An authentication system includes a terminal and a key authentication unit arranged in a communication peer that communicates with the terminal. The key authentication unit receives key information of the terminal carried by a user through wireless communication and performs key authentication that verifies authenticity of the key information. The authentication system further includes detectors that are arranged at different locations and detect biological information of the user and a biometric authentication unit that uses the biological information to perform biometric authentication. The authentication system further includes a controller that controls actuation of the communication peer based on a location of one of the detectors that detected the biological information, an authentication result of the key authentication, and an authentication result of the biometric authentication.

A system and a method of determining persistent presence of an authorized user while performing allowed operations on an allowed resource of the system while satisfying certain context-sensitive restrictions are disclosed. The system receives a request from a user to authenticate him/her. The system authenticates the user using biometric information of the user or any other authentication mechanism in a given context-sensitive restriction. If the user is authenticated, then the system allows the user to perform the allowed operation using the allowed resources in the context-sensitive restriction. If the authentication fails indicating that the user is an unauthorized user, then the system initiates a resolution process to halt or terminate the allowed operation to restrict or obfuscate the allowed operation from being accessed by the unauthorized user. In one embodiment, the system comprises an External Companion Device (ECD) paired with the system to perform the authentication and manage the allowed.

The present disclosure relates to computer-implemented methods, software, and systems for validating and revoking security tokens. A request for a resource is received at an application server and from a client. The request is associated with a security token for authenticating the client by the application server. A public key of an authentication server is acquired at the application server for authenticating requests at the application server. A signature of the security token is validated at the application server. By validating the signature of the security token, it is determined whether the security token is validly issued by the authentication server. In response to the received request, the application server determines at an identifier that is associated with the client and validates the security token based on the identifier to determine whether to serve the received request and provide the resource.

Receive a transaction generated by a user of a non-internet application; identify transaction life cycle steps of previous similar transactions; and generate a transaction risk score for the transaction using machine learning models and a blockchain record of the previous similar transactions. In response to the transaction risk score exceeding a threshold value, authenticate the transaction and the user using two-step authentication. The two-step authentication uses challenge/answer templates derived from the blockchain record of previous transactions.

The present invention relates to management of network security of a computing environment. The method may include; utilizing an Artificial intelligence (AI) node to enable management of one or more physical assets and one or more digital assets of the CE, wherein the management comprises automatic control of at least one task related to access of data and communications thereof, wherein the at least one task is selected from: locking, unlocking, encryption, decryption, activation, and deactivation; detecting a non-desired event, which occurred at one or more physical assets and one or more digital assets; analysing the detected non-desired event through a machine learning technique to determine a customized recovery plan and a tailored protection protocol against the detected non-desired event.

A method including: receiving, from an application executing on a computing device and by an authentication process executing on the computing device, data representative of user credentials corresponding to the application, the authentication process being isolated from the application; packaging, by the authentication process, the data representative of user credentials with a device identification assigned to the computing device and an indication that the user credentials correspond to the application, the device identification being hidden from the application; outputting for transmission, by the authentication process and to an authentication server, an authentication request containing the packaged user credentials and device identification; receiving, by the authentication process and from the authentication server, an indication of authentication of the user credentials; and forwarding the received indication from the authentication process to the application.

A system and method are disclosed that leverage multi-factor authentication features of a service provider and intelligent call routing to increase security and efficiency at a customer call center. Pre-authentication of customer support requests reduces the potential for misappropriation of sensitive customer data during call handling. A contactless card uniquely associated with a client may provide a second factor of authentication via a backchannel to reduce the potential for malicious third-party impersonation of the client prior to transfer of the call to the customer call center. Pre-authorized customer support calls may be intelligently and efficiently routed directly to call center agents, without incurring further delay. During call handling, call center agents may initiate further client authentication processes, including contactless card authentication requests, over one or more different communication channels for authorizing access to sensitive information or to allay suspicion.

A first user device includes a camera. The first user device receives a challenge-response message following a request for access to a secure server. The first user device captures a first image of the first user. The first image includes an image of at least a portion of a face of the first user. An authentication result from facial recognition scan of the second user is received. Facial recognition is used to determine that the face of the first user is a face of an authorized user of the secure server. The first user device generates and sends a response to the challenge-response message based on results of facial recognition and the received authentication results.

Systems and methods are disclosed for executing an electronic transaction using a digital wallet. One method includes receiving a guest checkout request and electronic transaction data from an electronic transaction browser. Whether a user is enrolled in the digital wallet system may be determined by the digital wallet system. The digital wallet system may authorize an electronic transaction based on the electronic transaction data upon determining the user is not enrolled in the digital wallet system. The digital wallet system may initiate a digital wallet enrollment upon authorizing the electronic transaction. The digital wallet system may store the user data in the digital wallet system and transmit a verification request to the electronic transaction browser. The digital wallet system may receive a verification response from the electronic transaction browser and may generate a digital wallet enrollment status message based on the verification response.

The present disclosure provides various embodiments of systems and methods to securely authenticate a user. More specifically, the present disclosure provides embodiments of multi-factor authentication methods that improve both security and user convenience by using trusted secondary devices or peripherals (hereinafter “trusted devices”) to provide additional authentication factor(s) for verifying user presence/identity after an initial authentication factor has been used to verify user presence/identity. Unlike conventional multi-factor authentication methods, the additional authentication factor(s) provided by the trusted devices do not require user input or intervention.