According to an example, multi-factor authentication based content management may include receiving a document viewing device certificate of a document viewing device, where the document viewing device certificate may enable the document viewing device to view an encrypted document. A determination may be made as to whether to permit the document viewing device to modify or print the encrypted document based on the document viewing device certificate. In response to a determination to permit the document viewing device to modify or print the encrypted document based on the document viewing device certificate, an authentication apparatus certificate that enables the document viewing device to modify or print the encrypted document may be forwarded to the document viewing device.

A mobile device can detect an idle state and, in response, initiate an access monitoring function to covertly monitor activity involving a human interaction with the mobile device. The covert monitoring is undetectable by a user of the mobile device. The mobile device can then detect a human interaction with the mobile device and, in response, cause the mobile device to covertly capture and log one or more human interactions with the mobile device. An authorized user of the mobile device is enabled to review the log of human interactions with the mobile device.

The invention proposes a method for processing biometric data, comprising verification of the result of a calculation of distance between a biometric candidate datum and at least one biometric reference datum, each comprising a number n of indexed components (a.sub.i, b.sub.i), said calculation of distance comprising that of a polynomial of the components of the biometric data,

the method being executed by a proving entity and a verification entity, the method comprising steps during which: the proving entity communicates to the verification entity the result of calculation of the distance between the candidate and reference biometric data, and said data, the proving entity generates from each datum a function of a number d of variables f.sub.a(i.sub.1, . . . , i.sub.d), f.sub.b(i.sub.1, . . . , i.sub.d) where d=log.sub.2 n, defined for each variable on the set {0,1}, by reformulation of the index i of each component (a.sub.i, b.sub.i) in binary format, the proving entity generates from each function a polynomial of d variables ã(x.sub.1, . . . x.sub.d), {circumflex over (b)} (x.sub.1, . . . x.sub.d) defined on .sup.d where is a finite field, such that each polynomial ã, {circumflex over (b)} coincides with the corresponding function f.sub.a,f.sub.b on the set {0,1}.sup.d, and generates from the polynomials ã, {circumflex over (b)} a polynomial p(x.sub.1, . . . , x.sub.d) of d variables of the same expression as that of the distance between the data, and the proving entity and the verification entity engage in a Sumcheck protocol applied to the polynomial p to verify the result of calculation of the distance between the data.

Technologies for secure mediated reality content publishing includes one or more mediated reality servers, multiple mediated reality listeners, and multiple mediated reality creators. The mediated reality server performs an attestation procedure with each listener based on a pre-provisioned attestation credential of that listener and provisions a session encryption key to each validated listener. The attestation procedure may validate a trusted execution environment of each listener. The mediated reality server generates aggregated mediated reality content based on protected mediated reality content received from the creators and generates an associated license that defines one or more content usage restrictions of the aggregated mediated reality content. The server sends the aggregated mediated reality content to the listeners, protected by the corresponding session encryption key. The server may provision each of the listeners with a back-channel encryption key to protect feedback data generated by sensors of the listeners. Other embodiments are described and claimed.

An apparatus for user authentication based on tracked activity includes an activity tracker module, a challenge module, and an authentication module. The activity tracker module is configured to electronically track one or more activities of a user. Electronically tracking the one or more activities includes obtaining information about at least one activity from an electronic device of the user. The challenge module is configured to present an authentication challenge to the user via a user interface for the electronic device. The authentication challenge is based on the one or more electronically tracked activities for the user. The authentication module is configured to determine whether to authenticate the user for access to one or more resources via the electronic device, based on the user's response to the authentication challenge.

A method is provided in which a network access system receives an initial request from a device requesting access to the network. In response to successfully authenticating the initial access request, the system causes a code to be transmitted in light emitted by one or more light fixtures within a physical space in which access to the network is to be restricted. The system receives information from the device requesting access to the network and determines whether to permit the device access to the network based on the initial request and on whether the received information is derived from the code transmitted by the one or more light fixtures, thereby indicating that the requesting device is within the physical space.

Techniques are disclosed relating to automating authentication decisions for a multi-factor authentication scheme based on computer learning. In disclosed embodiments, a mobile device receives a first request corresponding to a factor in a first multi-factor authentication procedure. Based on user input approving or denying the first request, the mobile device sends a response to the first request and stores values of multiple parameters associated with the first request. The mobile device receives a second request corresponding to a factor in a second multi-factor authentication procedure where the second request is for authentication for a different account than the first request. The mobile device automatically generates an approval response to the second request based on performing a computer learning process on inputs that include values of multiple parameters for the second request and the stored values of the multiple parameters associated with the first request. The approval response is automatically generated and sent without receiving user input to automate the second request.

Systems and techniques for multi-layer user authentication with live interaction are described herein. An authentication request may be received from a user for secure data stored in a computing system. Contextual data may be received that is associated with authentication information received from the user, It may be determined that the user has passed a first authentication process based on a match between the authentication information and reference authentication information stored in a user profile for the user. A risk score may be generated for the authentication request based on the contextual data and the authentication data. A second authentication process may be identified based on the risk score. A set of secondary authentication information may be received. Data associated with the authentication request may be transmitted upon authentication of the user via the second authentication process based on the set of secondary authentication data.

Pursuant to at least some embodiments, the present invention relates to a method that includes equipping a peripheral device with an RFID tag. The RFID tag includes a memory device configured for electronically storing information, an RF receiver configured for receiving an interrogation signal, and an RF transmitter operatively coupled to the RF receiver and the memory device. The method further includes configuring the RF transmitter for: (a) modulating an RF carrier with the electronically stored information from the memory device, and (b) transmitting the modulated RF carrier, in response to the RF receiver receiving the interrogation signal; and displaying or outputting a message on the peripheral device using the received interrogation signal.

The disclosure provides an approach for authenticating a user of a computer system, wherein the computer system implements a virtual desktop infrastructure (VDI), the method comprising connecting to a computing device through a network, receiving from the computing device authentication credentials, and determining whether the authentication credentials match an authorized user of the computer system. The approach further comprises extracting from the computing device features of the computing device, retrieving a machine learning (ML) model associated with the authorized user, wherein the ML model is at least one of (a) a supervised ML model or (b) an unsupervised ML model, and executing the ML model to authenticate the features of the computing device.