Various embodiments are generally directed to improving card security by providing a user a contactless card with no sensitive card information, such as card number, card verification value, and expiration date, printed thereon, and displaying the sensitive card information relative to the card in augmented reality (AR) based on successful NFC-based user authentication. According to examples, the NFC-based user authentication may be performed by one-tapping or single tapping the contactless card to user mobile device. One or more portions of the sensitive card information may be obfuscated to further enhance card security. Moreover, the user can interact with AR elements including the sensitive card information to perform various actions.

Provided is a method, performed by an electronic device, of managing keys for accessing a plurality of services in an integrated manner to improve interoperability and secure security. The method includes transmitting, by a secure domain (SD) in a secure area of the electronic device, a certificate of the SD to a plurality of service providers (SPs); receiving, by an application installed in the electronic device, a certificate of each of the plurality of SPs from the plurality of SPs; receiving, by the application, first signed data from a first SP among the plurality of SPs; authenticating, by the application, the first signed data by using a certificate of the first SP received from the first SP and obtaining an encrypted key of the first SP from the first signed data; decrypting, by the SD, the encrypted key of the first SP by using a private key of the SD; and storing the decrypted key of the first SP in a first instance corresponding to the first SP among a plurality of instances of the SD.

A method and a system for providing one or more services to one or more user devices

in an IoT network in a scalable M2M (Machine to Machine) framework. The method comprises receiving a connection request from the one or more user devices [202] at a load balance of the IoT network, the connection request comprises at least a username comprising a cluster identifier. The load balancer [204] determines a cluster identifier based on the connection request and identifies at least one target cluster from the one or more clusters [206], said target cluster being associated with the identifier cluster identifier. The load balancer [204] routes the connection request to the at least one target cluster to provide the one or more services to the one or more user devices [202].

Devices, methods, and systems for physical contact detection for device pairing are described herein. One device includes a mechanism configured to detect physical contact between the device and a wireless device, a memory, and a processor configured to execute executable instructions stored in the memory to perform a pairing of the wireless device and the device only upon the mechanism detecting the physical contact between the device and the wireless device.

Systems and methods for verifying an identity of a first user involves receiving, at a server, a request from a communicatively coupled device of a second user to access information of the first user. The request includes information retrieved from a passive communication device associated with the first user and location information of the communicatively coupled device. In response, a location of an authenticated mobile device of the first user is determined, and when a location match is present, the identity of the first user is confirmed to the second user, and the second user is permitted to provide input into an account of the first user, such as for rating and reporting the performance of the first user. When a location match is not present, a message is transmitted to the second user indicating the identity of the first user is not confirmed and instructions provided to take action.

A physical access control system enables acceptable portal entry codes upon receiving each physical access request by operating on the elapsed time from a previous physical access request to generate a temporal credential. The controller receives a plurality of physical access requests from a plurality of mobile application devices. Upon authenticating the first access request, the controller eliminates repetition from the space of acceptable successor requests from each mobile application device. Monotonic nonces advance the range of temporal code matches. Entry code generation is decentralized to distributed application devices and is inherently unknowable until a successor access request is initiated by the same application device.

A physical access control system enables acceptable portal entry codes upon receiving each physical access request by operating on the elapsed time from a previous physical access request to generate a temporal credential. The controller receives a plurality of physical access requests from a plurality of mobile application devices. Upon authenticating the first access request, the controller eliminates repetition from the space of acceptable successor requests from each mobile application device. Monotonic nonces advance the range of temporal code matches. Entry code generation is decentralized to distributed application devices and is inherently unknowable until a successor access request is initiated by the same application device.

Communication management hardware controls network access via generation and distribution of wireless access profiles. For example, the communication management hardware receives a network access request from first user equipment to use a network over an open SSID network. In response to detecting that the first user equipment operated by a non-subscriber is not yet authorized to use the network, such as because the first user equipment has not signed up for use of the network, the communication management hardware directs the first user equipment to a portal. The communication management hardware then communicates a wireless access profile to the first user equipment. In one arrangement, the wireless access profile is derived based on input from the first user equipment. The wireless access profile provides the first user equipment wireless access to the network via a secure SSID.

A method enables video surveillance service subscribers to share image streams with individual first responder agencies in the event of emergency. A customer administrator selects permissions on each camera via privileged web-browser or mobile device. Permissions enable selection by static meta data such as type, audio, location, motion, recognition, spectrum, and epoch. Setting ranges of time controls access to video streams of present and past epochs. Under control by a customer administrator, a virtual machine dedicated to each responding agency instantiates a video server. A camera is shared by a customer administrator's selection of permissions on each camera via privileged web-browser or mobile device. Video streams of present and past epochs are controlled by ranges of time. A notification is customized for each responding agency and each event by dynamically generating a link to a secure webserver which records geo-location or network identifiers for validation.

A method enables video surveillance service subscribers to share image streams with individual first responder agencies in the event of emergency. A customer administrator selects permissions on each camera via privileged web-browser or mobile device. Permissions enable selection by static meta data such as type, audio, location, motion, recognition, spectrum, and epoch. Setting ranges of time controls access to video streams of present and past epochs. Under control by a customer administrator, a virtual machine dedicated to each responding agency instantiates a video server. A camera is shared by a customer administrator's selection of permissions on each camera via privileged web-browser or mobile device. Video streams of present and past epochs are controlled by ranges of time. A notification is customized for each responding agency and each event by dynamically generating a link to a secure webserver which records geo-location or network identifiers for validation.