The disclosure generally describes one or more techniques for authenticating a webhook endpoint with a webhook server. Some techniques include a webhook server sending a seed with a webhook endpoint after the webhook endpoint is registered with the webhook server. In some examples, the webhook server generates the seed to send to the webhook endpoint and stores the seed with a key associated with the webhook endpoint. In such examples, the webhook server does not send data associated with the particular events to the webhook endpoint until the webhook endpoint acknowledges receipt of the seed while the seed is still valid.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
A method and apparatus for reconciling electronic transactions facilitated by a commerce platform are described. The method may include receiving, the commerce platform, requests from a merchant system to authorize a plurality of financial transactions. The method may also include transmitting an authorization to the merchant system authorizing the merchant system to perform the financial transaction. The authorization may include a unique transaction identification (ID) corresponding to the request. The method may also include receiving from the merchant system, for each transaction ID, an order number associated with the transaction ID. The method may also include generating a settlement file comprising the transaction IDs. Each transaction ID may be arranged in an order in the settlement file according to its associated order number. The method may also include transmitting the settlement file to the merchant device.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p. ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/10 - Architectures de paiement spécialement adaptées aux systèmes de transfert électronique de fondsArchitectures de paiement spécialement adaptées aux systèmes de banque à domicile
G06Q 20/12 - Architectures de paiement spécialement adaptées aux systèmes de commerce électronique
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 30/06 - Transactions d’achat, de vente ou de crédit-bail
3.
SYSTEMS AND METHODS FOR TERMINAL DEVICE ATTESTATION FOR CONTACTLESS PAYMENTS
A method and apparatus validating integrity of an environment of a terminal device remote to a commerce platform system are described. The method can include receiving, from the terminal device, a device provisioning request that comprises data indicative of an instance of an application installed on the terminal device, a first public key, a second public key, and a hardware attestation key, the first public key, the second public key, and the hardware attestation key generated within a trusted execution environment of the terminal device, and the first public key and the second public key having a corresponding first private key and second private key stored within the trusted execution environment. The method may also include verifying the first public key and the second public key as being generated by the trusted execution environment of the terminal device using the hardware attestation key, the hardware attestation key generated at least in part using the first public key, the second public key, and the data indicative of the instance of the application.
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
4.
SYSTEMS AND METHODS FOR ENFORCING ACCESS REQUIREMENTS TO SERVICES IN A DISTRIBUTED SERVICES SYSTEM
Methods and apparatus for authenticating a user by a service provider system are described. The method can include receiving, from a service of the service provider system, a user data captured at an initiation of an onboarding process for a user seeking access to the service. The method may also include retrieving an access configuration associated with the service, the access configuration defining one or more user data access requirements to enable the user to access the service. The method may then include determining whether the one or more user data access requirements of the access configuration are satisfied by the user data, and in response to determining that one or more user data access requirements are satisfied, enabling the user to access the service of the server provider system. Furthermore, the method can include transmitting, to the service, a notification indicating that the user has satisfied the access requirements to enable the user to continue the onboarding process for the user to access the service.
A method and apparatus for a commerce platform providing proof of application ownership of a network distributable application are described. The method may include receiving a request to approve an application developed by a merchant system. The method may also include generating a unique identifier (ID) for the application to be included as metadata within the application. Furthermore, the method may include obtaining, from an application information system, data describing the application, and extracting an ID from metadata in the data obtained by the application information system. Then, the method may include that in response to determining that the ID extracted from the metadata matches the unique ID, associating the merchant with the application in a merchant account at the commerce platform and approving the application for interacting with the commerce platform.
Methods, systems, and computer readable medium are provided for generating, by a secure processor, a plurality of configurable data entry elements configured into a webpage, receiving sensitive data entered via the plurality of configurable data entry elements during a user data entry session, generating a hidden controller iframe in the webpage, aggregating, by the hidden controller iframe, the sensitive data across the plurality of configurable data entry elements, and directing aggregated sensitive data to the secure processor hosted by a first server separate from a second server hosting the webpage.
In an example embodiment, rate limiting is performed at the instance level (i.e., locally), but utilizing throughput statistics of other instances. These statistics may be measured locally by each instance and then transmitted to a central store, where they are aggregated. Each instance is then able to asynchronously request the aggregated statistics from the central store and use this information to manage the parameters of its own local rate limiter.
Described herein are systems and methods to use modeling techniques to identify gradual changes in various metrics identified as a result of analyzing an aggregated transaction dataset. In one method, a computer model dynamically slice the data using an attribute, calculates an entropy value for using a rolling time window, and uses the entropy value to identify anomalous behavior. The model may use information gain to determine whether to further segmented the data slice into smaller data slices. The model may iteratively slice and analyze the data until a data slice corresponding to the root cause is determined. The model may then traverse the hierarchy of data slices and combine the data slices until an optimized combined data slice. The model may train a machine learning component, such as a booted tree algorithm, to optimize its traversal of the hierarchy of data slices.
Disclosed herein are methods and systems for multi-platform authentication of electronic devices. One method involves a processor monitoring data related to the execution of an initial authentication request for a user via a first electronic platform. Subsequently, the processor receives, via the first platform, a request to complete a second authentication request by a second electronic platform, which corresponds to a multi-factor authentication. Upon receiving a first factor authentication purportedly authenticating the identity of the user, the processor generates second factor authentication information based on the monitored data. A message containing both first and second factor authentication details is then generated and transmitted to the second electronic platform. Upon receiving a positive authentication result from the second electronic platform, confirming the user's identity authentication.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
11.
ASSETS INTERFACE OF A DISTRIBUTED ASSETS MANAGEMENT PLATFORM
Disclosed here are methods and systems for managing the movement of assets between accounts on a distributed digital platform. In one embodiment, a specialized interface in the distributed digital platform receives a message about an asset transfer request that includes various data fields and an identifier. The interface then queries the specific configuration for the type of asset transfer (based on the data included within the received message), which might involve multiple steps or “legs.” Next, the digital platform converts the original message into one or more new messages, each corresponding to a step in the transfer process. Finally, the digital platform sends at least one of these new messages to a system responsible for actually causing/facilitating the movement, thereby completing the transfer.
Aspects of the subject technology include obtaining a transfer request event associated with a transaction, the transfer request event indicating a request day of week and time of day, and, when the request time of day is past a pre-determined cutoff time, adjusting the request day of week to be a subsequent day. Aspects also include determining, using the transfer request event and based on a machine learning model trained on historical transaction data, a predicted transfer delay for the transaction, obtaining a set of relevant non-transfer days based on a comparison between the historical transaction data and a set of past non-transfer days, and, when one or more non-transfer days from the set of relevant non-transfer days occur within a time period from the request day of week and over the predicted transfer delay, adjusting the predicted transfer delay based on the one or more non-transfer days.
G06Q 20/10 - Architectures de paiement spécialement adaptées aux systèmes de transfert électronique de fondsArchitectures de paiement spécialement adaptées aux systèmes de banque à domicile
Aspects of the subject technology include providing, from a sever to a first device, balance information for a plurality of accounts of an organization. For a first selected account, information for first expected sweeps which are to be received within a first time period, information for second expected sweeps for a second time period, and information for reconciled sweeps for the second time period are received. The first expected sweeps or the second expected sweeps include a first portion of expected sweeps which are automatically initiated by a service. When an anomaly is detected in the first account, the service may schedule an automated event to resolve the anomaly, and the automated event is reported. The service may not schedule an automated event and an input is received to resolve the anomaly.
A method for performing search system upgrades is described. The method may include processing a software upgrade for a search system cluster distributed over one or more nodes, the one or more nodes comprising current search system data nodes. The method may include allocating at least a set of one or more search system data nodes for the software upgrade including at least one upgraded search system data node. The method may include receiving, during the software upgrade, transaction data for a transaction, and receiving search requests to be executed by the search system cluster. The method may include performing ingestion of received transaction data in both the current search system data nodes and the at least one upgraded search system data node, and processing the search requests by the search system cluster against the current search system data nodes until the software upgrade is determined to be complete.
G06F 11/14 - Détection ou correction d'erreur dans les données par redondance dans les opérations, p. ex. en utilisant différentes séquences d'opérations aboutissant au même résultat
Disclosed herein are methods and systems for a digital platform to manage data related to the movement of assets between accounts. In one embodiment, the platform receives a continuous stream of messages, each indicating a transfer of assets between accounts. The platform verifies the messages to ensure that no digital information is missing. Once a message is verified as complete, the platform generates a liquidity event message to manage the regular transfer of assets between accounts, based on certain conditions (e.g., account balances). The liquidity event message is sent to another part of the platform, known as the liquidity engine, which then carries out the asset transfers as described in the message. Thereby, the workload of receiving, checking, completing, and acting on messages about asset transfers is bifurcated to ensure efficient and controlled movement of assets within the digital platform.
Aspects of the subject technology allow an entity to aggregate transaction data for safeguarding. Aspects include obtaining a set of data items associated with a set of transactions, and, for each respective data item, determining a funding type corresponding to the respective data item based at least in part on a respective attribute and augmenting the respective data item based on the determined funding type and an attribute estimation. Aspects also include aggregating the set of data items into respective groups based on the funding type, the merchant identifier, and/or the jurisdiction identifier, and transmitting a respective group to a service for determining whether a respective bank account includes a threshold amount of funds based on the amounts of data items in the respective group.
Disclosed herein are methods and systems for a digital platform to manage data related to the movement of assets between accounts. In one embodiment, the platform receives a continuous stream of messages, each indicating a transfer of assets between accounts. The platform verifies the messages to ensure that no digital information is missing. Once a message is verified as complete, the platform generates a liquidity event message to manage the regular transfer of assets between accounts, based on certain conditions (e.g., account balances). The liquidity event message is sent to another part of the platform, known as the liquidity engine, which then carries out the asset transfers as described in the message. Thereby, the workload of receiving, checking, completing, and acting on messages about asset transfers is bifurcated to ensure efficient and controlled movement of assets within the digital platform.
Disclosed herein are methods and systems for hydrating (e.g., updating) incomplete event messages in a digital asset management platform. In one embodiment, a part of the platform (e.g., hydration system) receives a request to update an event message that has a unique identifier and includes a placeholder data field (e.g., a blank data record) for some missing information that is unknown to the system at the time of receipt. The hydration system then receives a set of possible information, along with a candidate identifier and a corresponding source identifier. When the identifier from the event message matches the candidate identifier, the hydration system fills in the missing information accordingly, thereby updating (hydrating) the incomplete event message. Thereby, the processes disclosed herein correspond to finding and adding missing pieces of information to event messages within a digital asset management platform.
Disclosed herein are methods and systems for a simplified process for managing the exchange of different types of assets on a digital platform for disparate users. The processes discussed with respect to the digital platform streamline the exchange of assets based on various conditions in an efficient manner. In one example, the platform initially receives an event message (via an endpoint API) that specifies the amounts and types of two different assets. The platform then aggregates the received data within the event message. Next, the platform's exchange manager continually monitors the data indicated within the event message. When the totals reach a predefined threshold or condition, such as reaching a certain amount, the platform triggers a process where a remote system automatically converts a specified amount of one asset type into another asset type.
The present disclosure is directed to systems and methods that provide support for customized versions of functions that operate on a resource of a commerce platform by giving customers the ability to write custom versions of such functions that employ more advanced/complex logic that what is offered by default configurations for the functions. A custom scripting language may be added to the API of the commerce platform, which may allow customers to define scripts that specify the desired custom functionality. In response to receiving a request to customize the function from a customer, a function signature specifying information about the custom version of the function may be provided to the customer. Upon receiving a script defining a custom version of the function, the script may be stored on the resource object representing the resource the custom function is to operate on.
In an example embodiment, a shared worker object is used in a web browser to synchronize data across tabs in the web browser, without relying upon a web server to perform or coordinate that synchronization. More particularly, each browsing context includes a web page and zero or more web worker objects, each web worker object corresponding to a different module of the web page. The zero or more web worker objects in each web page user interface are then configured to communicate with a single shared worker, through which all data requests and data changes are sent. The single shared worker forwards data requests and data changes to the web server, but also tracks such data requests and then automatically updates any browsing context that requested a particular piece of data in the past with a change that occurred to that particular piece of data.
A service for providing extensible fraud detection may manage the application of a ruleset that evaluates whether or not a transaction is fraudulent. The service groups the features in a ruleset or across multiple rulesets, and dispatches a thread for each group to obtain the feature values for that group. The service evaluates the ruleset with the obtained feature values to determine whether or not a given transaction is fraudulent in view of the ruleset.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
23.
SYSTEMS AND METHODS FOR MODELING DISTRIBUTED SERVICE SYSTEMS BY A LEDGER SYSTEM
A method and apparatus are described for modeling a software system of a distributed services system. The method includes receiving a stream of ledger transaction messages generated by a software system, which are then stored in a data store. A ledger system accesses a data model representing a state machine of the proper functioning of the software system. A ledger clearance operation is performed using the state machine and the data stored within the stream of ledger transaction messages in the data store to generate balances within states of the state machine. The ledger system detects an operational characteristic, such as proper function or improper function, of the software system based on a balance of a state in the state machine. Such detection is performed without knowledge of the underlying implementation of the software system.
A method and apparatus are described for performing a health analysis of a modeled software system of a distributed services system. A stream of ledger transaction messages generated during execution of the software system are received and stored in a data store. A ledger data model is accessed, where the data model represents a state machine having states, data, and transitions between states indicative of proper functioning of the underlying software system. A ledger clearing operation is performed to generate monetary balances of states in the data model for a plurality of transactions, and aggregated values associated with operational characteristics of various states of the data model. From the aggregated values, a graphical user interface is caused to be display the values of the operational characteristics aggregated over a set of transactions as health indicators of the underlying operations performed by a software system, across software systems, or other subsets of configurable options.
Presented herein are systems and methods of authenticating clients to access data via proxy layers. A gateway on a proxy layer may receive a request from a client to access data in a compartment on the database layer. The request may include a token based at least on an encryption of an identifier of the compartment responsive to successful authentication of the request at an application layer. The gateway may, responsive to identifying the identifier as referencing the compartment, determine that the client is authorized to access the data in the compartment on the database layer through the proxy layer. The gateway may select a permission for the client to access the compartment through the proxy layer based on the context of the request. The gateway may generate an indication that the client is authorized to access the data in accordance with the permission.
Presented herein are systems and methods of generating security-aware tokens. A token may include (i) a first signature encrypted by the second service and (ii) an identification of the plurality of databases accessible using the first token. When a processor determines that the token is valid, the processor may generate a second signature using an encryption key of the first service and a third signature using the shared key of the second service. Thereby a second token derivative of the first token can be created to include (i) the second signature of the first service, (ii) the third signature generated from the shared key of the second service, and (iii) the identification of the plurality of databases accessible using the second token.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
A method according to one embodiment includes: receiving historical transaction data collected by a transaction processing platform for a plurality of merchants; computing, using a machine learning model, parameters of an implied growth ratio distribution for each of the merchants based on features of the corresponding historical transaction data; identifying an offer size and an offer premium for financial offers to be made to the merchants by looking up parameters in a lookup table based on the implied growth ratio distributions, the lookup table being computed based on: a first optimization based on a target yield rate constraint and backtesting on a target loss rate constraint and a target repayment time constraint; and a second optimization based on the target loss rate constraint and backtesting on the target yield rate constraint and the target repayment time constraint; and transmitting the plurality of financial offers to the plurality of merchants.
A system includes: a processing circuit; and memory storing instructions that, when executed by processing devices include the processing circuit, cause the processing devices to: receive a payment mandate setup request from a merchant of a plurality of merchants; create a payment provider-independent payment mandate setup request based on the payment mandate setup request; receive a payment provider identifier identifying a payment provider from among a plurality of payment providers; transmit the payment provider-independent payment mandate setup request to the payment provider identified by the payment provider identifier, the payment provider-independent payment mandate setup request include a payment mandate identifier; receive approval of the payment mandate setup request from specified payment provider, the approval include the payment mandate identifier; and store a payment mandate for a customer of the merchant in association with the merchant and the payment provider, the payment mandate being associated with the payment mandate identifier.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
29.
SYSTEMS AND METHODS FOR ITERATIVE LARGE LANGUAGE MODEL AGENT AND TOOL SELECTION FOR PROCESSING INFORMATION REQUESTS
A computer using the systems and methods described herein can use a task agent to automatically select and manage different applications and agents to use to generate results in response to requests for information. The computer can iteratively execute the task agent to generate the results. For instance, the task agent can identify a set of applications to use to generate a result in response to an information request. The task agent can identify the set of applications based on an intent of the information request. The task agent can iteratively execute different sequences of applications from the set of applications to query and retrieve data from different data sources until determining the data that is necessary to generate a response to the request has been retrieved. The computer can generate the response from the retrieved data and present the response on a user interface.
In an example embodiment, interactions among services in a service proxy are recorded in an interaction log. A service graph manager then parses the interaction log. The service graph manager reads each interaction and then processes the interaction to determine if it violates the rules. If so, the service graph manager reports the violation to the software developer and also recommends an action to remedy the violation. In an example embodiment, this recommendation takes the form of an indication of which files to modify to allow the service interaction (e.g., which rule(s) to modify to ensure that the service interaction is not a violation). The software developer can then approve the proposed action, which can then be automatically implemented to ensure that once the service is sent to a quality assurance environment there will be no rules violation from the corresponding interaction(s).
Embodiments provide resource-efficient and scalable techniques to process transaction-related data and make the transaction-related data available in a uniform and accessible manner. In one embodiment, a transaction event data pipeline may be utilized to collect events, process the events, such as by removing irrelevant or duplicative data. Further, enriched events may be generated based on the event processing. For example, enriched events may combine a plurality of events from one or more sources into a single event with a predetermined format. In several embodiments, generation of enriched events may facilitate scalability, such as by reducing the state size of various event processing components.
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p. ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
This disclosure describes targeted heuristic rule generation tools for fraudulent activity. More specifically, embodiments are directed to a server system for implementing a transaction processing rule (TPR) generator that facilitates generation of transaction processing rules. In many embodiments, these transaction processing rules may be directed to blocking (or allowing) transactions in scenarios that are generally uncommon, but disproportionately affect some entities (e.g., merchants). For example, some merchants may be particularly vulnerable to certain types of fraud that a majority of merchants are not vulnerable to, such as repetitive order and refund fraud schemes. Embodiments may include various components that operate to assist a user (e.g., a merchant) in creating and implementing transaction processing rules tailored to unique or uncommon scenarios they may face.
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06F 3/04847 - Techniques d’interaction pour la commande des valeurs des paramètres, p. ex. interaction avec des règles ou des cadrans
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
33.
ARTIFICIAL INTELLIGENCE MODELING FOR ASSESSING FUTURE RECURRING TRANSACTIONS
Disclosed herein are methods and systems for using machine learning to improve the likelihood of success of recurring transactions. In one example, a suite of different machine learning models can be used together, such that a first machine learning model predicts a likelihood of success for a recurring transaction associated with a user account and the second machine learning model predicts whether a pre-authorization would help with the predicted likelihood of success. As a result, a server may pre-authorize the recurring transactions at a time earlier than the scheduled transaction time and place a hold on the user account using an amount predicted by the second machine learning model where the hold amount can be adjusted in accordance with the user account's activities. Data associated with the recurring transaction itself can be ingested by the second machine learning model for re-calibration purposes.
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p. ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/10 - Architectures de paiement spécialement adaptées aux systèmes de transfert électronique de fondsArchitectures de paiement spécialement adaptées aux systèmes de banque à domicile
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 40/02 - Opérations bancaires, p. ex. calcul d'intérêts ou tenue de compte
34.
SYSTEMS AND METHODS FOR ZERO DOWNTIME TOPOLOGY UPDATES FOR DISTRIBUTED DATA STORAGE
A method and apparatus for updating data router nodes in a distributed storage system are described. The method can include querying, by a first database agent of a database node, a cache data store for health status metrics of the cache data store. The method can also include storing, by the first database agent of the database node, the health status metrics in a data repository. Furthermore, the method can include obtaining, by a second database agent of a router node, the health status metrics from the data repository, and updating, by the second database agent of the router node, a database topology file based on the health status metrics.
G06F 16/21 - Conception, administration ou maintenance des bases de données
G06F 16/27 - Réplication, distribution ou synchronisation de données entre bases de données ou dans un système de bases de données distribuéesArchitectures de systèmes de bases de données distribuées à cet effet
Aspects of the subject technology include receiving a selection of a trigger event, a set of workflows associated with the trigger event, wherein each workflow is assigned a respective priority attribute, and a set of custom expressions, wherein each custom expression corresponds to a respective workflow and specifies one or more conditions associated with the trigger event. Aspects also include receiving an occurrence of the trigger event and, in response to a determination that the trigger event matches a custom expression for at least one workflow, performing a workflow of the set of workflows having a greatest priority and for which the associated respective custom expression is satisfied, wherein performing a workflow includes performing a set of recovery actions. Aspects also include, in response to a determination that the trigger event does not match any of the respective sets of custom expressions, performing a default workflow.
Disclosed herein are systems and methods for detecting automated account generation requests. An example method includes receiving an application programming interface (API) request to generate a new user account. The method then includes executing a machine learning model to predict a likelihood of the API request having been generated automatically using one or more programming protocols. The machine learning model may be trained using historic requests known to have been generated using a machine or a programming/algorithm. When the machine learning model determines that the API request is likely to have been machine-made, the method includes executing an additional security protocol associated with the new user account.
A server computer system for detecting a fraudulent electronic transaction may be configured to receive a transaction associated with a merchant. The system processes the transaction with a first machine learning model that is trained specific to the merchant, to obtain a first fraud detection, and processes the transaction with a second machine learning model that is trained based on a plurality of merchants, to obtain a second fraud detection. The system detects fraud associated with the transaction based on the first fraud detection and the second fraud detection. In response to detecting the fraud that is associated with the transaction, the system blocks the transaction.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
Various embodiments described herein support or provide for data management operations, such as receiving a request to access a webpage; determining that accessing the webpage requires secure access via a secure browser; identifying a virtual machine that is configured to allow access to the webpage; and causing display of the webpage in the secure browser embedded in a local browser of the sender device.
G06F 21/53 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p. ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données par exécution dans un environnement restreint, p. ex. "boîte à sable" ou machine virtuelle sécurisée
G06F 16/958 - Organisation ou gestion de contenu de sites Web, p. ex. publication, conservation de pages ou liens automatiques
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
Aspects of the subject technology include receiving a request to generate an event-based workflow associated with a first event type, which includes a state machine that includes at least a state and an associated transition and receiving an event including a second event type and an event attribute. Aspects also include determining whether the event attribute satisfies the triggering condition of the transition associated with the state, in response to determining that the second event type corresponds to the first event type, and when a current state of the event-based workflow corresponds to the state. Aspects also include performing the transition action of the transition and updating the current state based at least in part on the performed transition action, in response to determining that the event attribute satisfies the triggering condition of the transition associated with the state.
A method for computing a prediction using a machine learning model includes: receiving a current data sample of a sequence of data samples; retrieving, from a data store, a state value representing a learned embedding of previous samples of the sequence of data samples; computing, by a recurrent neural network, based on the current data sample and the state value: an output value representing an inference regarding the current data sample; and an updated state value representing a learned embedding of the current data sample and the previous samples of the sequence of data samples; storing the updated state value in the data store; and outputting the output value regarding the current data sample.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06N 3/044 - Réseaux récurrents, p. ex. réseaux de Hopfield
Embodiments may include receiving a request including transaction data to evaluate a transaction as part of a charge path that processes at least a portion of the transaction; processing, by a set of blocking machine learning models, a portion of the transaction data to generate a set of blocking scores for the transaction; retrieving, from a memory, a set of card testing attack (CTA) scores associated with the transaction, the set of CTA scores indicative of an occurrence of a card testing attack, and the set of CTA scores retrieved based on the transaction data; adjusting a set of default blocking score thresholds based on the set of CTA scores to generate a set of adjusted blocking score thresholds; and determining to allow the transaction based on comparison of the set of blocking scores with the set of adjusted blocking score thresholds.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
A method for computing a prediction using a machine learning model includes: receiving a current data sample of a sequence of data samples; retrieving, from a data store, a state value representing a learned embedding of previous samples of the sequence of data samples; computing, by a recurrent neural network, based on the current data sample and the state value: an output value representing an inference regarding the current data sample; and an updated state value representing a learned embedding of the current data sample and the previous samples of the sequence of data samples; storing the updated state value in the data store; and outputting the output value regarding the current data sample.
A method and apparatus for efficient and progressive fraud detection are described. Transactions are received by a server computer system and include attributes and transaction data. To determine whether a transaction is fraudulent, and thus should be rejected, a progressive fraud determination process is performed by the server computer system. The progressive fraud determination process includes performing a first set of one or more transaction fraud determinations based on a first set of features determined for the transaction. When the first set of one or more transaction fraud determinations identifies the transaction as fraudulent or legitimate, the progressive fraud determination process is terminated based on this decision, and before performing additional successive fraud determination processes. By exiting the progressive fraud determination process early, substantial processing, memory and bandwidth savings can be realized without sacrificing fraud detection accuracy.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
Embodiments may include receiving a request including transaction data to evaluate a transaction as part of a charge path that processes at least a portion of the transaction; processing, by a set of blocking machine learning models, a portion of the transaction data to generate a set of blocking scores for the transaction; retrieving, from a memory, a set of card testing attack (CTA) scores associated with the transaction, the set of CTA scores indicative of an occurrence of a card testing attack, and the set of CTA scores retrieved based on the transaction data; adjusting a set of default blocking score thresholds based on the set of CTA scores to generate a set of adjusted blocking score thresholds; and determining to allow the transaction based on comparison of the set of blocking scores with the set of adjusted blocking score thresholds.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
45.
SYSTEMS AND METHODS FOR CACHE WARMING IN A DISTRIBUTED DATA STORAGE SYSTEM
A method and apparatus for cache warming in a distributed storage system is described. The method can include detecting a destructive change to one or more nodes of an existing cluster of cache data nodes. The method can also include allocating a new cluster of cache data nodes in a write-only mode, and streaming data from each cache data node of the existing cluster to cache data nodes of the new cluster. The method can further include servicing a data access request from a selected cache data node of the existing cluster while writing data from the data access request to a selected cache data node of the new cluster. Furthermore, the method can include in response to a determination that data from the cache data nodes of the existing cluster has been successfully streamed to the new cluster, servicing new data access requests with the new cluster.
Aspects of the subject technology include receiving an indication that a user has accessed a webpage comprising a form. Responsive to determining that the user is registered with a remote server, aspects also include accessing an account information of the user including an attribute, identifying a field of the form, the field including a first form information matching the attribute, generating a new selector that uniquely identifies the field in a document object model associated with the form, and transmitting, to a remote server, an indication of the new selector. Responsive to determining that the user is not registered with the remote server, aspects also include receiving a selector selected from a plurality of selectors associated with the webpage, accessing a second form information from a field of the form associated with the received selector, and autofilling a field of another form with the second form information.
A processing device and method for managing a distributed storage system with a control plane is described. The processing device may perform operations including receiving, with a first service, a request to perform an operation associated with a cluster of nodes, wherein the cluster includes one or more router nodes and one or more data storage nodes that are associated with the router nodes, and validating, with the first service, the request. In response to the request being validated, the processing device may perform, with a second service, the operation associated with the cluster. The performing of the operation may include calling on the first service, to access an inventory database that stores an association between the router nodes and the data storage nodes, and communicating the operation with a service of the router nodes to implement the operation.
G06F 16/27 - Réplication, distribution ou synchronisation de données entre bases de données ou dans un système de bases de données distribuéesArchitectures de systèmes de bases de données distribuées à cet effet
G06Q 10/0631 - Planification, affectation, distribution ou ordonnancement de ressources d’entreprises ou d’organisations
A method and apparatus for conducting multi-factor authentication of a merchant system by a commerce platform are provided. The process includes the commerce platform authenticating itself to a cloud services provider, which supplies a private communications network for the platform and merchant system. The platform receives an authentication request from the merchant system originating from the provider's private network, using an encryption key. The validity of the encryption key is verified by the platform. If the request is from within the private network and the API key is valid, the platform authenticates the merchant system to perform the requested operation.
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
50.
Methods, non-transitory machine-readable storage medium, and systems for order management and processing using a distributed commerce platform
In embodiments, methods and systems for order management and processing based on a distributed commerce platform are provided. A distributed commerce platform supports end-to-end integrated product publication, order-management and payment services. In particular, the distributed commerce platform supports components based on Application Programming Interfaces (API) that standardize the implementation of a distributed commerce solution or configuration of off-site buying experiences. Using the distributed commerce platform, merchants can concurrently offer, sell, and process orders for products through a plurality of different affiliate channels. The distributed commerce platform can also be implemented as a federated portal from which a merchant can identify affiliate channels to publish product objects, access the plurality of affiliate channels and define configurations for processing objects of the merchant's distributed commerce solution. The configurations can be accessed during a purchase flow such that orders from a channel are processed based on the specific attributes identified in the configurations.
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p. ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/12 - Architectures de paiement spécialement adaptées aux systèmes de commerce électronique
Described herein are systems and methods for fraud detection in network operations. The method may receive a request for execution of a network operation, the request including a first identifier associated with a user device. The method may extract, using the first identifier, attributes of the network operation and user device attributes. The method may extract a second identifier previously generated for the user device. The method may execute a cryptographic protocol using the second identifier and a cryptographic key to generate a first authentication code. The method may execute a machine learning model to predict a likelihood of fraud using mismatched attributes based on determining that the first authentication code matches a second authentication code parsed from the first identifier. The method may reject the request to execute the network operation in response to determining that a prediction of likelihood of fraud fails to satisfy a security threshold.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 30/018 - Certification d’entreprises ou de produits
G06Q 40/02 - Opérations bancaires, p. ex. calcul d'intérêts ou tenue de compte
H04L 67/146 - Marqueurs pour l'identification sans ambiguïté d'une session particulière, p. ex. mouchard de session ou encodage d'URL
The disclosure generally describes one or more techniques for supporting deployment of application extensions for a client system. An inline frame is implemented in a user interface and a secure session established between the inline frame and a server. A user can update data displayed at the user interface through the secure session established in the inline frame to activate an extension available at the server to update the data. The extension can respond with data indicating how the user interface should be updated.
A method and apparatus for performing privacy preserving fraud detection in network based transactions are described. The method may include receiving a fraud detection message during a transaction between a user system and a merchant system, the message having a set of cryptographically transformed universal resource locator (URL) components generated from a URL of a web page of the merchant system on which the transaction is to occur. The method may also include generating one or more secure and anonymous fraud detection features, each fraud detection feature comprising a select subset of the cryptographically transformed URL components. The method may also include performing fraud detection for the web page using the one or more secure and anonymous fraud detection features to determine a likelihood that fraud is occurring in the transaction.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06F 16/955 - Recherche dans le Web utilisant des identifiants d’information, p. ex. des localisateurs uniformisés de ressources [uniform resource locators - URL]
Described herein are systems and methods to use modeling techniques to identify gradual changes in various metrics identified as a result of analyzing an aggregated transaction dataset. In one method, a computer model dynamically slice the data using an attribute, calculates an entropy value for using a rolling time window, and uses the entropy value to identify anomalous behavior. The model may use information gain to determine whether to further segmented the data slice into smaller data slices. The model may iteratively slice and analyze the data until a data slice corresponding to the root cause is determined. The model may then traverse the hierarchy of data slices and combine the data slices until an optimized combined data slice. The model may train a machine learning component, such as a booted tree algorithm, to optimize its traversal of the hierarchy of data slices.
A contactless card reader comprises a contactless card reader front-end coupled to a processor. A communications module is coupled to the processor and a set of sensors is coupled to the processor. The set of sensors determines parameters related to the location, orientation and motion of the card reader. The processor receives the parameters from the set of sensors and utilizes the parameters and scenario configuration data to evaluate a rule. The result of the evaluation of the rule results in a limitation on the operation of the card reader. The communications module is configured to intermittently receive the scenario configuration data from external sources.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06K 7/06 - Méthodes ou dispositions pour la lecture de supports d'enregistrement avec des moyens qui sont conducteurs de courant quand une marque est présente ou absente, p. ex. balais ou pointe de contact pour perforation, balais de contact pour marques conductrices
G06K 7/10 - Méthodes ou dispositions pour la lecture de supports d'enregistrement par radiation électromagnétique, p. ex. lecture optiqueMéthodes ou dispositions pour la lecture de supports d'enregistrement par radiation corpusculaire
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G07F 7/08 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée
A method and apparatus for managing capabilities of an account of a user system at a commerce platform are described. The method includes receiving a request for a desired functionality of the account from a user system. The method may also include mapping the requested capability to a compliance plan that defines a set of account data to be collected before activation of the capability for the account. The method may also include transmitting a message that includes a list of additional data to be provided by the user system before activation of the capability for the account. The method may further include receiving a response from the user system that includes the additional data for activating the capability for the account.
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p. ex. une autorité de certification, un notaire ou un tiers de confiance
Aspects of the subject technology include receiving from a user device a request for obtaining data associated with the user device. The request is addressed to a destination device. Aspects also include determining with a first controller whether to transmit the request to the destination device via a first path. The determination is based on a first success rate of the first path. Aspects also include transmitting the request to the destination device via the first path in response to a determination to transmit the request to the destination device via the first path. Aspects also include determining, with a second controller, whether to transmit the request to the destination device via a second path, in response to a determination not to transmit the request via the first path. The determination is based on a second success rate of the second path.
A service provider server establishes a link to network (e.g., share) and reduce steps to complete a transaction between an electronic device of a user and a third party server. When the user, via their electronic device, accesses a service provider server to conduct a transaction between the user and the third party server, the service provider server may store the user account data and/or access information for accessing the user account data, received from a financial institution, as a link. When the user, via their electronic device, accesses the service provider server again to transact with a subsequent third party server, the service provider server may receive a request from the subsequent third party server for user account data. The service provider server may use the link to provide other third parties with the user account data, subject to one or more conditions imposed on the payment provider.
A method and apparatus for verifying integrity of search system data is described. The method may include accessing a first and second snapshot of search system data, the search system data in each snapshot including transaction data generated by a commerce platform system in response to transactions performed by the commerce platform system. The method may also include accessing an operation log of operations performed on the transaction data during a time between when the first snapshot was generated and a time when the second snapshot was generated. Furthermore, the method may include transforming the transaction data from the first snapshot based on the operations in the operation log to generate validated transaction data in a validated second snapshot, and determining a reliability of the transaction data at the second time period based on a comparison of transaction data from the second snapshot with the validated transaction data from the validated second snapshot.
Embodiments of the invention include a method of performing a payment transaction comprising receiving transaction data by a PIN pad terminal from a point-of-sale terminal, and receiving tender from a customer, by the PIN pad terminal. Tender data and the transaction data are sent to a service gateway, by the PIN pad terminal. The service gateway collects metadata from the tender data and the transaction data. The tender data is sent by the PIN pad terminal to the point-of-sale terminal, which sends the tender data and the transaction data to a merchant gateway for approval or denial of the tender data. The tender data sent to the POS may be encrypted. The service gateway may provide customer and merchant analytics based on the metadata, as well as perform security/fraud checks, BIN management, PIN pad management. Systems are also disclosed.
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/10 - Architectures de paiement spécialement adaptées aux systèmes de transfert électronique de fondsArchitectures de paiement spécialement adaptées aux systèmes de banque à domicile
63.
SYSTEM AND METHODS TO PREVENT UNAUTHORIZED USAGE OF CARD READERS
A contactless card reader comprises a contactless card reader front-end coupled to a processor. A communications module is coupled to the processor and a set of sensors is coupled to the processor. The set of sensors determines parameters related to the location, orientation and motion of the card reader. The processor receives the parameters from the set of sensors and utilizes the parameters and scenario configuration data to evaluate a rule. The result of the evaluation of the rule results in a limitation on the operation of the card reader. The communications module is configured to intermittently receive the scenario configuration data from external sources.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06K 7/06 - Méthodes ou dispositions pour la lecture de supports d'enregistrement avec des moyens qui sont conducteurs de courant quand une marque est présente ou absente, p. ex. balais ou pointe de contact pour perforation, balais de contact pour marques conductrices
G06K 7/10 - Méthodes ou dispositions pour la lecture de supports d'enregistrement par radiation électromagnétique, p. ex. lecture optiqueMéthodes ou dispositions pour la lecture de supports d'enregistrement par radiation corpusculaire
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G07F 7/08 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée
64.
Systems and methods for secure identifiers for electronic transactions
A method and apparatus for using cryptographically signed secure identifiers to detect fraud during network based transactions are described. The method may include receiving a transaction from a user device, the transaction comprising a secure identifier purported to be associated with the user device, and the transaction further comprising transaction data. The method may also include extracting a first identifier and a second identifier from the secure identifier purported to be associated with the user device, and then regenerating a true second identifier using the first identifier. Furthermore, when it is determined that the true second identifier matches the second identifier extracted from the secure identifier purported to be associated with the user device, the method may include determining that the secure identifier is valid, and processing the transaction based at least in part on the determination that the secure identifier is valid.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 30/018 - Certification d’entreprises ou de produits
G06Q 40/02 - Opérations bancaires, p. ex. calcul d'intérêts ou tenue de compte
H04L 67/146 - Marqueurs pour l'identification sans ambiguïté d'une session particulière, p. ex. mouchard de session ou encodage d'URL
65.
SYSTEMS AND METHODS FOR A COMMERCE PLATFORM COORDINATING TRANSACTIONS WITHIN THIRD PARTY APPLICATIONS
A method and apparatus for a commerce platform coordinating a purchase of a product sold by a merchant system through a third party application are described. The method may include receiving a notification from the third party application requesting to purchase a product from within the third party application, wherein the notification comprises an identifier for the product and an identifier for the merchant system that sells the product. The method may also include a product checkout interface having an appearance consistent with an appearance of a user interface of the third party application, and transmitting the product checkout interface generated by the commerce platform to a user device executing the third party application causing the third party application to render the product checkout interface within at least a portion of the user interface of the third party application.
A method and system for performing a movement of a service within a distributed system. In one embodiment, the method comprises determining one or more locations where the service is to be moved. The method further comprises for each of the one or more locations, computing a metric including a cross-cell cost (C-cost) or a data locality-cost (DL-cost) of the software service if a movement of the software service to a location was to occur, prior to performing the movement of the software service; and modelling a latency and availability of the system due to the movement of the software service to the location based on the metric. The method further comprises performing the movement of the service based on the modelled latency and availability of the system.
H04L 43/0817 - Surveillance ou test en fonction de métriques spécifiques, p. ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux en vérifiant la disponibilité en vérifiant le fonctionnement
H04L 67/00 - Dispositions ou protocoles de réseau pour la prise en charge de services ou d'applications réseau
67.
SYSTEMS AND METHODS FOR SIMULATING SELECTIVE FAULT INJECTIONS INTO A NETWORK INFRASTRUCTURE
A system may include a network infrastructure having a set of network component nodes, each network component node configured to communicate with at least one other network component node in accordance with a dependency protocol; and a server in communication with the network infrastructure and a fault injection server. The server can be configured to monitor outputs generated by the network infrastructure and attributes of data communication between the set of network component nodes; execute a computer model using the dependency protocol and the monitored attributes and outputs as input to predict a set of faults; in response to presenting the set of faults for display on a user interface, receive a selection of one or more of the set of faults; and instruct the fault injection server to execute a fault injection scenario simulating performance of the network infrastructure operating under the selected one or more faults.
H04L 41/06 - Gestion des fautes, des événements, des alarmes ou des notifications
H04L 41/147 - Analyse ou conception de réseau pour prédire le comportement du réseau
H04L 41/22 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p. ex. des réseaux de commutation de paquets comprenant des interfaces utilisateur graphiques spécialement adaptées [GUI]
68.
SYSTEMS AND METHODS FOR IMPROVED DATA ACCESS IN A DISTRIBUTED DATA STORAGE SYSTEM
A method and apparatus for executing data access requests in a distributed storage system are described. The method can include initiating, by a service application executing on a first computing node, a data access request to manage service data using a plurality of distributed data storage nodes that store service data for the service. The method also includes communicating, by the service application to a router application executing on the first computing node, the data access request, and determining, by the router application, at least one data storage node from the plurality of distributed data storage nodes that can satisfy the data access request. The method also includes transmitting, by the router application to at least one data storage node, the data access request for fulfillment of the data access request on behalf of the service application.
A method and apparatus for updating data router nodes in a distributed storage system are described. The method can include querying, by a first database agent of a database node, a cache data store for health status metrics of the cache data store. The method can also include storing, by the first database agent of the database node, the health status metrics in a data repository. Furthermore, the method can include obtaining, by a second database agent of a router node, the health status metrics from the data repository, and updating, by the second database agent of the router node, a database topology file based on the health status metrics.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p. ex. pour le traitement simultané de plusieurs programmes
G06F 16/21 - Conception, administration ou maintenance des bases de données
G06F 16/27 - Réplication, distribution ou synchronisation de données entre bases de données ou dans un système de bases de données distribuéesArchitectures de systèmes de bases de données distribuées à cet effet
70.
Artificial intelligence modeling for model routing without inference engines
One method includes identifying a set of fraud-detection ML models to be used to determine a fraud status of a transaction; executing a routing ML model configured to generate a score for at least a subset of the set of fraud-detection ML models, based on an input of an amount and an attribute associated with the transaction, the score indicative of the fraud status for the transaction based on the amount and the attribute; executing using the amount and the attribute associated with the transaction, a subset of the set of fraud-detection ML models selected in accordance with each fraud-detection ML model's respective score, whereby at least one fraud-detection ML model within the subset of the set of fraud-detection models generates a prediction associated with the fraud status of the transaction; and authorizing the transaction based on the prediction.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
71.
ELECTRONIC DATA VERIFICATION USING ARTIFICIAL INTELLIGENCE
A method comprises determining whether a decision can be determined for the request based on a current information available; when the decision can be determined, utilizing a first model to determine a set of questions corresponding to the request, the first model previously trained using training data comprising a set of questions associated with a set of requests; utilizing a second model to determine one or more predicted answers for the set of questions, the second model ingesting the set of questions determined by the first model and at least one attribute associated with the request to generate the one or more predicted answers; and utilizing a third model to determine the decision for the request.
The present disclosure is directed to models for predicting customer behavior, including the use or adoption of products by current customers and prospective customers of a service platform offering multiple service products.
A method and apparatus for authentication of a user is described. A system can include a memory and a processor, where the processor identifies a trigger event corresponding to an application executed by the processor of the system. Then, in response to identification of the trigger event, the processor causes an authentication process to execute on the application, including prompting the user to provide a payment instrument information via the NFC device of the system. The processor then determines if the received payment instrument information is designated as an authentication instrument for the user, in response to receipt of the payment instrument information via the NFC device of the system, determine. Additionally, in response to a determination that the received payment instrument information is designated as the authentication instrument for the user, the processor authenticates the user.
Aspects of the present disclosure relate to systems and methods for generating processes or bots for automatically processing accounting data. Some aspects of embodiments relate to defining templates specifying actions to be performed on a periodic basis (e.g., hourly, daily, weekly, or monthly). In some embodiments, the templates further include template queries for querying data stores or other data sources (e.g., data streams). The templates may be registered for scheduled execution, instantiating the templates with runtime parameters for execution, where executing the instantiated templates includes collecting and processing data collected from source data stores to generate output data. Some aspects relate to temporarily storing output data generated by executing the instantiated templates and requesting manual approval of the output data before the data is written to an output data store or sink data store. In some circumstances, the output data store may store a general ledger of a business.
Aspects of the subject technology include a method comprising obtaining an enrollment confidence score and a validation confidence score, and determining an identity assurance score associated with the user account that indicates a level of confidence in an identity of the user. The identity assurance score is determined based at least in part on one or more of the enrollment confidence score or the validation confidence score. The method also comprises receiving, from a service provider, a request for the identity assurance score for the user account, the request corresponding to at least one of an authorization or an authentication of the user account at the service provider, and providing, responsive to the request, the identity assurance score of the user account to the service provider for at least one of the authorization or the authentication of the user account at the service provider.
Aspects of the subject technology include determining an association between a first and second user account that comprises a first condition corresponding to a first action to be performed in association with the first user account and a second condition corresponding to a second action to be performed in association with the second user account. Aspects also include generating a first entry based on the association, receiving a first indication indicating completion the first and/or second actions, generating a second entry based on the first indication, wherein the second entry corresponds to the first and/or second conditions, determining whether the first and second condition of the first entry are satisfied based in part on entries in the data structure that correspond to the first and/or second conditions, and transmitting a second indication that the first entry is complete, in response to determining that the first and second condition are satisfied.
In some embodiments, a computer system is described. In some embodiments, the computer system generates a suggested collection of applications based at least in part on a first application selected by a client device, receives a second selection of a second application from the suggested collection of applications, integrates the first application and second application with a client application on the host platform, receives a request to perform an operation on the client application, selects at least one of the first application or the second application of the client application to perform the operation based on a determination that the at least one of the first application or the second application have access to the database, sends a request to perform the operation to the selected first or second application, and receives a set of results based on performance of the operation.
In some embodiments, a computer system receives a user interface corresponding to an event-based workflow, generates event data based on a user input to the user interface, and provides the event data to the host platform system causing the host platform system to attempt to execute a first step corresponding to one or more events of the event-based workflow, wherein a failure to execute the step is resolved in at least one of a first manner or a second manner, the first manner corresponds to a first set of one or more execution criteria associated with the step, and the second manner corresponds to a second set of one or more execution criteria associated with the step. In response to providing the event data, the computer system receives a result corresponding to the attempted execution of the step and updates the user interface based on the result.
A computer system receives an application model for storing on a host platform, accesses the set of capability data and the set of functionality data associated with the application model to generate a collection of user interfaces and functionality to verify the application model in accordance with a plurality of predefined benchmark surfaces associated with the host platform, causes a first execution in a first sandbox of a first set of user interfaces and first functionality associated with the application model in accordance with a determination that a predefined benchmark surface corresponds to a first surface, causes a second execution in a second sandbox of a second set of user interfaces and second functionality associated with the application model in accordance with a determination that a predefined benchmark surface corresponds to a second surface, and stores the application model on the host platform for installation by other users.
In some embodiments, a computer system receives a request to render components of a webpage. In some embodiments, the computer system generates an API key, wherein the API key is used by the inline frame element to authenticate API requests to an API server. In some embodiments, the computer system receives, via the inline frame element, data corresponding to the one or more embedded UI elements from a resource associated with a third-party entity, wherein the inline frame element is a proxy between the platform and the API server. In some embodiments, the computer system renders the one or more embedded UI elements on the webpage.
G06F 8/38 - Création ou génération de code source pour la mise en œuvre d'interfaces utilisateur
G06F 3/0481 - Techniques d’interaction fondées sur les interfaces utilisateur graphiques [GUI] fondées sur des propriétés spécifiques de l’objet d’interaction affiché ou sur un environnement basé sur les métaphores, p. ex. interaction avec des éléments du bureau telles les fenêtres ou les icônes, ou avec l’aide d’un curseur changeant de comportement ou d’aspect
G06F 3/0484 - Techniques d’interaction fondées sur les interfaces utilisateur graphiques [GUI] pour la commande de fonctions ou d’opérations spécifiques, p. ex. sélection ou transformation d’un objet, d’une image ou d’un élément de texte affiché, détermination d’une valeur de paramètre ou sélection d’une plage de valeurs
G06F 9/451 - Dispositions d’exécution pour interfaces utilisateur
A method and apparatus for leveraging a distributed services system for surfacing insights for a user are described. The method may include accessing, by a computer processing system, service system data generated for a user by services of a distributed service system, the service system data including one or more values associated with one or more corresponding common entities in a data store of disambiguated service system data. The method may also include inputting the one or more values associated with the one or more corresponding common entities generated for the user into a trained machine learning model (MLM), the machine learning model trained to detect an effect of the one or more values associated with the one or more corresponding common entities on a set of metrics of interest. Furthermore, the method may include detecting, by the MLM, when there is an anomaly in a metric of interest in the set of metrics of interest.
G06F 3/0481 - Techniques d’interaction fondées sur les interfaces utilisateur graphiques [GUI] fondées sur des propriétés spécifiques de l’objet d’interaction affiché ou sur un environnement basé sur les métaphores, p. ex. interaction avec des éléments du bureau telles les fenêtres ou les icônes, ou avec l’aide d’un curseur changeant de comportement ou d’aspect
G06F 3/0484 - Techniques d’interaction fondées sur les interfaces utilisateur graphiques [GUI] pour la commande de fonctions ou d’opérations spécifiques, p. ex. sélection ou transformation d’un objet, d’une image ou d’un élément de texte affiché, détermination d’une valeur de paramètre ou sélection d’une plage de valeurs
A method for location-dependent determination comprises: determining, with one or more processors, a geographic location of a user's electronic device using first data; in response to determining the determined geographic location is insufficient for performing a location-dependent determination, requesting second data to determine an updated geographic location of the user's electronic device; performing, with an Application Programming Interface (API), the location-dependent determination based on the updated geographic location; and completing, with the API, a transaction using the location-dependent determination.
Methods and apparatus for authenticating a user by a service provider system are described. The method can include receiving, from a service of the service provider system, a user data captured at an initiation of an onboarding process for a user seeking access to the service. The method may also include retrieving an access configuration associated with the service, the access configuration defining one or more user data access requirements to enable the user to access the service. The method may then include determining whether the one or more user data access requirements of the access configuration are satisfied by the user data, and in response to determining that one or more user data access requirements are satisfied, enabling the user to access the service of the server provider system. Furthermore, the method can include transmitting, to the service, a notification indicating that the user has satisfied the access requirements to enable the user to continue the onboarding process for the user to access the service.
Methods and systems for secure token driven conditional routing of proceeds are described. A request to initiate routing of data between remote systems is received by a server computer system, where the request includes an incomplete set of parameters. A validation challenge and a challenge response defined by a first remote computing system are received, and a token that references the first remote computing system and the incomplete parameter set is generated. A validation may then be performed for a second remote computing system using the validation challenge and the challenge response defined by the first remote computing system. The incomplete set of parameters may then be completed by the second remote computing system when the challenge is validated to enable the routing of data according to the complete set of parameters referenced by the token.
G06Q 20/00 - Architectures, schémas ou protocoles de paiement
G06Q 20/02 - Architectures, schémas ou protocoles de paiement impliquant un tiers neutre, p. ex. une autorité de certification, un notaire ou un tiers de confiance
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
In some embodiments, an electronic device is configured to transmit a first request for an account session key, receive the account session key associated with a first set of permissions corresponding to the embedded interface element and a second set of permissions corresponding to the embedded app, transmit a second request for an embedded app key, receive the embedded app key associated with a third set of permissions corresponding to the embedded app, and proxy communications between the embedded interface element and the processor server, based on the account session key associated with the first set of permissions, and between the embedded app and the processor server, based on the embedded app key associated with the third set of permissions.
A system for accepting the input of a PIN comprises a first device receiving a randomized PIN layout derived on a fourth device. The randomized PIN layout is displayed on a display of the first device. A second device comprises an input for accepting a series of key presses to produce a PIN token. The PIN token indicating each of the series of key presses. A third device is in communication with the second device. The third device derives the randomized PIN layout and receives the PIN token from the second device without the PIN token being present on the first device. The third device combines the PIN layout and the PIN token to produce a PIN. The PIN is used to authenticate a transaction. The fourth and third devices each store a shared secret used to independently derive the randomized PIN layout on the fourth and third devices.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G07F 7/10 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée utilisée simultanément avec un signal codé
A system for conducting a card transaction comprises an consumer application running on a user device, a card reading interface separate from the user device, a payment application residing on a COTS device, a PIN verification subsystem, an EPB creation subsystem located at an EPB creation location, and a server. The user device receives an entered PIN. The card reading interface receives a PAN from a payment card. Either the PIN or a first set of signals comprising the PIN is received by the EPB creation subsystem. The second set of signals comprising the PAN is generated and transmitted by the payment application via the network. An EPB is created by the EPB creation subsystem based on the PIN and PAN, and the EPB is transmitted by the EPB creation subsystem to either the PIN verification subsystem or the payment card for PIN verification.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
A system to indicate to a user to enter a personal identification number (PIN) on a commercial off the shelf (COTS) device, the system comprising: a secure card reader communicatively coupled to the COTS device, and wherein the secure card reader receives a payment card; a payment application installed on the COTS device; and one or more devices other than the COTS device. The payment application installed on the COTS device transmits one or more prompts to the one or more devices other than the COTS device based on a set of signals received from the secure card reader. The secure card reader transmits the set of signals after the payment card is received at the secure card reader, and the one or more prompts comprise at least one indication to the user to enter the PIN on a display of the COTS device.
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
Embodiments herein use transfer learning paradigms to facilitate classification across entities without requiring the entities access to the other party's sensitive data. In one or more embodiments, one entity may train a model using its own data (which may include at least some non-shared data) and shares either the scores (or an intermediate representation of the scores). One or more other parties may use the scores as a feature in its own model. The scores may be considered to act as an embedding of the features but do not reveal the features. In other embodiments, parties may be used to train part of a model or participate in generating one or more nodes of a decision tree without revealing all its features. The trained models or decision trees may then be used for classifying unlabeled events or items.
A method and apparatus for a certificate authority system providing authentication to a plurality of devices associated with an organization are described. The method may include receiving, at the certificate authority system, a request from a device to sign authentication information of the device, wherein the device is associated with the organization. The method may also include sending a challenge to the device to perform an action with a system other than the certificate authority system, and receiving the response to the challenge from the device. Furthermore, the method may include verifying that the response was generated correctly based on the challenge, and signing the authentication information of the device with one or more keys of the certificate authority system as an authentication of an identity of the device.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04L 9/14 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité utilisant plusieurs clés ou algorithmes
A transaction is conducted between a merchant site and a customer's electronic device using a payment processor. The merchant site is associated with a client-side application and a server-side application. The client-side application executes on the customer's electronic device. The client-side application electronically sends payment information retrieved from the customer's electronic device to the payment processor. The client-side application does not send the payment information to the server-side application. The payment processor creates a token from the payment information sent by the client-side application. The token functions as a proxy for the payment information. The payment processor electronically sends the token to the client-side application. The client-side application electronically sends the token to the server-side application for use by the server-side application in conducting the transaction. The payment information can thus be used by the server-side application via the token without the server-side application being exposed to the payment information.
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/10 - Architectures de paiement spécialement adaptées aux systèmes de transfert électronique de fondsArchitectures de paiement spécialement adaptées aux systèmes de banque à domicile
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
Systems and methods for anomaly prediction are disclosed. An anomaly detection system identifies data generated for a customer. A first set of features for the customer are identified based on the data. The system performs an anomaly evaluation based on detecting a criterion. The anomaly evaluation may include identifying a customer segment based on the first set of features; identifying a distribution of values for the customer segment; determining, based on the distribution of values, whether a value associated with the first set of features satisfies a threshold; and in response to the determining that the value satisfies the threshold, invoking a machine learning model for predicting an anomaly for the customer based on at least a portion of the data. A notification may be transmitted about the anomaly to trigger an action for addressing the anomaly.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
A method and apparatus for fraud detection during transactions using identity graphs are described. The method may include receiving a document image for detecting whether an identity document depicted within the document image is fraudulent. The method may also include extracting data associated with the document image to generate extracted data. The method may also include processing, by a single machine learning model, subsets of the decoded image data used as corresponding inputs to each of a set of machine learning model backbones of the single machine learning model that generate one or more intermediate signals indicative of whether a subset of the extracted image data input into said each machine learning model backbone is associated with a fraudulent identity document. The method may also include processing, by a second machine learning model backbone that generates a final score indicative of whether the document image depicts a fraudulent identity document, at least one or more intermediate signals.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06V 10/774 - Génération d'ensembles de motifs de formationTraitement des caractéristiques d’images ou de vidéos dans les espaces de caractéristiquesDispositions pour la reconnaissance ou la compréhension d’images ou de vidéos utilisant la reconnaissance de formes ou l’apprentissage automatique utilisant l’intégration et la réduction de données, p. ex. analyse en composantes principales [PCA] ou analyse en composantes indépendantes [ ICA] ou cartes auto-organisatrices [SOM]Séparation aveugle de source méthodes de Bootstrap, p. ex. "bagging” ou “boosting”
G06V 10/82 - Dispositions pour la reconnaissance ou la compréhension d’images ou de vidéos utilisant la reconnaissance de formes ou l’apprentissage automatique utilisant les réseaux neuronaux
G06V 20/00 - ScènesÉléments spécifiques à la scène
Disclosed herein are systems and methods for generating and managing subscription using electronic transaction protocols in a blockchain-based system. In an embodiment, a system monitors one or more electronic transaction protocols deployed on a blockchain; detects an interaction by a decentralized wallet with a user interface element corresponding to a first electronic transaction protocol of the one or more electronic transaction protocols deployed on the blockchain; identifies one or more parameters of the subscription based on one or more inputs provided via the decentralized wallet, wherein the one or more parameters includes a time period of the subscription and a payment interval; and causes a first service provider to create or modify the subscription associated with a user of the decentralized wallet, wherein the causing further includes creating or modifying the subscription based on the one or more parameters.
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
99.
COMPUTER MODELING FOR FRAUD DETECTION IN BLOCKCHAIN-BASED TRANSACTIONS
Disclosed herein are systems and methods for identifying fraud in blockchain-based transactions. In one method, a server detects an interaction by a decentralized digital wallet with a first electronic transaction protocol corresponding to a blockchain; executes a computer model (previously trained based on characteristics of electronic transaction protocols corresponding to the blockchain and electronic transactions corresponding to electronic transaction protocols) to determine a risk score; and in response to determining that the risk score for the requested electronic transaction is above a threshold level, causing at least one graphical element of a GUI associated with the decentralized digital wallet to provide an indication of a risk associated with the requested electronic transaction.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
Disclosed herein are systems and methods for generating and managing subscription using electronic transaction protocols in a blockchain-based system. In an embodiment, a system monitors one or more electronic transaction protocols deployed on a blockchain; detects an interaction by a decentralized wallet with a user interface element corresponding to a first electronic transaction protocol of the one or more electronic transaction protocols deployed on the blockchain; identifies one or more parameters of the subscription based on one or more inputs provided via the decentralized wallet, wherein the one or more parameters includes a time period of the subscription and a payment interval; and causes a first service provider to create or modify the subscription associated with a user of the decentralized wallet, wherein the causing further includes creating or modifying the subscription based on the one or more parameters.
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
