A user device is associated with a dynamic trust score that may be updated as needed, where the trust score and the updates are based on various activities and information associated with the mobile device. The trust score is based on both parameters of the device, such as device type, registered device location, device phone number, device ID, the last time the device has been accessed, etc. and activities the device engages in, such as amount of transactions, dollar amount of transactions, amount of denied requests, amount of approved requests, location of requests, etc. Based on a transaction request from the user device, the trust score and a network reputation score is used to determine an overall trust/fraud score associated with the transaction request.

An electronic device is provided. The electronic device includes a communication circuit, a display, a memory including a first display driver, a processor functionally connected with the communication circuit, the display, and the memory, and a secure module which is physically separated from the processor, and includes a secure processor and a second display driver, and the secure processor is configured to: when secure data is received from an external server through the communication circuit, disable the first display driver and enable the second display driver, and output a user interface including a first object corresponding to the secure data to the display by using the enabled second display driver.

Adapting detection of security threats, including by retraining computer-implemented models is disclosed. An indication is received that a natural language processing model should be retrained. A list of training samples is generated that includes at least one synthetic training sample. The natural language processing model is retrained at least in part by using the set of generated training samples. The retrained natural language processing model is used to determine a likelihood that a message poses a risk.

Circuits and methods are provided for detecting, identifying and/or removing undesired content. According to one embodiment, a method for performing content scanning of content objects is provided. A content object that is to be scanned is stored by a general purpose processor to a system memory of the general purpose processor. Content scanning parameters associated with the content object are set up by the general purpose processor. Instructions from a signature memory of a co-processor that is coupled to the general purpose processor are read by the co-processor based on the content scanning parameters. The instructions contain op-codes of a first instruction type and op-codes of a second instruction type. Those of the instructions containing op-codes of the first instruction type are assigned by the co-processor to a first instruction pipe of multiple instruction pipes of the co-processor for execution. An instruction of the assigned instructions containing op-codes of the first instruction type is executed by the first instruction pipe including accessing a portion of the content object from the system memory.

An application code hiding apparatus includes a secret code dividing part, a secret code caller generating part, a code analyzing part, a dummy code generating part, a code encrypting part, a code disposing part, a code decryptor generating part, a disposed code importer generating part, a code loader generating part, a memory inner code modifier generating part and a decrypted code caller generating part.

A device and associated methods for entering a PIN via tapping are disclosed. The device can be configured to determine a number of taps provided by a PIN holder on a touch sensor in representation of a PIN digit and to store the number of taps as a digit in a sequence that represents the PIN. Indications for interaction with the device can be provided to PIN holders in the form of auditory cues. A visually impaired PIN holder may be able to complete a PIN entry process by following the indications for interaction, tapping on a touch sensor a number of times equal to the value of the digit of the PIN to be entered, and performing gestures mapped to commands for the device.

Disclosed herein are computer-implemented method, system, and computer-program product (computer-readable storage medium) embodiments for discovering contextualized placeholder variables in template code. Some embodiments include invoking a render call to a template engine to render an input template and then receiving a message identifying a placeholder variable within the input template in response to invoking the render call. These embodiments may further include generating multiple rendered templates by rendering the input template based at least in part on a unique value and a modified unique value for the placeholder variable. Further still, these embodiments may also include storing the placeholder variable in a security vulnerability data structure in response to detecting a change in context associated with the placeholder variable between the multiple rendered templates.

A method, system and computer-usable medium for adaptively assessing risk associated with an endpoint, comprising: determining a risk level corresponding to an entity associated with an endpoint; selecting a frequency and a duration of an endpoint monitoring interval; collecting user behavior to collect user behavior associated with the entity for the duration of the endpoint monitoring interval via the endpoint; processing the user behavior to generate a current risk score for the entity; comparing the current risk score of the user to historical risk scores to determine whether a risk score of a user has changed; and changing the risk score of the user to the current risk score when the risk score of the user has changed.

A method for processing user interaction information by an electronic device, includes: executing an application in an unsecure area of the electronic device; instantiating an object of the application; recognizing a user interface of the application, converting a user reaction between a pseudo-event and the instantiated object into data, and transmitting the data to a secure area of the electronic device; mirroring the application to the secure area by using the data; based on a user input being detected, inferring an event to be recognized by a graphical user interface (GUI) framework of the electronic device; and interpreting, in the secure area, the user reaction to the instantiated object corresponding to the inferred event

A method (400) for accessing one or more service processes (222) of service (250) includes executing at least one service enclave (220) and executing an enclave sandbox (200) that wraps the at least one service enclave. The at least one service enclave provides an interface to the one or more service processes. The enclave sandbox is configured to establish an encrypted communication tunnel (210) to the at least one service enclave interfacing with the one or more service processes, and communicate program calls (302) to/from the one or more service processes as encrypted communications through the encrypted communication tunnel.