A transaction system based on a distributed peer-to-peer computer architecture, said system involving transactions generated by users by means of wallets and allowing the transfer of units of account by feeding inputs from outputs, each transaction (called downstream transaction) having an input directly or indirectly referring to an output of an upstream transaction (or several inputs each referring to an output of a respective upstream transaction) and having an output specifying the number of units of account and an address of a recipient.

The system comprises means for connecting an input of a downstream transaction to an output of an upstream transaction as a function of matching rules between a code computed on all or part of the content of the downstream transaction and a check code contained in the upstream transaction, or conversely,

The system further comprises means for propagating a contract, predetermined at an upstream transaction, to a downstream transaction having an input connected to the output of said upstream transaction, said contract being executable on a context for establishing allocation constraints of the output(s) of the downstream transaction, such allocation being authorized only if the constraints are met.

Embodiments are provided for securely visualizing and routing digital signatures in an electronic document generated by an application program executing on a computer system. The application program may generate an electronic document for receiving a signature graphic, and calculate a hash value from the electronic document and the signature graphic, and create a cryptographic signature from the hash value using a cryptographic encryption method. The electronic document is digitally signed by embedding the cryptographic signature therein. The application program may further collect and route digital signatures by automatically collecting signatures from individual signers, one-by-one, and identify the appropriate signature line for each signer to sign. The application program may further generate a user interface for creating and collecting digital signatures.

Methods, devices, and systems are provided for approving a transaction through an exchange of presented user contextual approval information and approval decryption. The user contextual approval information is generated by a user during a transaction, cryptographically signed, and provided to a transaction server. The user contextual data uniquely describes the transaction to the user and can be employed to aid a user in approving or validating the transaction in a subsequent approval action. In particular, a transaction may present the contextual approval information to a user in the form of an approval challenge message. The approval challenge message may be sent to a known user device via the transaction server in the form of a text or multi-media message. The user may respond to the message with an approval or denial response.

Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product. Also, techniques for facilitating security compliance of a computer program product include providing an encoded version of a computer program product, and providing an installation product builder for the computer program product, wherein the installation product builder creates an installation product in a computer storage medium using a client identity and the encoded version of the computer program product during a registration process, and wherein the created installation product comprises an entitlement file to facilitate security compliance of the computer program product.

A method and device for selectively securing records in a Near Field Communication Data Exchange Format (NDEF) message in a Near Field Communication (NFC) device are provided. The method includes generating a record by setting a first field to 0 and setting a second field to a predefined value, wherein the record indicates a beginning of at least one record to be secured in the NDEF message; and placing the record in the NDEF message, wherein, at least one record preceding the record is unsecured and at least one record following the record is secured.

A certificate schema for a public key certificate includes a schema identifier field and a root key identifier field. The certificate schema also includes a Cryptographic Mode of Use Attribute (CMA) field and a public key field.

A method for securing messages includes obtaining, at a message server, a message for a user of a message service hosted by the message server. The message includes a header and the header includes a digital signature signed by an author of the message and a list of one or more recipients of the message. The method includes determining whether the digital signature by the author is valid and determining, using the list of one or more recipients, whether the user is a declared recipient of the message. When the digital signature by the author is valid and the user is the declared recipient of the message, the method includes delivering the message to a user device of the user. When the digital signature by the author is valid and the user is not the declared recipient of the message, the method includes alerting the user.

A digital verified identification system and method are presented for verifying and/or authenticating the identification of an entity associated with an electronic file, such as, for example the digital signatory thereof. In particular, the system and method include a module generating assembly structured to receive at least one verification data element, and at least one digital identification module structured to be associated with at least one entity. The digital identification module is capable of being disposed or embedded within at least one electronic file. Further, the digital Identification module with the entity, and one or more metadata identification module includes at least one primary components identification module includes at least one primary component structured to at least partially associate the digital.

An e-mail system is disclosed that overcomes many deficiencies of, but is backward compatible with, existing e-mail systems. Embodiments of the system may include various features, including but not limited to: (1) secure transfer of e-mail messages, without the need for users to replace existing e-mail clients or to change e-mail addresses; (2) tracking of all actions performed in connection with an e-mail transmission; (3) the ability for a recipient to view information about an e-mail message, optionally including information about how other addressees have responded to it, before deciding whether to retrieve the e-mail message; (4) the aggregation of entire e-mail conversations into a single threaded view; (5) the ability to include both private and public messages in a single e-mail communication; (6) sender control over downstream actions performed in connection with an e-mail message; (7) flexible control over cryptographic methods used to encrypt emails messages for storage.

Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product. Also, techniques for facilitating security compliance of a computer program product include providing an encoded version of a computer program product, and providing an installation product builder for the computer program product, wherein the installation product builder creates an installation product in a computer storage medium using a client identity and the encoded version of the computer program product during a registration process, and wherein the created installation product comprises an entitlement file to facilitate security compliance of the computer program product.