In one embodiment, a system includes a tangible token comprising a transparent gemstone, wherein: the transparent gemstone is internally etched with information pertaining to a blockchain, and the information comprises at least a private key, a public key, and an address, and the information is represented as a quick response code. The system includes a computing device configured to execute instructions that cause the computing device to: read the information, and validate, via a network and the address, the public key and the private key are associated with at least one block on the blockchain.

Techniques are described herein that are capable of registering a user device with a cloud-based management service using an intermediate cloud storage. For instance, the intermediate cloud storage may store an encrypted data blob including information that identifies the user device. The intermediate cloud storage or a registration system may decrypt the encrypted data blob so that the registration system may use the decrypted data blob to register the user device with the cloud-based management service. For instance, the registration system may retrieve the encrypted or decrypted data blob from the intermediate cloud storage by providing a requisite secret to the intermediate cloud storage. The requisite secret may be provided to the registration system by the user device (e.g., via a matrix barcode, such as a QR code).

Authorization for access to an application server and associated communication service can be desirably managed. When a device attempts to access an application server and service, an authorization server generates an encrypted token, comprising device identifier information, and communicates the token to the device. The device communicates the token to the application server. The application server communicates the token to the authorization server. The authorization server determines whether the device is validated to access the application server and service based on the encrypted token, private decryption key, and initialization vector, and based on subscriber-related information. The authorization server does not share the private decryption key or initialization vector with the application server. If validated, the authorization server communicates validation-related information, including a permitted portion of subscriber-related information, to the application server. If not validated, the authorization server communicates not-validated information to the application server.

A method for securing sensitive information, includes storing patient information in a secured form in an external device that is carried by a patient. A user terminal obtains a first signature generated using a first secret key inside a first identification medium, where the first secret key is associated with a first healthcare person. Moreover, the user terminal communicates a write request that includes at least the first signature to the external device. The external device receives the write request from the user terminal when the user terminal is within a proximal communication range of the external device. Furthermore, the external device verifies at least the first signature received in the write request. The user terminal writes first information to the external device, based on verification of at least the first signature. A system for securing sensitive information is also provided.

The present disclosure generally relates to electronic systems and computerized methods for verification of transacting parties to process transactions. A payment network server receives details of a transaction fulfilled by an agent and generates a transaction identification plaintext. A first party keyset for the first transacting party and an agent keyset for the agent is identified. The server generates cryptograms and ciphertexts encrypted by the first party keyset and agent keyset and sends the cryptograms to the first transacting party and agent. An encrypted cryptogram contains an encrypted ciphertext which contains a plaintext representing the transaction identification plaintext. The ciphertexts are exchanged between the first transacting party and agent by a computer handshake for decryption. The plaintexts are extracted from the ciphertexts and compared against the transaction identification plaintext for verifying the first transacting party and agent.

A connectivity enablement device includes one or more processors, one or more memories and a hardware input port. The memories store program instructions that when executed examine a token obtained from a token transfer device inserted into the port, and cause one or more messages to be transmitted to a virtualized computing service. The messages indicate (a) the connectivity enablement device, (b) the token transfer device, (c) the token's source and (d) a server. An indication that the server has been configured within an isolated virtual network is obtained at the connectivity enablement device.

A method of unlocking a second device using a first device is disclosed. The method can include: the first device pairing with the second device; establishing a trusted relationship with the second device; authenticating the first device using a device key; receiving a secret key from the second device; receiving a user input from an input/output device; and transmitting the received secret key to the second device to unlock the second device in response to receiving the user input, wherein establishing a trusted relationship with the second device comprises using a key generated from a hardware key associated with the first device to authenticate the device key.

A computer implemented method for providing communication between a secured client computer and a remote computer. There is provided a client computer that includes peripheral components. Each peripheral component is configured, by a processor, to process a corresponding peripheral component data of a data type that is not compatible with peripheral component data types processed by a processor of other peripheral components. The processor of each peripheral component is further configured to code the corresponding data of the specified data type. Each peripheral component is configured, by the processor, to establish a secured peer-to-peer communication channel between the peripheral component and the remote computer that is authorized to communicate with the client computer, and is further configured to code data that is communicated between the authorized remote computer and the peripheral component through the secured communication channel. The coded data being indecryptable by the processors of other of the peripheral components.

Systems and methods for securely pairing a transmitting device with a receiving device are described. The systems and methods may communicate with a first device via a first communication method over a wireless communication network. The systems and methods may transmit, to the first device via a second communication method, a first sensory pattern representing a first key. In addition, the system and methods may communicate with the first device via the first communication method using the first key.

A security platform architecture is described herein. The security platform architecture includes multiple layers and utilizes a combination of encryption and other security features to generate a secure environment.