The present disclosure includes systems and methods enabling secure workflows by using a processor to receive an activity verification request from an initiator device associated with an entity in response to a user interaction by a user, where the activity verification request includes an identifier in an auxiliary data field of a messaging standard. Using the identifier from the auxiliary data field, the processor determines a secure workflow and generates a workflow token for validation with a workflow service. The processor transmits the workflow token to the initiator device and receives from the initiator device a workflow request including the workflow token. The processor executes, within the workflow service, an instance of the secure workflow according to the workflow request and confidential user data of the user inaccessible to the entity. The processor generates a notification according to the execution of the instance of the secure workflow.

A method including: receiving, from an application executing on a computing device and by an authentication process executing on the computing device, data representative of user credentials corresponding to the application, the authentication process being isolated from the application; packaging, by the authentication process, the data representative of user credentials with a device identification assigned to the computing device and an indication that the user credentials correspond to the application, the device identification being hidden from the application; outputting for transmission, by the authentication process and to an authentication server, an authentication request containing the packaged user credentials and device identification; receiving, by the authentication process and from the authentication server, an indication of authentication of the user credentials; and forwarding the received indication from the authentication process to the application.

A face authentication apparatus includes a first authentication unit that performs first authentication on a face image of an authentication target based on a threshold, a second authentication unit that performs second authentication by an authentication method other than face authentication, a detection unit that detects use or non-use of the second authentication unit, a threshold change unit that sets a larger value to the threshold when the second authentication unit is used, compared with a value to be set when the second authentication unit is not used, and a personal authentication unit that performs personal authentication based on a result of the first authentication when the second authentication unit is not used, while performs personal authentication based on the results of the first authentication and the second authentication when the second authentication unit is used, with use of the threshold after the setting.

Techniques for intelligently deciding the optimal authenticator(s) from amongst those supported by an electronic device are described. The authentication system according to some embodiments may include a dynamic machine learner that incorporates the attributes of: (i) user behavior attributes (e.g., preferred authenticator); (ii) device attributes (e.g., hardware and software specifications, applications, etc.); and (iii) operating environment attributes (e.g., ambient light, noise, etc.), as well as the interplay between the aforementioned attributes over time to make the decision. In some embodiments, the authentication activities and patterns of other users of similar type (e.g., users exhibiting similar behavior across different operating environments) can also be learned and employed to improve the decision making process over time.

Electronic network include multiple users. Each user operates Wallet software application on his/her endpoint devices (special purpose, computer or smartphone). Each Wallet integrates with Cloud-based Identification-as-a-Service(s) (IDaaS) In context of present invention—IDaaS provides real-time, multi-factor, malware-resilient, context-sensitive Strong Identification-as-a-Service of the user and enables Cryptographic Keys Management of the Wallet. Each Wallet provides various Cryptographic functionalities. Each Wallet may be connected with multiple centralized Marketplace software applications, thus allowing these Cryptographic functionalities to interact with specific Marketplace software application. Each Wallet may be connected with multiple decentralized peer-to-peer software applications, thus allowing these Cryptographic functionalities to interact with specific peer-to-peer software application. These software applications may include Information Technology, Financial, Manufacturing, Retail, Insurance, Government, Healthcare and other verticals of Global Economy. The present invention prevents “Bad Actors” from using or attacking these applications. The present invention also enables Identification of participants of transactions recorded on Blockchain.

Disclosed herein are system, method, and device embodiments for implementing location identification in multi-factor authentication (MFA). In an example embodiment, a user service may present a geographic map based on a MFA process, and receive an authentication attempt including a geographic indicator and interaction information. Further, the system may determine whether the authentication attempt was made by a human based at least in part on the interaction information, determine whether the geographic indicator matches an expected response, and send, to an electronic device, an authentication result indicating whether geographic information was determined to be selected by a human and the geographic indicator was determined to match the expected response.

A system and method for a user-centric decentralized digital communication platform aggregating multiple user groups within a defined organization, community or affiliated networks enables secure data transfer of complex multi-party data across multiple information systems, organizations, communities, and external affiliates. A comprehensive digital ecosystem, in which varied user groups within specific industries can identify, interact and manage everyday tasks and requests, provides an intuitive networking communication platform that can utilize distributed ledger technology to reward participation and exchange. The computer-implementable communication platform system is operable in combination with multiple information systems, and includes or provides a central remote abstraction layer, service or system for enabling inter-information system operations, and a single interface for client-to-information system interactions. The remote abstraction layer, service or system communicates with administrative clients associated with the multiple information systems and authenticated client devices for identifying and approving data release from select information systems.

Block chain-based multifactor personal identity verification may be provided. Verification addresses may be established on a block chain by: associating identifiers with individuals having previously verified personal identities, assigning verification addresses on a block chain to the individuals, and recording identifiers and biometric data associated with the individuals at corresponding verification addresses. Block chain-based multifactor personal identity verification using the verification addresses may be performed by: receiving one or more identifiers in connection with one or more requests to verify an identity of one or more individuals, extracting the biometric data associated with the one or more individuals from the corresponding verification addresses, and verifying the identity of the one or more individuals upon receiving matching biometric data and private keys.

Systems and methods of the present disclosure enable for a delayed, two-factor authentication to occur in networked devices. The system and methods can enable the immediate delivery of digital components, which results in fewer abandoned requests, and saves network resources. The system and methods can enable the authorization of data transmissions in networked computer devices that include limited user interfaces, such as voice-based interfaces.

An authentication correlation (AC) computing device is provided. The AC computing device includes a processor and a memory. The AC computing device receives a first authentication request from a requesting computer device including an account identifier, a first timestamp, and at least one authentication factor, and determines a first security level of the first authentication request. The AC computing device stores the first security level and the first timestamp. The AC computing device is also configured to receive a second authentication request including the account identifier and a second timestamp, determine that the second authentication satisfies an authentication rule based on the account identifier, the second timestamp, and the stored authentication data wherein the rule defines a timeframe and an authentication threshold, and generate an authentication response based on the determination and the authentication rule wherein the authentication response includes an approval indicator.