Security and Secure payment solutions
2014-09 Partial Data EncryptionThe encryption method described in this invention is a very fast and a considerably efficient way of protecting information when compared with current prior art methods, because only the essential information is encrypted. For example, when images or video are coded with the progressive Gurulogic Multi-Variate Codec (GMVC®), then only 1/1000 of the entire data size of the data stream is protected with encryption . We can therefore claim that using encryption in the invented way has hardly any effect at all in transfer rate of real time video, nor does it increase the consumption of CPU computing resources in any significant manner. The encryption method described in this invention makes it possible to use a very fast, yet efficient encryption algorithm. Moreover, the additional advantage given by this invented method is that one does not necessarily have to protect one’s data in data transfer networks with a protected, secure network connection such as VPN tunneling, SSH (Secure Shell) or SSL/TLS (HTTPS) protocols. Therefore, this invented method offers a novel model for transmitting text, binary, audio, image, and video information for example in public internet networks or in web services and cloud services.
2014-08 Integration of encoding and encryptionThe encryption methods described in this invention can be integrated into an encoder or into another, corresponding pre-processor. Therefore, this invention makes it possible to gain considerable protection improvement as compared with protection implemented with prior art methods using corresponding encryption algorithms. The invented technology can be integrated with almost any coding solution, not depending on which encryption algorithm is used. That is, in practice, even the currently used implementations can be refactored to work more efficiently if the methods of this invention are used. The integration of encryption and encoding also offers an efficient model for multiprocessing, or running several processes in parallel manner, because this invented technology enables the implementation of optimal processing structure for the CPU and the GPU, according to the available computing capacity. However, the methods described in this invention do not alter the behavior of the integrated encryption algorithm, which means that the protection will not be compromised. The invented methods can be implemented in connection with common, well-known open source or proprietary data compression software applications such as 7-Zip or Win-Zip, etc. The invented technology can be efficiently utilized especially in medical or military purposes, to strengthen the prior art data compression and data processing algorithms in use, the purpose of which is to protect vital information that is confidential or classified. Furthermore, current known technology offers a lot of different options from which it is extremely difficult to select a solution that fits the need, whereas the invented technology offers integration with the best and the most reliable solution, as compared with the not-integrated options. For example, the Gurulogic Multi-Variate Codec (GMVC®) used for data compression enables the use of all the invented modes of operation. The encryption method described in this invention makes it possible to use a very fast, yet efficient encryption algorithm. Moreover, the additional advantage given by this invented method is that one does not necessarily have to protect one’s data in data transfer networks with a protected, secure network connection such as VPN tunneling, SSH (Secure Shell) or SSL/TLS (HTTPS) protocols. Therefore, this invented method offers a novel model for transmitting text, binary, audio, image, and video information for example in public internet networks or in web services and cloud services.
2014-12 Secure Media PlayerThe invention provides an integrated secure media player system that does not store or allow others to store critical sections of data in an unencrypted form. This is achieved by integrating encryption into an encoder, and by integrating decryption into a decoder, wherein rendering of media content information is also integrated into the decoder. As a result, the critical sections of data are not required to be stored (or transferred between different components) in an unencrypted form, which prevents unauthorized copying of the data, thereby discouraging pirating of media data content by unscrupulous third parties. Moreover, the invention enables malware to be resisted by recipient computing devices, where the malware is potentially capable of extracting media content information from e.g. cache memory and communicating content to pirate media content distribution website. Preventing such copying of media content data from cache memory is ensured by as little of the media data content being decrypted at any given moment in time.
2015-04 Encryption system, encryption key wallet and methodThis invention provides an encryption system that is operable to produce and process encryption keys more efficiently than known conventional encryption systems. The encryption key wallet enables creating a truly reliable information system, improving data security. Gurulogig (R) Encryption Key Wallets are designed to be used between two communicating parties, but if required, can be used between more than two parties. The provided encryption system is highly desirable for situations wherein data of a confidential or sensitive nature is to be exchanged securely between parties to the encryption system.
2016-04 TransaktiojärjestelyA method providing the buyer an automatic way to pay his/her purchases in real-time for example via his/her bank account, without revealing details to the supplier and without any card payment that would necessiate some kind of registration of the buyer being involved.
2016-09 User Sign-In and Authentication without PasswordsThis patented invention provides user-friendly, yet secure solution to sign-in procedures by omitting the need to input a password. Embodiments of the invention are capable of replacing a need to use passwords by employing disposable keys that are usable only once. The parties in communication are provided with identical or mutually compatible copies of at least one digital key code list comprising keys and indices referencing the keys. An authentication message is delivered from one party to another, comprising an index of a key to be used. When data communication is performed between the parties, they are operable to use the derived key, which is beneficially disposed of after use, namely usable between them only once. This results to better security to the data communication system.
2016-12 Protecting usage of key store contentA method of protecting usage of key store content at a user device of an end user. The key store content is received at the user device in an encrypted form, and key materials are encrypted using encryption credentials of the user device. The key store content is created by, and received from, a key service provider in a format which is compatible with the user device. The key store contents are imported, and the key materials of the key store content are stored at the key store of the user device in an encrypted form. All the key materials of the key store content are imported at one go and are non-exportable from the keystore.
2016-12 Remote (bio-)authenticationA method of facilitating a secure log-in procedure or a transaction procedure with the help of a server arrangement, to enable a user or a person under custody of the user to log-in or perform transaction securely. When attempting to log in or perform transaction, such as payment, the server sends to the mobile device of the user an authorization-request message using real-time push signalling for activating the device. It is not until authorization has been verified that the log in or transaction is succesful. The method efficiently prevents trying to log-in with another user's credentials or paying with a stolen bank card, as the authorization needs to be done via mobile phone, probably in possession of the real owner.
2017-02 Authorization Request for Payment ServiceA method of performing user authorization for a transaction made at a payment terminal, using a payment device being used by a party other than the person authorizing the payment. An authorization-request message is sent to a mobile communication device of a responsible user for requesting the user authorization for example in a situation where the user trying to perform a transaction is minor-aged, or otherwise under custody.
Data Transfer MethodSecure way of communicating data from a source device to a destination device, when either or both of them have no direct access or have only restricted access to any data communication network. The system enables and facilitates data communication between the devices in real-time or near real-time by relaying the data through the network node service provided by the system. In operation the system isolates the source device from the data communication network, providing additional security as the source device is less vulnerable to virus attacks and other kind of security threats.
System and Method for Creating Group Networks between Network DevicesThis not-yet-published method provides easy way for the users to create their own device groups between network devices belonging to one or more local networks. The dynamically installed group network device automatically performs network configurations for the network devices and enables the member devices of the group to communicate and interoperate with each other in their native protocols. The group network device supports different types of transmission paths and different transmission protocols.
Method for providing Protected Data Storage in Data memoryThis not-yet-published method provides more robust protected data storage against different kinds of memory attacks, and is not prone to vulnerabilities of operating systems, target platforms and hardware. The system is suitable for protecting sensitive variables stored in, for example, a RAM or a CPU register of the computing device during runtime execution of various services or software applications. Such protected sensitive variables are to be used in a manner that is similar to how unprotected variables are used in conventional techniques. As a result, it is not necessary to make changes to a logical development syntax and paradigm of a given program (e.g. a software application).