A server may maintain information about entities such as medical entities. A user device can send search queries to the server to obtain information about a particular medical entity. The server and/or the user device may maintain information relating to the particular medical entity in a manner that a relationship between the particular medical entity and the user device can be obfuscated from the server. By doing so, privacy of a user of the user device can be protected.

This disclosure is directed to embodiments of systems and methods for containerizing files and managing policy data applied to the resulting containers. In some of the disclosed embodiments, a computing system determines that a file stored in storage medium is to be included in a container to be sent to at least one computing component associated with a device including a user interface. The computing system determines that the file is of a particular type and also determines code that can be used to access files of the particular type. The computing system combines the file and the code into the container such that container is configured to be executed by the at least one computing component so as to cause content of the file to be presented by the user interface. The computing system then sends the container to the at least one computing component. In some implementations, the container may further include policy information defining at least one of whether, how, where, when, or by whom the file can be accessed using the code. A communication link may be established between the computing system and the container at the at least one computing component and an instruction may be sent via the communication link that causes a change to the policy information.

A verification application executing at a user's mobile phone directs the user to take a photo of an identification document (e.g., driver's license or other form of government issued identification) or of their face. After the verification application sends the image to a backend service, the service may then dispatch a drone to the user's location and take a photograph of the user. The service may then validate the previously-imaged document or photo of the user's face against the photograph of the user and the geolocation sent with the first image. The service may then verify the new account and provision a token to the verification application to complete a secured account generation.

A virtualized network function included in a mobile communication network may be capable of performing validation of sensor data. The sensor data may be generated by one or more sensors monitoring a tangible asset that is being transported between geographical locations. The sensor data may be received by the virtualized network function from an Internet-enabled device in communication with the mobile communication network. In some cases, a contract management application included in the virtualized network function may validate the sensor data based on one or more compliance thresholds describing a shipment condition of the tangible asset. Based on determining whether the sensor data indicates a compliant shipment condition for the tangible asset, the contract management application may modify a contract associated with the tangible asset.

A user may view a device with augmented reality glasses which may have a camera that views and collects data on the screen of the user device. When the user desires to access an account for which multifactor authentication is required, a one-time password may be sent to the user. The glasses may recognize the one-time password and determine if the one-time password originated from the user device. If the glasses verify that the one-time password originated from the user based on context of the user device display or the geographic locations of the devices, then the glasses will send the password to the service associated with the one-time password. The glasses may send the password back to the user device, send it to an intermediate server, or send it directly to the server associated with the service that provided the one-time password.

Aspects of the technology described herein provide for controlled access to a secure computing resource. A first device may receive a child token from a second device having a parent token. The child token may grant the first device access to a subset of data accessible to the second device. Based on a degree of physical proximity between the first device and a third device associated with a user satisfying a threshold proximity, an indication of a user identifier for the user may be received from the third device. A request for access to a secure computing resource associated with the user may be sent to the second device. The request may include the indication of the user identifier and an indication of the secure computing resource. Access to the secure computing resource may be granted based on the child token and the indication of the identifier.

Apparatus, methods, and program products for selectively obscuring data being displayed is disclosed. One apparatus includes a processor and a memory that stores code executable by the processor. The code is executable by the processor to determine a security classification for data being displayed on a display and selectively obscure the data being displayed on the display based on the determined security classification for the data. Methods and computer program products that perform the operations and/or functions of the apparatus are also disclosed.

Embodiments of the invention are directed to a system, method, or computer program product for integration with a wearable device for impetus resource distribution process confirmation and authentication. In this way, the invention coordinates with a wearable device and resource distribution vehicles of a user. Upon activation of a resource distribution vehicle, the system reviews metrics from the wearable device to identify discrepancies between the real-time metrics and a baseline for the user. The invention triggers tiered confirmation requests for authentication prior to allowing processing of the resource distribution for impetus distribution prevention.

A method and a system for providing location-based augmented reality (AR) administration and management are described herein. An AR engine of a computing device receives login credentials from a user, identifies the user based on the login credentials and a privilege level associated with the user, and grants the user access to the AR engine based on the identity of the user and the privilege level associated with the user. The AR engine also selects the user to have enhanced privileges based on the identity of the user and the privilege level associated with the user. The enhanced privileges comprise granting the user increased interaction capabilities with digitally created content by the AR engine. The AR engine engages a GPS engine and/or a camera of the computing device to create a defined area in the real world for the user. If the GPS engine determines that the user is within the defined area, the user is provided the enhanced privileges. If the GPS engine determines that the user is outside of the defined area, the user is prohibited from utilizing the enhanced privileges.

Systems and methods for controlling access to wireless gaming devices and networks are provided. example, access is controlled through one or more levels of security check, such as a hard security check instead of or in addition to a soft security check. In a hard security check, the user employs an apparatus such as a card or other physical token that can be used to access the wireless gaming device. Such an apparatus may communicate information that identifies the user to the device or may simply be used to produce a signal without which the device is locked to users.