A method performed by a user device may include obtaining biometric information relating to a user of the user device using a biometric sensor of the user device; determining that the biometric information is valid; generating a biometric indicator indicating that the biometric information is valid; providing a request for a callback from an entity, wherein the request includes the biometric information indicating that the biometric information is valid; and receiving the callback from the entity, wherein the callback is received based on the biometric information indicating that the biometric information is valid, and wherein the callback is associated with an entity identifier that is not provided to the user.

The present disclosure relates to security risk warning system that a recipient may acknowledge and act accordingly. Security insights may be provided explicitly in a security insight panel that may clearly identify vulnerabilities specific to a particular authenticable communication. This may limit risk that a recipient would ignore or not understand the risk. Security insights may be provided for a combination of indicated source, recipients, and content, such as links, text, attachments, and images. Security insights may be provided on site, such as on or proximate to the reviewed portions of the authenticable communication.

Novel techniques for generating and ascertaining proof of ownership of physical goods employing blockchain-based methodologies. Upon purchase of a physical good, data relevant to that purchase including identification of the purchaser are employed to mint an NFT purchase token that is appended on a block chain and placed within the customer wallet to represent a unique certificate of ownership for the purchased physical good. Transaction fees associated with the process, creation of an electronic wallet, generation of tokens that include sub-tokens for maintaining chain of title information for the good's entire lifetime, among other things also are discussed.

When personally identifiable information (PII) is to be stored or updated, a system first seeks consent from the user for the PII store or update. If the user grants consent, then the system stores the PII in the user's personal device or updates the PII stored in the user's personal device. The system then retrieves that PII and generates a token representing that PII. Even if the token were taken by a malicious user, it would not be possible for the malicious user to determine the user's actual PII from the token. In this manner, the security of the PII is improved over conventional systems.

A server comprises a communications module; a processor coupled with the communications module; and a memory coupled to the processor and storing processor-executable instructions which, when executed by the processor, configure the processor to send, via the communications module and to a remote computing device, a signal causing the remote computing device to display a unique code and a telephone number; monitor at least one instant messaging account associated with the telephone number for the unique code; after determining that the unique code has been received at the at least one instant messaging account associated with the displayed telephone number, determine that authentication for a particular account has been successful; and in response to determining that authentication for the particular account has been successful, initiate an authenticated session.

A method for authentication between a server process and a client process by means of multiple communication including a primary authentication communication and a secondary authentication communication. The method includes steps for: the server process receiving from the client process an initiating communication of the primary authentication communication, the server process initiating the secondary authentication communication between the server process and a client authentication process, the server process receiving primary authentication information comprising an authentication code or an authentication result, the server process receiving secondary authentication information comprising an authentication code or an authentication result of the secondary authentication communication, and the server process establishing the authentication on the basis of the primary and secondary authentication information.

User Authentication A mobile user authentication application is operable to perform one or more of the following operations: ⋅authenticate a user in a voice call to a telephony service, by passing an authentication code to the telephony service within the voice call [FIGS. 2, 2c]; ⋅validate a user instruction during a secure messaging session [FIG. 3]; and ⋅authenticate a user at a physical local service by obtaining a challenge code at that local service, validating the challenge code with a remote authentication service, obtain a confirmation code from the authentication service and presenting the confirmation code for validation at the local service [FIGS. 4, 4a and 4b].

The present disclosure relates to security risk warning system that a recipient may acknowledge and act accordingly. Security insights may be provided explicitly in a security insight panel that may clearly identify vulnerabilities specific to a particular authenticable communication. This may limit risk that a recipient would ignore or not understand the risk. Security insights may be provided for a combination of indicated source, recipients, and content, such as links, text, attachments, and images. Security insights may be provided on site, such as on or proximate to the reviewed portions of the authenticable communication.

Systems and methods are provided to stop both external and internal fraud, ensure correct actions are being followed, and information is available to fraud teams for investigation. The system includes components that can address: 1) behavioral analytics (ANI reputation, IVR behavior, account activity)—this gives a risk assessment event before a call gets to an agent; 2) fraud detection—the ability to identify, in real time, if a caller is part of a fraudster cohort′ and alert the agent and escalate to the fraud team; 3) identity authentication—the ability to identify through natural language if the caller is who they say they are; and 4) two factor authentication—the ability to send a text message to the caller and automatically process the response and create a case in the event of suspected fraud.

When personally identifiable information (PII) is to be stored or updated, a system first seeks consent from the user for the PII store or update. If the user grants consent, then the system stores the PII in the user's personal device or updates the PII stored in the user's personal device. The system then retrieves that PII and generates a token representing that PII. Even if the token were taken by a malicious user, it would not be possible for the malicious user to determine the user's actual PII from the token. In this manner, the security of the PII is improved over conventional systems.