In some embodiments, a method can include retrieving, from a data management server, a public key associated with a relying party. The method can further include encrypting and using the public key, a user profile data to define encrypted user profile data. The method can further include transmitting, via the data management server, the encrypted user profile data to a compute device associated with the relying party that (1) decrypts the encrypted user profile data using a private key corresponding to the public key to define decrypted user profile data, (2) generates a hash value of the decrypted user profile data, and (3) compares the hash value of the decrypted user profile data and a hash value of the user profile data stored in a distributed database to determine integrity of the decrypted user profile data.

A system for authenticating a requesting device using verified evaluators includes an authenticating device. The authenticating device is designed and configured to receive at least a first digitally signed assertion from a requesting device, the at least a first digitally signed assertion linked to at least a verification datum, evaluate at least a second digitally signed assertion, signed by at least a cryptographic evaluator, conferring a credential to the requesting device, validate the credential, as a function of the at least a second digitally signed assertion, and authenticate the requesting device based on the credential.

A secure computing hardware apparatus includes at least a secret generator module, the at least a secret generator module configured to generate a module-specific secret, and a device identifier circuit communicatively connected to the at least a secret generator, the device identifier circuit configured to produce at least an output comprising a secure proof of the module-specific secret. Secret generator module may implement one or more physically unclonable functions to generate the module-specific secret.

Systems and methods for detecting breached user login records in a zero-knowledge architecture. A breach detection module obtains login data that has been breached from breached data sources and service providers. The breached data is hashed with a system key and the breached data hashes are hashed in a hardware security module (HSM) using a hashing method and a non-exportable key. Clients provide user login data that has been hashed using the hashing method by the client device to the breach detection module. The breach detection module hashes the hashed user login data and compares the hashed user login hashes with the hashed breached data hashes and sends a breach alert to the client device if any hashes match.

A connected device with at least one sensor adapted to measure at least a physical quantity and to report a measure of this physical quantity to a remote device, the at least one sensor system providing an output Z which is then digitized in order to provide an output signal Y having a first and a second component, the first component being representative of the measured physical quantity X and the second component being representative of the structural noise R introduced by the at least one sensor. The connected device also has a noise generator configured to generate using as an input at least one parameter representative of the structural noise R a blurring noise V which is uncorrelated with said structural noise R; combine the digital output signal Y with the blurring noise V in order to generate a signal Y′; transmit signal Y′ to the remote device.

A network terminal, e.g., LTE or 5G, can connect to a home network via a serving network. The terminal can have a terminal identifier (TID), such as an IMEI or other PEI, and a network subscriber can have a subscriber identifier (SID), such as an IMSI or other SUPI. In some nonlimiting examples, a network node can determine that a SID and a TID are authorized for joint use and, in response, transmit authorization information. In some nonlimiting examples, a network node can receive an attach request having verification data and encrypted identification data. The network node can receive decrypted identity data and determine that the identity data corresponds with the verification data. In some nonlimiting examples, the terminal can send an attach request comprising encrypted SID and TID data, and a cryptographic hash, to a network node.

A method executed by a computer includes receiving an image from a client device. A facial recognition technique is executed against an individual face within the image to obtain a recognized face. Privacy rules are applied to the image, where the privacy rules are associated with privacy settings for a user associated with the recognized face. A privacy protected version of the image is distributed, where the privacy protected version of the image has an altered image feature.

A protocol that is managed by a coordinating network element or third-party intermediary or peer network elements and utilizes tokens prohibits any subset of a union of the coordinating network element or third-party intermediary, if any, and a proper subset of the processors involved in token generation from substantively accessing underlying data. By one approach, processors utilize uniquely-held secrets. By one approach, an audit capability involves a plurality of processors. By one approach, the protocol enables data transference and/or corroboration. By one approach, transferred data is hosted independently of the coordinating network element. By one approach, the coordinating network element or third-party intermediary or a second requesting network element is at least partially blinded from access to tokens submitted by a first requesting network element. By one approach, a third-party intermediary uses a single- or consortium- sourced database. By one approach, network elements provisioned with tokens jointly manage the protocol.

A mobile robot is configured for operation in a commercial or industrial setting, such as an office building or retail store. The mobile robot may include cameras for capturing images and videos and include microphones for capturing audio of its surroundings. To improve privacy by preventing confidential information from being transmitted, the mobile robot may detect text in images and modify the images to make the text illegible before transmitting the images. The mobile robot may also detect human voice in audio and modify audio to make the human voice unintelligible before transmitting the audio.

A decentralized and trust-minimizing computer architecture for computing rewards for users of an advertising system includes cryptographic black box accumulators (BBA), which is a cryptographic counter that only the issuer can update. An attention application requests initialization of a BBA from a guardian and subsequently requests updates to the BBA to track interactions between a user of the attention application and ads on the attention application. The guardian signs updates to the BBA to reach agreement on the state of ad interactions. The attention application may randomize the BBA and submit requests via an anonymous channel such that no participant can link two encounters with the BBA to each other or link the BBA to a specific attention application, thus improving user privacy. Reward redemption requests can be made based on a known policy and committed to a public blockchain for verification by observers that the protocol is operating correctly.