Abstract: Embodiments of the present invention provide a method, computer program product, and computer system for verifying transactions over a network. The method includes initiating a proposed transaction with a transaction server. The transaction server provides encoded details of the proposed transaction, in the form of a QR code, to the user. The QR code is scanned using a computing device, and is decoded using an application on the computing device. A set of transaction details associated with the decoded QR code is compared with the details of the proposed transaction. The proposed transaction is then confirmed or aborted using a separate communication channel.

Abstract: In an approach for authenticating a user attempting to access to a resource, a processor receives an indication of a user attempting to access a resource within a timeframe, wherein the indication includes a location of the user. A processor identifies a location requirement for the user attempting to access the resource, wherein the location requirement originates from an entry indicating an expected location of the user within the timeframe, and wherein the entry is unmodifiable by the user. A processor determines whether the expected location of the user matches, within a threshold, the received location of the user attempting to access the resource.

Abstract: A method, system, computer program product embodied in a computer readable storage medium, and computer system are disclosed for identifying a rogue domain name service (DNS) server. Embodiments include passively monitoring traffic on a target network; and identifying a DNS resolution response in the traffic on the network. The DNS resolution response includes a mapping of a domain to an internet protocol (IP) address. The DNS resolution response is compared with a preconfigured list of known mappings of domains to IP addresses. Based on the results of the comparison, it can be determined whether the DNS resolution response is correct. In cases where the DNS resolution response is incorrect, the provider of the DNS resolution response is a rogue DNS server.

Abstract: Embodiments of the present invention provide a method, computer program product, and computer system for verifying transactions over a network. The method includes initiating a proposed transaction with a transaction server. The transaction server provides encoded details of the proposed transaction, in the form of a QR code, to the user. The QR code is scanned using a computing device, and is decoded using an application on the computing device. A set of transaction details associated with the decoded QR code is compared with the details of the proposed transaction. The proposed transaction is then confirmed or aborted using a separate communication channel.

Abstract: A method, system, computer program product embodied in a computer readable storage medium, and computer system are disclosed for identifying a rogue domain name service (DNS) server. Embodiments include passively monitoring traffic on a target network; and identifying a DNS resolution response in the traffic on the network. The DNS resolution response includes a mapping of a domain to an internet protocol (IP) address. The DNS resolution response is compared with a preconfigured list of known mappings of domains to IP addresses. Based on the results of the comparison, it can be determined whether the DNS resolution response is correct. In cases where the DNS resolution response is incorrect, the provider of the DNS resolution response is a rogue DNS server.

Abstract: A method, system, and computer program product embodied in a computer readable storage medium are disclosed for identifying a rogue domain name service (DNS) server. Embodiments include passively monitoring traffic on a target network; and identifying a DNS resolution response in the traffic on the network. The DNS resolution response includes a mapping of a domain to an internet protocol (IP) address. The DNS resolution response is compared with a preconfigured list of known mappings of domains to IP addresses. Based on the results of the comparison, it can be determined whether the DNS resolution response is correct. In cases where the DNS resolution response is incorrect, the provider of the DNS resolution response is a rogue DNS server.

Abstract: In an approach for authenticating a user attempting to access to a resource, a processor receives an indication of a user attempting to access a resource within a timeframe, wherein the indication includes a location of the user. A processor identifies a location requirement for the user attempting to access the resource, wherein the location requirement originates from an entry indicating an expected location of the user within the timeframe, and wherein the entry is unmodifiable by the user. A processor determines whether the expected location of the user matches, within a threshold, the received location of the user attempting to access the resource.

Abstract: The disclosure is directed to a device password reset. A method in accordance with an embodiment includes: receiving a phone call at a locked mobile device from a phone having a privileged phone number; initiating a password reset in response to the receipt of the phone call from the privileged phone number and the phone call exceeding a predetermined time duration threshold by: terminating, by the locked mobile device, the phone call from the phone having the privileged phone number; generating, by the locked mobile device, a temporary password; establishing, by the locked mobile device, a connection to the phone having the privileged phone number; displaying, by the locked mobile device, a password entry field; communicating, by the locked mobile device, the temporary password via the connection to the phone having the privileged phone number; and unlocking the locked mobile device upon successful entry of the temporary password in the password entry field displayed by the locked mobile device.

Abstract: The disclosure is directed to a mobile device password reset. A method in accordance with an embodiment includes: receiving a phone call at a locked mobile device from a phone having a privileged phone number; initiating a password reset in response to the receipt of the phone call from the privileged phone number and the phone call exceeding a predetermined time duration threshold by: terminating, by the locked mobile device, the phone call from the phone having the privileged phone number; generating, by the locked mobile device, a temporary password; establishing, by the locked mobile device, a connection to the phone having the privileged phone number; displaying, by the locked mobile device, a password entry field; communicating, by the locked mobile device, the temporary password via the connection to the phone having the privileged phone number; and unlocking the locked mobile device upon successful entry of the temporary password in the password entry field displayed by the locked mobile device.

Abstract: The disclosure is directed to a mobile device password reset. A method in accordance with an embodiment includes: receiving a phone call at a locked mobile device from a phone having a privileged phone number; initiating a password reset in response to the receipt of the phone call from the privileged phone number and the phone call exceeding a predetermined time duration threshold by: terminating, by the locked mobile device, the phone call from the phone having the privileged phone number; generating, by the locked mobile device, a temporary password; establishing, by the locked mobile device, a connection to the phone having the privileged phone number; displaying, by the locked mobile device, a password entry field; communicating, by the locked mobile device, the temporary password via the connection to the phone having the privileged phone number; and unlocking the locked mobile device upon successful entry of the temporary password in the password entry field displayed by the locked mobile device.

Abstract: The disclosure is directed to a device password reset. A method in accordance with an embodiment includes: receiving a phone call at a locked mobile device from a phone having a privileged phone number; initiating a password reset in response to the receipt of the phone call from the privileged phone number and the phone call exceeding a predetermined time duration threshold by: terminating, by the locked mobile device, the phone call from the phone having the privileged phone number; generating, by the locked mobile device, a temporary password; establishing, by the locked mobile device, a connection to the phone having the privileged phone number; displaying, by the locked mobile device, a password entry field; communicating, by the locked mobile device, the temporary password via the connection to the phone having the privileged phone number; and unlocking the locked mobile device upon successful entry of the temporary password in the password entry field displayed by the locked mobile device.

Abstract: Aspects of the invention provide a solution for detecting man-in-the-middle attacks in electronic transactions using prompts. One embodiment includes a method for authenticating an electronic transaction. The method includes: receiving an electronic transaction request from a user, determining an IP address associated with a client system from which the electronic transaction request originates, providing the user with a password associated with the electronic transaction request, receiving a telephonic communication from a telephonic device associated with the user, prompting the user, via a voice response unit, to input the password using the telephonic device, authenticating the user by comparing the inputted password and the provided password, determining a probable location of the user based on the determined IP address of the client system, communicating to the user the probable location of the user based on the determined IP address, and prompting the user to confirm the probable location of the user.

Abstract: Aspects of the present invention provide a solution for verifying the integrity of a transaction. In response to receipt of a confirmed electronic transaction from a user, a one time password is forwarded to the user. The user then initiates a telephonic communication with a verifier on the user's wireless device and provides the one time password to the verifier. The verifier authenticates the mobile telephonic device based on the device's caller identification number and determines whether the one time password provided by the user matches the one forwarded to the user. After the user is authenticated, the verifier communicates the details of the transaction that were received and the user confirms whether the details match those originally entered.

Abstract: A system, method and program product for controlling access to a restricted item. A method is provided that includes: receiving a request for access to a restricted item at a computer system associated with a provider, said request originating from a client system; determining an IP address of the client system; determining a mobile phone number of a mobile phone associated with the requester; transmitting to a third party service provider the IP address and mobile phone number; and receiving back from the third party service provider a confirmation message indicating whether or not the IP address and mobile phone are located within an acceptable range of each other.

Abstract: Aspects of the invention provide a solution for detecting man-in-the-middle attacks in electronic transactions using prompts. One embodiment includes a method for authenticating an electronic transaction. The method includes: receiving an electronic transaction request from a user, determining an IP address associated with a client system from which the electronic transaction request originates, providing the user with a password associated with the electronic transaction request, receiving a telephonic communication from a telephonic device associated with the user, prompting the user, via a voice response unit, to input the password using the telephonic device, authenticating the user by comparing the inputted password and the provided password, determining a probable location of the user based on the determined IP address of the client system, communicating to the user the probable location of the user based on the determined IP address, and prompting the user to confirm the probable location of the user.

Abstract: A method, system, and computer program product embodied in a computer readable storage medium are disclosed for identifying a rogue network protocol service provider. Embodiments include passively monitoring traffic on a target network, and identifying a response to a network protocol request in the traffic on the network. The source of the response to a network protocol request is compared with a preconfigured list of authorized servers. Based on the results of the comparison, it can be determined whether the source of the response is an authorized server. In cases in which the source is a server on the preconfigured list of authorized servers, the source is deemed an authorized server. In cases in which the source is not a server on the preconfigured list of authorized servers, the source is deemed to be an unauthorized, or rogue, network protocol service provider.

Abstract: A method, system, and computer program product embodied in a computer readable storage medium are disclosed for identifying a rogue domain name service (DNS) server. Embodiments include passively monitoring traffic on a target network; and identifying a DNS resolution response in the traffic on the network. The DNS resolution response includes a mapping of a domain to an internet protocol (IP) address. The DNS resolution response is compared with a preconfigured list of known mappings of domains to IP addresses. Based on the results of the comparison, it can be determined whether the DNS resolution response is correct. In cases where the DNS resolution response is incorrect, the provider of the DNS resolution response is a rogue DNS server.

Abstract: A system, method and program product for defending against man in the middle (MITM) attacks directed at a target server. A system is provided that includes an activity recording system that records an incoming IP address, userid, and time of each session occurring with the target server; an activity analysis system that identifies suspect IP addresses by determining if an unacceptable number of sessions are occurring from a single incoming IP address during a predefined time period; and a countermeasure system for taking action against suspect IP addresses.

Abstract: A system, method, program product and a method for deploying a system for providing migration across authentication systems are disclosed. A system is provided that includes a login system that collects information from a user during a login process, a migration list check system that compares the information to a migration list to determine if the user is selected for migration, and a migration logic system that migrates the user from the existing authentication system to the new authentication system during the login process if the user is selected.

Abstract: Aspects of the present invention provide a solution for verifying the integrity of a transaction. In response to receipt of a confirmed electronic transaction from a user, a one time password is forwarded to the user. The user then initiates a telephonic communication with a verifier on the user's wireless device and provides the one time password to the verifier. The verifier authenticates the mobile telephonic device based on the device's caller identification number and determines whether the one time password provided by the user matches the one forwarded to the user. After the user is authenticated, the verifier communicates the details of the transaction that were received and the user confirms whether the details match those originally entered.