Methods and systems pertaining secure transaction systems are disclosed. In one implementation, a computer with a verification token associated with a computer can send user authentication data as well as a secure datum to a control server. The verification token may obtain the secure datum from a validation entity. The control server can validate the secure datum and authentication data and can generate a payer authentication response.

A reader configured to perform dual-factor authentication is provided. The reader is configured to analyze credential data as well as event-based user inputs. The event-based user inputs are received in response to the reader presenting one or more events to a user and monitoring the user's reaction thereto. Utilization of an event-based user input enables the reader to perform dual-factor authentication without necessarily being provided with a keyboard or other advanced user input device.

A wearable device can establish a verified session with a host device (e.g., by establishing that the wearable device is present in the vicinity of the host device and is currently being worn). The existence of such a verified session can be used to control user access to sensitive information that may be stored in or otherwise accessible to a host device. For example, the host device and/or application programs executing thereon can be configured to restrict a user's ability to invoke program functionality that accesses sensitive information based on whether a verified session with a wearable device is currently in progress.

A method of authenticating a mobile station on an alternate communications network is disclosed, the mobile station being associated with a default communications network. The mobile station comprises a baseband processor to manage the antenna-related functions and a SIM card to accommodate a default SIM associated with the default communications network for receiving network credentials from the baseband processor. The method comprises providing a SIM card device to intercept communications between the baseband processor and the SIM card, monitoring the network credentials in respect of the network that the mobile station is actively in communication with, determining whether the mobile station needs to switch to an alternate network, and identifying or receiving from a user the alternate network, consulting a SIM bank, comprising at least one alternate SIM, and selecting an alternate SIM having a mobile station identification variable compatible with the alternate network, receiving a network authentication request on the mobile station from the alternate network, and allocating the selected mobile station identification variable to the mobile station so as to identify the user of the mobile station on the alternate network.

Systems, devices, and methods are disclosed for an agent device within a company's network firewall to initiate an HTTP connection with a cloud-based gateway and then upgrade the connection to a WebSockets protocol in order to have an interactive session. Over this interactive session, a mobile device, which connects to the cloud-based intermediary, can request data from servers inside the company's firewalls. Because the firewall is traversed using HTTP protocols (with WebSockets), it can be as safe as letting employees browse the web from inside the company's network.

A method of using subscriber identification information stored in mobile user equipment (UE) to connect to a communication service over a public wireless network in the UE, establishing a communication link between the UE and a device, generating network access information (NAI) associated with the communication service in the UE, and sending the NAI from the UE to the device via the communication link. The method further comprises connecting the communication service in the device using the NAI and terminating the connection of the communication service in the UE.

The present disclosure discloses an authentication method performed at a server, including: generating, based on a first account that is possessed by a user of a first device and that corresponds to a first application, corresponding token information; sending the token information to the first device to be shared by the first device with devices in a device group in a replication restriction manner; performing, based on the token information, authentication on a second device that is in the device group; granting permission of accessing the first account to the second device when the authentication succeeds; and triggering the first device to switch from a state of first account-based login to the first application to a state of suspending the login to the first application when it is determined that the second device logs in to the first application based on the permission of accessing the first account.

A transaction authorization apparatus includes a processor in communication with a communications interface. The processor is configured to receive a request for a transaction requested by a user with whom a plurality of user devices are associated, to obtain respective transaction measurements from at least some available devices from among the plurality of user devices, and to confirm approval of the request for the transaction in response to confirmation that the transaction measurements satisfy a multi-device authorization policy associated with the transaction.

A system for automatic authentication of a user to allow access to websites and physical devices which provides tiered levels of security and defines an API protocol for exchange of authentication credentials.

A method of securely resetting a first device comprising a UICC, the method comprising providing a secure reset control application to a secure element of the UICC of the first device wherein the secure reset control application is capable of commanding the UICC to provide notification indicative of a secure reset of the first device being requested if a corresponding signal is received from a remote management server; and/or communication between the secure reset control application and a remote management server cannot be established for a predetermined period of time and upon the next first device reset, determine whether a secure reset has been requested.