An embodiment of the present invention is directed to a Channel Dynamic Multifactor Authentication. This solution provides the capability to select a multifactor authentication channel (e.g., email, SMS, etc.) dynamically based on multiple sources of risk scoring input data. The risk decision engine may determine an optimal lowest risk delivery channel for delivery of a one-time passcode and/or implement an additional or alternative mechanism for user authentication or verification.

A method for configuring an account of a cloud device including obtaining a sub-account corresponding to a currently logged-in primary account, wherein the primary account has a permission to access a cloud resource, and the sub-account has a part or all of the permission of the primary account; and importing the sub-accounts into the target cloud device to log in to the target cloud device through the sub-account to perform operation and maintenance on the target cloud device, wherein the cloud resource includes the target cloud device. The present disclosure solves the technical problem that, in the conventional techniques, the gateway account needs to be created for each gateway separately, which causes the complicated account configuration of the gateway.

The disclosed technology includes systems and methods for determining secondary authentication of a user's log-in attempts by comparing received behavioral biometric data and/or received scenario-specific data to saved behavioral biometric data and/or saved scenario-specific data, respectively. Responsive to determining that the received behavioral biometric data and/or received scenario-specific data is above a predetermined threshold of similarity with respect to the saved behavioral biometric data and/or saved scenario-specific data, respectively, the systems and methods can determine that the corresponding log-in attempt is secondarily authenticated. of a user device via behavioral biometric data. Responsive to determining that the level of similarity is not above the predetermined threshold, the systems and methods can initiate a secondary authentication method and can associate the received behavioral biometric data with a second user model.

Described herein are techniques for providing identification of a current user of a user device. Such techniques may comprise receiving a request for identification of a current user of a user device, receiving interaction data that includes information about current usage patterns for the user device, retrieving profile data associated with at least one potential user of the user device, comparing the profile data to the information about current usage patterns to determine for the at least one potential user of the user device, a likelihood value that the at least one potential user is the current user of the user device, and providing the determined likelihood value in response to the received request.

An entertainment system to perform operations to securely pair and communicate with a user device based on multiple security controls. The operations include: Responsive to a request to pair the user device to a network interface, generating an encrypted code that includes network credentials for connecting to the network interface and a time-limited authentication credential that is unique to the user device. Responsive to a request to connect to a server of the entertainment system, generating a connection authorization decision for the user device based on two factor authentication validating (i) a second certificate of the user device, and (ii) the time-limited authentication credential that is unique to the user device. The entertainment system connects the user device to the server for secure communications when the connection authorization decision authorizes the connection based on successful two-factor authentication.

The claimed solution relates to a method of making transactions in the blockchain framework using a protected hardware and software complex to ensure secure storage of digital currencies (cryptocurrencies) and control the entire lifecycle of multiple wallets simultaneously to make transactions in the blockchain network. Basic features of the hardware and software complex include the effective control over the entire life cycle of cold wallets, generation of digital wallets and secure storage of their private keys in an isolated environment using the hardware security modules (HSM), as well as maintaining the multiple level authentication of blockchain transactions. It is possible to use all the features of the complex due to compatibility with the application programming interface (API), which enables to integrate the complex into the existing software solutions, for example, banking systems.

An approach is provided that receives a login request from a selected user. The approach first authenticates the selected user using a unique user identifier and a password associated with the selected user. In response to a successful first authentication, the approach performs a second authentication of the selected user using a second factor authentication code that was included in the login request. The second authentication includes retrieval of an expected second factor authentication code using an index into a block of codes with the index and the block of codes both being associated with the selected user. The login request is allowed and the index is changed in response to the second factor authentication code matching the expected second factor authentication code. The login request is denied in response to the second factor authentication code failing to match the expected second factor authentication code.

An information processing apparatus that, when authentication is successfully performed by using first authentication information, permits access to first content. When authentication is successfully performed by using second authentication information which is different from the first authentication information, the information processing apparatus permits access to second content having a confidentiality level higher than a confidentiality level of the first content. The third authentication information is issued to a user in a period in which authentication using the second authentication information is valid. The third authentication information is different from the first authentication information and the second authentication information. When authentication is successfully performed by using both the first authentication information and the third authentication information, the information processing apparatus permits access to the second content.

A method, computer program product, and a system where a processor(s) determine that a user of a given computing device has been authenticated to initiate an application session, that the application session is open, and that the application session has a timeout mechanism triggered by inactivity (i.e., the session not receiving a selection within a first predefined period of time). The processor(s) determines that the application session will automatically timeout within a second predefined period of time based on the inactivity. The processor(s) monitors activities of the user during pendency of the application session with the application including physical and computing activities of the user. The processor(s) determines that at least one activity of the activities indicates engagement of the user with the application session. The processor(s) prevent the timeout mechanism from being triggered during a duration of the at least one activity.

Systems and methods for authenticating and executing a user request with increased security and efficiency are provided. A method may include receiving a selection from a user to restrict informational access of a selected administrator who is logged in to a system network, and locking access of the administrator to secure user information. The method may also include receiving, from the user, limited identifying information, and transmitting to the user, based on the limited identifying information, a uniform resource locator (URL) link and a one-time password (OTP). The method may also include achieving 2-factor authentication when the user accesses the URL link and submits the OTP, and receiving from the user the secure user information and a service request. In response to receiving the secure user information and the service request, the method may include executing a response to the service request via the system network.