In certain embodiments, a distance threshold may be adjusted, and authentication may be performed based on the adjusted distance threshold. In some embodiments, an authentication request from a first user device associated with a user may be received. First location information of the first user device and second location information of a second user device may be obtained. A distance between the first and second user devices may be determined based on the first and second location information. A distance threshold may be adjusted based on whether such location information is obtained over the same wireless network, whether such information is obtained over a public wireless network, whether an IP address from which such location information is obtained matches a stored IP address, or other criteria. The user may be authenticated based on a comparison of the distance to the adjusted distance threshold.

A highly secure networked system and methods for storage, processing, and transmission of sensitive information. Personal/private information is cleansed, salted, and hashed by data contributor computing environments, and occurs using the same processes to ensure output hashed values are consistent across multiple sources. Hashed sensitive information is hashed a second time by a secure facility computing environment. The second hashing of the data involves a private salt inaccessible to third parties. The second hashed data is linked to previously hashed data (when possible) and assigned a unique ID. Data dictionaries are created for particular individuals provided access to the highly secure information. Prior to a data dictionary being accessible, the data dictionary undergoes compliance and statistical analyses regarding potential re-identification of the source unhashed data. The data dictionaries are viewable as certified views via a secure VPN.

A system is provided for the storage of data, the system having: an encrypted host platform upon which regulatory controlled data is stored; a controller configured to allow a primary user to set permission settings and identify authorized end users and degrees of access granted to each the authorized end user, the authorized end user being pre-cleared for compliance with regulatory controls pertaining to the regulatory controlled data; the controller configured to permit access to the encrypted host platform only if the hosting platform is in compliance with predefined data security protocols the controller configured to allow the authorized end user access to the regulatory controlled data, and the controller configured to exclude access to both a provider of the system for storage and a system host platform provider; at least one individual computing device accessible by at least one the authorized end user, the individual computing device configured to provide authorized end user identification data to the controller and receive permissions from the controller for access to the host platform; and the host platform only communicates with individual user devices if the devices have received permission from the controller.

Biometric behavior-based authentication may be enhanced by using convolutional deep neural networks to learn subject-specific features for each subject. The advantage is two-fold. First the need for a domain expert is eliminated, and the search space can be algorithmically explored. Second, the features that allow each subject to be differentiated from other subjects may be used. This allows the algorithm to learn the aspects of each subject that make them unique, rather than taking a set of fixed aspects and learning how those aspects are differentiated across subjects. The combined result is a far more effective authentication in terms of reduction of errors. Behavior-based, invisible multi-factor authentication (BIMFA) mays also automate the responses to authentication second and third factor requests (something you have and something you are). BIMFA leverages continuous, invisible behavioral biometrics on user devices to gain a continuous estimate of the authorization state of the user across multiple devices without requiring any explicit user interaction or input for authentication. As a result, BIMFA can demonstrate that a device is under the control of the authorized user without requiring any direct user interaction.

Embodiments herein include, for example, a method, comprising: generating a shared symmetric key to begin a communication session among a group of users by a first user; distributing, by the first user, the generated shared symmetric key to each user in the group of users; communicating within the communication session among a group of users, where each user encrypts a message to the group of users to be distributed through the communication session using the generated shared symmetric key, and each user decrypts a message received from the communication session using the generated shared symmetric key.

A method includes receiving an indication of a request from a client device. The request is for establishing an access session to perform one or more actions on data of a data processing platform. The method includes receiving data indicative of a context of the access session request and establishing a challenge session associated with the request that indicates one or more challenges required of a user associated with a client device to successfully respond to in order to establish the requested access session, a number or a type of the one or more challenges being determined based on the context, and establishing an access session to enable the user to perform the one or more actions on the data of the data processing platform if responses to all challenges in the challenge session are successful.

Techniques for managing secure login with authentication while viewing a unique code are described. In some examples, a requesting device displays a visual representation of data. An authenticating device detects the presence of the visual representation of data. The authenticating device prompts a user to provide authorization information at the authenticating device. The authenticating device receives a set of one or more inputs. The authenticating device transmits information authorizing access to content on the requesting device.

Techniques disclosed herein enable a system to reduce user authentication requirements during a user's travels by analyzing transportation data and/or event data sent to the user via a communication service, e.g. email. The system may analyze the data in order to determine where the user will be at some future time and, ultimately, to then validate access requests against such determinations to mitigate the need for heightened user authentication requirements while the user is traveling. For instance, the system may identify an airline reservation sent to the user and enable the user to confirm that she has corresponding travel plans. Once she confirms her travel plans, the system may refrain from increasing authentication requirements from Single-Factor Authentication (SFA) to Multi-Factor Authentication (MFA) input requirements for access requests that match the confirmed travel plans.

Example embodiments of systems and methods for touch screen interface interaction using a card overlay are provided. In an embodiment, a body may include a first main side and a second main side opposite the first main side, wherein the body is positionable with respect to a touch screen interface. The transaction card may further inclue indicia on the body, the indicia identifying a plurality of apertures through the body, wherein a user input provided through the plurality of apertures actuates corresponding touch locations on the touch screen interface to authenticate a transaction.

An authentication computing device stores a cardholder profile that is associated with a candidate cardholder and includes a cardholder identifier, a device identifier, payment account data, and trusted authentication data in a database system, receives an authentication request that is associated with a tax filing of the candidate cardholder and includes a filing identifier from a revenue computing device, detects the authentication request is associated with the candidate cardholder based upon the filing identifier and the cardholder profile, transmits an identity challenge requesting authentication data associated with the candidate cardholder to a user device associated with the device identifier, receives a challenge response including response authentication data from the user device, determines an authentication status associated with the authentication request based on a comparison of the response authentication data and the trusted authentication data, and transmits the authentication status to the revenue computing device.