Abstract: A responder device receives, from an initiator device, a request to initiate a cryptographic tunnel between the initiator device and the responder device. The responder device does not include a static private key to be used in an asymmetric cryptography algorithm when establishing the tunnel. The responder device transmits a request to a key server that has access to the static private key and receives a response that is based on at least a result of at least one cryptographic operation using the static private key. The responder device receives from the key server, or generates, a transport key(s) for the responder device to use for sending and receiving data on the cryptographic tunnel. The responder device transmits a response to the initiator device that includes information for the initiator device to generate a transport key(s) that it is to use for sending and receiving data on the cryptographic tunnel.

Abstract: Methods and devices for spoofing proof authentication of a user by voice to unlock a user device. According to one of its aspects, a method includes performing spoofing proof authentication of a user by voice. According to another aspect, a device is configured for spoofing proof authentication of a user by voice. Implementation of the method provides not only personalized access to the data, but also the highest level of security due to anti-spoofing.

Abstract: A method including receiving, by an infrastructure device from a first user device, a request to provide a list of available user devices that are available for authenticating the first user device with a service provider; receiving, by the infrastructure device from the first user device, a selection message indicating a selection of a second user device for authenticating the first user device; transmitting, by the infrastructure device to the second user device based on receiving the selection message, an authentication message indicating that the second user device is to authenticate the first user device; receiving, by the infrastructure device from the second user device, one or more encrypted authentication factors associated with authenticating the first user device; and transmitting, by the infrastructure device to the first user device, the one or more encrypted factors associated with authenticating the first user device with the service provider is disclosed.

Abstract: A user makes a request from a requesting device for access to a secure operation associated with a network-based service. A first biometric authentication is processed for the request and at least one second scope-based authentication is processed for the request based on an analysis of a physical environment for the requesting device. A determination is made based on at least the first biometric authentication and the scope-based authentication whether the secure operation can be: processed on behalf of the user by the network-based service, not processed at all, or processed only if requested from a specific medium/channel associated with a specific device, which may or may not be the requesting device.

Abstract: Methods for identifying potentially sensitive information and protecting such potentially sensitive information include scanning systems that collect and/or disseminate such information. Without limitation, systems collect and/or disseminate personal identification numbers (e.g., personal identification numbers, tax identification numbers, etc.), such as merchant systems, bank systems, healthcare systems, and the like, that collect, use, or disseminate sensitive information may be scanned to identify sequences of data that are likely to be sensitive, and may take actions to protect such sequences of data. Scanning and protection systems are also disclosed.

Abstract: A security platform architecture is described herein. The security platform architecture includes multiple layers and utilizes a combination of encryption and other security features to generate a secure environment.

Abstract: An electronic device performs techniques related to implementing biometric authentication, including providing user interfaces for: providing indications of error conditions during biometric authentication, providing indications about the biometric sensor during biometric authentication, orienting the device to enroll a biometric feature, and providing an indication of the location of the biometric sensor to correct a detected error condition.

Abstract: The present invention describes an architecture for increasing the performance of blockchain using a virtual actor model to provide stateful services that are highly scalable and responsive to events as they support publishing and/or subscribing to streaming messages and/or events. The architecture as described leverages established distributed design practices to achieve what would otherwise require costly resource intensive hardware.

Abstract: In some implementations, a terminal device may receive, from a mobile device associated with a user, first information identifying a first facial depth map of the user generated by the mobile device. The terminal device may generate a second facial depth map of the user. The first facial depth map may be generated before the second facial depth map. The terminal device may determine whether the user is authenticated to perform an exchange based on whether the first information identifying the first facial depth map corresponds to second information identifying the second facial depth map. The terminal device may transmit, to the mobile device and based on determining that the user is authenticated, a message indicating that the user is authenticated. The terminal device may receive, from the mobile device, exchange information identifying a credential for performing the exchange.

Abstract: Intelligent impedance injection modules (IIM)s are currently being used for line balancing and overcoming local disturbances on High Voltage (HV) transmission lines of an HV power grid. These distributed IIMs are connected and/or coupled to the HV transmission lines and operate with a pseudo ground at the voltage of the HV transmission line. In order to operate effectively, the IIMs need to communicate with other distributed IIMs across the three phases of the HV grid and also communicate with local intelligent centers LINCs that connect to and synchronize operations across each group of the distributed IIMs in a local region of the HV power grid. Systems and methods are presented for effective and secure sub-cyclic speed communication to and from the distributed IIMs, distributed IIMs to LINCs and substations to enable coordinated actions. Further the distributed IIMs and LINCs receive GPS signals and use the GPS clock for synchronizing operations.

Abstract: A computing device includes a system that authenticates a user of the computing device. A first sensor obtains a first representation of a physical characteristic of the user that is compared to a registered representation of the physical characteristic of the user. A first level of access to the computing device is enabled based on the first representation of the physical characteristic matching the second representation of the physical characteristic. A second sensor obtains a first representation of a liveness characteristic of the user that indicates that the user is alive. The first representation of the liveness characteristic is compared to a registered representation of the liveness characteristic of the user. A second level of access to the computing device is enabled based on the first representation of the liveness characteristic of the user matching the second representation of the liveness characteristic of the user.

Abstract: An electronic device is disclosed that includes a camera, a display, and a processor.

Abstract: Systems and methods may generally be used to authenticate a user. An example method may include capturing an image of a portion of a face of a user, retrieving, based on identification information, a registered model of the face from a database, and comparing the portion of the face in the captured image to a facial feature of the registered model. In response to determining that the portion of the captured image matches the facial feature of the registered model, the method may include granting access to secure content.

Abstract: A system is provided for secure verification of authentication data using quantum computing and a distributed server network. In particular, the system may store a reference set of authentication data associated with a user within a distributed server database in an encrypted form. Subsequently, when the system receives live set of authentication data associated with the user, the system may, using a quantum authenticator, compare the encrypted live set of authentication data with the encrypted reference set of authentication data for authorization purposes. The system may further comprise a quantum machine learning authorization engine which may track historical data and/or settings associated with the user to model and predict behavior patterns of the user. In this way, the system provides a secure and efficient way to perform authentication and/or authorization of the user.

Abstract: A method including receiving, by a second user device, an authentication message indicating that the second user device is to authenticate a first user device with a service provider that provides a service to the first user device; determining, by the second user device, one or more authentication factors associated with authenticating the first user device with the service provider; encrypting, by the second user device, the one or more authentication factors based at least in part on utilizing an encryption key associated with a trusted device included in the first user device; and transmitting, by the second user device, one or more encrypted authentication factors to enable authentication of the first user device with the service provider is disclosed. Various other aspects are contemplated.

Abstract: A computing device (200) for authenticating a user (110) is provided. The computing device is operative to display a first text (131) to the user, acquire a representation of the user subvocalizing a part of the first text, derive a user phrasing signature from the acquired representation, and authenticate the user in response to determining that the user phrasing signature and a reference phrasing signature fulfil a similarity condition. Optionally, the computing device may be further operative to determine if the user is authorized to read the first text. Further optionally, the computing device may be operative to reveal obfuscated parts of the first text in response to determining that the user is authorized to read the first text, or to discontinue displaying the first text, or to obfuscate at least part of the first text, in response to determining that the user is not authorized to read the first text.

Abstract: A continuous authentication system and related methods are provided. The system detects requests to perform user actions. A security value is associated with each user action. The system determines a subsequent session security level in response to an adjustment to a session security level by a security value of a requested user action. The requested user action is permitted and the session security level is adjusted based on the security value of the requested user action in response to a determination by the system that the subsequent session security level is greater than or equal to a threshold session security level. A user authentication challenge is caused (e.g., prompted) in response to a determination by the system that the subsequent session security level is less than the threshold session security level.

Abstract: Described herein is an identity network for validating the digital identity of a user based on identity provider validation for relying parties. The identity network may receive a request to validate a user that includes attributes of the user and a device identifier of the device the user is using to access the relying party. The identity network may identify an identity provider for the user based on the device identifier or attributes of the user. The identity network may launch the identity provider application through the relying party application integration of a software development kit. Upon launch, the user may authenticate himself through the identity provider, and the identity provider may provide a second set of attributes of the user to compare with the user provided attributes. The identity network can provide a confidence score to the relying party based on the comparison of the user attribute values.

Abstract: Methods and systems are provided for a multi-factor authentication technique that includes inputs of a physical key possessed by the user as a factor. Such a key may be a physical object that the user possesses and that includes truly random features not easily reproducible. The key may be custom to the user and may include inclusions or anomalies that affect a signal transmitted through the key. Such effects may impart a unique effect on signals transmitted through the key, producing a unique fingerprint to identify whether the key is authentication. An input from the user may be an additional factor within the authentication process.

Abstract: An electronic device is disclosed that includes a camera, a display, and a processor.