Using a biometric sensor coupled to a touchscreen, fingerprint data is collected from within a plurality of virtual key areas of the touchscreen. A virtual key area in the plurality of virtual key areas comprises an area of the touchscreen configured to display an input prompt and collect touch data responsive to the input prompt. Responsive to determining that the fingerprint data has above a threshold level of similarity with stored fingerprint data associated with each of the virtual key areas and that a sequence of the virtual key areas matches a stored key sequence, access to a protected resource is allowed.

A system and method of implementing an API of an authentication service includes implementing a confirmation API, wherein the implementing includes: initiating a confirmation API request based on receiving an access request, wherein the confirmation API request operates to perform an authentication of a requestor making the access request; identifying the requestor based on a search of the requestor via the confirmation API; identifying, by one or more API endpoints of the remote authentication service: (i) a subscriber account of the subscriber maintained by the remote authentication service and (ii) identifying a user device of the requestor that is enrolled with the subscriber account based on the confirmation API request; transmitting a confirmation request to the user device; obtaining from the user device a response to the confirmation request and presenting the response to the confirmation request to the subscriber; and granting or denying the access request.

Systems for using cognitive automation techniques to detect unauthorized events are provided. In some examples, a request for a product or service (e.g., event processing) may be received. The request may be received electronically, via a telephone communication, in person, or the like. The request may be analyzed (e.g., using a cognitive automation model) to determine whether it is potentially unauthorized. If so, one or more requests for additional information may be generated or identified. For instance, requests for authentication information, responses to questions or a series of questions, or the like, may be generated. In some examples, the additional information requested may be identified using the cognitive automation model. Responses to the request for additional information may be analyzed (e.g., using the cognitive automation model) to determine whether the request for the product or service is unauthorized. If so, processing the request may be prevented.

State-of-the-art techniques hardly attempt to address controlled resource access problem in context of Basic Emergent Users (BEUs). Embodiments of the present disclosure provide a method and system for Proof of Work (POW) based protection of resources. The method includes using the POW for work done by BEUs in physical world and mapping it to digital world to generate crypto currency in terms of credit score, wherein an end user is eligible or authorized to use a resource of an entity to get a desired service if accumulated credit score is above a credit threshold. Gaining points to improve the credit score is challenging as it is based on percentage of compliance achieved by the BEU through actual work in accordance with a compliance protocol. Further, the method includes authenticating the authorized user based on a set of questions with increasing difficulty, derived based on a culture graph.

An access analysis system obtains data about user requests to access particular applications, such as identifiers of the particular user and application involved, the time of the request, and (optionally) additional contextual data, and uses that data to generate user access distributions that quantify the distribution of a given user's requests to access applications over time. After one or more distributions have been generated for a particular user, when that user submits a new access request for an application, the access analysis system can compare the request to the previously-generated access distributions to determine whether (or to what degree) the request is anomalous. If the request is sufficiently non-anomalous, it can be granted with little or no additional actions required by the user or the user's device; if, however, the request is sufficiently anomalous, it can be denied, or additional information—such as additional user authentication factors—can be required.

Disclosed herein is a computing device that includes a memory and a processor. The memory store processor executable instructions for an authentication system. The processor is coupled to the memory. The processor executes the authentication system to cause the computing device to generate a credential asset, which includes a unique name. The authentication system, also, fetches tokens for the credential asset using the unique name, calls a notification for each of the tokens, polls for a code of the credential asset, and utilizes the code for an authentication to run a job.

In some implementations, an authentication system may receive, from a client device, a credential associated with a user account and a request to access a resource. The authentication system may transmit, to the client device, a request for an image of a customized physical security token associated with the user account. The authentication system may receive, from the client device, a first image. The authentication system may compare the first image with a representation of a second image of the customized physical security token associated with the user account. The authentication system may grant or denying access to the resource based on comparing the first image with the representation of the second image.

A network node operates a Session Management Function (SMF) in a control plane of a core network of a wireless network. The network node authenticates a User Equipment (UE) with an Extensible Authentication Protocol (EAP) server in a secondary authentication process that uses the SMF as an EAP authenticator. The EAP server is outside of the core network and the UE is separately authenticated with a further network node in the control plane of the core network via a primary authentication process. Authenticating the UE in the secondary authentication process comprises exchanging EAP messages between the SMF and the UE and between the SMF and the EAP server. The SMF authorizes a data session between the UE and the external network through a user plane of the core network based on the UE having successfully authenticated via both the primary authentication process and the secondary authentication process.

A tool for providing a user configured one-time password. Responsive to receiving a request for a one-time password, the tool sends the one-time password, based at least in part, on a user configured one time password rule. The tool receives a user configured one-time password return value for the one time password. The tool determines whether the user configured one-time password return value satisfies the user configured one-time password rule when applied to the one-time password. Responsive to a determination that the user configured one-time password return value satisfies the user configured one time password rule, the tool accepts the user configured one-time password return value and granting access to the application.

Techniques are disclosed relating to a method that includes, in response to a request from a user to complete a secure transaction, determining, by a computer system, that a plurality of transaction options is available for completing the secure transaction. The method further includes generating, by the computer system, a plurality of authentication codes, each authentication code of the plurality corresponding to a respective one of the plurality of transaction options. Receiving a particular authentication code of the plurality of authentication codes from a computing device associated with the user causes a selection of a corresponding transaction option.