A system and method for securely recording voice communications, comprising a network-connected computer server and an authentication system which verifies the validity of voice communications.

Methods, devices, and systems are provided for providing continuous authentication to a user having a wearable device in an access control system. The wearable device allows the authentication of the user to be maintained until an authentication interruption signal is received. The interruption signal may be based on user biometrics, a state of the wearable device, a communication range of the wearable device with a trusted mobile device, and more. Upon receiving the interruption signal, the continuous authentication for the wearable device, and the user, may be revoked, destroyed, or disabled.

The described technology provides a capability to perform in-session updates to entitlements associated with a user's access to content served by a web application. The content may be from one or more external servers. The technology provides for automatically detecting changes to entitlements, and without requiring a user of an active session to initiate a new session, updating entitlement data in a memory such that subsequent requests for data made by the client in the same active session are serviced using the updated entitlements.

Systems and methods for token processing are disclosed. An access device can provide access device data to a mobile communication device. The communication device generates a token request including the access device data and communication device data and sends the token request to a server computer. The server computer returns a token and a token cryptogram to the mobile communication device. The token and the cryptogram may be used in a transaction.

Systems and methods of providing immutable records, and immutable ordering of records, in a computing system are disclosed. The computing system can be a member of a blockchain network of a plurality of blockchains. Each block can include a cryptographic digest (or hash) conforming to a minimum degree of difficulty, a nonce by which the cryptographic digest was generated in conformation with the degree of difficulty, and a list of cryptographic digests of most recent blocks of participating neighbor blockchains. Blocks may be passed between blockchains of the plurality of blockchains, which enables each member of the blockchain network to verify an immutable record of data transactions free of the mutual trust requirement of a typical blockchain environment. In conjunction with the generation of each block, an event record may be entered into an event log of the computing system wherein the block was generated. The event record, which may contain actionable instructions, requests, etc., may be transmitted to computing systems of participating neighbor blockchains, where actionable items may be acted upon. Further, the event logs of each computing system may be exchanged, compared, and adjusted to reflect the earliest appearance of each block of each participating neighbor blockchain.

Telecommunications data may be summarized into mathematical statistics that may not correlate with conventional semantic attributes. Such statistics may be difficult to observe without access to the telecommunications data, and therefore may be much less susceptible to social engineering attacks or other privacy-related vulnerabilities. The mathematical statistics may represent first, second, or higher order behavior-related observations relating to subscribers physical movements, engagement of applications and web browsing on a mobile device, as well as usage and billing of a mobile device. The statistics may not correlate to semantic identifiers for subscribers, and therefore may be difficult to observe and therefore identify specific subscribers whose statistical summaries may be known.

The technology presented herein enables a new network element to be authenticated to other network elements automatically. In a particular embodiment, a method provides determining a current time relative to a first time. The first time is known to the new network element and a provisioning network element. The method further provides generating first beacon data using seed data stored on the new network element and the current time and generating keying data using the first beacon data and identification information associated with the new network element. The method also provides identifying a first one-time pad (OTP) from the keying data and using the first OTP to encrypt an authentication request for transfer from the new network element to the provisioning network element.

Compact timestamps and related methods, systems and devices are described. An encoder is configured to generate compact timestamps of the disclosure by sampling states of linear feedback shift registers (LFSRs). A decoder may be configured to determine timing information responsive to the compact timestamps.

Techniques are provided herein for contextual embedding of features of operational logs or network traffic for anomaly detection based on sequence prediction. In an embodiment, a computer has a predictive recurrent neural network (RNN) that detects an anomalous network flow. In an embodiment, an RNN contextually transcodes sparse feature vectors that represent log messages into dense feature vectors that may be predictive or used to generate predictive vectors. In an embodiment, graph embedding improves feature embedding of log traces. In an embodiment, a computer detects and feature-encodes independent traces from related log messages. These techniques may detect malicious activity by anomaly analysis of context-aware feature embeddings of network packet flows, log messages, and/or log traces.

At least one aspect is directed to improving the performance of real-time verification of online identity. The issuer computing system can receive a request to generate a composite token, the composite token configured to authorize certain verifying parties to authenticate a first-party token comprising information about a client. The issuer can generate a composite token using cryptographic keys and distribute it to the client, who can distribute it to other content item networks. The verifying parties can receive the composite token from the content item networks, use a cryptographic key verify the authenticity of the token corresponding to the client device, and use the token to further process content item operations. The system can distribute the cryptographic keys prior to the generation and verification of the composite token, and as such allow the parties to verify the composite token in real-time without contacting outside verification parties.