A system and method for authenticating users of a data processing platform stores a mapping of a unique user platform identifier to multiple user identity provider identifiers associated with multiple realms for a same user. In some examples, the method includes receiving a request from a client device to establish an access session to perform one or more actions on data of the data processing platform and receiving, from at least one of the first external identity provider of the first realm or the second external identity provider of the second realm, a user identity provider identifier associated with the request. In certain examples, the method includes granting permission to perform the one or more actions on the data of the data processing platform based at least in part on the received user identity provider identifier.

A user makes a request from a requesting device for access to a secure operation associated with a network-based service. A first biometric authentication is processed for the request and at least one second scope-based authentication is processed for the request based on an analysis of a physical environment for the requesting device. A determination is made based on at least the first biometric authentication and the scope-based authentication whether the secure operation can be: processed on behalf of the user by the network-based service, not processed at all, or processed only if requested from a specific medium/channel associated with a specific device, which may or may not be the requesting device.

An augmented reality customer interaction system includes a transparent panel having a first side and a second side that is opposite to the first side, and a camera device configured to capture visual data from an area adjacent to the second side of the transparent panel. The visual data includes identifying features of a customer located in the area with respect to the second side of the transparent panel. The system further includes a projection system configured to project information on the first side of the transparent panel. The information projected on the first side of the transparent panel may include customer interaction data retrieved from a data store based on the identifying features of the customer.

One-time password (“OTP”) generation on a smartwatch is provided. OTP generation may include communication between an application on a smartwatch and an application on a smartphone. The request for an OTP may be received at the smartwatch. The smartwatch application may communicate with the smartphone application. An OTP may be generated within a third-party library within the smartphone application. The generated OTP may be transmitted from the smartphone application to the smartwatch application. The OTP may be displayed on the smartwatch.

The technology disclosed relates to authenticating users using a plurality of non-deterministic registration biometric inputs. During registration, a plurality of non-deterministic biometric inputs are given as input to a trained machine learning model to generate sets of feature vectors. The non-deterministic biometric inputs can include a plurality of face images and a plurality of voice samples of a user. A characteristic identity vector for the user can be determined by averaging feature vectors. During authentication, a plurality of non-deterministic biometric inputs are given as input to a trained machine learning model to generate a set of authentication feature vectors. The sets of feature vectors are projected onto a surface of a hyper-sphere. The system can authenticate the user when a cosine distance between the authentication feature vector and a characteristic identity vector for the user is less than a pre-determined threshold.

An augmented reality customer interaction system includes a transparent panel having a first side and a second side that is opposite to the first side, and a camera device configured to capture visual data from an area adjacent to the second side of the transparent panel. The visual data includes identifying features of a customer located in the area with respect to the second side of the transparent panel. The system further includes a projection system configured to project information on the first side of the transparent panel. The information projected on the first side of the transparent panel may include customer interaction data retrieved from a data store based on the identifying features of the customer.

A method for providing augmented reality content includes identifying a customer at a customer interaction location, retrieving customer-specific interaction data, determining locations of a customer service representative in an area adjacent to a first side of a transparent panel and the customer in an area adjacent to a second side of the transparent panel, and projecting an augmented reality element to the first side of a transparent panel, the augmented reality element displaying the customer-specific interaction data on the first side of the transparent panel.

The disclosure relates to an authentication approach to grant access to a secure service on an electronic device. The authentication approach includes receiving, via an electronic device, a request to access the secure service. The authentication approach includes determining whether the electronic device is positioned at a location that corresponds to a virtual authentication lock. The authentication approach includes displaying, in response to determining the device is positioned at the location that corresponds to the virtual authentication lock, the virtual authentication lock on a display of the electronic device. The authentication approach includes receiving one or more interactions with the virtual authentication lock. The authentication approach includes determining whether the one or more interactions correspond to one or more authentication interactions related to the virtual authentication lock and granting, in response to the one or more interactions corresponding to the one or more authentication interactions, access to the secure service.

A method for securing electronic transactions includes associating a mobile electronic device with a first user. A first computer system retrievably stores registration data relating to the first user, including a device identifier that is unique to the mobile electronic device. A security application that supports in-application push notifications is installed on the mobile electronic device. The first computer system sends a push notification to the mobile electronic device, the push notification prompting the first user to provide a confirmation reply via a user interface of the security application for activating the mobile electronic device as a security token. The mobile electronic device is activated as a security token for the first user in response to receiving at the first computer system, from the mobile electronic device, the confirmation reply from the first user.

Embodiments described herein disclose a mobile device system for providing access to a subset of data within an application executed by the mobile device. During a first time period, when the mobile device is connected to a network, authentication information corresponding to a user account with a payment services provider is received. A biometric authentication signature and password are received in response to a request to enable access to a subset of data associated with the account. The subset of data is encrypted with a key generated from the biometric signature and password and stored. At a second time period, when the mobile device is disconnected from a network, the subset of data is decrypted using a key generated from an entered biometric signature and password.