Methods and systems are described herein for improvements to authenticate users, particularly authenticating a user based on data known to the user. For example, methods and systems allow for users to be securely authenticated based on data known to the users over remote communication networks without storing the data known to the users. Specifically, methods and systems authenticate users by requiring users to select images that are known to the users. For example, the methods and systems may generate synthetic images based on the user's own images and require the user to select the synthetic image, from a set of a set of images, that is known to the user to authenticate the user. Moreover, the methods and systems alleviate storage and privacy concerns by not storing the data known to the users.

A method of using a user terminal to provide secure authenticated registration between a user and a third party, the method comprising: reading a chip to receive chip data stored on the chip (S408); transmitting the chip data, via a network interface of the user terminal, over a network to an authentication server associated with said third party (S410) and in response receiving via said network interface a notification message from the authentication server (S412); determining whether the identification document is authentic based on the notification message from the authentication server (S414), wherein in response to determining that the identification document is authentic, the method further comprising: outputting, via at least one output device of the user terminal, an authentication challenge to the user (S418); receiving image data as a response to the authentication challenge (S420); and transmitting the image data, via the network interface, over the network to the authentication server for authenticating the user with the third party (S422).

A computing system for authenticating users utilizing an interactive chatbot is provided. The computing system includes a processor in communication with a memory, and the processor programmed to: (i) receive an authorization request message for a transaction initiated by a user, wherein the authorization request message includes transaction data, (ii) retrieve user data associated with the user, (iii) determine, based upon the transaction data and the user data, a risk associated with the transaction, (iv) generate, based upon the risk associated with the transaction, one or more prompts for the user, (v) transmit, via the interactive chatbot, the one or more prompts to the user, (vi) receive user input in response to the one or more prompts, and (vii) embed an authentication indicator into the authorization request message, wherein the authentication indicator indicates whether the user is authenticated based upon the user input.

Generating self-issued claims anchored by DIDs and using the self-issued claims as self-identification. The computing system generates one or more claims, each of which includes at least information related to (1) a DID, (2) a property of a subject entity who is an owner of the DID, and (3) a value corresponding to the property. For each of the one or more claims, the computing system generates a cryptographic signature by signing the claim with a private key associated with the corresponding DID. The cryptographic signature proves that the claim is a self-issued claim, which is issued by the owner of the corresponding DID and is about the owner of the corresponding DID. A portion of data related to the self-issued claim is then propagated onto a distributed ledger.

A computing device for risk-based analysis of a payment card transaction is provided herein. The computing device includes a processor communicatively coupled to a memory. The computing device is programmed to receive a request for authentication of the payment card transaction. The payment card transaction includes a suspect consumer presenting a payment card from a digital wallet of a privileged cardholder. The computing device is also programmed to identify fraud feature data from the digital wallet. The computing device is further programmed to compute a fraud score for the payment card transaction based at least in part on the fraud feature data. The computing device is still further programmed to provide the fraud score for use during authentication of the suspect consumer.

A method in a biometric authentication system, generating an acoustic stimulus for application to a user’s ear; receiving an audio signal representing a response of the user’s ear canal to the acoustic stimulus; adapting an ear canal response estimate of the user’s ear canal to the acoustic stimulus to reduce an error between the audio signal and the ear canal response estimate; calculating one or more quality metrics, the quality metrics comprising one or more of: an ear canal response estimate quality metric comprising one or more energy characteristics of the ear canal response estimate; an error quality metric derived from the error; an audio response quality metric comprising one or more statistical characteristics of the audio signal; and determining a validity of the audio signal for use in a biometric process based on the quality metrics.

Low-resource overhead computer-implemented methods for enrolling, authenticating and establishing encryption keys for one or more queried devices, each of the queried devices including an electrical circuit configured to output electrical signals indica-five of a physically unclonable function (PUF) of the queried device. Authentication and encryption are implemented in low-resource queried device computational architectures, with embodiments of the present invention utilizing pseudo-random number generators configured based on unique primitive polynomials, masking and unmasking functions, and error correction protocols executed in a querying device.

Methods, systems, and apparatuses are described herein for improving the accuracy of authentication questions using e-mail processing. A request for access to an account may be received from a user device. A plurality of organizations may be identified. One or more e-mail associated with the account may be identified. The e-mails may be processed to identify one or more organizations that correspond to transactions conducted by a user. A modified plurality of organizations may be generated by removing, from the plurality of organizations, the one or more organizations. An authentication question may be generated and provided to the user device. A response to the authentication question may be received, and the user device may be provided access based on the response.

Methods, systems, and apparatuses are described herein for improving the accuracy of authentication questions using transaction limitations provided by users. A request for access to an account associated with a user may be received from a user device. An account restrictions database may be queried to determine one or more transaction rules associated with the account. The one or more transaction rules may have been created by the user and indicate limitations on financial transactions that may be performed via the account. An authentication question may be generated that is associated with a violation of the one or more transaction rules. The authentication question may be provided to the user device, and a response to the authentication question may be received. Access to the account may be provided to the user device based on the response.

There are provided systems and methods for contact lookup operations during inoperability of mobile devices. A service provider, such as an online transaction processor, may provide additional services for secure contact lookup when a computing device of a user is nonoperational or unavailable. The user may establish a contact identifier and authentication mechanism with the service provider and allow access to the user's contacts. Once established, when the user's device is unable to access contacts and/or communication with other devices, the user may utilize the service provider for contact access through a contact lookup system. The user may utilize a different device to access a communication system or application and retrieve a data structure representing the user's contacts. The data structure may then be passed to the corresponding communication system or application interface system, which may then be output to the user.