Abstract: Online user account access control with authentication challenge level adjustable based on a level of match between observed attributes of a present login attempt and corresponding recorded attributes for the authentic user for the entered user identifier (UID). Login candidates whose attributes sufficiently closely match the recorded attributes for the entered UID are allowed to select an authentication graphic pattern registered for the UID from a set of alternatives, with the degree of complexity of such selection-based authentication increasing according to the degree of difference between the observed attributes of the present login attempt and the corresponding recorded values for the UID, while by default, login candidates are requested to produce the registered authentication graphic pattern from blank slate.

Abstract: Systems, methods, and devices are described herein for executing a lockdown of electronic locks deployed in a local network of interconnected devices. In example implementations, each electronic lock is provided with a unique encryption key specific to that electronic lock and is provided with a shared encryption key. To execute a lockdown of all electronic locks in the local network, a server generates a locking instruction and encrypts it using the shared encryption key. The server then transmits the encrypted locking instruction to the gateway devices of the local network which, in turn, transmit it to each of the electronic locks. Upon receipt of the encrypted locking instruction, the electronic locks attempt to decrypt it using the shared encryption key. Upon successful decryption of the encrypted locking instruction, an electronic lock toggles to a lock state.

Abstract: Systems for detecting unauthorized user and controlling dynamic user interface functionality are provided. The system may receive a request to access functionality that may include login credentials of a user. The request may also include additional information associated with a computing device from which the request is received. The request and additional data may be analyzing using one or more machine learning datasets to determine whether a user requesting access is an authorized user or an unauthorized user. If the user is an authorized user, the user may be authenticated to the system an authentic user interface having enabled functionality may be generated. If the user is an unauthorized user, a decoy user interface having functionality disabled may be generated.

Abstract: A method for disabling a device associated with a virtual identity may include receiving, from the device, a request to use the virtual identity, where the request that may include a passcode guess and a device identifier. The method may also include determining that the passcode guess does not authorize use of the virtual identity and incrementing a number of incorrect passcode guesses received within a time interval. The method may additionally include determining that the number of incorrect passcode guesses received within the time interval is greater than or equal to a threshold. The method may further include storing an indication that subsequent requests associated with the device identifier should not authorize use of the virtual identity.

Abstract: An offender monitoring system has an electronic tag and a monitoring unit. The electronic tag has a tether to secure the electronic tag to an offender and a communication device to communicate with the monitoring unit. The monitoring unit has a communication device to communicate with the electronic tag. The system has a processor which analyses a communication between the electronic tag and the monitoring unit to determine a communication property, such as latency, variability of latency over a plurality of communications and signal strength. The processor determines, based on the measured communication property differing from a historical value, whether the communication between the electronic tag and the monitoring unit has been relayed via an intermediary device in an attempt by the offender to trick the monitoring unit.

Abstract: A non-volatile memory (NVM) is to store data and a first password. The first password is to protect the data. A controller is to selectively enable interaction with the data based on authenticating the first password against a second password. A temporary region is to store the second password. The second password is discarded in response to a status change of the apparatus. The data, the first password, and the second password are resettable by the controller in response to a reset request to bypass the first password, such that the apparatus is restorable to an unused state without authenticating the first password.

Abstract: A method and apparatus for testing and simulating an access control policy are disclosed. Evaluating an access control policy may be performed by utilizing a deny statement that causes the access request to be rejected despite actions indicated in the access request being authorized. Further, an independent simulation environment may be utilized for testing access control policy evaluation.

Abstract: In one embodiment, a non-transitory computer readable medium may include computer-executable instructions that, when executed by a processor, may cause processor to receive a set of user data associated with a user that is attempting to access an electronic lock, receive a request to actuate a locking mechanism of the electronic lock configured to prevent the user from accessing a machine in an industrial automation system, actuate the locking mechanism in response to the request and the set of user data corresponding to an expected set of data, store a log of the request and the set of user data, and send the log to a cloud-based computing system.

Abstract: Systems and techniques for intelligent pathway access control are described herein. A destination for an object and a reason the object is traveling to the destination may be obtained. A pathway may be established between a current location of the object and the destination using an electronic map of locations between the current location and the destination based on the reason the object is traveling to the destination. A set of access control features may be identified along the established pathway. A time window for arrival may be calculated for each access control feature of the set of access control features. The object may be allowed passage through an access control feature of the set of access control features based on a proximity of the object to the access control feature and a respective time window for arrival for the access control feature.

Abstract: A thermostat may include a memory and a processing system. The processing system may operate by determining a set of wake-up conditions for the processor to enter into a second operating state from a first operating state, the set of wake-up conditions including at least one threshold value associated with at least one environmental and/or time-of-day condition; causing the set of wake-up conditions to be stored in a memory; operating in a first mode in which the processor is in the first operating state during a time interval subsequent to causing the set of wake-up conditions to be stored in the memory; determining, while the processor is in the first operating state, whether at least one of the set of wake-up conditions has been met; and then operating in a second mode in which the processor is in the second operating state.

Abstract: A vehicle child safety seat alert system for alerting a caregiver if a child has been left behind in a vehicle. The vehicle child safety seat alert system includes a seat component configured to determine whether a child is sitting on the seat component, identify a Bluetooth signal from the target vehicle and use that signal to determine when the vehicle is turned off, and duplicate an RF signal that actuates the vehicle's sensory alarm system so as to be able to selectively actuate the vehicle's sensory alarm system. In use, with the seat component placed under a child's seat, whenever the vehicle has been turned off, if a child is still on top of the seat component, the seat component will wirelessly actuate the vehicle sensory alarm system after a predetermined period of time.

Abstract: A method of providing restricted access to computer application information via a computing device includes: displaying a limited-access icon on a display of the computing device, the limited-access icon including a function indicator and code-entry segments that can be selected by a user of the computing device, each of the code-entry segments including a visual indicator; receiving a selection sequence of user selections of selected ones of the code-entry segments; and performing a limited-access function corresponding to the function indicator in response to the selection sequence corresponding to an authorized sequence.

Abstract: A computer program product includes program instructions to generate a first virtual keypad for entry of a first portion of a password, wherein the first portion includes a first value and a second value. The program instructions receive the first portion, wherein the first portion includes a first number of keys selected equal to the first value and the second value present in the first number of keys selected. The program instructions generate a second virtual keypad for entry of a second portion, wherein the second portion includes a third and a fourth value. The program instructions receive the second portion, wherein the second portion includes a second number of keys selected equal to the third value and the fourth value present in the second number of keys selected. The program instructions determine to grant a user access to an account associated with the account password.

Abstract: The disclosed computer-implemented method for updating possession factor credentials may include (1) detecting a request from a user of a service to designate a new object to be used by the service as a possession factor credential in place of a previously designated object, (2) prior to allowing the user to designate the new object, authenticating the user by proofing the identity of the user to verify that an alleged identity of the user is the actual identity of the user and verifying that the proofed identity of the user had possession of the previously designated object, and (3) in response to verifying that the proofed identity of the user had possession of the previously designated object, designating the new object as the possession factor credential. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A method includes generating a first virtual keypad for entry of a first portion of a password, wherein the first portion includes a first value and a second value. The method receives the first portion, wherein the first portion includes a first number of keys selected equal to the first value and the second value present in the first number of keys selected. The method generates a second virtual keypad for entry of a second portion, wherein the second portion includes a third and a fourth value. The method receives the second portion, wherein the second portion includes a second number of keys selected equal to the third value and the fourth value present in the second number of keys selected. Responsive to determining the first and the second portion matches an account password, the method determines to grant a user access to an account associated with the account password.

Abstract: A method includes generating a first virtual keypad for entry of a first portion of a password, wherein the first portion includes a first value and a second value. The method receives the first portion, wherein the first portion includes a first number of keys selected equal to the first value and the second value present in the first number of keys selected. The method generates a second virtual keypad for entry of a second portion, wherein the second portion includes a third and a fourth value. The method receives the second portion, wherein the second portion includes a second number of keys selected equal to the third value and the fourth value present in the second number of keys selected. Responsive to determining the first and the second portion matches an account password, the method determines to grant a user access to an account associated with the account password.

Abstract: A method and system for determining unauthorized account access is provided. The method includes receiving a username of a user and a passcode for access to a secure account or device belonging to a user. The passcode is determined to be incorrect. Unauthorized access attempts with respect to the secure account or the device are determined based on based on the incorrect passcode and in response, a quality factor associated with the incorrect passcode with respect to the secure account or device is determined. The quality factor is compared to a threshold value. Security functions associated with the secure account or device with respect to the incorrect passcode and the results of the comparison are performed based on the quality factor and the unauthorized access attempts.

Abstract: An improved all electronic sensor to detect when a whistle emits an audio signal. The electronic sensor activates an additional function such as a light, or signaling device to activate remote functions, such as submerged speakers, or time keeping apparatus.

Abstract: Methods, apparatus and articles of manufacture for increasing mobile device security are provided herein. A method includes establishing a pre-determined set of cryptographic information, wherein said pre-determined set of cryptographic information comprises one or more user-selected non-alphanumeric input elements applied to one or more visual components; generating a prompt via a computing device interface in connection with an authentication request to access a protected resource associated with the computing device; processing input cryptographic information entered via the computing device interface in response to the prompt against the pre-determined set of cryptographic information; and resolving the authentication request based on said processing.

Abstract: A method for detecting unauthorized access is executed by a network monitoring apparatus connected to a network in which packets are transmitted between a plurality of information processing apparatuses. The method includes obtaining, by the network monitoring apparatus, packets regarding at least one access performed from a first information processing apparatus to a second information processing apparatus. The method includes selecting at least one condition from among predefined at least two conditions. The selection is performed according to a combination between the first information processing apparatus as an access source and the second information processing apparatus as an access destination. The method includes determining whether each of the obtained packets satisfies the selected at least one condition. The method includes determining a possibility that unauthorized access has been performed on the second information processing apparatus, based on a number of conditions determined to be satisfied.

Abstract: The present invention discloses a verification code generation and verification method, including: displaying a verification code display region on a touch display module, where the verification code display region includes at least one user-recognizable verification code element; sensing a touch action of a user on the touch display module, and determining a position of the touch action on the touch display module; and comparing whether the position of the touch action of the user on the touch display module is the same as a position of the verification code element to determine whether a verification code is correctly input. The verification code generation and verification method in the embodiments of the present invention is convenient for the user to input a verification code for verification, and brings a good verification effect while facilitating operations. Further, the present invention discloses a verification code generation and verification apparatus.

Abstract: An automatic locking system for a medical treatment device helps to ensure that an assistant is present during treatment of a patient. Among the features disclosed biometric authentication to verify that a trained assistant is present, a presence detector to ensure the assistant is continuously present during treatment, and warning and recovery processes that allow intermittent lapses in the continuous presence of the assistant.

Abstract: A vehicle is disclosed which includes a controller having at least one of a vehicle security module and a playback module. The vehicle security module may operate in a secure once mode of operation or in a secure all mode of operation. The playback module records ride information associated with the vehicle. The ride information may be provided to an external device.

Abstract: Computer-implemented methods, systems, and computer program products for document authentication and identification using a large-scale distributed system are provided. A method includes receiving a digitized document at a trusted system managed by a trusted third-party that is separate from a creator of content in the digitized document. The digitized document is compared to a set of markers to determine whether the digitized document includes one or more of the markers, and in response thereto, information associated with the one or more markers is extracted using a decoder on the trusted system according to encoding strategies. The method further includes generating a comparison registration identifier on the trusted system as a summary of the extracted information and the one or more markers, and comparing the comparison registration identifier with a stored registration identifier in an encoding history via the trusted system to authenticate and identify the received digitized document.

Abstract: In an in-vehicle system, a portable terminal interprets a command intended by operation data operated by an occupant via a touch panel of a DA, and determines whether the interpreted command is a prohibition command, that is, whether execution of the command in an own device is prohibited. When the command is not a prohibition command, the portable terminal is caused to execute the command, and when it is a prohibition command, the DA is caused to execute the command.

Abstract: A wireless access control system comprising a central access control system connected through a wireless network to a remote access control system comprised of a plurality of localized remote access controllers (locking mechanisms). The plurality of remote access controllers will generally be used to lock parts of a facility, whether physical facilities, parts thereof or mobile components within the facilities, and will allow for a supervisory function to determine which users of the system are allowed to access which resources within a facility. Also disclosed herein is an interlinked cascade lock system coupled to a central access control system that is comprised of at least two levels of security.

Abstract: A communications system utilizing a portable communications device for controlling functions in a vehicle includes a first display for controlling vehicle operating functions and a first transceiver connected to the first display device. A multifunctional control switch is connected to the first display device, while a second transceiver is used for communicating with either the first transceiver or a remote keyless entry (RKE) receiver depending upon whether the second transceiver is located inside or outside the vehicle. The second transceiver operates to configure operational parameters of the display device when those controls have not been readily integrated into the vehicle center stack.

Abstract: A method and device for writing a binary count of a length n to a memory having a limited number of write cycles, a physical storage location of bits (R-bits) of the count in the memory are periodically changed, fixed bits of the count are stored at fixed physical storage locations, and a bit value pattern of the fixed bits is used as an indicator for the physical storage locations of the changing bits (R-bits).

Abstract: A device used in an authentication process. The device includes a processor, a display coupled to the processor, and a computer readable medium coupled to the processor.

Abstract: A phone used in an authentication process. The phone includes a processor, a display coupled to the processor, and a computer readable medium coupled to the processor.

Abstract: A management system manages use of management object provided in facilities by using an information storage medium of a user. An entrance management apparatus, provided in the vicinity of an entrance of the facilities, stores use permission information for permitting the use of the management object on an information storage medium when the user enters the facilities. In the facilities, a use management apparatus, provided for each management object, controls availability or unavailability of the management object based on the use permission information stored on the information storage medium. Additionally, the use management apparatus stores, in the information storage medium, use information showing that the management object is used. Further, a room leaving management apparatus, provided in the vicinity of an exit of the facilities, manages leaving of the user based on the use information stored on the information storage medium.

Abstract: Method and arrangement for controlling authorization for access to an object, in which a signal communication via electromagnetic waves is established between the object and a wireless portable unit when a tripping device on the object is actuated. The signal communication includes at least one first signal (X1 . . . Xn) that is sent from the object to the portable unit, and at least one second signal (Y3, Z1 . . . Zn) that is sent from the portable unit to the object in response to the first signal(s). The second signal(s) includes sufficient information for verifying that the portable unit has an approved identity. The verification information is checked, a distance is measured between the object and the portable unit and the authorization is confirmed if both the checked verification information is approved and the measured distance is less than a predetermined value.

Abstract: A system, method, and apparatus for controlling consumer electronic (CE) devices are provided. A remote control unit controls one or more CE devices by obtaining control information necessary to control each CE device from a Consumer Electronic Device Control Database (CEDB). A CEDB provides control information, such as command codes and metadata, for various CE devices as well as providing a mapping between CE device types, CE brands, and particular CE devices. A remote control unit accesses the records provided by a CEDB to provide automatic and programistic control of CE devices.

Abstract: A system for providing communication between a vehicle and a plurality of wireless devices includes a receiver configured to receive wireless signals from the wireless devices. The received wireless signals are provided in accordance with a communication standard from the plurality of communication standards. The system also includes a wireless data transfer module coupled to the receiver and configured to support the plurality of communication standards, process the wireless signals and direct the data of the wireless signals to a corresponding vehicle system. The system may include a transmitter coupled to the wireless data transfer module. The transmitter is configured to transmit wireless signals from the vehicle to the wireless devices. The wireless data transfer module receives data from a vehicle system and provides the data to the transmitter in accordance with a communication standard from the plurality of communication standards.

Abstract: A method for providing secure access to a digital resource including a learning step including selecting a secret digital authentication code and registering the code in an electronic memory; and an authentication step including inputting a digital information unit and comparing the information unit input with the digital authentication code recorded in the electronic memory, the authentication step emitting an approval signal when the comparison is positive, wherein the learning step includes displaying at least one table including a multiplicity of motifs arranged according to a matrix correlated with an input device including a predetermined number of command zones and selecting a graphic code by activating at least one command zone associated with a selected motif, and recording the identifier of the selected motif in an electronic memory to form a digital authentication code, and wherein the authentication step includes displaying at least the table of motifs and transmitting to a calculator the identifi

Abstract: The invention relates to an article delivery receptacle (10) comprising an electronic code lock (11). When delivering articles (8), the delivery person opens the receptacle (10) by entering a delivery code (6) into the electronic code lock (11). During the ordering process, the addressee (1) conveys the required delivery code (6) to the delivery person (9) via the supplier (9) of the ordered articles (8). After the articles (8) are deposited in the receptacle, the receptacle (10) is locked once again so that the articles (8) placed therein are protected from theft. After a successful delivery, the code lock (11) is blocked so that it is no longer possible to open the delivery receptacle (10) using the delivery code (6). The addressee can remove the delivered articles (8) from the receptacle (10) by using an addressee key (12) which only the addressee possesses. After removing the articles (8), the delivery receptacle is enabled once again for receiving subsequent deliveries of articles.

Abstract: Exemplary embodiments of the present invention include a method for creating a user metric pattern. Such embodiments typically include receiving, within the network, a plurality of disparate user metrics, determining that the plurality of disparate user metrics received within the network do not match a predetermined metric pattern, and saving the plurality of disparate user metrics as a new metric pattern. In many embodiments, determining that the plurality of disparate user metrics received within the network do not match a predetermined metric pattern includes comparing the plurality of disparate user metrics with a plurality of metrics associated with the predetermined metric pattern.

Abstract: A system, method and apparatus for controlling consumer electronic (CE) devices. A control unit obtains CE device command codes and “metadata” from an interactive, wirelessly accessible database. The control unit uses the metadata, which is data relating to the unique control behaviors of a CE device, to translate between a universal control command and one or more of the command codes associated with the CE device. A wireless access method is used to download the CE device metadata and command codes to a central server or to the control unit itself. The control unit provides an interface by which end users can provide feedback concerning downloaded metadata and command codes, such that erroneous data may be corrected or so that other users may determine whether the data is worth accessing.

Abstract: In an access control system, a method and system for system management. The RF access control system includes a wireless panel interface module that transmits system component settings to a system management interface and receives configuration information from the interface. The system also includes a system management interface for retrieving component settings from the wireless panel interface module and generating configuration information to adjust the settings. The wireless panel interface module transmits the configuration information to system components. The system further includes a wireless access point module that receives configuration information from the wireless panel interface module via an RF communication link. An access processor adjusts settings of the wireless access point module based on the configuration information. A control processor adjusts settings of the wireless panel interface module based on the configuration information.

Abstract: Message data are picked up by using a decoder 2 from received signals received by a receiver portion 1 of a radio paging receiver, and stored in a RAM 4a of a CPU 4. An informing portion 9 informs a user of the message. The user designates any character sequences in the message stored in the RAM 4a by a character sequence designating unit 4b. A character sequence retrieving unit 4c retrieves whether or not designated character sequences are contained in stored messages. When the messages containing the designated character sequences are detected, a time counting unit 4d monitors whether or not a predetermined time has been lapsed after storage of concerned messages. An erasing unit 4e erases unnecessary messages stored in the RAM 4a from the RAM 4a after the predetermined time has been lapsed.

Abstract: An improved electronic lock system is provided for use with real estate lock boxes where there is the need for many people to access the secured compartment of the lock box in a controlled manner. Each user has an identification card with a non-volatile secure memory (known as a “smart card”), for exchanging data with the lock box, and with a portable computer capable of reading data from the smart card; or a cell phone can be used to gain access information from a central computer. The user first inserts the smart card into the connector attached to the lock box; the lock box reads the user's ID stored in the smart card memory and records this information in lock box memory. The lock box then transfers its access code information and other data to the smart card for further processing. The user then inserts the smart card in a portable card reader to learn the access code, or calls a central computer via a mobile phone system and interacts with the computer to elicit the necessary access code information.

Abstract: A fingerprint enrollment and verification module is connected to the electrical circuit of a vehicle to prevent operation of the vehicle by unauthorized users. The module has a sensor that creates a template of a fingerprint when a finger is placed on the module. The module has a flash memory to store enrolled templates and a verification step. After a fingerprint has been enrolled in the module, any operation of that vehicle is possible only after the user's fingerprint is verified to match the enrolled template.

Abstract: A colored based lock and key, wherein the key includes a color indication incorporated thereon, and the lock includes a color sensor for identifying the color indication, so as to open the lock. According to a preferred embodiment of the invention, the key includes a blank or blanks on which at least one, and preferably a plurality of colors are incorporated. The blank or blanks can be formed of metal, plastic, or any other material on which colors or color emitting or color reflecting materials can be incorporated by various methods. According to other preferred embodiments of the present invention, the lock includes at least one color sensor arranged to sense the color incorporated on the key or on a predefined sequence of keys, when the key or keys are inserted in the lock, or put across the lock or rotated in the lock, and further includes a decision mechanism activated by an electric signal generated upon identification of the color incorporated on the key, to permit opening of the lock.

Abstract: An Electronic House Arrest Monitoring (EHAM) system of the present invention includes a transmitter attached to a monitored offender and a receiver positioned in the vicinity of the desired monitoring location. The transmitter and the receiver each have a pattern stored or generated therein for determining the interval of time between signal transmissions and receptions. The pattern is pseudo-random to offer improved protection against imposter transmitters, in other words the time intervals are selected to be unequal and randomly varying but the pattern is repeated or cycled to allow continuing signal transmission by the transmitter. The transmitter transmits signals at varying time intervals according to this pattern, and the receiver authenticates signals it receives as coming from the monitored transmitter based on the expected time intervals from the pattern.

Abstract: A limited-use appliance is disclosed which has at least one input device for generating an input signal and a controller associated with the input device and receiving the input signal. The controller initiates at least one limited-use function of the appliance upon receipt of the input signal. A test device is maintained by the controller, and has a predetermined criteria which determines whether the input signal should be sent on to the controller or not. A method for pre-installing an appliance is also disclosed and includes the steps of pre-installing an appliance with a controller, wherein the controller operates the appliance in a limited manner. An input device from a group of input devices is associated with the controller, wherein the input device generates an input signal to operate the appliance. And the pre-determined criteria maintained by the controller is tested such that the input signal from the controller is blocked when the pre-determined criteria is met.

Abstract: A method for facilitating biometric security in a transponder-reader transaction system is provided. The method includes determining if a transaction violates an established rule, such as a preset spending limit. The method also includes notifying a user to proffer a biometric sample in order to verify the identity of said user, and detecting a proffered biometric at a sensor to obtain a proffered biometric sample. The method additionally comprises verifying the proffered biometric sample and authorizing a transaction to continue upon verification of the proffered biometric sample.

Abstract: According to one embodiment of the present invention, a method for authenticating a user of a device comprises: generating at least one arrangement comprising a sub-set of a plurality of stored objects, the sub-set comprising at least one authenticating object that forms at least part of a user's authentication key and the sub-set further comprising at least one non-authenticating object, wherein such generating comprises randomly selecting a position within the at least one arrangement for the at least one authenticating object and randomly selecting the at least one non-authenticating object from the plurality of stored objects; presenting to a user the generated at least one arrangement; receiving input that comprises a selection of at least one of the objects from the at least one arrangement; and determining whether the selection identifies the authentication key.

Abstract: A system and method for permitting different authorized degrees of access to two or more users of a vehicle in a fleet of vehicles. Each user has a radio (RF) transponder coupled to an ignition key that operates the ignition switch of the vehicle. The transponder stores data indicating the degree of operating access authorized to each user for the vehicle.

Abstract: A stealth system and method that allows a resource to be practically invulnerable to fast online brute-force attacks is disclosed. The method for controlling access to a computer resource consists in performing a user authentication procedure upon receiving a request from a user to access the computer resource. As part of the user authentication procedure, a password verification procedure is performed which comprises the steps of requesting a password from the user and comparing the entered password with an expected valid one. The next steps are to compute the number of ungranted access for the user during a predefined time interval N if the password matches the expected one and to grant access to the user only if the computed number is lower than a predetermined number K of authorized requests.

Abstract: The electronic supervisor and subordinate lock system employs an electronic lock as a supervisor lock and at least one other electronic lock as a subordinate lock. The supervisor lock controls and/or authorizes the opening of one or more subordinate locks.