A payment network server for processing an electronic commerce (e-commerce) transaction initiated by a customer is described. The server comprises at least a computer processor and a data storage device, where the data storage device comprises instructions operative by the processor to: (i) receive, from a merchant server, an authentication request, the authentication request comprising at least a payment card identifier associated with a payment card; (ii) generate an authentication code associated with the e-commerce transaction for authenticating the customer; (iii) store, in a payment network database, the authentication code as a stored authentication code; (iv) transmit, the authentication code for transmission to the customer and an indication of the payment card to an issuer server; (v) receive, from the merchant server, a customer entered authentication code which was entered by the customer into a merchant website associated with the merchant server; (vi) determine if the customer entered authentication code matches the stored authentication code; if the customer entered authentication code matches the stored authentication code: (vii) generate an authentication indication; (viii) store, in the payment network database, the authentication indication as a stored authentication indication; and (ix) transmit, to the merchant server, an authentication response comprising the authentication indication.

Methods, systems, articles of manufacture and apparatus are disclosed to reduce spoofing vulnerabilities. An example apparatus to verify token integrity for a computing device includes an artifact engine to store first artifact data with a first timestamp in a device artifact storage, and store second artifact data with a second timestamp in the device artifact storage. The example apparatus includes an offchain identification protector (OIP) controller to generate a first token based on the first artifact data and the first timestamp, the first token to establish a first entry in a blockchain at a first time, and generate a second token based on the second artifact data, the second timestamp, and the first token, the second token to establish a second entry in the blockchain at a second time after the first time. The example apparatus also includes a verify engine to select the first or the second artifact from the device artifact storage, and search for a match of the selected first or second artifact in the blockchain to verify an integrity of the second token at a third time.

The present disclosure is directed to systems and methods to address cryptoprocessor hardware scaling limitations, the method including the steps of establishing a communication path between a centralized server and a client device; generating, by the centralized server, a nonce for transmission to the client device, wherein the nonce is associated with an active time interval and corresponds to one of an existing nonce or a new nonce; transmitting the nonce to the client device; receiving a signed attestation result that includes the nonce from the client device, wherein, the signed attestation result comprises a previously-generated signed attestation result if the nonce corresponds to the existing nonce previously received by the client device; and the signed attestation result comprises a new signed attestation result if the nonce corresponds to the existing nonce newly received by the client device or corresponds to the new nonce.

This disclosure relates to method and system for certificate-less security management of interconnected hybrid resources. The method includes selecting at least one hybrid resource from a plurality of hybrid resources in network to install pre-calculated security configuration. The method further includes receiving a One Time Password (OTP) valid for pre-configured time period, in response to an identity generation request for a hybrid resource; installing security data payload including the OTP and the pre-calculated security configuration, in the hybrid resource; receiving an identity issuance request from the hybrid resource through a secure channel upon installation of security data payload in the hybrid resource; assigning unique identity to the hybrid resource upon successful validation of the OTP received in identity issuance request; and generating, upon assignment, metadata corresponding to the hybrid resource for a security association map (SAM) associated with the hybrid resource.

A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected or threat, and to take action promptly.

This disclosure relates to creating a connection between two devices without using a UUID and/or MAC address. For example, a first device can store a private key for creating a secure connection. A second device may request that a user log into an account associated with the first device (e.g., a customer account, a financial account, an employee account, and/or the like) in order to initiate the wireless connection. The second device user can enter login credentials via the second device, which may then be transmitted to a backend system. The backend system can receive and validate the login credentials and, in response, transmit a public key to the second device. The second device can use the public key to perform a public/private key handshake in order to validate the first device.

A network connection between a server group of a data intake and query system and each of one or more source network nodes is established. Source data at the server group is received from at least one of the one or more source network nodes via the respective network connections and transformed, by the indexer server, to timestamped data entries of machine data. A model management server detects data constraints for a security model that include a data element used by the security model and an availability requirement set. Using the timestamped data entries, the data constraints are validated, and the validation used to determine a data availability assessment of the security model.

A user permission system manages and regulates access to secure data at one or more third-party data sites. The system may provide access to one or more databases or other data structures based on user authentication and access rules that have been established, such as by a user associated with the data being accessed at the third party data store. Access may be provided via an API to the third-party data site, along with access credentials of a user with data stored with the third-party data site, allowing the system to access data on behalf of the user.

A node system implements a method for node relay communication. A description of a flow entry including an address in a flow and a private key is received. The flow entry and the private key are stored in a database indexed to a flow ID. A packet comprising an authentication code and packet data including packet sequence information and a Flow ID is received. A look up in the database of a flow entry corresponding to the Flow ID of the packet is performed. The packet is either ignored or forwarded to the address in the flow, depending on the result of the look-up.

A data processing system communicates with a secure third-party database to obtain information about a user that is usable to determine one or more items associated with the user. The system then coordinates gathering and identification of additional data relevant to the user from other third-party data sources, to potentially update the user's information stored with the secure third-party database. The updated information may then be accessed at the secure third-party database to determine items associated with the user, which may include additional items in view of the additional data.