Systems and methods are provided for use in verifying network identities. One exemplary method includes receiving, at a computing device, data associated with multiple user devices of a user and relating to one or more identity attributes of the user. The method then includes, in response to a request for authentication of the user, generating an aggregate score based on multiple of a reliability sub score, a length of relationship sub score, and a historical consistency sub score for each of the multiple user devices taking into account at least some of the received data. The aggregate score may then be transmitted to a relying party in response to the request, thereby permitting the relying party to authenticate the user based at least in part on the aggregate score.

Aspects of the present invention disclose a method, computer program product, and system for multi-factor authentication. In response to a request for an action, the method includes one or more processors whether a first authentication credential passes validation. In response to determining that the first authentication credential does pass validation, the method further includes one or more processors determining a second authentication credential, wherein the second authentication credential includes an indication of a wireless connection between a first computing device and a second computing device. The method further includes one or more processors determining whether the second authentication credential passes validation. In response to determining that the second authentication credential passes validation, the method further includes one or more processors allowing execution of the requested response.

A method performed by a wireless device on a wireless network. The method includes sending an access request for an application. In response to sending the access request, the wireless device receives a visual voicemail message including authentication information. The wireless device can access and send the authentication information of the visual voicemail message to an authentication system. The wireless device is then authenticated to participate in a restricted activity or access restricted content in response to the sent authentication information.

A computer implemented method of access control for a user device having at least one component for determining behaviours of the user, the method comprising: defining a training period during which access to the device is determined based on a credential-based authentication scheme wherein each access determination is used to generate an item of training data including at least a result of the credential-based authentication and a behaviour of the user; training a machine learning classifier based on the training data such that the classifier is operable to classify user behaviour as compliant or non-compliant such that compliant behaviour is determined by the classifier to be consistent with prior behaviour for permitting access to the device subsequent to the training period; and responsive to a determination that a behaviour subsequent to the training period is classified as non-compliant, requesting a credential-based authentication of the user and permitting access to the device in response to the credential-based authentication, wherein permitting access to the device further includes constructively training the classifier based on the subsequent behaviour as a compliant behaviour by providing the subsequent behaviour as an additional training example.

Systems and methods for improved security authentication are disclosed. In some embodiments, an improved system for security authentication may include a plurality of computing devices, and a server system communicatively coupled to the plurality of computing devices. The server system may be configured to receive a request for security authentication, determine an authorization providing computing device from among the plurality of computer devices based on authentication preferences stored in a database communicatively coupled to the server system, generate and transmit authentication information to the determined authorization providing computing device, receive, from an initiating computing device an authentication input, determine whether the received authentication input matches the transmitted authentication information, and complete the request for security authentication when the received authentication input matches the generated and transmitted authentication information.

Certain aspects of the present disclosure provide techniques for entering user credentials through a proxy. One example method generally includes receiving, at a user device, a push request for user data from a cloud server and receiving a request file from an aggregation system. The method further includes injecting user credentials stored on the user device into the request file, wherein when injected the user credentials replace at least one dummy entry of the request file, and transmitting the request file to a data source associated with the request file. The method further includes receiving user data from the data source and transmitting the user data to the aggregation system.

Disclosed are example methods, systems, and devices that allow for generation and maintenance of a central identity databank for a user’s digital life. The identity databank may include identity elements with payload values and metadata values corresponding immutable attributes of the user. A multifactor identity authentication protocol allows service provider devices to more reliably validate transactions with user devices via an identity system. The identity databank may include passwords, which may be generated by the identity system linked to user accounts and/or service providers. The passwords may be provided to service provider devices, eliminating the need for users to conceive of a multitude of varying passwords for the user’s accounts.

In some implementations, an authentication system may receive, from a client device, a credential associated with a user account and a request to access a resource. The authentication system may transmit, to the client device, a request for an image of a customized physical security token associated with the user account. The authentication system may receive, from the client device, a first image. The authentication system may compare the first image with a representation of a second image of the customized physical security token associated with the user account. The authentication system may grant or denying access to the resource based on comparing the first image with the representation of the second image.

The disclosure is directed towards providing resource providers, identity service providers (IDPs), and proxy services the ability to continuously evaluate one or more (temporally varying) conditions for which a user's permissions to access resources of the resource provider is dependent upon. The disclosure provides various mechanisms for continuous access evaluation (CAE), such that the finite lifetime of an access token (AT) does not temporally quantize the ability to limit (or otherwise update) a client's access to the resource provider when conditions change that would otherwise change the client's permissions.

In some implementations, a front-end device may receive, from a brain-machine interface (BMI) associated with a user, a request to authenticate the user with secret information associated with the user. Accordingly, the front-end device may transmit, to the BMI, a request for an identifier associated with one or more hardware components of the BMI. The front-end device may receive, from the BMI, an indication of the identifier associated with the one or more hardware components. Accordingly, the front-end device may authenticate the user based on the secret information associated with the user and the identifier associated with the one or more hardware components. Additionally, or alternatively, the front-end device may authenticate the user based on a location of an external device associated with the user and/or an indication of a biometric property associated with the user.