A high security communication channel between the back-end application and the customer's mobile device is disclosed. An application programming interface that integrates into a service provider's back end application and a software development kit that integrates into a mobile application on the customer's mobile device establish a two-way communication channel between the back-end application and the mobile device. When a customer is ready to complete a transaction in one of the service provider's sales channels, such as online, by phone, in-person, by mobile device, or at a kiosk, the transaction moves to the mobile device for completion. A push message on the mobile device launches the service provider's mobile application and the customer completes the transaction quickly and securely using the advanced automation functions, such as biometrics, GPS, wallet, camera or near field communication, available on the mobile device.

A method of encrypting a data file includes: opening the data file; selecting, via a first user interface, a portion of the data file; encrypting, via an encryption component, the selected portion of the data file as one of a first level of encryption associated with a first authorized user and a second level of encryption associated with a second authorized user so as to create an encrypted data file; and saving the encrypted data file. The encryption component includes an out-of-band encryption key component having stored therein, a first encryption key associated with the first level of encryption and a second encryption key associated with the second level of encryption.

Example embodiments of systems and methods for application verification are provided. An application may generate a cryptographic key, and encrypt the cryptographic key with a predefined public key. A server, in data communication with the application, may include a predefined private key. The application may transmit the cryptographic key to the server. The server may receive, from the application, the cryptographic key; decrypt the cryptographic key using the predefined private key; encrypt an authorization token using the decrypted key; and transmit, to the client application, the authorization token via an out-of-band channel. The application may receive, from the server, the authorization token via the out-of-band channel; and decrypt the authorization token to obtain access to one or more services associated with the server.

Memory devices, systems including memory devices, and methods of operating memory devices are described, in which security measures may be implemented to control access to a fuse array (or other secure features) of the memory devices based on a secure access key. In some cases, a customer may define and store a user-defined access key in the fuse array. In other cases, a manufacturer of the memory device may define a manufacturer-defined access key (e.g., an access key based on fuse identification (FID), a secret access key), where a host device coupled with the memory device may obtain the manufacturer-defined access key according to certain protocols. The memory device may compare an access key included in a command directed to the memory device with either the user-defined access key or the manufacturer-defined access key to determine whether to permit or prohibit execution of the command based on the comparison.

Embodiments relate to systems for the distribution of payload in a secure manner. A server may receive a query from a device that includes a subscriber identifier. The server may determine, from confidential information stored, an association between the subscriber identifier and a public key of the device. The server may retrieve the public key of the device. The server may generate a data payload as a response to the query. The server may encrypt the data payload by a symmetric key that is generated randomly. The server may encrypt the symmetric key by the public key of the device. The server may transmit the data payload and the symmetric key that are encrypted to the device for the device to use a private key corresponding to the public key to decrypt the symmetric key and use the symmetric key to decrypt the data payload.

Disclosed are some implementations of systems, apparatus, methods and computer program products for securing memory dumps. In response to a trigger condition, a server generates a symmetric key corresponding to an instance of a memory dump. The server encrypts memory contents of the server using the symmetric key. In addition, the server encrypts the symmetric key using a key-encrypting key (kek), which can include a public key Both the encrypted memory contents and the encrypted symmetric key are stored for the instance of the memory dump. Responsive to a request for information pertaining to the instance of the memory dump, the encrypted memory contents and the encrypted symmetric key are retrieved from storage, the encrypted symmetric key is decrypted using a private key, and the symmetric key is used to decrypt the encrypted memory contents.

An operating system with automatic login mechanism and an automatic login method are provided. The operating system includes a first electronic device, a second electronic device and a server device. The second electronic device includes a biometric sensor. When a login event of the first electronic is triggered, the first electronic device sends a login request to the second electronic device directly or via the server device, so that the second electronic device performs a biometric verification by the biometric sensor according to the login request. When the biometric verification is passed, the second electronic device sends a first login credential to the first electronic device directly or via the server device, so that the first electronic device performs an automatic login operation of the first electronic device according to the first login credential.

A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.

Disclosed embodiments relate to securely facilitating decentralized management of identity data. Operations may include receiving, from an identity, encrypted data and an index associated with the encrypted data; receiving, from the identity, a first request including: the index, a first part of a first cryptographic key, and a target service cryptographic key; identifying, using the index, the encrypted data; encrypting a copy of the encrypted data using the target service cryptographic key to form a doubly encrypted data; sending a challenge token to the identity; receiving a second request, from a target service, the second request including: the index and a challenge response created based on the challenge token; and sending to the target service the doubly encrypted data and the first part of the first cryptographic key; wherein the target service is operable to decrypt the doubly encrypted data.

A method which comprises storing a readable identifier, which identifies a semiconductor product, and a unique key, being unique for said semiconductor product or for a group of semiconductor products, in a memory of said semiconductor product, generating an initial security data structure, said initial security data structure depending on a root key and on said unique key, wherein both said root key and said unique key are assigned to said semiconductor product, and wherein said initial security data structure is assigned to said readable identifier, and supplying said initial security data structure to said semiconductor product for further processing.