The invention provides an easy to use credential management mechanism for multi-factor out-of-band multi-channel authentication process to protect user access to online portals. When opened, the client processing application generates a multi-dimensional code. The user scans the multi-dimensional code and validates the client processing application and triggers an out-of-band outbound mechanism. The portable mobile device invokes the authentication server to get authenticated. The authentication server authenticates the user based on shared secret key and is automatically allowed access to the online portal. The process of the invention includes an authentication server, a client processing application to generate an authentication vehicle or an embodiment (i.e. multi-dimensional bar code) and handle incoming requests, secret keys and a portable communication device with a smartphone application.

The invention provides an easy to use credential management mechanism for multi-factor out-of-band multi-channel authentication process to protect payment credentials without the risk of malware and skimming attacks. When opened, the secure payment application generates a multi-dimensional transitory key. The user authenticates the multi-dimensional transitory key and validates the secure payment application, triggering an out-of-band outbound mechanism. The portable mobile device invokes the authentication server and the authentication server authenticates the user based on the authenticated transitory key. After authentication, the merchant is allowed access to the payment credentials to complete the transaction. The process of the invention includes an authentication server, a secure payment application to generate an authentication vehicle or an embodiment (i.e. multi-dimensional transitory key) and handle incoming requests, and a portable communication device with a smartphone application.

The invention provides an easy to use credential management mechanism for multi-factor out-of-band multi-channel authentication process to protect payment credentials without the risk of malware and skimming attacks. When opened, the secure payment application generates a multi-dimensional transitory key. The user authenticates the multi-dimensional transitory key and validates the secure payment application, triggering an out-of-band outbound mechanism. The portable mobile device invokes the authentication server and the authentication server authenticates the user based on the authenticated transitory key. After authentication, the merchant is allowed access to the payment credentials to complete the transaction. The process of the invention includes an authentication server, a secure payment application to generate an authentication vehicle or an embodiment (i.e. multi-dimensional transitory key) and handle incoming requests, and a portable communication device with a smartphone application.

The invention provides an easy to use credential management mechanism for multi-factor out-of-band multi-channel authentication process to protect a large number of documents without the need to remember all the document passwords. When opened, the secure document application generates a multi-dimensional code. The user scans the multi-dimensional code and validates the secure document application and triggers an out-of-band outbound mechanism. The portable mobile device invoices the authentication server to get authenticated. The authentication server authenticates the user based on shared secret key and is automatically allowed access to the secure document. The process of the invention includes an authentication server, a secure document application to generate an authentication vehicle or an embodiment (i.e. multi-dimensional bar code) and handle incoming requests, secret keys and a portable communication device with a smartphone application.

The invention provides an easy to use credential management mechanism for multi-factor out-of-band multi-channel authentication process to protect a large number of documents without the need to remember all the document passwords. When opened, the secure document application generates a multi-dimensional code. The user scans the multi-dimensional code and validates the secure document application and triggers an out-of-band outbound mechanism. The portable mobile device invoices the authentication server to get authenticated. The authentication server authenticates the user based on shared secret key and is automatically allowed access to the secure document. The process of the invention includes an authentication server, a secure document application to generate an authentication vehicle or an embodiment (i.e. multi-dimensional bar code) and handle incoming requests, secret keys and a portable communication device with a smartphone application.

A method for generating a two-dimensional barcode, including: obtaining a protection-encoding pattern based on a mask pattern reference, the mask pattern reference being a reference for identifying a mask pattern that is applied to a module group, the module group being composed of a plurality of modules, each module being a unit cell constituting the two-dimensional barcode; obtaining a protection-encoded code block by protection-encoding a code block with the protection-encoding pattern, the code block having at least a data codeword; generating the module group based on the protection-encoded code block; and generating the two-dimensional barcode having the module group to which the mask pattern is applied.

The disclosure features methods and systems that include illuminating a candidate structure with radiation linearly polarized along a first polarization direction and obtaining a first image of the dendritic structure, illuminating the candidate structure with radiation linearly polarized along a second polarization direction and obtaining a second image of the dendritic structure, where an angle between the first and second polarization directions is at least 10, for a set of pixels corresponding to a first region of the candidate structure in the first and second images, determining a first change in average pixel intensity between the first and second images, and authenticating the candidate structure as a dendritic structure based on the first change in average pixel intensity.

The present invention increases the ease of use of an optical code in which an digital signature is recorded. Recorded in the optical code are: a message; an digital signature created from the message using a creator's secret key; and a public key ID with which it is possible to specify the creator's public key certificate that includes a public key paired with the secret key, said ID being smaller in size than the public key certificate. An optical code readout authentication device, after reading the optical code, acquires the creator's public key certificate from a certificate provision server on the basis of the recorded public key ID, and uses the public key certificate to authenticate the optical code.

Providing secure graphics outputs by performing at least the following: receive secure output data corresponding to a digital image, obtain one or more security keys, create a secure output marker for the secure output data, wherein the secure output marker comprises location information corresponding to a trusted output area of the digital image and data information that represents data content found within the trusted output area of the digital image, encrypt the secure output marker using the one or more security keys, embed the secure output marker within the graphics image to create a trusted graphics image; and render the trusted graphics image for exposure onto the display device.

This invention safeguards the integrity of a machine-printed paper document by entangling a characteristic signature derived from the document's paper grain structure with the identities of the printing device and the person or organization which issued the document. This protection is achieved using a certification phase performed by an augmented document printer and an authentication phase performed by an augmented document scanner. In the certification phase, the grain structure of a specific area of the original paper is imaged and processed to generate a unique signature for the paper. This signature is doubly encrypted using the private keys of the augmented printer and the certifier. These encryption steps entangle the signature of the paper with its source information in a way that thwarts counterfeiting attacks which either copy the document or falsely attribute its source to a specific printer and/or certifier.