Embodiments of the present invention provide methods, apparatus, systems, computing devices, computing entities, and/or the like for permitting or blocking tracking tools used through webpages. In particular embodiments, the method involves: scanning a webpage to identify a tracking tool configured for processing personal data; determining a data destination location that is associated with the tracking tool; and generating program code configured to: determine a location associated with a user who is associated with a rendering of the webpage; determine a prohibited data destination location based on the location associated with the user; determine that the data destination location associated with the tracking tool is not the prohibited data destination location; and responsive to the data destination location associated with the tracking tool not being the prohibited data destination location, permit the tracking tool to execute.

A method for remote access includes obtaining, by a virtual private network (VPN) server, trust data of a user accessing a first network; determining, by the VPN server, a first trust level corresponding to the trust data according to a first correspondence, wherein the first correspondence comprises the trust data and the first trust level; determining, by the VPN server, a first access zone of the first network corresponding to the first trust level according to a second correspondence, wherein the second correspondence comprises the first trust level and the first access zone; and establishing, by the VPN server, a first VPN connection between a device used by the user and the first access zone.

In embodiments of the present invention, a framework for an extensible, file-based security system is described for determining an appropriate application, application environment, and/or access or security control measure based at least in part on a file's reputation. In response to the selection of a file, an application controller may be used to select a software application from two or more software applications to open the selected file, based at least in part on the selected file's reputation. If launched, a software application may be configured to open the file in an environment, such as a virtual machine, quarantined environment, and the like, that is appropriate for the file based at least in part on the reputation information. A software application may be a secure software application configured to manage secure files, or an insecure software application configured to manage insecure files. The selected file, and communications relating to the selected software application, may be managed according to the selected software application's secure or insecure configuration. Further, the selected software application may associate reputation information with all files that are modified and/or created by the selected software application, including at least in part, reputation information matching that of the selected file.

A Network Based Hyperlocal Authentication (NBHA) system and method for anonymous contact tracing is described. The NBHA system and method operates as a background process, which is passwordless and continuously authenticates and performs cryptographic operations to secure communications between a wireless client device and a remote network component. A gateway includes a short-range wireless transmitter that transmits authentication credentials to the wireless client device having a short-range wireless receiver. The wireless client device uses the authentication credentials to authenticate to the remote network component. The network component then generates an exclusive local key for the wireless client device that is transmitted by the gateway. The client device application then requests cryptographic material from the remote network component. The client device application encrypts and decrypts communications to the network component with the cryptographic material and the exclusive local key. The wireless client device encrypts contact tracing data with the shared secret.

Systems and methods of the present disclosure enable operation authorization using a dynamic code. Embodiments includes a computing system for receiving, from an access control server, an operation authorization request to authorize an operation by an initiator, where the operation authorization request includes a user identifier associated with the operation authorization request, and a dynamic code. The computing system accesses a dynamic key embedded in a user credential associated with the user identifier and generates a recalculated dynamic code using a cryptographic algorithm and the dynamic key. The computing system authenticates the operation authorization request based on the dynamic code being equivalent to the recalculated dynamic code and returns the authentication to the access control server to authorize the operation.

An application login method for accessing an application server by an application includes techniques for an authentication server to complete login authentication on a client application based on authorization request information of the client application in a login request received from a client terminal, determining an application server in a user home country/region of the client application based on user home country/region identification information of the client application in the login request, generating and sending access information about the application server in the user home country/region of the client application.

If a secure element accesses a resource that is separate from the secure element, conducting a secure transaction can be inefficient in terms of power or time. Power usage is inefficient if the resource is never permitted to sleep, and transaction time is inefficient if the resource is permitted to sleep, and the user experiences a delay. To enable dual efficiency, a resource entity is permitted to be powered down. The resource entity is then powered up speculatively by an activation controller. The activation controller predicts an upcoming secure transaction based on sensor output, such as a position fix or a detected electromagnetic field. Based on monitored sensor output, the activation controller issues an activation signal to power up the secure element or the resource entity prior to initiation of the upcoming secure transaction. Thus, power can be conserved without introducing a transaction-processing latency.

An electronic device may: when a first piece of content is acquired, acquire a first score for the relationship between the first piece of content and the privacy of a user of the electronic device, on the basis of information about a person included in the first piece of content and information about an event included in the first piece of content; acquire a second score for the security of each of at least one application which can access the first piece of content; and, when a request for accessing the first piece of content via a first application from among the at least one application is received, determine whether or not to block access to the first piece of content via the first application, on the basis of the first score corresponding to the first piece of content and the second score corresponding to the first application.

Disclosed embodiments may include a system that may receive first level authentication data from a first user, identify a first user device associated with the first user, and determine whether a current location of the first user device is within a predetermined proximity of a first computing device. In response to the determination, the system may detect one or more objects within the predetermined proximity of the first computing device using the one or more positional sensors. The system may determine that at least one of the one or more objects is associated with a human, and in response, trigger a security measure. The system may transmit an indication of the triggered security measure to the first computing device, and may transmit instructions to the first user device configured to cause the first user device to provide an alert to the first user.

A method for securing communication between at least two participants, each having an identification and a safeguard and communicate therewith, in encrypted form involves the participants exchanging exchange their identification. At least one of the participants communicates its position in addition to its identification to the other participant. The position of the participant being determined or queried by the other participant without any assistance on the part of the participant, the participant then validating the other participant based on a comparison of the communicated position and the determined or queried position.