Method, system, and programs for performing two-factor authentication for a controlled access application via one or more third-party host verification servers. An example method includes receiving a request to a controlled access application after a user has successfully logged into an enterprise system with a first Identifier (ID) factor, the controlled access application requiring additional authentication with a second ID factor, obtaining first information to complete the second ID factor, at least some of the first information being obtained from the user, and generating a first web form using the first information. The method also includes submitting the first web form to a host verification server, receiving an indication of successful verification from the host verification server; and initiating, in response to receiving the indication of successful verification, access to the controlled access application.

The present invention is an platform and/or agnostic authentication method and system operable to authenticate users, data, documents, device and transactions. Embodiments of the present invention may be operable with any client system. The authentication method and system are operable to disburse unique portions of anonymous login related information amongst multiple devices. These devices and the disburse unique portions of anonymous login information are utilized by the solution to authenticate users, data, documents, device and transactions. Login-related information is not stored in any portion of the solution, users and devices are anonymously authenticated. The solution also permits a user to access secured portions of the client system through a semi-autonomous process and without having to reveal the user's key.

Provided is dynamic and flexible authentication based on an interaction over a communications link between a user device and a financial entity. A set of interactions enabled at the user device are categorized into different levels, each level comprises a different authentication policy. At about the same time as an interaction is initiated at the device, an authentication policy assigned to the interaction is accessed and a security challenge is activated at the device. Based upon a successful response to the security challenge, an enablement of the communications link is continued. Based upon an unsuccessful response to the security challenge, the communications link is disabled.

Secure user authentication is provided by leveraging the use of quantum keys, steganography and random user keys/passcodes. Random user passcodes limit both the entity’s control over the user and potential exposure of the passcode to wrongdoers. From a security standpoint, use of quantum keys and quantum communication channels heightens security during transmission of keys, such that if a wrongdoer would attempt to hack the transmission, the quantum sequence would break, which would not only prevent the hack but also result in remedial actions, such as preventing the authentication-requiring event, providing alerts and the like. Further, use of steganography also heightens security by preventing exposure to the keys during transmission and/or while the authentication process is occurring on the display of the user’s mobile device.

Systems and methods are provided involving a user registration and authentication system for granting access to digital systems, content, computing systems and devices, applications including document execution applications, and physical locations. The registration and authentication system may involve a personal device, a computing device and/or a server and may grant access to digital systems, applications, and content. The registration and authentication system may also involve a personal device, an interface device, a secure system and/or a server and grant access to computing systems, applications, devices and physical locations. A user may be registered for the authentication system in-person by a third-party to perform in-person verification.

Systems and methods for generating and implementing a real-time multi-factor authentication policy across multiple channels, are configured to: during a pre-authentication stage: receive, via a user interface, information defining one or more scenarios; receive, via the user interface, information defining one or more authentication flows; for each of the one or more scenarios, map one of the one or more authentication flows to a given scenario; and generate a multi-factor authentication policy associated with each of the one or more scenarios; and during a real-time authentication stage: upon receiving an interaction, identify, by a decision engine, a relevant scenario of the one or more scenarios; implement, by the decision engine, the multi-factor authentication policy associated with the relevant scenario; and determine, by the decision engine, an authentication result.

Techniques are disclosed relating to authenticate a user with a mobile device. In one embodiment, a computing device includes a short-range radio and a secure element. The computing device reads, via the short-range radio, a portion of credential information stored in a circuit embedded in an identification document issued by an authority to a user for establishing an identity of the user. The computing device issues, to the authority, a request to store the credential information, the request specifying the portion of the credential information. In response to an approval of the request, the computing device stores the credential information in the secure element, the credential information being usable to establish the identity of the user. In some embodiments, the identification document is a passport that includes a radio-frequency identification (RFID) circuit storing the credential information, and the request specifies a passport number read from the RFID circuit.

Provided is a personal authentication device capable of simply securing security with little psychological and physical burden of a user to be authenticated. Personal authentication device includes: storage that stores first and second identification information for identifying a user; analysis unit that analyzes information inputted to a user and generates the first identification information; transmission unit that transmits a first acoustic signal to a part of a user's head; observation unit that observes a second acoustic signal; calculation unit that calculates acoustic characteristics from the first and the second acoustic signal; extraction unit that extracts an acoustic feature amount from the acoustic characteristics as second identification information; and determination unit that determines the user to be identical when first identification information registered and the first identification information generated coincide with each other and second identification information registered and the second identification information extracted coincide with each other.

A system described herein may provide a technique for enhanced authentication techniques that leverage network-based location determination of UEs, such as mobile telephones or other devices that communicate with a wireless network. For example, a wireless network may monitor, determine, or otherwise maintain information regarding the geographic location of User Equipment (“UEs”) that are associated with the wireless network. Some embodiments may utilize such network-monitored location information to verify that a participant device, associated with a given UE, is located within a particular proximity of the UE when performing an authentication process to receive services or resources.

Embodiments disclosed herein generally related to a system and method of authenticating a user with a third party server. In one embodiment, a method is disclosed herein. A computing system receives, from a remote client device of the user, a token. The token includes personal identification information and a digitized file of a biometric captured by a biometric scanner. The computing system identifies via the personal identification information that the user has a user account. The computing system queries a database with the personal identification information and the digitized file to determine whether the biometric matches a stored biometric in the user account. Upon determining that the biometric matches the stored biometric, the computing system generates a message to be transmitted to the third party server that authenticates the user. The computing system transmits the message to the third party server.