Abstract: Disclosed herein are methods and systems for transferring trust between authentication devices associated with the same user. The user accessing secure online resource(s) uses a first (authentication) client device which is not yet associated (verified) with the user for accessing the secure online resource(s). In response to receiving an authentication request from the client device, an authentication message is transmitted to the first client device. The authentication message is transferred from the first client device to a second client device already associated (verified) with the user for accessing the secure online resource(s). The second authenticator transmits back the authentication message which may be verified against the authentication message transmitted to the first client device.

Abstract: Disclosed herein are systems and methods for recovering online services user accounts of users based on verification of the users in video conferences, comprising receiving a request for recovering an account of a user of an online service, establishing one or more video conference sessions between a client device used by the user, client devices used by one or more trustees associated with the user and a bot agent initiated for the video conference session(s), operating the bot agent during the one or more video conference sessions to guide the one or more trustees to verify an identity of the user, and initiating an account recovery process for the account of the user in response to receiving a positive verification verdict from the one or more trustees.

Abstract: Disclosed herein are methods, systems and device for estimating an identity confidence level for a user requesting access to a secure resource, comprising: initiating an authentication session to authenticate the user using a client device to access the secure resource, computing a cumulative identity confidence score in a plurality of iterations and successfully authenticating the user in case the cumulative identity confidence score exceeds a threshold predefined for the secure resource.

Abstract: A computerized method of reducing a probability for falsely classifying a legitimate authentication process conducted by a legitimate user as a password guessing attack, comprising estimating a password guessing attack risk for an authentication process conducted by a user for accessing a secure service by performing the following for each of a plurality of failed access attempts in which the user provides incorrect authentication credentials: (1) calculate a risk score for a respective failed access attempt based on analysis of the incorrect authentication credentials provided during the respective failed access attempt and (2) update an authentication session score of the authentication process according to the calculated risk score and initiate one or more actions in case the updated authentication session value exceeds one or more threshold values extracted from a security policy predefined for the secure service.