An apparatus and method for joining an Internet of Things (IoT) network are provided, the apparatus including a communicator configured to receive, from an electronic device, an encrypted auto-onboard configuration data associated with the IoT network, a sensor configured to detect a user command, and at least one processor configured to generate a decryption key based on features extracted from the user command, decrypt the encrypted auto-onboard configuration data using the decryption key, and join the IoT network.

Timely and optimal user completion of pre-staged transactions is implemented by ultra-wideband (UWB) enabled devices at UWB-enabled ATMs. ATM information, transaction scheduling and user prioritization, transaction notifications, and/or haptic-feedback reminders are provided based on one or more real-time and/or predicted geographical locations and proximities, ATM-specific queue wait times, preference scores, historical usage, ATM resources, and/or other relevant data or preferences.

Systems and methods for scalable biometric authentication are disclosed. In one embodiment, a method for scalable biometric authentication may include: (1) receiving, by a biometric authentication computer program executed by a computer processor, a transaction request for a transaction comprising a received biometric; (2) identifying, by the biometric authentication computer program, a subset of likely customers from a set of customers for the transaction; (3) retrieving, by the biometric authentication computer program, stored biometrics for the subset of customers; (4) identifying, by the biometric authentication computer program, one of the stored biometrics for the subset of customers that matches the received biometric; and (5) retrieving, by the biometric authentication computer program, a stored payment method for the identified stored biometric.

Systems and methods for cryptographic key generation at a client and server are disclosed. The client has an array of PUF devices, and the server has an image that PUF. The server sends the client addresses of PUF devices to be measured, and retrieves previously stored responses corresponding to those addresses from its database. The client measures responses at the addresses. Each device hashes the resulting responses, and the server compares the hash received from the client to its own. If the hashes to not match, the server searches for a matching hash be perturbing the measured response bit stream until a match is achieved. The perturbed response bitstream, and the measured response at the client are then salted, and used for key generation.

Searching encrypted data using encrypted contexts by performing at least the following: configuring a first encryption context that allows access to a first encrypted field, configuring a second encryption context that allows access to a second encrypted field, assigning the first encryption context to a first role and the second encryption context to a second role, assigning the first role to a first user account to allow the first user account to access the first encrypted field, assigning the second role to a second user account to allow the second user to access the second encrypted field, receiving a query request associated with the first user account for a search term, wherein the query request includes instructions to search for an unencrypted version of the search term and a first encrypted value of the search term that is based on the first encryption context.

Techniques for changing the presentation of information on a user interface based on presence are described. In an example, a computer system determines, based on an image sensor associated with the system, a first presence of a first user relative to a computing device. The computer system also determines an identifier of the first user. The identifier is associated with operating the computing device. The operating comprises a presentation of the user interface by the computing device. The computer system also determines, based on the image sensor, a second presence of a second person relative to the computing device. The computer system causes an update to the user interface based on the second presence.

Methods and systems pertaining secure transaction systems are disclosed. In one implementation, a computer with a verification token associated with a computer can send user authentication data as well as a secure datum to a control server. The verification token may obtain the secure datum from a validation entity. The control server can validate the secure datum and authentication data and can generate a payer authentication response.

Some embodiments are directed to an electronic cryptographic device configured to determine a cryptographic key. The cryptographic device has a physically unclonable function, a debiasing unit, and a key reconstruction unit. The PUF is configured to produce a first noisy bit string during an enrollment phase and a second noisy bit string during a reconstruction phase. The debiasing unit (120) is configured to determine debiasing data from the first noisy bit string during the enrollment phase. The debiasing data marks bits in the first noisy bit string as retained or discarded. The key reconstruction unit is configured to determine the cryptographic key from bits in the second noisy bit string marked as retained by the debiasing data, the cryptographic key being independent from bits in the second noisy bit string marked as discarded by the debiasing data.

An encryption method for data includes acquiring data to be encrypted and user information set relevant to the encryption, sending a key acquisition instruction to a terminal corresponding to the user information, receiving a key returned from the terminal corresponding to the user information, encrypting the data to be encrypted by using the key, and transmitting encrypted data to the terminal corresponding to the user information.

The present technology relates to an information processing apparatus, a method, and a program that can improve anonymity. An acquisition unit acquires a user identification ID that identifies a user and user data regarding the user. A derived ID generation unit carries out an operation using a one-way function, for data obtained from the user identification ID according to an increase in the number of the user data recorded in a recording unit, to generate a derived ID. A recording control unit causes the recording unit to record the generated derived ID and the acquired user data in association with each other to. In this way, the derived ID is generated according to the increase in the number of recorded user data, and the user data is recorded in association with the derived ID. Therefore, K-anonymity of the user data can be improved. The present technology can be applied to a server.