum that is currently associated with the consumer transaction account. The system also includes a system and method for securely and quickly approving credit card transactions by comparing generated checksums with stored historical transaction results.

Techniques are provided for dynamically establishing and managing trust relationships. A first principal initially requests a community list. The community list includes identities of one or more second principals with which the first principal can establish trusted relationships with. The community list is associated with a trust specification. The trust specification defines the policies and access rights associated with interactions between the first principal and the second principals during any active trusted relationships. The first principal can dynamically subdivide, manage, and modify entries of the community list and the trust specification, assuming any such modifications are permissible according to global contracts and policies associated with the first principal.

In one embodiment the present invention relates to a method for structuring a transaction involving a first party having a long position in a security and a second party desiring to acquire short exposure to the security. In one example an agent or intermediary acts between the first party and the second party. In another example the first party and the second party deal directly with one another.

A method in a communication network wherein users are authenticated based on network originated user identities is disclosed. The authentication method comprising the steps of receiving a network originated identity from a user and associating the network originated identity with at least one non-network originated identity stored in a data storage. When a non-network originated identity is received from the user, the non-network originated identity from the user is compared with the at least one non-network originated identity from the data storage. The user is authenticated if the comparison is valid.

A system and method for managing private records and other confidential information is provided, including a patient interface that allows patients to configure privileges for various parties to access various private records or portions thereof. A database can be accessed via a privacy engine, which respects the configured privileges and allows searching for private records. A plurality of user interfaces is provided to allow records managers, patients, and interested parties to access selected private information. A clinical trials interface allows limited access to a private records database for interested parties to identify germane clinical trials and research studies. A recruitment interface allows conductors of research studies to access private records to locate appropriate research subjects.

Provided are a communication device having a built-in camera and a system and method of detecting a communication device having a built-in camera. In the system, a communication device can transmit camera existence data or particular identification data thereof, and in response thereto, a detection device can suspend a camera function of the communication device when a user with the communication device enters a security zone. In addition, the detection device can recover the camera function when the user with the communication device exits the security zone.

Methods and devices provide for creating, managing, modifying, and/or enforcing flexible digital rights management license policies for protecting games, media, data, or other software with a time-based license. Embodiments are especially directed toward situations in which a source of time is unavailable, untrustworthy, or unreliable. Licenses are defined by a small number of parameters. Parameter values may be defined by and included with protected content or applications. The parameter values may be chosen to define and enforce a desired level of compromise between usability and security characteristics.

Embodiments of the invention are directed to systems, methods and computer program products for transmitting, via an intermediary system, a payment request from a payment requestor to a customer. In some embodiments, a method includes: (a) receiving, at an intermediary computing device, the payment request from a source system, wherein the payment request includes a payment amount and an alias associated with a payment recipient, (b) in response to receiving the payment request, determining, via a computing device processor, whether the payment recipient is a registered payment recipient based on the alias, and (c) in response to determining the payment recipient is a registered payment recipient based on the alias, communicating, via the intermediary computing device, the payment request to the payment recipient based on the payment recipient being the registered payment recipient.

A method and apparatus for tracking network activity of a user. A user PC (302) disposed on a network (306) runs tracking software which initially requires registration to a registration server (2500). The registration process is initiated by the user entering user information into the tracking software for transmission to the registration server (2500). In response to registration, the registration server (2500) sends a unique ID and bar code back to the user PC (302). Subsequently, when the user accesses a vendor server (2504) disposed on the network (306), the user PC (302) passes the unique ID/bar code to the vendor server (2504). The vendor server (2504) sends the unique ID/bar code to the registration server to obtain user profile information which matches the unique ID/bar code. As the user accesses the vendor server (2504), the user activities are logged and returned to the registration server (2500) for updating the user information stored therein. Alternatively, the user information is stored on the user PC (302), the tracking software issued to the user having the unique ID bar code. Subsequent accesses to the vendor server (2504) results in the activity log being sent back to the user PC (302) for updating the user information.

The present invention provides a way to reduce click fraud by verifying that a human user is making URI requests. In a preferred embodiment, the present invention comprises a client-side plug-in or other suitable component adapted to: (a) assemble a list of enabled domains; (b) when a user first requests a resource from an enabled domain, modify hyperlinks in the response that target resources in any enabled domain; and (c) when a user attempts to follow a modified hyperlink, present a challenge to the user that the user must successfully negotiate before the user is granted access to the resource targeted by the hyperlink.

A user agent of a user selects another user having a user agent. The user agents exchange personal information about the user and personal information about the other user. The user agent determines whether a common interest exists between the two users based on the exchange of personal information. The other user is added to a social networking webpage of the user when the user agent determines that a common interest exists.

A technique allows a system to determine online user activity for a user associated with a user client device. The online user activity includes private content, publicly available content and content shared to a social group related to the user. The system determines a social behavior risk score, a social score, and a security risk score for the user and the content they share with others, and provides one or more recommendations to the user in response to determining the social behavior risk score and the security risk score for the user.