A physical access control system enables acceptable portal entry codes upon receiving each physical access request by operating on the elapsed time from a previous physical access request to generate a temporal credential. The controller receives a plurality of physical access requests from a plurality of mobile application devices. Upon authenticating the first access request, the controller eliminates repetition from the space of acceptable successor requests from each mobile application device. Monotonic nonces advance the range of temporal code matches. Entry code generation is decentralized to distributed application devices and is inherently unknowable until a successor access request is initiated by the same application device.

Systems and methods of anti-vishing OTP protection via machine learning techniques are disclosed. In one embodiment, an exemplary computer-implemented method may comprise: receiving a permission indicator identifying a permission by the user to detect OTPs and calls being received by a computing device; receiving an indication of an OTP data item being received; processing the OTP data item to determine a time duration during which a particular OTP included therein is valid; utilizing a trained OTP protection machine learning model to determine phone number(s) as presenting a security risk with respect to the OTP data item; and instructing the computing device to commence at least one security measure based at least in part on a contact list updated with an indication that the phone number(s) present a security risk with regard to the particular OTP during the time duration of the particular OTP.

Some embodiments provide a method for distributed two-factor authentication in an enterprise network that includes multiple host computers. The method receives a data message destined for a particular security group in a set of security groups that are tagged for two-factor authentication. From a set of security rules defined for the set of security groups, the method identifies a particular security rule associated with the particular security group, the particular security rule specifying a two-factor authentication challenge for authenticating a source of the data message. The method presents the two-factor authentication challenge to the source of the data message to determine whether the source is allowed to access the particular security group.

A method and system for automatic device provisioning includes a computer system for authenticating a user using a first device. The computer system receives a request for automatic provisioning of a second device. An authentication token and a request identifier of the request is associated with a provisioning data structure for the user. The request including the authentication token is sent to a third device. The computer system receives a unique identifier for the second device from the third device. Based on a determination that the unique identifier and the authentication token of the second device match the unique identifier and authentication token in the provisioning data structure, authenticate the second device, retrieve a configuration profile for the user, and cause application of the configuration profile to one or more settings of the second device.

An information processing method, a device, and a storage medium, which relates to a screen transmission technology, are provided. The method includes: in response to a first operation acting on characters, displaying the characters in an input box, where the input box is an input box of a screen transmission application; determining a target screen-transmission code in candidate screen-transmission codes stored in a screen-transmission sending end according to input characters, where the number of characters contained in the target screen-transmission code is greater than the number of the input characters, the target screen-transmission code contains the input characters, the target screen-transmission code is a screen-transmission code of a screen-transmission receiving end, and the target screen-transmission code is acquired by the screen-transmission sending end from a beacon received from the screen-transmission receiving end; displaying the target screen-transmission code in the input box.

Embodiments of the present invention provide a system for authenticating and tracking resource distributions of secondary users. The system is configured for receiving a registration request from a primary user, wherein the registration request is associated with registration of one or more secondary users, in response to receiving the request, generating user credentials for each of the one or more secondary users, associating the user credentials with a primary user identification of the primary user, receiving a resource distribution request from a secondary user of the one or more secondary users, authenticating the secondary user, and processing the resource distribution request based on authenticating the secondary user.

Disclosed embodiments provide a framework for provisioning a virtual browser application environment accessible using a native browser application. The virtual browser application environment is implemented on a virtual machine instance, where the virtual environment is isolated from other functionality of the virtual machine instance. In response to a request to access the environment, a set of access control policies are identified. The access control policies define a level of access to actions that can be performed within the environment. The environment is presented through a website executed on a user's native browser application. The user's interactions with the environment and with any other users within the environment are monitored in real-time according to the access control policies.

An authentication model dynamically adjusts authentication factors required for access to a remote resource based on changes to a risk score for a user, a device, or some combination of these. For example, the authentication model may conditionally specify the number and type of authentication factors required by a user/device pair, and may dynamically alter authentication requirements based on changes to a current risk assessment for the user/device while the remote resource is in use.

At an authorization server, a shared secret electronic key may be shared with a second computer. A selection to use a system to complete a transaction may be received from a first computing device. An image may be communicated to the first computing device. A digital representation entered by the user representing the image and a PIN based on the copy of the shared electronic key may be received from the second computing device. The system and method may determine if the digital representation entered by the user on the second computing device matches the image communicated to the first computing device. The system and method may determine if the PIN based on the copy of the shared electronic key from the second computing device is as expected. In response to determining the digital representation entered by the user matches the image and the PIN the second computing device is as expected, the user may be authorized.

Systems, devices, and/or computer-implemented methods for secure offline data storage are provided herein. More particularly, a system is provided that permits access to a data storage device when offline from various components of the system. Furthermore, the disclosed system may permit the re-setting of authentication passwords/PINs for the data storage devices, even when such data storage devices are offline from other components of the system.