Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for protecting user privacy in the playback of user sessions are described. In one aspect, a method includes accessing, for a user session with one or more user interfaces, event data that includes interface data specifying a structure of the user interface(s), and, for each of one or more user interface elements for which content was presented by the user interface(s) during the user session, an encrypted content element including the content of the user interface element encrypted using a public key corresponding to a rule enabling recording of the content of the user interface element and data identifying the rule. Playback of the user session is generated including, for each of the interface element(s), decrypting the encrypted content element for the user interface element and presenting the decrypted content during the playback of the user session.

The present invention provides an apparatus for obfuscating and restoring a program execution code. The apparatus for restoring an obfuscated program execution code may include a memory loading a program execution code obfuscated so as not to be executed before restoration from a storage medium; a restoring unit, not allowing access by a third party who is not a user of the apparatus, restoring the obfuscated program execution code delivered from the memory and directly delivering it to a central processing unit (CPU); and a CPU executing the restored program execution code. Thus, since the execution code order which shows the same operation as the original program execution cannot be known even by a third party who achieved and analyzed a program execution code executed in a single equipment, it is not possible to analyze the algorithm, etc. through program execution code analysis, and it is not possible to execute the achieved execution code at a different equipment. Accordingly, intellectual property right can be protected.

A method of performing an equality check in a secure system, including: receiving an input v having a known input property; splitting the input v into t secret shares v.sub.i where i is an integer index and t is greater than 1; splitting an input x into k secret shares x.sub.i where i is an integer index and k is greater than 1; splitting the secret shares x.sub.i into a s chunks resulting in s.Math.k chunks y.sub.j where j is an integer index; calculating a mapping chain t times for each secret share v.sub.i, wherein the mapping chain including s.Math.k affine mappings F.sub.j, wherein y.sub.j and F.sub.j−1(y.sub.j−1) are the inputs to F.sub.j and the F.sub.0(y.sub.0)=v.sub.i; and determining if the outputs have a known output property indicating that the input x equals a desired value.

A method for fraud modeling based on shared computing device usage includes: storing transaction data entries, each including a transaction date and/or time, account identifier, and device identifier associated with a computing device; receiving a transaction message for a payment transaction, the transaction message including a specific device identifier, primary account number, and additional transaction data; identifying transaction data entries where the included device identifier corresponds to the specific device identifier; determining a fraud risk rating based on a number of unique account identifiers included in the identified transaction data entries over a predetermined period of time; and transmitting the transaction message and the determined fraud risk rating to a financial institution associated with the primary account number.

Described are various embodiments of a secure cloud-based system. In one such embodiment, the secure cloud-based system includes a distribution of digital network processing resources and a central digital processing environment. The central processing environment includes a secure network interface to each of said digital processing resources; a digital hardware processor; and a deployment engine operable to serially deploy a unique ephemeral machine executable code instance, via said secure network interface, to a given one of said digital processing resources to be executed thereon for a predetermined runtime period, wherein execution of each said unique ephemeral machine executable code instance is automatically terminated after said predetermined runtime period to be operatively replaced by a subsequent unique ephemeral machine executable code instance.

A secure method for data exchange between a terminal and a server is described. The server can use a cryptographic module configured to encrypt or decrypt a message based on input parameters comprising the message, a response to a challenge and a symmetric key. The terminal can use a white-box cryptography module constituting a white-box implementation of the cryptographic module of the server for this symmetric key.

A method for encrypting messages is provided. The method for encrypting messages includes: generating a seed; generating a mask based on the seed; generating a masked message by masking an original message using the mask; acquiring a target message by performing white box encryption on the masked message; and disclosing the target message and the seed.

The present invention is directed to a computer-implemented method for linking identity information of a physical identifier to a digital identifier. The identity information comprises a plurality of symbols. The method comprises cryptographically obfuscating one or more symbols of the identity information separately into an obfuscated symbol such that a separate deobfuscation information is needed for each obfuscated symbol to deobfuscate it and storing the obfuscated symbols within the digital identifier.

A method, system and computer-usable medium for adaptively assessing risk associated with an endpoint, comprising: determining a risk level corresponding to an entity associated with an endpoint; selecting a frequency and a duration of an endpoint monitoring interval; collecting user behavior to collect user behavior associated with the entity for the duration of the endpoint monitoring interval via the endpoint; processing the user behavior to generate a current risk score for the entity; comparing the current risk score of the user to historical risk scores to determine whether a risk score of a user has changed; and changing the risk score of the user to the current risk score when the risk score of the user has changed.