Securing access to one or more applications in an enterprise zone (e.g., a set of protected applications) is disclosed. A last activity time associated with a use of at least one mobile application in the protected subset may be retrieved from a shared storage location associated with a protected subset of two or more protected mobile applications. It may be determined that the last activity time is within a session expiration time period associated with the protected subset. Access to one or more applications in the protected subset may be allowed without credential verification based at least in part on the determination.

Systems and methods are provided for determining applications that are co-installed on a device. In an aspect, a system includes a registration component that receives, from a device, a request to register a first application provided on the device with a notification service, the request comprising an account identifier associated with a user identity, a session token, and an identifier for the first application. The session token is derived from an authentication token that is unique to the user identity and the device. The system further includes an authentication component configured to authenticate the user identity using the session token, and a fingerprint component configured to receive a fingerprint of the authentication token based on authentication of the user identity using the session token, wherein the registration component is configured to associate the account identifier, the identifier for the first application, and the fingerprint with one another in a database.

A computing device configured for authenticating a remote computing device is described. The computing device includes a processor and executable instructions stored in memory that is in electronic communication with the processor. The computing device detects a biometric device on the remote computing device. The computing device also obtains information regarding the biometric device on the remote computing device. The computing device further sends a utility to the remote computing device. The computer device additionally receives biometric input from the remote computing device. The computing device furthermore validates the biometric input received. The computing device also grants or denies access to the remote computing device based on the validation of the biometric input.

A system and method of guaranteeing the presence of secure and tamper-proof remote files over a distributed communication medium, such as the Internet, is provided. The system and method automatically detects, and then self-repairs corrupt, modified or non-existent remote files. The method first performs an integrity check on a remote file and then determines whether the integrity check passed. If the integrity check passed, then the user goes through the authentication process as normal. If the integrity check fails, then the present invention redirects to an install module in order to prepare to reinstall the remote file. Via the install module, the present invention then reinstalls the remote file and the user is then taken through the authentication process as normal.

A method of accessing, in a mobile communication device, an application issued by a Service Provider from a trusted application, also known as a wallet. A secure element, such as a SmartMX device, comprises a service manager that manages the application and a link between the application and an application-codec issued by the Service Provider, wherein the application-codec is designed for interfacing between the service manager and the application, for processing an access request requesting access to the application received from the service manager and, triggered by the wallet, accessing the application via the service manager by means of the link between the application and the application-codec, such that the application-codec linked with the respective application performs accessing the application under control of the service manager.

A method and apparatus are provided for access credential provisioning. A method may include receiving, at a first mobile apparatus, information about a second mobile apparatus. The first mobile apparatus may be provisioned with network access credential information to be transferred from the first mobile apparatus to the second mobile apparatus. The method may further include causing the information about the second mobile apparatus to be provided to a provisioning apparatus for the network. The method may additionally include receiving authorization form the provisioning apparatus to transfer the network access credential information from the first mobile apparatus to the second mobile apparatus. The method may also include, in response to receipt of the authorization, causing the network access credential information to be provided to the second mobile apparatus. A corresponding apparatus is also provided.

Systems and methods for authenticating the identity of a user prior to giving access to confidential data at a user interface via a network are described. In an exemplary implementation in an Internet environment, a server hosts an application providing selective access by the user to confidential data related to the user. The user provides initial data to the application as part of a request to access the confidential data. At least one database having the confidential data stored therein is accessed by the server to retrieve confidential data relating to the user located in the database based on the initial data received from the client interface. An exam creation function causes the server to create an exam comprising at least one question based at least in part on a portion of the confidential data relating to the user. This function creates the exam based on at least one exam definition. An exam administration function causes the server to transmit the exam to the client interface for presentation to the user. The user is granted access to the confidential data subsequent to determination that the user successfully passed the exam.

Various systems and methods for locking computing devices are described herein. In an example, a portable device comprises an electro-mechanical lock; and a firmware module coupled to the electro-mechanical lock, the firmware module configured to: receive an unlock code; validate the unlock code; and unlock the electro-mechanical lock when the unlock code is validated. In another example, device for managing BIOS authentication, the device comprising an NFC module, the NFC module comprising an NFC antenna; and a firmware module, wherein the firmware module is configured to: receive an unlock code from an NFC device via the NFC antenna; validate the unlock code; and unlock a BIOS of the device when the unlock code is validated.

A computer-implemented process of altering original data in a dataset, in which original data is anonymised and a digital watermark is included in the anonymised data. Anonymising the original data incurs information loss, and the process of including the digital watermark does not add significant further information loss. The original data can be a tabular file, a relational or a non-relational database, or the results of interactive database queries. Anonymising the data is achieved using one or more techniques that perturb the original data, such as tokenisation, generalisation; data blurring, synthetic record insertion, record removal or re-ordering.

In an information processing apparatus, upon the calling of a web application being instructed, the information processing apparatus sets a URL corresponding to the web application in the web browser and makes a request to the web server, and when a request to perform a confirmation process for the license is received from the web server, the information processing apparatus generates signature information of the information processing apparatus, sends the signature information to the URL, and obtains authorization information from the web server. The web server confirms a license of the information processing apparatus in response to the request from the information processing apparatus, and responds to the information processing apparatus with web application content upon the license of the information processing apparatus being successfully confirmed.