Techniques for enhancing the security of a communication device may include providing an application agent that executes in a trusted execution environment of the communication device, and a transaction application that executes in a normal application execution environment of the communication device. The application agent may receive, from the application, a limited-use key (LUK) generated by a remote computer, and store the LUK in a secure storage of the trusted execution environment. When the application agent receives a request to conduct a transaction from the application executing in the normal execution environment, the application agent may generate a transaction cryptogram using the LUK, and provides the transaction cryptogram to an access device.

A computer-implemented method includes providing, by one or more processing devices, a service code management interface; receiving, by the one or more processing devices, a specified quantity that is input by a user in the service code management interface; generating, by the one or more processing devices, the specified quantity of service codes, wherein the specified quantity of service codes comprise the same user identification information; and displaying, by the one or more processing devices, the specified quantity of service codes.

Methods, systems and apparatus, including computer programs encoded on computer storage media, for managing account private keys of a blockchain account registered by a user. In one example, the method includes obtaining identification information provided by the user; obtaining a private key set provided by the user, wherein the private key set comprises at least one account private key of a blockchain account registered by the user; establishing and storing an association relationship between the identification information and the private key set; obtaining an encryption key provided by the user; encrypting the private key set by using the encryption key to obtain an encrypted private key set; and storing the encrypted private key set on the user device.

A system for providing continuous automated verification of user identity and intent includes a processor within at least one server that implements a first processing node and a second processing node for monitoring a mirrored live-data flow of a live-data flow passing through the first processing node in a non-intrusive manner that does not affect the live-data flow passing through the first processing node to detect relevant network access and activity in the mirrored live data flow. At the second processing node, a first set of verification criteria, comprising a first set of dynamically generated dialogue of questions with associated answers to be provided by the at least one user, are dynamically generated based on live data inputs from the mirrored live-data flow and external data sources to verify an identify and an activity of the at least one user attempting to access the network prior to access and performing an activity on the network. A second set of verification criteria, comprising a second set of dynamically generated dialogue of questions with associated answers to be provided by the at least one user, are dynamically generated at the second processing node based on the responses provided by the at least one user to the first set of dynamically generated dialogue of questions to verify the identity and the activity of the at least one user attempting to access the network. A required threshold level is adjusted at which the first and second verification criteria must be met by the at least one user attempting the network access in order to allow or deny the network access and activity by the at least one user. The relevant network access and activity are denied if the verification criteria are not met at the required threshold level, to preempt unverified and unwanted access to and activity on the network by the at least one user. The relevant network access and activity are allowed if the verification criteria are met at the required threshold level. The system continues to monitor and verify the user identity and the user activity for a dynamic time period after access and activity on the network is granted to ensure continued user identity and activity fidelity.

Device identification data, network connection data, and other related data may be analyzed to determine an account classification, particularly before the account has even been used (or before extensive use has occurred). Computer system security may be improved via an intelligent engine that detects certain device and network connection factors in association with particular user actions, such as account creation. Monitoring be performed over a period of time for subsequent analysis.

A system and method for wireless transactions provides a software development kit (SDK) that provides accessibility to inherent communication capabilities within a wireless communication device. The communication capabilities are normally not accessible to a software developer. However, the SDK provides an appropriate interface that permits a software developer to create application programs for a variety of transactions between the wireless communication device and a mobile network operator (MNO). In some transactions, the MNO may function as a financial service provider in which a user has an account with an associated monetary value. The SDK provides a simplified technique for executing a financial transaction, such as making a payment or transferring money by presenting easy-to-use menus that avoid the difficulty of memorizing transaction codes, user phone numbers, and the like.

Various embodiments of the present invention pertain to a method for pairing devices using near field communication and an electronic apparatus using the same. The electronic apparatus comprises: a first wireless communication module supporting first wireless communication; a second wireless communication module supporting second wireless communication; a memory; and a processor operatively connected to the first wireless communication module, the second wireless communication module and the memory, wherein the processor is set to: detect a tag of an external electronic apparatus via the first wireless communication module; transmit a first command for driving a designated application of the external electronic apparatus to the external electronic apparatus via the first wireless communication module; receive, via the first wireless communication module, Bluetooth address information of the external electronic apparatus corresponding to the driving of the designated application; and perform, via the second wireless communication module, pairing with the external electronic apparatus on the basis of the received Bluetooth address information, wherein the pairing is performed in a tagging manner instead of a scanning manner during the pairing of the electronic apparatus with the external electronic apparatus, to thereby intuitively select the external electronic apparatus to be paired and simply perform a pairing process. Various other embodiments are possible.

A method, a terminal, and a storage medium are provided for controlling a functional circuit. In the method, the terminal acquires sensor data information of a sensor. Further, the terminal wakes up the functional circuit in the terminal to receive an ultrasonic signal in response to determining that the acquired sensor data information meets a preset condition.

A financial institution computing system includes a network circuit exchanging information over a network, a customer database storing financial information for a plurality of users, and a privacy shield circuit. The privacy shield circuit receives, over the network via the network circuit, a privacy shield request from an authorized user of a financial account via a user computing device. The privacy shield circuit generates a user alias for the authorized user of the financial account. The privacy shield circuit associates the user alias with the financial account in the customer database for use in conjunction with a subsequent transaction. Use of the user alias in conjunction with the subsequent transaction includes using the user alias for at least one of an authentication procedure and providing requested information to a merchant. The privacy shield circuit transmits the user alias to the user computing device over the network via the network circuit.

A system is provided as a computer server platform and application programming software installed in primary devices of users for exchanging and trading digital asset securely and anonymously between two users of the system. The digital asset is registered under a device account of a primary device of a user with the system using a unique device account name. The system respects “privacy by design” in GDPR by using device account based-on anonymized data instead of personal account based-on personal data of prior art to ensure the system does not collect, store and process users' personal data in the course of device accounts' set-up and transactions of digital assets.