Systems, methods, and apparatuses for implementing commerce rewards across tenants for commerce cloud customers utilizing blockchain technologies in conjunction with a cloud based computing environment are described herein. For example, according to one embodiment there is a system having at least a processor and a memory therein executing within a host organization and having therein: means for operating a commerce cloud platform on behalf of a plurality of merchants, in which the commerce cloud platform provides at least customer payment processing on behalf of the plurality of merchants; receiving a first purchase transaction for an unknown customer from a first one of the plurality of merchants, in which the purchase transaction indicates transaction source information; creating a new global ID for the unknown customer and associating the purchase transaction and the transaction source information with the new global ID at the commerce cloud platform; allocating commerce rewards points to the unknown customer via the new global ID based on the first purchase transaction; receiving a second purchase transaction for the unknown customer from a second one of the plurality of merchants, in which the second purchase transaction indicates transaction source information for the second purchase transaction; prompting the unknown customer associated with the second purchase transaction to confirm they are associated with the first transaction based on at least a partial matching of the transaction source information associated with the first and second purchase transactions; and inviting the unknown customer to participate in a commerce rewards program to redeem the commerce rewards points. Other related embodiments are disclosed.

A user authentication system and method includes a network of guardian nodes and gatekeeper nodes configured to securely communicate with one another. The gatekeeper nodes are connected to service providers and the guardian nodes are associated with UAS customers. The guardian nodes and gatekeeper nodes are configured to generate tokens that are passed between the guardian nodes, gatekeeper nodes, service providers and UAS customers to authenticate UAS customers requesting access to service providers.

Systems and methods are provided that may be implemented as an identity management system to provide a single sign on to a master website and silent authentication for subservient websites. The identity management system may include an identity provider server and a user management server. The identity provider server may authenticate a user, redirect an authenticated user to the user management server, and receive and verify a silent authentication request including a cryptographic signature and a modified message on behalf of the authenticated user from the user management server.

Disclosed are various approaches for authenticating a user through a voice assistant device and creating an association between the device and a user account. The request is associated with a network or federated service. The user is prompted to use a client device, such as a smartphone, to facilitate an authentication flow. A soundwave is played through the client device that contains a secret key, which is then sent to a service that validates the secret key. An association between the user account and the voice assistant device can then be created so that access to third party services can occur.

An account protection service to prevent user login or other protected endpoint request abuse. In one embodiment, the service collects user recognition data, preferably for each login attempt (e.g. data about the connection, session, and other relevant context), and it constructs a true user profile for each such user over time, preferably using the recognition data from successful logins. The profile evolves as additional recognition data is collected from successful logins. The profile is a model of what the user “looks like” to the system. For a subsequent login attempt, the system then calculates a true user score. This score represents how well the current user recognition data matches the model represented by the true user profile. The user recognition service is used to drive policy decisions and enforcement capabilities. Preferably, user recognition works in association with bot detection in a combined solution.

A computer may receive a request to generate a snapshot view of the enterprise network infrastructure. The computer may implement a multithread process to contemporaneously query a plurality of blade servers and server enclosures within the entire network infrastructure. The computer may contemporaneously receive a plurality of information files from the queried network resources (e.g. the blade servers, server enclosures). In active state modes, the computer may push firmware update binaries to the network resources. In a server processing and an active state mode, the computer may implement a multithreaded process to push the firmware update binaries to standalone servers or blade servers that can be accessed directly. In a blade enclosure processing and an active state mode, the computer may implemented a nested multi-threader, using child threads nested within a parent thread to a blade server enclosure to push firmware update binaries to blade servers in the enclosure.

A system for detecting and mitigating attacks using forged authentication objects within a domain is provided, comprising an authentication object inspector configured to observe a new authentication object generated by an identity provider, and retrieve the new authentication object; and a hashing engine configured to retrieve the new authentication object from the authentication object inspector, calculate a cryptographic hash for the new authentication object, and store the cryptographic hash for the new authentication object in a data store; wherein subsequent access requests accompanied by authentication objects are validated by comparing hashes for each authentication object to previous generated hashes.

A system can, in response to determining to capture bio telemetry data associated with client devices, synchronize respective second clock times of respective client devices with a first clock time maintained by a network time protocol server, wherein the respective client devices are configured to capture the bio telemetry data of respective users associated with the client devices, wherein the respective users are associated with respective user accounts. The system can synchronize the bio telemetry data of the respective users based the respective second clock times.

Federation policy exchange is provided in response to receiving a sharing query from an Access Point (AP) indicating that an associated wireless network supports federated identities with data sharing, determining whether the sharing query is within sharing preferences; and in response to determining that the sharing query is within the sharing preferences, transmitting, to the AP, a positive response for identity sharing that authorizes collection and sharing of identity data with at least one entity identified in a sharing policy for the associated wireless network. In various embodiments, federation policy exchange includes transmitting a support notification, via an AP, indicating support for federated identities with data sharing within a wireless network associated with the AP; and in response to receiving a first identify sharing preference from a User Equipment (UE) that indicates that negotiation is preferred, transmitting a sharing policy for the wireless network to the UE.

Disclosed are various approaches for detecting user availability. A work pattern can be generated based upon user activity data taken from various sources. A work pattern can be provided to an email client or another requesting service for predicted availability of a user.