Embodiments relate to a system, program product, and method for use with a physical computing device to process a data access request. The requested data is encrypted with two keys, including a physical device authentication key and a transient key. Access to the data requires authentication on both the device level and situational level. Device situational data is monitored, which includes selectively enabling access to the requested data and de-activation of the transient key in response to a change in the monitored situational data. The transient key de-activation removes access to the requested data.

A method, system, and/or apparatus for automatically monitoring for possible infection or other physical health concerns, such as from Covid-19. The method or implementing software application uses or relies upon location information available on the mobile device from any source, such as cell phone usage and/or other device applications. The method and system automatically uses and/or learns user location and activity patterns, and/or viral variant information, and determines an infection risk that can be communicated as a warning to the user or community members.

A mobile device and method are provided that allow for registering the mobile device using a machine readable optical label. The mobile device receives a machine readable optical label, such as a QR code or a bar code. The machine readable optical label includes authentication data and security information. The mobile device scans machine readable optical label to read the authentication data and the security information. The mobile device validates the machine readable optical label and generates certificate request, the certificate request digitally signed using the authentication data and the security information. The mobile device transmits the certificate signing request to a registration authority.

Apparatus and methods to manage annotation of a body of data comprising data files are provided. The apparatus and methods may include an annotation management system concurrently accessible over a network by annotators, data engineers, data scientists, and checkers. The annotation management system may include a label management module, an annotated data management module, a change management module, a navigation management module, an original document reference, a database management module, and an output management module. The apparatus and methods may include locking a data file while an annotator is applying labels but concurrently allowing others to view and manipulate the data file.

This disclosure generally relate to a method and system for network policy simulation in a distributed computing system. The present technology relates techniques that enable simulation of a new network policy with regard to its effects on the network data flow. By enabling a simulation data flow that is parallel and independent from the regular data flow, the present technology can provide optimized network security management with improved efficiency.

The invention relates to a method and system that combines payment data and cyber fraud indicators to identify potential fraud in payment requests from a client. The system comprises: a memory that stores and maintains a list of known fraud characteristics and cyber fraud indicators; and a computer processor, coupled to the memory, programmed to: receive, via an electronic input, a payment instruction from the client; identify one or more cyber fraud indicators associated with the payment instruction; apply payment decisioning to merge the one or more cyber fraud indicators to the payment instruction; generate a risk score based on the payment decisioning to determine whether the payment instruction should be executed; and automatically apply the payment decisioning to the payment instruction.

A biometric matching process is disclosed. The biometric matching process may be used to obtain access to a resource managed by an access device using only biometric information. In some embodiments, a biometric template is stored in relation to a user device and/or account information, and is obscured. Upon receiving a request for access to a resource from an access device, the system may identify a number of user devices in proximity to the access device. Biometric templates associated with each of those user devices may be compared to a biometric template received from the access device. Upon identifying a match, the system may provide the access device with account information stored in relation to the matched biometric template. The access device may then complete a transaction using the provided account information and grant access to the requested resource.

A method of operating a user device includes: detecting whether the user device is located within a restricted zone by a monitoring entity of the user device; and limiting access to the user device by the monitoring entity in response to detecting the user device as being outside the restricted zone.

This disclosure relates to, among other things, systems and methods for managing the communication of messages between devices using a service system operating as a trusted intermediary. Information indicative of device location and/or orientation may be communicated to the service system, which may use the information to determine whether a transmitting device is oriented and/or otherwise pointed in the direction of an intended receiving device. The trusted service may enforce policy articulated by the receiving device in connection with the communication of a message from the transmitting device to the intended receiving device.

Data security across data residency restriction boundaries is provided by obtaining and profiling a dataset on which a desired analysis is to be performed, with some results of the desired analysis to be transferred from one location to another, the dataset subject to data residency restrictions that restrict transfer of the dataset across a boundary to the another location, and the profiling identifying a profile level for the dataset, then automatically generating a container image based on the profile level and the data residency restrictions that restrict the transfer of the dataset across the boundary, the container image configured for instantiation and execution to process the dataset into a reformatted dataset not restricted by the data residency restrictions for transfer across the boundary, and storing the container image to a container registry.