A verification application executing at a user's mobile phone directs the user to take a photo of an identification document (e.g., driver's license or other form of government issued identification) or of their face. After the verification application sends the image to a backend service, the service may then dispatch a drone to the user's location and take a photograph of the user. The service may then validate the previously-imaged document or photo of the user's face against the photograph of the user and the geolocation sent with the first image. The service may then verify the new account and provision a token to the verification application to complete a secured account generation.

Correlating devices and clients across addresses may be provided. A first address associated with a client device may be received. When the client device is not connected to a network, first location data associated with the first address may be obtained using a passive technique. A second address and second location data associated with the second address may then be obtained using an active technique. It may then be determined that the first location data and the second location data correlate. In response to determining that the first location data and the second location data correlate, it may be determined that the client device has changed from the first address to the second address.

Provided is a secure ranging method capable of blocking access of a malicious user by preventing an attack by the malicious user when ranging is performed using an ultra-wideband (UWB). Also, provided is a method of increasing accuracy of ranging. A method of operating an electronic device for performing ranging by using a UWB in a wireless communication system includes: transmitting and receiving at least one frame for ranging, to and from at least one other electronic device; obtaining a first ranging value and a second ranging value, based on the at least one frame; and performing integrity checking, based on a result of comparing the first ranging value with the second ranging value.

Provided is a secure ranging method capable of blocking access of a malicious user by preventing an attack by the malicious user when ranging is performed using an ultra-wideband (UWB). Also, provided is a method of increasing accuracy of ranging. A method of operating an electronic device for performing ranging by using a UWB in a wireless communication system includes: transmitting and receiving at least one frame for ranging, to and from at least one other electronic device; obtaining a first ranging value and a second ranging value, based on the at least one frame; and performing integrity checking, based on a result of comparing the first ranging value with the second ranging value.

Methods, servers and systems are disclosed for authenticating location information in a message from a sending computing device to a receiving computing device. Location information of a sending computing device at an actual location may be incorporated in the message. Location information in a message may be compared with information regarding the actual location of the sending computing device maintained by a server. The location information in the message may be authenticated based on the comparison.

A tracking device can provide a hashed identifier to a mobile device, for instance within an advertisement packet. The mobile device can query each of a plurality of entities with the hashed identifier to identify an entity associated with the hash key used to generate the hashed identifier. In some embodiments, the mobile device can query a centralized key server, which in turn can query the plurality of entities to identify the entity associated with the hash key. The mobile device can then receive a public key from the identified entity, can determine a location of the mobile device, and can encrypt the location with the public key. The mobile device can then provide the hashed identifier and the encrypted location to the identified entity, which can provide the encrypted location to an owner of the tracking device for decryption using a private key corresponding to the public key.

A tracking device can provide a hashed identifier to a mobile device, for instance within an advertisement packet. The mobile device can query each of a plurality of entities with the hashed identifier to identify an entity associated with the hash key used to generate the hashed identifier. In some embodiments, the mobile device can query a centralized key server, which in turn can query the plurality of entities to identify the entity associated with the hash key. The mobile device can then receive a public key from the identified entity, can determine a location of the mobile device, and can encrypt the location with the public key. The mobile device can then provide the hashed identifier and the encrypted location to the identified entity, which can provide the encrypted location to an owner of the tracking device for decryption using a private key corresponding to the public key.

A method for establishing a trusted session between a first computing device and a computer server includes obtaining identifying information for the first computing device and a second computing device. The identifying information includes identifying information corresponding to the networks to which each of the computing devices are directly connected. Based on the identifying information it may be determined that there is sufficient correspondence between the first and second computing devices. If so, an indication is sent to the second computing device requesting confirmation that the first computing device should be authenticated to the account. An indication confirming this may then be received and, responsive thereto, the first computing device is authenticated to the account. Related computer systems and computer-readable media are also disclosed.

A method for establishing a trusted session between a first computing device and a computer server includes obtaining identifying information for the first computing device and a second computing device. The identifying information includes identifying information corresponding to the networks to which each of the computing devices are directly connected. Based on the identifying information it may be determined that there is sufficient correspondence between the first and second computing devices. If so, an indication is sent to the second computing device requesting confirmation that the first computing device should be authenticated to the account. An indication confirming this may then be received and, responsive thereto, the first computing device is authenticated to the account. Related computer systems and computer-readable media are also disclosed.

Methods for managing security of a payment gateway are provided. In one aspect, a method includes assigning a username and a security key to a merchant. The method includes receiving a transaction request associated with the merchant, wherein the transaction request comprises the username assigned to the merchant, request parameters, and a signature code associated with the merchant, and wherein the signature code comprises the request appended to both the username assigned to the merchant and the security key assigned to the merchant. The method includes determining, in response to receiving the transaction request associated with the merchant, whether the signature code of the request is authentic. The method includes validating the transaction request based on determining that the signature code of the request is authentic. Systems and machine-readable media are also provided.