A method for indexing consumer enrollment via blockchain includes: storing a blockchain comprised of a plurality of blocks, each comprised of a block header and one or more data values, wherein the data values included in a most recent block includes at least one data point associated with a transaction account; receiving an update request from a computing device including updated data points associated with the transaction account, wherein at least one of the updated data points has a different value from the at least one data point; generating a new block header comprised of a timestamp, reference value associated with the block header comprising the most recent block, and a reference value associated with the updated data points; generating a new block comprised of the new block header and the updated data points; validating the new block; and transmitting the new block to one or more external computing systems.

Systems, methods, and other embodiments are disclosed for data-driven user authentication misuse detection. In one embodiment, for each of multiple authentication attempts to a computing device by a user via user authentication log messages: user authentication log data having user attribute values is collected; the user authentication log data is transformed into a tracer data structure having the user attribute values organized in a common format; the tracer data structure is augmented with timestamp data to generate an event data structure, where the timestamp data represents a time at which the user authentication log data is observed by the computing device; a user behavior model filter, representing account usage patterns of the user, is updated based at least in part on the event data structure. A malicious authentication attempt to the computing device by a malicious user is detected based on, at least in part, the user behavior model filter.

A system, method, and computer program product are provided for securing authorization tokens using client instance specific secrets. Tokens are valid for service requests only if time constraints and additional security constraints are met by additional information stored in the token in hashed form. A required comparison of a timestamp in a client service request header to the current server time limits the useful token life, e.g., to a few minutes. The service request header also includes data generated based on a secret previously assigned to a specific client instance. The secret may be generated by the server according to a public/private key scheme and sent to a particular client instance only once, e.g., during initial device registration. The secret may be omitted from service requests for public information. Service request headers may include device identifiers, so that service requests from known rogue clients may be ignored.

The disclosed embodiments include a method performed by a computer system. The method includes forming groups of traffic, where each group includes a subset of detected connection requests. The method further includes determining a periodicity of connection requests for each group, identifying a particular group based on whether the periodicity of connection requests of the particular group satisfies a periodicity criterion, determining a frequency of the particular group in the traffic, and identifying the particular group as an anomaly based on whether the frequency of the particular group satisfies a frequency criterion.

The present disclosure provides systems and methods for authenticating photographic data. In one embodiment, a method comprises providing an image authentication application for use on a client device, the application configured to control image capture and transmission; receiving an image data file from the application at the authentication server comprising a photographic image captured by the application and metadata associated therewith; applying a watermark to the photographic image to create a watermarked image; applying date and time information to the tagged image; applying location information to the tagged image; creating a web address associated with the image data file; uploading the photographic image, the tagged image, or both to the web address; and transmitting an authenticated image file to the client device, the authenticated image file comprising one or more of: the watermarked image, the photographic image, the date and time information, geographic information, and the web address.

A method for computer system forensics includes receiving an identification of at least one host computer that has exhibited an anomalous behavior, in a computer network comprising multiple host computers. Respective images of the host computers in the network are assembled using image information collected with regard to the host computers. A comparison is made between at least one positive image of the at least one host computer, assembled using the image information collected following occurrence of the anomalous behavior, and one or more negative images assembled using the image information collected with respect to one or more of the host computers not exhibiting the anomalous behavior. Based on the comparison, a forensic indicator of the anomalous behavior is extracted from the positive and negative images.

In some examples, a first node is able to communicate with one or more second nodes for participating in a consensus system. The first node may receive, from a computing device, a request to execute a first smart contract associated with a first blockchain. The first node may invoke execution of the first smart contract to cause the first smart contract to execute a transaction by reading at least a portion of transaction data from the first blockchain as a transaction result. Further, the first node may check whether a simulation indicator has been set, which indicates that an expiration time of the first smart contract has been reached. Based on determining that the first smart contract has the simulation indicator set, the first node refrains from writing the transaction result to the blockchain as a valid transaction result and sends the transaction result to the computing device.

Systems and methods of providing immutable records, and immutable ordering of records, in a computing system are disclosed. The computing system can be a member of a blockchain network of a plurality of blockchains. Each block can include a cryptographic digest (or hash) conforming to a minimum degree of difficulty, a nonce by which the cryptographic digest was generated in conformation with the degree of difficulty, and a list of cryptographic digests of most recent blocks of participating neighbor blockchains. Blocks may be passed between blockchains of the plurality of blockchains, which enables each member of the blockchain network to verify an immutable record of data transactions free of the mutual trust requirement of a typical blockchain environment. In conjunction with the generation of each block, an event record may be entered into an event log of the computing system wherein the block was generated. The event record, which may contain actionable instructions, requests, etc., may be transmitted to computing systems of participating neighbor blockchains, where actionable items may be acted upon. Further, the event logs of each computing system may be exchanged, compared, and adjusted to reflect the earliest appearance of each block of each participating neighbor blockchain.

A data processing system is disclosed for data processing, including database and file management, as well accessing one or more databases or other data structures, authenticating users, and categorizing data items for addition to the database system. In some embodiments, the system may be configured to coordinate access to user account information via user-provided authentication credentials; apply account identification rules to the accessed account information to identify a plurality of accounts of the user; and initiate updates to a database record associated with the user indicative of any accounts identified.

Systems and methods of physical infrastructure and information technology infrastructure security are provided. A data processing system can provide distributed sensing through mobile devices, active cyber defense through time-based port hopping, and message delivery verification through retinal tracking.