A primary platform (PP) can (i) support a first set of cryptographic parameters and (ii) securely download an unconfigured secondary platform bundle (SPB) that includes a configuration package (SPB CP). The SPB CP can establish a secure session with a configuration server (CS). The CS can select operating cryptographic parameters supported by the first set. The SPB CP can derive an SPB private and public key. The PP can use the selected operating cryptographic parameters to securely authenticate and sign the SPB public key. The CS can (i) verify the PP signature for the SPB public key and (ii) generate an SPB identity and certificate for the SPB and (iii) send the certificate and SPB configuration data to the SPB CP. The SPB CP can complete configuration of the SPB using the SPB identity, certificate, and configuration data. The configured SPB can authenticate with a network using the certificate.

Methods and apparatus for secure registration to enable transactions between a first user and a vendor that is facilitated by a payment server are disclosed. The method may comprise storing a form soliciting customer information including a plurality of fields, wherein at least one of the plurality of fields is associated with an attribute. The method including receiving a copy of the form including customer data in all of the plurality of fields and transmitting a first subset of the customer data based on the attribute associated with the first subset of the customer data. The method including receiving a token in response to the transmission of the first subset of customer data and transmitting the token and a second subset of the customer data, wherein the second subset is based on the attribute associated with the second subset of customer data.

Systems, methods and devices for validating and performing operations on homomorphically encrypted data are described herein. The methods include securely transmitting and extracting information from encrypted data without fully decrypting the data. A data request may include an encrypted portion including a set of confidential data. One or more sets of encrypted comparison data may be then retrieved from a database in response to the data request. The encrypted set of confidential data from the data request is then compared with each set of encrypted comparison data using one or more homomorphic operations to determine which set of encrypted comparison data matches the encrypted set of confidential data. If there is a match, this validates the set of confidential data. An encrypted indicator is then generated indicating success or failure in validating the set of confidential data, which may then be forwarded to a party associated with the data request.

The invention provides improved verification solutions for blockchain-implemented transfers. It is suited for, but not limited to, implementation in an SPV wallet. In accordance with one embodiment, a method, system or resource is provided in which Bob verifies a Merkle proof for a first transaction and, upon successful verification, submits a second transaction to the blockchain. The second transaction has an input that spends an output (UTXO) from the first transaction. Generally, the invention provides an arrangement in which Bob sends Alice a payment transaction template (template Tx3) and requests: the full transaction data for all input transactions (Tx1, Tx2) comprising at least one output that Alice wants to spend as inputs to a transfer (Tx3); the Merkle path for all input transactions (Tx1, Tx2) linking them to their respective Merkle roots associated with their respective block headers; the completed transfer transaction (Tx3). Alice provides this information plus her signature and optionally a change address. Bob can then perform local SPV checks on the input transactions Tx1, Tx2 using transactions Tx1 and Tx2, their corresponding Merkle paths Path 1, Path 2, and Bob's local list of block headers. Bob broadcasts the transfer transaction (Tx3) to the P2P network.

Methods and systems for improved indexing of non-standardized, custom smart contracts. The improved indexer identifies custom landmarks (e.g., portions of bytecode indicative of custom smart contract transactions or particular functions in those transactions) that are indicative of transactions involving custom smart contracts (as well as the various attributes of those custom smart contracts). The indexer does this by first collecting bytecode for a subset of known transactions involving the custom smart contracts. The indexer then compares the bytecode of the custom smart contracts in the subset to identify the landmarks or probabilities that portions of the bytecode correspond to landmarks. Once these landmarks are identified (or a probability of the landmark is above a certain threshold), the indexer may designate these as known landmarks. The indexer may then compare the portion of the bytecode corresponding to the known landmark to raw bytecode. Upon detecting a match (or a probability of a match above a certain threshold), the indexer may identify the transaction and/or attributes of the transaction.

A method, a system, and a computer program product for executing a secure data exchange. A first information associated with a first computing device in the plurality of computing devices is authenticated by determining a validity of the first information. A verification certificate is generated and stored upon authenticating of the first information. An access identifier for accessing the verification certificate stored at a storage location is generated. An access to the verification certificate is provided upon a request to verify the first information from at least a second computing device in the plurality of computing devices, where the request includes the access identifier and the first information.

Systems, methods, and computer-readable storage media configured to facilitate execution of transactions via a money transfer network are disclosed. During execution of the transactions, tokenized identity information may be utilized when exchanging transaction data between geographically distributed nodes of the money transfer network and the transactions are recorded to a distributed ledger maintained by the nodes. Smart contracts may be utilized to digitally sign transactions at various stages of transaction processing, such as at different stages of regulatory compliance validation and to authenticate the validity of the requested transaction (e.g., prevent double-spends). Utilizing tokenized identity information may reduce the likelihood that personally identifiable information (PII data) is obtained by or inadvertently provided to unauthorized third parties or systems. Additionally, the distributed ledger may record information in immutable records, thereby increasing the reliability and trustworthiness (e.g., for auditing purposes) of the data stored on the distributed ledger.

Various implementation described herein are directed to a method for providing access control. User information is received at a device. A request to provide access control is generated by the device based on the received user information. The request is transmitted via a network to an access manager. A response to the request is received from the access manager. Access control via the device is provided based on the response to the request.

An illustrated view of an exemplary centralized electronic invoice/payment system for providing efficiency of invoicing and payment is presented. The centralized electronic invoice/payment system is useful for conveniently receiving all invoices in a timely manner and in one location for review. The centralized electronic invoice/payment system is useful for eliminating redundancy of invoice payments by paying multiple invoices with a single click. The centralized electronic invoice/payment system is further useful for retaining electronic proof of payment indefinitely.

A first device listens for a communication token across an audio bandwidth covering a transmit frequency one or more audio frequency broadcasting device. The first device receives at least one token broadcast from the one or more broadcasting devices. The first device demodulates and decodes each received token. One or more computing devices validates each decoded token. The first device determines, based on the validating, a broadcasting device of the broadcasting devices with which to establish a communications channel. The one or more computing devices generates a response token based on the token received from the determined device. The first device broadcasts the generated response token in a response band of the determined device. The determined device demodulates decodes, and validates the token broadcast from the first device. Upon determining the token broadcast from the first device valid, the first device and the determined device establish a wireless communication channel.