Described herein are systems and methods that allow for secure wireless communication between a contact lens system and an accessory device to protect sensitive data and prevent unauthorized access to confidential information. In certain embodiments, tampering attempts by potential attackers are thwarted by using a Physically Unclonable Functions (PUF) circuit that is immune to reverse engineering. In addition, sensors monitor a to-be-protected electronic device to detect tampering attempts and physical attacks to ensure the physical integrity of the communication system.

Timely and optimal user completion of pre-staged transactions is implemented by ultra-wideband (UWB) enabled devices at UWB-enabled ATMs. ATM information, transaction scheduling and user prioritization, transaction notifications, and/or haptic-feedback reminders are provided based on one or more real-time and/or predicted geographical locations and proximities, ATM-specific queue wait times, preference scores, historical usage, ATM resources, and/or other relevant data or preferences.

A method for gesture-based multi-factor authentication includes mapping a gesture password to a first substitution string, generating a cryptographic key using the first substitution string as an input to a password authenticated key exchange protocol, encrypting a challenge response with the cryptographic key to generate an encrypted challenge response, and transmitting, to a relying party computing system, a first authentication message comprising the encrypted challenge response and a user identifier identifying a user.

Disclosed are various embodiments for automatically creating device campaigns. A computing device first determines that a second version of a software package assigned to an existing device campaign has been uploaded to a data store. The existing device campaign can include an existing compliance policy applicable to individual IoT endpoints assigned to the existing device campaign. The compliance policy may specify that a first version of the software package be installed on the individual IoT endpoints. In response, to the change, the computing device can create a new device campaign that includes a new compliance policy applicable to the individual IoT endpoints assigned to the new device campaign. The new compliance policy may specify that the second version of the software package be assigned to the individual IoT endpoints.

An authentication system facilitates a transfer of enrollment in authentication services between client devices. The authentication system enrolls a client device in authentication services to enable the client device to be used for authenticating requests to access one or more services. As part of enrolling the client device, the authentication system receives authentication enrollment information for the client device that is associated with one or more authentication credentials securely stored on the client device (e.g., a multi-factor authentication (MFA) certificate). The authentication system facilitates one or more processes for transferring the enrollment from an enrolled client device to a non-enrolled client device that limit the number and complexity of actions performed by the user. In particular, the authentication system facilitates transfer of enrollment based on receiving enrollment transfer requests authorized by the enrolled client device using one or more authentication credentials associated with the enrollment of the enrolled client device.

A reader configured to perform dual-factor authentication is provided. The reader is configured to analyze credential data as well as event-based user inputs. The event-based user inputs are received in response to the reader presenting one or more events to a user and monitoring the user's reaction thereto. Utilization of an event-based user input enables the reader to perform dual-factor authentication without necessarily being provided with a keyboard or other advanced user input device.

Devices, systems and methods are disclosed for determining an electromagnetic signature for authenticating a device, a user, and/or a location. In exemplary embodiments, a magnetometer captures an electromagnetic signature which is then compared with one or more authorized electromagnetic signatures. If the electromagnetic signature matches an authorized electromagnetic signature, then access is granted. The magnetometer is integrated into a communication device having a processor and a logic. The magnetometer captures an electromagnetic signature of a surrounding environment and detects motion of the communication device through the captured electromagnetic signature. The logic on the communication device locks or unlocks features of the device based upon the captured electromagnetic signature. In further embodiments of the subject disclosure, the magnetometer is in communication with a server which authenticates a user or communication device to provide access to a remote location.

A method and system are provided for associating a user with a wearable device. The method includes: obtaining physiological information of a user of a wearable device; comparing the obtained physiological information against a stored physiological profile, wherein the stored physiological profile is built up over time from obtained physiological information; and, based on the comparison, updating a confidence parameter indicating the extent to which the obtained physiological information matches the physiological profile.

Connectionless data transfer is disclosed. Authentication of a device and network node may be performed when data is sent from the device to an application server of an application service provider via a selected network. The transfer of data may take place in an absence of an existing device context between the network node interacting with the device and the core network through which the data travels. State management overhead and signaling overhead may be reduced by use of the exemplary aspects disclosed herein. For example, the device does not need to perform an authentication and key agreement (AKA) procedure to transfer the data and an existing (or pre-existing) device context need not be maintained at the core network.

A connectionless system for handing off data, content or information includes a proximity detection component that allows devices to detect other local devices within range. Devices within range may use advertisement and scanning to exchange communications so that one device can handoff data, content, or information to another device without having to connect, e.g., pair, with the other device(s).