A system and method for facilitating secure transfer of encrypted files and/or messages can facilitate the secure transfer of encrypted files to a receiving user. The system can include: a computer program for facilitating sending of an e-mail message to a receiving user, the e-mail message including at least a web address of a trusted provider and instructions about how to securely download encrypted files without the receiving user setting up an account or a password, the transfer of encrypted files being facilitated by a code sent to a telephone of the receiving user.

A user authentication method performed by an authentication management server constituting a block chain network with a target device may comprise receiving, from the target device, a transaction including authentication information of a user and a unique value of the target device; determining a token of the user stored in a smart contract based on the authentication information; and authenticating the user based on validity information of the token, ownership information of the token, and the transaction.

An application gateway including application service programming positioned at a user premises can provide voice controlled and managed services to a user and one or more endpoint devices associated with the application gateway. The application gateway can be controlled remotely by the application service provider through a service management center and configured to execute an application service provided from the application service provider. The application gateway can execute the application service at the user premises upon voice command by a user and independent of application services executing on the application service provider's network. An application service logic manager can communicate with an application service enforcement manager to verify that the request conforms with the policy and usage rules associated with the application service in order to authorize execution of the application service on the application gateway, either directly or through endpoint devices.

A user device is associated with a dynamic trust score that may be updated as needed, where the trust score and the updates are based on various activities and information associated with the mobile device. The trust score is based on both parameters of the device, such as device type, registered device location, device phone number, device ID, the last time the device has been accessed, etc. and activities the device engages in, such as amount of transactions, dollar amount of transactions, amount of denied requests, amount of approved requests, location of requests, etc. Based on a transaction request from the user device, the trust score and a network reputation score is used to determine an overall trust/fraud score associated with the transaction request.

An improved One Time Password (iOTP) is used in a two-factor authentication mechanism to decode a username, and the inherent security of the iOTP eliminates the need for a password. When the user is identified by the iOTP, a second challenge is sent. The second challenge may be confirmed by user biometrics or via a PIN code if the user's device does not support biometrics. Benefits of the subject invention include: (1) no username, which eliminates exposure to multiple domain attacks (i.e., attacks on other sites with the same username) that attempt to extract passwords from less secure sites (e.g., where a user used the same username and password across multiple sites); and (2) password-less access—the iOTP replaces both the username and password function, thereby eliminating the need for the user to manage multiple usernames and passwords.

Methods, systems, and devices relate to digital wireless communication, and more specifically, to techniques relating to dynamic change MAC address of the station for subsequent transmissions. In one exemplary aspect, a method of dynamic change MAC address includes specifying a MAC address change mode and a new MAC address to be used by the station. In another exemplary aspect, a method of dual MAC address change mode in the dynamic change MAC address mechanism includes separating the unchanged MAC address of the station from the changeable MAC address of the station, and keep the mapping between them. In another exemplary aspect, a method includes transmitting a MAC address change request message from the station (or the access point) to initiate the MAC address change procedure. In another exemplary aspect, a method includes receiving a MAC address change response message from the access point (or the station).

Systems and methods to timestamp and authenticate digital documents using a secure ledger are described. Some implementations can include computer-implemented method to timestamp and authenticate electronic documents. The method can include receiving, by a timestamp and authentication server and from a user device, a unique hash value that is generated at the user device based on a source document and a device identifier of the user device, and verifying, by the timestamp and authentication server, the device identifier. The method can also include, upon verifying the device identifier, inserting, by the timestamp and authentication server, the hash value and the device identifier into a secure ledger, and upon successful insertion into the secure ledger, transmitting, from the timestamp and authentication server to the user device, a success status message including a location in the secure ledger where the hash value was inserted.

Techniques described herein include a platform and process for provisioning user information onto a machine-to-machine device in order to enable the machine-to-machine device to conduct transactions utilizing the user information. In some embodiments, a user device is used to relay information between a machine-to-machine device and a provisioning service provider computer. In some embodiments, a machine-to-machine device is connected to the provisioning service provider computer via a network connection. Upon receiving a request to provision the machine-to-machine device, the service provider computer may identify the device from a device identifier. The service provider computer may generate an access credential or token for the machine-to-machine device. The access credential, token, and/or one or more policies may be provisioned onto the machine-to-machine device.

A computer-implemented system and method for secure authentication of IoT devices are disclosed. The method for secure authentication of IoT devices comprises establishing a network connection with a network operator server via a control channel, establishing identity of the network operator server using a pre-shared server key from one or more of pre-shared server keys, establishing identity of the IoT device using a pre-shared client key from one or more of pre-shared client keys and cryptographically generating a session key for a network session to allow secure data exchange between the network operator server and the IoT device. The cryptographically generated session key is used for securely authenticating application running on the authenticated IoT device.

A method, system and computer program product assess risk of an unauthorized API login and mitigate damage from an unauthorized API login. The method includes collecting in a database license attributes of a user license, user profile attributes, and database content change attributes; receiving an API login request; comparing features of the API login request to at least one of the database license attributes, user profile attributes, and database content change attributes against a predetermined threshold; assessing a risk of the an unauthorized API login request based on a result of the comparison; and based on a level of the assessed risk, implemented protective action to mitigate harm that may result from an unauthorized user from accessing information or services from a computer system by way of an API.