A communication terminal (10) includes control means for generating a subscription concealed identifier (SUCI) including a subscription permanent identifier (SUPI) concealed using a predetermined protection scheme, and a protection scheme identifier identifying the protection scheme, and transmission means for sending the SUCI to a first network apparatus during a registration procedure, the SUCI being sent for a second network apparatus to de-conceal the SUPI from the SUCI based on the protection scheme used to generate the SUCI.

An Identity and Access Management Service implements persistent source values PSVs) for assumed identities. A source value (e.g., an original identifier of an entity) is persisted across assumed identities, facilitating identification of entities (users or applications) responsible for actions taken by the assumed (e.g., alternative) identities. The Manager receives a request to assume an identity. The request includes the entities current credentials and a PSV. The current credentials are authenticated and a persistent source value policy may be relied on to determine whether and/or how to grant the assumed identity. The PSV may be copied from credentials in the request in order to be included in the credentials for the requested identity that the Manager provides in response to the request. Use of the requested credentials, including the PSV, to access services or resources may be logged, the logs including the PSV from the request to assume the identity.

A method is disclosed for conducting a transaction between a computing device and an access device. A server computer may be utilized to facilitate data exchanges between the computing device and the access device. These data exchanges may utilize high-frequency sound signals. The server computer may encrypt at least some portion of data that is then transmitted to the access device via the computing device. The server computer may verify data received from the access device prior to generating and transmitting an authorization request message for the transaction.

Methods, systems, and computer readable media can be operable to facilitate an exchange of messages between an access point and a station, wherein the access point requests a unique identifier from the station. The station may either respond with a message declining to provide a unique identifier or respond with a message including a unique identifier to be used by the access point for the station. The response from the station may include additional limitations on the use of the unique identifier by the access point. The access point may enforce different policies against a station depending upon how the station responds to the unique identifier request.

One or more instances in program code that references an identifier of the standard web object model program object property that is prevented by a web browser from being directly reassigned are identified. The one or more instances in the program code that references the identifier of the standard web object model program object property that is prevented by the web browser from being directly reassigned are modified with one or more corresponding replacement references that include a replacement identifier. The replacement identifier id defined in the program code as being associated with a new program object property defined to invoke the standard web object model program object property in addition to being defined to perform additional processing of a resource identifier associated with the invocation of the standard web object model program object property.

In various embodiments, a data map generation system is configured to receive a request to generate a privacy-related data map for particular computer code, and, at least partially in response to the request, determine a location of the particular computer code, automatically obtain the particular computer code based on the determined location, and analyze the particular computer code to determine privacy-related attributes of the particular computer code, where the privacy-related attributes indicate types of personal information that the particular computer code collects or accesses. The system may be further configured to generate and display a data map of the privacy-related attributes to a user.

Apparatus and method for functionally securely transfer data in a two-sided data exchange of safety-related data between two communication partners (A, B), wherein a mapping is defined, which assigns to a consumer ID a provider ID of the same end point in the case of each bidirectional connection, and the mapping is made known to the two end points a priori, where the mapping could consist of the one's complement or alternatively of the two's complement, and wherein the connection between the data provider and the data consumer is established as described, the data consumer receives the address identification of the data provider via an additional side channel, for example, and after the connection has been established, the identification of the data provider can be securely checked.

An electronic messaging system and method with reduced traceability by separation of display of a media component of message content and header information. An electronic message having an identifier of a recipient and a message content including an image media component is received at a server from a sending user device at which a display for associating the media component with the electronic message is provided without displaying the identifier of a recipient with the media component such that a single screen capture of the identifier of a recipient and the media component is prevented. The electronic message including an identifier of a sending user is transmitted to a recipient user device at which a display presenting the media component is provided without displaying the identifier of a sending user such that a single screen capture of both the identifier of a sending user and the media component is prevented.

Systems, methods, and computer-readable storage devices to enable virtual API technology embodied in an SDK for use within a mobile application, a mobile payment wallet, or a mobile operating system.

There is disclosed a method of processing a data packet received by a packet sniffer, the packet containing an associated identifier, the method including transmitting the packet to a recipient, determining if the identifier corresponds to a particular network, wherein if the identifier is determined to correspond to the particular network, the identifier is provided to the recipient; and if the identifier is determined to not correspond to the particular network, the identifier is withheld from the recipient.