A method, apparatus, and system of activating and using a contactless card are disclosed. A method includes receiving a transaction card application for a contactless transaction card from an applicant; issuing a contactless transaction card based on the transaction card application, wherein the contactless transaction card comprises a uniform resource locator (URL) embedded thereon; and activating the contactless transaction card in response to receiving information from a contactless communication between the contactless transaction card and a customer device, wherein the contactless communication causes access to a web site associated with the URL.

A device configured to obtain a first graphical code that represents a public encryption key for an organization and to extract the public encryption key for the organization from the first graphical code. The device is further configured to obtain a second graphical code that represents a digital document comprising data and a digital signature that was signed using a private encryption key for the organization. The device is further configured to extract the digital document from the second graphical code and to validate the second graphical code using the public encryption key for the organization. The device is further configured to determine the second graphical code passes validation using the public encryption key for the organization and to store the digital document in a digital document repository.

Self-replicating management services for distributed computing architectures are provided herein. An example method includes providing one or more nodes providing services; and maintaining a quorum of a plurality of management servers by: providing a distributed coordination service for the one or more nodes on each of the plurality of management servers; managing, via a director, requests for data on the distributed coordination service from the one or more nodes; promoting at least one of the one or more nodes to being one of the plurality of management servers; and maintaining secure tunnels between the plurality of management servers and the one or more nodes.

A reader configured to perform dual-factor authentication is provided. The reader is configured to analyze credential data as well as event-based user inputs. The event-based user inputs are received in response to the reader presenting one or more events to a user and monitoring the user's reaction thereto. Utilization of an event-based user input enables the reader to perform dual-factor authentication without necessarily being provided with a keyboard or other advanced user input device.

A method for processing, by a processing entity, of an authorization to implement a service and/or access an item. The method includes: reception, from a requesting device, of a request for implementing a service and/or accessing an item; searching for an indicator of dependency from at least one piece of data of said request for implementation; when an indicator of dependency is present, obtaining an authorization from a verification device to implement said service and/or access said item.

A communication system and a comparison method for securing a communication path for a legitimate user via a terminal apparatus (“TA”). A vehicle-mounted communication device (“VMCD”) transmits a device ID identifying the VMCD to a TA, acquires a terminal ID from the TA, and transmits the device ID and the terminal ID acquired from the TA to a central apparatus. The TA transmits a terminal ID identifying the TA to the VMCD, acquires a device ID from the VMCD, and transmits the terminal ID and the device ID acquired from the VMCD to the central apparatus. The central apparatus receives a device ID and a terminal ID transmitted from the VMCD and a device ID and a terminal ID transmitted from the TA, and compares the device ID and the terminal ID received from the VMCD with the device ID and the terminal ID received from the TA.

Improved document processing workflows provide a secure electronic signature framework by reducing attack vectors that could be used to gain unauthorized access to digital assets. In one embodiment an electronically signed document is removed from an electronic signature server after signed copies of the document are distributed to all signatories. The electronic signature server optionally retains an encrypted copy of the signed document, but does not retain the decryption password. This limits the amount of data retained by the electronic signature server, making it a less attractive target for hackers. However, the electronic signature server still maintains audit data that can be used to identify a signed document and validate an electronic signature. For example, a hash of the document (or other document metadata) can be used to validate the authenticity of an electronically signed document based on a logical association between an electronic signature and the signed document.

The disclosure details the implementation of an apparatus, method, and system comprising a portable device configured to communicate with a terminal and a network server, and execute stored program code in response to user interaction with an interactive user interface. The portable device contains stored program code configured to render an interactive user interface on a terminal output component to enable the user the control processing activity on the portable device and access data and programs from the portable device and a network server.

A method and system for deterring attacks at potential breach points between servers and an account and login server for creating and subsequent verification of accounts. Various cryptographic primitives are used to manipulate passwords to generate verifiers. The verifiers are used with external hardware security modules (HSMs) to eliminate HSMs and intermediate steps between the HSM and login servers as potential breach points.

A data transmission method and apparatus are disclosed that resolves a technical problem where an existing data encryption algorithm offers poor security during transmission of data. The solution includes obtaining, by a first terminal, a data transmission request sent by a second terminal, the data transmission request at least carrying first encrypted data that is obtained by encrypting first exchange key of the second terminal by using a private key of the second terminal. The solution further includes decrypting, by the first terminal, the first encrypted data by using a public key of the second terminal to obtain the first exchange key, and obtaining a shared key of the first terminal and the second terminal according to the first exchange key. The solution further includes encrypting, by the first terminal, to-be-transmitted data by using the shared key to obtain encrypted to-be-transmitted data, and sending the encrypted to-be-transmitted data to the second terminal.