Context-aware authentication may be provided. First, a request may be received for content service. The request may comprise information associated with a context of a household from which the request came. Next, the request may be authenticated based on the information associated with the context of the household from which the request came. Then the content service may be provided in response to authenticating the request.

A server computer system comprises a communications module; a processor coupled with the communications module; and a memory coupled to the processor and storing processor-executable instructions which, when executed by the processor, configure the processor to receive, via the communications module and from a remote computing device, a signal including a request to provision a data record for a service; select digital identity network verification as a primary verification technique; attempt verification using the primary verification technique; determine that verification using the primary verification technique has failed; responsive to determining that verification using the primary verification technique has failed, attempt verification using a secondary verification technique; determine successful verification using the secondary verification technique; and responsive to successful verification using the secondary verification technique, provision the data record for the service.

The techniques described herein related to methods, apparatuses, and computer readable media configured to provide automatic mitigation of security threats. The automatic mitigation includes monitoring network switch traffic that is associated with a port of the network switch, a MAC address of a connected device, or both. Based on a set of switch traffic rules, it is determined whether the network switch traffic is indicative of a potential network security threat. When is indicative of a potential network security threat, the network switch traffic associated with the port of the network switch, the MAC address of the device, or both, is restricted. Identification information for a user associated with the port of the network switch is provided to an authentication process that the user associated with the port may access. Upon receiving a valid authentication from the authentication process, derestricting the network switch traffic associated with the port.

A computer implemented method, device and computer program device are provided including a processor; a storage medium to store a user defined password (UDP) factor and program instructions accessible by the processor; wherein, responsive to execution of the program instructions, the processor to: generate a first machine generated indicia (MGI) code indicative of the UDP factor; and generate a second MGI code indicative of a time-based one-time password (TOTP) factor; and a display to display the first and second MGI codes during an authentication operation.

The present invention provide a zero-trust decentralized cybersecurity architecture solution. This zero-trust decentralized cybersecurity architecture should cover features like least privilege access control, two-factor authentication, and support secure messaging, support secure emailing, detecting phishing support secure notifications with preserving confidentiality, integrity and non-repudiation. The zero-trust decentralized cybersecurity architecture solution using blockchain technology addresses cybersecurity requirements to build up a secure collaborative environment between enterprises, internally and externally. Integrating blockchain technology (as the core of the present invention) provides a zero-trust decentralized cybersecurity architecture. The present invention has no central core and has no dependency on 3rd parties (decentralized). Therefore, each node needs to prove its reliability through cybersecurity measures integrated into the present invention (zero-trust). The proposed zero-trust decentralized cybersecurity architecture (the present invention solution) is enriched with: 1) two-factor authentication, secure emailing/messaging/notification and 2) secure file sharing and access management based on role-based access control (RBAC) mechanism.

Techniques include securely accessing data associated with authorization of an identity, the identity being capable of accessing an access-controlled network resource based on assertion of an authentication credential to an entity associated with the access-controlled network resource; generating a secret data element based on the data associated with authorization of the identity and based on application of a first secret logic algorithm; and making the secret data element available to be embedded in the authentication credential. The entity associated with the access-controlled network resource is configured to: validate the identity based on the secret data element being included in the authentication credential; and access the data associated with authorization of the identity based on application of a second secret logic algorithm to the secret data element.

An Automated Teller Machine (ATM) terminal receives a transaction request from a user. The ATM terminal triggers a camera to capture a first image of the authentication media item presented by the user, where the first image of the authentication media item is embedded with a first unique code. The ATM terminal compares the first image of the authentication media item with a second image of the authentication media item that is associated with the user, where the second image of the authentication media item is embedded with a second unique code for verifying the user. The ATM terminal determines whether the first unique code corresponds to the second unique code. The ATM terminal conducts the transaction request if it is determined that the first unique code corresponds to the second unique code.

A method for a user to perform a transaction comprising the steps of connecting a first electronic communication device 400 with a transaction receiver, receiving electronic data from the transaction receiver, displaying the received electronic data on the first electronic communication device 400, sending with a second electronic communication device 402 the received electronic data, a hardware profile 208, and a user information profile 204 to an authentication server 404, wherein the user information profile 204 and the hardware profile 404 are associated with the second electronic communication device 402, the hardware profile 208 comprising user generated data stored on the second electronic communication device 402, and if the authentication server 404 authenticates the sent hardware profile 208, the user information profile 206, the and the received electronic data, performing the transaction with the first electronic communication device 400.

A method is provided for remote identification of a subject to a verifier using a third-party cryptographic credential. To create the credential, JavaScript code originating from the credential issuer generates a key pair using a cryptographic library, the Web Cryptography API or a FIDO2 authenticator, obtains from the issuer a disclosable portion of the credential containing the public key and subject attributes, and registers a service worker with the browser. To identify the subject, the verifier redirects a login request to a URL in the scope of the service worker, which intercepts the redirected request and dynamically generates a credential presentation page that sends the disclosable portion of the credential to the verifier and proves knowledge of the private key.

A device that is configured to capture biometric information for a user using a first biometric sensor that is configured to capture biometric information that identifies physical characteristics of the user. The device is further configured to capture device information for a user device that is associated with the user. The device is further configured to generate an authentication fingerprint for the user based on a combination of the biometric information and the device information. The device is further configured to obtain vital sign information using a second biometric sensor that is configured to capture vital sign information that identifies a physical state of the user. The device is further configured to generate an authentication request that includes the authentication fingerprint and the vital sign information and to send the authentication request to a network device.