A security platform architecture is described herein. A user identity platform architecture which uses a multitude of biometric analytics to create an identity token unique to an individual human. This token is derived on biometric factors like human behaviors, motion analytics, human physical characteristics like facial patterns, voice recognition prints, usage of device patterns, user location actions and other human behaviors which can derive a token or be used as a dynamic password identifying the unique individual with high calculated confidence. Because of the dynamic nature and the many different factors, this method is extremely difficult to spoof or hack by malicious actors or malware software.

This disclosure describes techniques for identifying the criticality of an asset in a network. In an example method, a first security metric of a first asset in a network, as well as network data that identifies data flows associated with a second asset in the network are identified. The second asset is a nearest neighbor of the first asset in the network. The method includes determining, based on the network data, a number of hosts in the network that exchanged data traffic with the second asset during a time period and generating a second security metric of the second asset based on the first security metric and the number of hosts. A security policy of the second asset is adjusted based on the security metric.

A proxy-based method for improving digital security during a user's travel is provided. The method may include determining a bundle of merchant category classification (MCC) codes. This bundle preferably reflects a baseline travel condition. The baseline travel condition is associated with a user mobile device. The method may also include dynamically updating a characteristic associated with the bundle of MCC codes based on updated travel conditions. The method may also include determining an occurrence of an anomalous user mobile device activity. The determination may be based on a comparison of the updated characteristic associated with the bundle of MCC codes and the baseline travel conditions; and in response to a determination of anomalous user mobile device activity, increasing a security level associated with the mobile device associated with the user.

A transaction card includes a near-field communication (NFC) component, a security component, a wireless component, one or more memories, and one or more processors communicatively coupled to the one or more memories. The device receives a signal from a user device attempting to access a secure application, and energizes the NFC component based on the signal received from the user device. The device causes the security component to generate an encrypted code based on the NFC component being energized, and provides, via the security component, the encrypted code to the wireless component. The device provides, via the wireless component, the encrypted code to the user device to permit the user device to utilize the encrypted code as authentication for accessing the secure application.

The present invention is an platform and/or agnostic authentication method and system operable to authenticate users, data, documents, device and transactions. Embodiments of the present invention may be operable with any client system. The authentication method and system are operable to disburse unique portions of anonymous login related information amongst multiple devices. These devices and the disburse unique portions of anonymous login information are utilized by the solution to authenticate users, data, documents, device and transactions. Login-related information is not stored in any portion of the solution, users and devices are anonymously authenticated. The solution also permits a user to access secured portions of the client system through a semi-autonomous process and without having to reveal the user's key.

In a method for authenticating a user, a processor receives a login request for an application. A processor directs the login request to a collection page. The collection page may include an authentication script. A processor receives a risk assessment based on an identity authenticated through the authentication script. A processor grants a level of access to the application based on the risk assessment.

Disclosed herein is a computing device that includes a memory and a processor. The memory store processor executable instructions for an authentication system. The processor is coupled to the memory. The processor executes the authentication system to cause the computing device to generate a credential asset, which includes a unique name. The authentication system, also, fetches tokens for the credential asset using the unique name, calls a notification for each of the tokens, polls for a code of the credential asset, and utilizes the code for an authentication to run a job.

Systems and methods for authorizing operations associated with blocked media assets using two-factor authentication. In some aspects, a media guidance application (e.g., executed by a set-top box or other user equipment used to store and display media assets) prompts a user for a password (e.g., a personal information number) in order to unlock the content for viewing. In response to receiving a second request from the user to perform an operation related to the media asset (e.g., delete), the media guidance application prompts the user for an additional factor confirming his or her identity, consistent with two-factor authentication protocol. If the user's identity is authenticated as a user that has authority to perform the operation related to the media asset (e.g., delete the stored media asset), the media guidance application performs the operation related to the media asset (e.g., deletes the media asset).

Disclosed herein are system, method, and device embodiments for implementing location identification in multi-factor authentication (MFA). In an example embodiment, a user service may present a geographic map based on a MFA process, and receive an authentication attempt including a geographic indicator and interaction information. Further, the system may determine whether the authentication attempt was made by a human based at least in part on the interaction information, determine whether the geographic indicator matches an expected response, and send, to an electronic device, an authentication result indicating whether geographic information was determined to be selected by a human and the geographic indicator was determined to match the expected response.

The present disclosure relates to a concept of proximity detection. A sequence of keystrokes is captured when a person types on a keyboard placed on a support structure. A sequence of vibrations of the support structure in response to typing on the keyboard is captured with a sensor device associated with a user or a location and in contact with the support structure in proximity to the keyboard. The proximity between the person and the sensor device is checked based on a comparison of the captured sequence of keystrokes with the captured sequence of vibrations.