A data protection broker node and methods are provided. In one embodiment, the data protection broker node is configured to perform a bootstrap operation between a user and the data protection broker node, to initialize a blockchain; as a result of the bootstrap operation, obtain a trusted temporary public identifier identifying the user; receive a request for a new transaction associated with the user and join the new transaction to the blockchain; and authorize the user to use the trusted temporary public identifier to perform a user transaction to protect a privacy of the user's data.

A service monitors password and username use while maintaining username and password privacy by receiving a hash of a username, a hash of a password, and a host name and comparing the received hashes against a database of associated host names and hashes of usernames and passwords. When the comparison determines that the hash of the new password meets certain conditions, e.g., no hash in the database matches the hash of the new password, then the new password may be allowed and the service informs the security component accordingly.

An authentication server includes a user registration unit, a service registration unit, and a storage unit. The user registration unit acquires a first ID that uniquely determines a user in a system and first biological information that is used for authentication of the user. The service registration unit processes a service registration request that is transmitted from a service provider of a service that the user wishes to use and that includes the first ID and a second ID that identifies the service provider. The service registration unit generates a third ID that is uniquely determined by a combination of the user and the service provider and transmits the third ID to the service provider. The storage unit stores the first biological information, the first ID, the second ID, and the third ID in association with each other.

A system and method for aggregating account data, and more specifically, a system and method for aggregation of financial account data that provides enhanced privacy and security protections to a user by enabling the user to maintain custody of his or her login credentials. A syncing agent in coordination with a system add-on coordinates log-in to a remote system and storage of session information. Syncing agent utilizes the session agent to retrieve additional information on behalf of the user or perform other tasks on the remote server.

Systems and methods are described for distilling data. First data associated with a user may be received. The first data associated with the user may comprise an anonymized hash of an identifier associated with the user. A database may be determined to comprise a first record indicating the anonymized hash. The first record may comprise second data associated with the user. Based on the determining that the database comprises the first record, a second record may be generated. The second record may comprise the first data associated with the user, the second data associated with the user, and the anonymized hash. Based on the determining that the database comprises the first record, the example method may be stored to the database. These and other user and/or data distillation methods and systems are described herein.

Systems, methods and non-transitory computer readable media for determining permissions in privacy firewalls are provided. At least part of a content of a data collection may be analyzed to determine a subject matter. A permission corresponding to the data collection and at least one user may be determined based on the subject matter. A request of the at least one user to access at least part of the data collection may be received. In response to a first determined permission, the requested access to the at least part of the data collection may be provided, and in response to a second determined permission, the request may be denied.

A method for pervasive resource identification includes receiving an authentication request from a first application service. The authentication request requests authentication of a user of a user device. The method includes obtaining device information associated with the user device of the user and generating a unique opaque identifier for the user device based on the device information. The method includes obtaining authentication credentials from the user device. The authentication credentials verify an identity of the user. In response to receiving the authentication credentials from the user device, the method includes generating an authentication token and encoding the unique opaque identifier into the authentication token. The method also includes transmitting the authentication token to the first application service. The authentication token, when received by the first application service, allows the first application service to adjust an interaction with the user device based on the unique opaque identifier.

A method and apparatus for registration data retrieval. The method performed by a network function service consumer entity comprises sending a request for retrieving at least two registration data set related to a user equipment to a data management entity. The request includes two or more corresponding registration data set names. The method further comprises receiving a response from the data management entity. The response comprises at least two requested registration data sets related to the user equipment.

Aspects of the disclosure relate to information masking. A computing platform may receive, from a user computing device, a request to access information that includes personal identifiable information (PII). The computing platform may retrieve source data comprising the PII and mask, within the source data and based on a data management policy, the PII. The computing platform may send the masked information in response to the request to access the information. The computing platform may receive a request to unmask the masked information and unmask the PII. The computing platform may log the request to unmask the masked information in an unmasking event log and send the unmasked PII in response to the request to unmask the masked information. The computing platform may apply a machine learning model to the unmasking event log to identify malicious events and trigger remediation actions based on identification of the malicious events.

Concepts and technologies are disclosed herein for web activity concealment. A system can include a memory storing instructions that, upon execution by a processor, cause the processor to perform operations. The system can be communicatively coupled to a network. The operations can include detecting a network message that is directed to a target source, where the network message is generated by a client application of a machine-to-machine device. The operations can include identifying, based on the network message, a client action that is associated with the client application. The operations can include counterpoising the client action by generating a supplemental action command. The operations can include providing the supplemental action command to the machine-to-machine device.