A system, method, and token for vitality verification is disclosed. The token includes a biometric sensor configured to obtain a token reading of an individual, a clock module, and a memory including a cryptographic key and an enrollment reading of the individual. The token also includes a one-time passcode (OTP) generator, and a processor communicatively coupled to the biometric sensor, the clock module, the memory, and the OTP generator. The processor is configured to determine a vitality of the individual at the time the token reading was obtained, compare the token reading with the enrollment reading, and generate, in response to the token reading matching the enrollment reading and determining the vitality of the individual, a token OTP string including a token OTP generated by the OTP generator by applying a one-way function to a token message including the cryptographic key, the enrollment reading, and a timestamp.

The system and method may look for bots using statistics. At a high level, bots communicate back and forth to a command and control computer. The communications are at somewhat random times by design to not be obvious. Using expected probability of a normal distribution rather than simply analyzing time of communications may result in better bot recognition.

One example method includes accessing stored data, associating a unique identifier with the data, creating a hash by hashing a combination that comprises the unique identifier and the data, transmitting the hash to a notary service, receiving, from the notary service, a digital signature that corresponds to the hash, appending the digital signature to the data, and storing, as an object, a combination that comprises the digital signature, the data, and the unique identifier.

A system and method that uses scheduling problems as proof of work in a blockchain system, and that evaluate schedules based on a physics model and a timeline. The system and method can maintain a secured chain of linked messages that include object states and schedule portions. Processing circuitry can receive a message related to an updated state of an object, determine whether the updated state of the object should be linked into the secured chain of linked messages, determine a portion of a schedule for addressing the object based on the updated state of the object as proof of work, create a new message that links the updated state of the object into the secured chain to form an updated chain of linked object state messages and that includes the determined portion of the schedule, and broadcast the new message as the secured chain of linked messages.

Systems and methods provide a latency certification service. One or more network devices in an application service layer network receive a service request for a latency certification service and instantiate a Transmission Control Protocol (TCP) proxy for a data session between an application server device and a user equipment (UE) device. The one or more network devices obtain a digital certificate for the TCP proxy. The one or more network devices receive, at the TCP proxy, a data packet from the UE device; apply a certified timestamp to the data packet to form a certified timestamped data packet; and forward the certified timestamped data packet to the application server device.

A method for storing time-sensitive secrets in a network is provided. The method includes receiving a first encryption key from multiple encryption keys, the multiple encryption keys associated with a first time window and accessing a data packet encoded according to the encryption keys. The method also includes writing a decrypted data packet to a block in a blockchain when the first encryption key matches a first time-sensitive value, and writing the decrypted data packet to the block in the blockchain when a second encryption key, received from the content provider, matches a second time-sensitive value after the first time-sensitive value has lapsed, wherein the first time-sensitive value and the second time-sensitive value are a non-overlapping time sequence in the first time window. A system and a non-transitory, computer-readable medium storing instructions to perform the above method are also provided.

A method and system for tracking electronic communications between a customer phone and a user mobile device for compliance with regulations are provided. The system includes a server configured to send an email to an Enterprise Information Archiving system capable of archiving the email for at least one of eDiscovery and compliance with one or more regulations. The server can associate a virtual phone number with a mobile app residing on a user mobile device and to either: (i) receive a communication originated from the mobile app and intended for a customer phone, and send the communication the customer phone; or (ii) receive a communication originated from a customer phone and sent by the customer phone to the virtual phone number, and send the communication to the mobile app. The server also is configured to include content from the communication in the email.

A method at a computing device is described. The method comprises executing an application for verifying a location of a user requesting to access a location-based service, receiving, at the application, information indicating a location of the computing device, and encoding, with the application, at least the location to thereby generate a location token for responding to a challenge for the location token. The method further comprises outputting the location token from the application, the location token configured for use in applying a location-based access policy that controls access by the user to the location-based service.

Techniques for computer security, and more specifically timestamp-based key generation techniques, are described. Some implementations provide a table of key generation processes that is shared as a secret between a first computing system and a second computing system, both of which have two clocks. The first clock is a real-time clock and the second clock is a variable-time clock. The variable time clocks are synchronized and run at the same rate, faster or slower than real time. Both computing systems use the same technique for selecting a key generation process from the table, such as based on a random number generator seeded with a timestamp obtained from their variable time clocks. Since the computing systems have synchronized variable-time clocks, they both select and use the same key generation process, thereby generating the same encryption key without the need to communicate the key from one system to another.

A building system includes heating ventilation or air conditioning (HVAC) devices configured for communication on a building automation network and a communication engine. The communication engine is configured to provide a diagnostic attribute. The diagnostic attribute indicates communications with the HVAC devices as being according to a first communication protocol or at least one different communication protocol. Systems and methods may detect insecure communications and/or upgrade in secure communication protocols in wireless or wired networks, such as, BACnet systems and/or subsystems.