A communication device and system are disclosed for providing communication and data services to residents of a controlled facility. The device can be restricted to communicating only using an internet protocol so as to restrict the device communication to an internal intranet. Wireless access points may be disposed throughout the environment to route calls and data between the device and a central processing center. By converting a protocol of the communications received from the device to a protocol used by the central processing center, minimal modifications to the central processing center are needed to support a wireless communication infrastructure. Many restrictions and safeguards may be implemented within the phone and system in order to prevent improper use.

Disclosed are various examples that relate to adjusting a stringency of offline policy restrictions based on a situational context of a computing device. In one example, a system can receive an offline restriction policy for an application. The system can identify a request to execute an application during the offline period of time. A situational context of the computing device can be determined. A first application restriction can be enforced for the application on the computing device based on the identification of the computing device being in the offline period of time and the situational context. A change in the situational context of the computing device can be identified during the offline period of time based on a detection of a second condition. A second application restriction can be enforced for the application on the computing device during the offline period of time.

Devices, systems, and methods of detecting user identity, authenticating a user to a computerized service or to an electronic device, differentiating between users of a computerized service, and detecting possible attackers or possible fraudulent transactions. A method includes: generating a user authentication session that requires a user to enter a secret by performing a task; monitoring the user interactions during task performance; extracting a user-specific behavioral characteristic, and utilizing it as a factor in user authentication. The task requires the user to perform on-screen operations via a touch-screen or touchpad or mouse or other input unit of the electronic device, or to move in space or tilt in space the entirety of the electronic device in a way that causes inputting of the secret data-item.

A method, apparatus and product for chat-based application interface for automation. Using a natural language interface, receiving user input. Based on the user input, determining an automation process of a computer program having a user interface (UI), to be executed. The automation process is executed by utilizing the UI to input data thereto or execute functionality thereof. Additionally or alternatively, a conversation to be implemented by a natural language interface may be defined. The conversation is configured to obtain from the user one or more values corresponding to one or more parameters. The conversation is associated with a parameterized automation process depending on the one or more parameters. The parameterized automation process is invoked automatically by a natural language interface and using one or more values provided by the user to the natural language interface for the one or more parameters.

A request generated by an unmanaged app to access a resource is received from a mobile device. A notification is sent to the mobile device. A device level VPN connection to the mobile device is established. A unique identifier is associated with the device level VPN. App level traffic received via the device level VPN is tagged with the unique identifier. Access to the resource is allowed in response to the request based at least in part on a determination based on the tags that app level traffic from a trusted app and app level traffic from the unmanaged app are associated with the same mobile device.

In one form of the present invention, there is provided a computer implemented method 10 of enabling one or more access provider systems 12 to secure access to content on first electronic devices 14, the computer implemented method 10 comprising: receiving encrypted input information 16, the encrypted input information 16 being inputted by users 18 on second electronic devices 20; and transmitting input information 16 to the one or more access provider systems 12 to allow the one or more access provider systems 12 to determine whether to authorise access to content on the first electronic devices 14.

The present disclosure relates to computer-implemented methods, software, and systems for validating and revoking security tokens. A request for a resource is received at an application server and from a client. The request is associated with a security token for authenticating the client by the application server. A public key of an authentication server is acquired at the application server for authenticating requests at the application server. A signature of the security token is validated at the application server. By validating the signature of the security token, it is determined whether the security token is validly issued by the authentication server. In response to the received request, the application server determines at an identifier that is associated with the client and validates the security token based on the identifier to determine whether to serve the received request and provide the resource.

Using a biometric sensor coupled to a touchscreen, fingerprint data is collected from within a plurality of virtual key areas of the touchscreen. A virtual key area in the plurality of virtual key areas comprises an area of the touchscreen configured to display an input prompt and collect touch data responsive to the input prompt. Responsive to determining that the fingerprint data has above a threshold level of similarity with stored fingerprint data associated with each of the virtual key areas and that a sequence of the virtual key areas matches a stored key sequence, access to a protected resource is allowed.

An authentication system facilitates a transfer of enrollment in authentication services between client devices. The authentication system enrolls a client device in authentication services to enable the client device to be used for authenticating requests to access one or more services. As part of enrolling the client device, the authentication system receives authentication enrollment information for the client device that is associated with one or more authentication credentials securely stored on the client device (e.g., a multi-factor authentication (MFA) certificate). The authentication system facilitates one or more processes for transferring the enrollment from an enrolled client device to a non-enrolled client device that limit the number and complexity of actions performed by the user. In particular, the authentication system facilitates transfer of enrollment based on receiving enrollment transfer requests authorized by the enrolled client device using one or more authentication credentials associated with the enrollment of the enrolled client device.

The embodiment herein provides a system for securing computer infrastructure and one or more devices that depend on one or more cloud platforms. The system includes a memory, and a processor that stores and executes a set of instructions. The processor is configured to (i) extract one or more information data from at least one of the cloud platforms or the devices that depends on the one or more cloud platforms, (ii) execute compliance tests to identify compliance and non-compliance in the one or more information data, (iii) generate a network topology map by querying the one or more information data, (iv) classify a connectivity between the one or more devices and their nature, (v) compute risk metrics, (vi) re-execute the compliance tests to detect changes, and (vii) implement security compliances without impacting a production or operational environment of the one or more cloud platforms.