Example approaches for authenticating a device are described. In an example, a category, from a plurality of categories, is identified for a device, based on data packets exchanged between the device and a network element. The category is indicative of operational capabilities of the device. Based on the category identified for the device, an authentication order for the device is determined. The authentication order is indicative of a sequence in which a set of authentication tests is to be executed for authentication of the device.

A communication device includes, a plurality of authentication generation processing units, which are respectively associated with different sequence number groups each including successive sequence numbers and which execute, in parallel, authentication generation processes for generating authentication information included in the packets based on sequence numbers allocated to the packets, a transmitting unit which transmits packets including the allocated sequence numbers to another communication device in an order in which authentication generation processes by the plurality of authentication generation processing units are completed, a receiving unit which receives a packet from the other communication device, and an authentication processing unit which executes a first authentication process in which the reception packet is authenticated based on a relationship between a sequence number of the reception packet and a sequence number of a preceding reception packet.

Pursuant to at least some embodiments, the present disclosure relates to a method that includes configuring an RFID tag to store information related to a battery charge level of a battery of a peripheral device, reading the RFID tag, and disabling a subsequent reading of the RFID tag in response to determining that the RFID tag includes stored information indicative of the battery charge level being low or depleted.

Disclosed are example methods, systems, and devices that allow for generation and maintenance of a central identity databank for a user's digital life. The identity databank may include identity elements with payload values and metadata values corresponding immutable attributes of the user. A multifactor identity authentication protocol allows service provider devices to more reliably validate transactions with user devices via an identity system. The identity databank may include passwords, which may be generated by the identity system linked to user accounts and/or service providers. The passwords may be provided to service provider devices, eliminating the need for users to conceive of a multitude of varying passwords for the user's accounts.

An information processing apparatus includes a memory storing, in an associated form, a unit of authentication and multi-step authentication corresponding to the unit and one or more processors configured to, when a type of the authentication of an authentication step in the multi-step authentication is to be set, display a unit of the type serving as a setting target on a display in a manner such that the unit of the type serving as the setting target is selectable.

The technology disclosed relates to authenticating users using a plurality of non-deterministic registration biometric inputs. During registration, a plurality of non-deterministic biometric inputs are given as input to a trained machine learning model to generate sets of feature vectors. The non-deterministic biometric inputs can include a plurality of face images and a plurality of voice samples of a user. A characteristic identity vector for the user can be determined by averaging feature vectors. During authentication, a plurality of non-deterministic biometric inputs are given as input to a trained machine learning model to generate a set of authentication feature vectors. The sets of feature vectors are projected onto a surface of a hyper-sphere. The system can authenticate the user when a cosine distance between the authentication feature vector and a characteristic identity vector for the user is less than a pre-determined threshold.

A method, non-transitory compute r readable medium, device, and system that receives telemetry data collected based on instrumentation code executed at one of a plurality of client computing devices with a requested transaction with one of a plurality of web server systems. Identifying signal data (IDSD) usable to identify the one of client computing devices is determined based on the received telemetry data. Any matching telemetry data in a telemetry data set for a plurality of prior transactions between one or more of the client computing devices and one or more of the web server systems is identified based on any stored IDSDs that match the received IDSD. A security score associated with the one of the client computing devices is generated based on the identified matching telemetry data. A response to the requested transaction to the one of client computing devices is managed based on the generated security score.

Differential access to data for a user of a processor-based system is disclosed wherein the user may select one secret from among a plurality of secrets that allows and/or enables access to potentially different sets of data, different resources for accessing the data and/or different tasks for the user to interact with the system. The selection of any particular secret may arise as to the user's feeling as to how secure the environment is for accessing the data. For example, if the user is in a very secure environment, the user may select a secret that allows substantially broad access to data, resources and tasks. If the environment is not secure, or if the user is under duress, the user may select a secret that provides limited access, or a decoy set of data and/or may provide the user with access to defensive measures to protect the data.

A first network device of a first communication network obtains a challenge, generates a first PFS parameter, obtains a first verification code for the first PFS parameter, and sends the challenge, the first PFS parameter and the first verification code to a communication device, which in turn receives the challenge, the first PFS parameter and the first verification code, forwards the challenge or a derivative thereof to an identity module, receives at least one result parameter as response from the identity module, determines, based on the result parameter, whether the first PFS parameter is authentic, and if the determination is positive generates and sends the second PFS parameter to the first network device, which in turn verifies the second PFS parameter.

The disclosed computer-implemented method for securing authentication procedures includes (i) monitoring, by a third-party security application, to detect reception of a second factor authentication token as an input to complete a second factor authentication procedure in connection with a second application that is independent from the third-party security application, (ii) verifying, by the third-party security application, whether or not the second factor authentication token was transmitted by a valid server in coordination with the second application as part of an authentic version of the second factor authentication procedure, and (iii) performing a security action to protect a user account based on a result of verifying whether or not the second factor authentication token was transmitted by the valid server in coordination with the second application as part of the authentic version of the second factor authentication procedure.