An authentication system and an authentication method are provided. The electronic device of the authentication system includes a controller, a processor and a key module, wherein the processor performs an application program. In a binding phase, the application device generates a digest file according to key factor information and a selection strategy, and stores the digest file in a digest table of the electronic device. In a checking phase, the application program determines whether the controller corresponds to a binding device according to the digest file and the key factor information. If the controller corresponded to the binding device, in an authentication phase, the controller performs an authentication operation of a U2F service with a server device according to the digest file corresponding to the binding device in response to a pressing of the key module.

A multi-factor authentication method and system is provided such that a push notification during an authentication process is only received if a mobile device and user are authenticated prior to receiving the push notification. Either the mobile device itself or a second device sending the push notification may be programmed to either reject or not forward the authentication request. Additionally, using the method of the present invention, enhanced security is provided by requiring the location of the mobile device and the second device to be approximately in the same geographical location.

A method for user passcode authentication is provided. The method includes accessing a user information database with predefined user input option parameters and generating a random arrangement of input options from the predefined user input option parameters. The method includes manifesting the random arrangement of input options on an interactive display interface and receiving a selection of the interactive display interface input options. The method also includes comparing the received selection of interactive display interface options to the predefined user input option parameters.

A payment method and system based on a cloud application instance, and a related device are provided. The method includes the following steps: The cloud application instance sends an order and a device identity to a payment management node. The payment management node records a correspondence between the order and the device identity. The cloud application instance sends an order payment request to a terminal device. The terminal device sends, to the payment management node based on the order payment request, an order obtaining request carrying the device identity. The payment management node obtains the order from the correspondence based on the device identity carried in the order obtaining request, and sends the order to the terminal device. The terminal device receives and processes the order.

The present disclosure relates to systems and methods for providing cybersecurity functionality to computer implemented inventions such as Internet of Thing (IoT) systems and object devices, and more specifically, to an improved cybersecurity system, method and capabilities for the protecting IoT and similar devices through non-discriminatory vendor/supplier independent distribution of secure predetermined IoT syndication data to unidentified and non-registered IoT devices, through the use of a passive data distribution technology and out-of-band, system-to-device distribution channel and no peer-to-peer stateless relationship with the receiving device and using Quality of Service (QoS) and enabling the determination as to whether there is any suspicious activity occurring and prohibiting the IoT device from taking any customer-defined action without have a separately provided authentication.

Embodiments of the present invention provide computer-implemented methods, computer program products and computer systems. Embodiments of the present invention can monitor user activity for one or more user interactions performed while connected to a Virtual Private Network. Embodiments of the present invention can then identify potential risks associated with a user and respective user interactions. Embodiments of the present invention can then, in response to determining a respective user interaction of the one or more interactions is suspicious, generate a real time risk score for the respective user interaction. Embodiments of the present invention can then, in response to the generate real time risk score exceeding a threshold level of risk for the respective user interaction, initiate a secondary authentication protocol.

A service consumer that utilizes a cloud-based access service provided by a service provider has associated therewith a network that is not capable of being controlled by the service provider. An enterprise connector is supported in this uncontrolled network, preferably as an appliance-based solution. According to this disclosure, the enterprise configures an appliance and then deploys it in the uncontrolled network. To this end, an appliance is required to proceed through a multi-stage approval protocol before it is accepted as a “connector” and is thus enabled for secure communication with the service provider. The multiple stages include a “first contact” (back to the service) stage, an undergoing approval stage, a re-generating identity material stage, and a final approved and configured stage. Unless the appliance passes through these stages, the appliance is not permitted to interact with the service as a connector. As an additional aspect, the service provides various protections for addressing scenarios wherein entities masquerade as approved appliances.

Measurements of biometric information of a user are obtained over time, such as blood glucose measurements. These biometric measurements are typically obtained by a wearable biometric information monitoring device being worn by the user. These biometric measurements are used by various different systems, such as a computing device of the user or a biometric information monitoring platform that receives biometric measurements from multiple different users. The biometric measurements are used for various security aspects, such as one or more of part of multi-factor authentication of the user, generating security keys (e.g., connection keys, encryption keys), identifying biometric measurements associated with different user identifiers but the same use, and protecting biometric measurements so as to be retrievable only by a recipient associated with an additional computing device, and so forth.

A system and method of operating a utility system having a plurality of equipment for controlling the operation of the utility system is provided. The method includes receiving, from a user, a control action for at least one of the plurality of equipment and determining an impact of the control action on the operation of the utility system. It is determined, based at least in part on the impact of the control action, that a predetermined condition may occur as a result of executing the control action. An authentication check is performed on the user prior to executing the control action.

Described embodiments provide systems and methods for validating a request to perform an action to access at least one file. A computing device can receive a request from the client, the request being to perform an action to access at least one file and including a first computed value indicative of one or more previous actions on files. The computing device may compare the first computed value to a second computed value maintained by the computing device independently from the first computed value. The second computed value may be indicative of the one or more previous actions on the files. The computing device may perform secondary authentication in addition to primary authentication for the client, responsive to an indication of trustworthiness of the client or the file according to the comparison of the first computed value to the second computed value.