Abstract: A method for authenticating a user of an electronic device is disclosed. The method comprises: responsive to detection of a trigger event indicative of a user interaction with the electronic device, generating an audio probe signal to play through an audio transducer of the electronic device; receiving a first audio signal comprising a response of the user's ear to the audio probe signal; receiving a second audio signal comprising speech of the user; and applying an ear biometric algorithm to the first audio signal and a voice biometric algorithm to the second audio signal to authenticate the user as an authorised user.

Abstract: A responder device receives, from an initiator device, a request to initiate a cryptographic tunnel between the initiator device and the responder device. The responder device does not include a static private key to be used in an asymmetric cryptography algorithm when establishing the tunnel. The responder device transmits a request to a key server that has access to the static private key and receives a response that is based on at least a result of at least one cryptographic operation using the static private key. The responder device receives from the key server, or generates, a transport key(s) for the responder device to use for sending and receiving data on the cryptographic tunnel. The responder device transmits a response to the initiator device that includes information for the initiator device to generate a transport key(s) that it is to use for sending and receiving data on the cryptographic tunnel.

Abstract: A biometric information measurement device intermittently measures biometric information from a living body. The device includes an attachment and detachment determining section which determines whether the device is in an attached state where the device is attached to the living body or an unattached state where the device is detached from the living body, a personal identifying section which, in the attached state, determines whether a user attached with the device is a registered user who is registered in advance and stores a result of the determination, and a storage controller which, when a determination result indicating that the user is the registered user is stored, stores information indicating the registered user while being associated with the measured biometric information. The personal identifying section deletes the determination result when a time period in which the device is determined to be in the unattached state exceeds a predetermined time period.

Abstract: A biometric verification system is disclosed. The system includes a portable device which stores a biometric reference template and authentication preferences. The portable device can be used with an access device. The access device can prompt the user for a biometric sample. The access device may create a biometric sample template from the biometric sample, and the biometric sample template can be compared to the biometric reference template to determine if a user is authentic.

Abstract: Methods and systems for a device identification system may be provided. The device identification system may determine an identity of a user device associated with a transaction. The identity may be determined by network address information, hard link information, soft link information, and/or other such information. The network address information may include IPv4 information, IPv6 information, a device ID, and/or other such information. The identity of the user device may be determined and a transaction conducted from the user device may be assigned a fraudulent transaction risk score according to the information. Transactions that are determined to be at a high risk of fraud may be reviewed or otherwise flagged and/or canceled.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, to provide digital identification. One of these methods includes comparing the location of a requester of a digital identification to the location of an owner of the digital identification. The method also includes providing information about the digital identification to the requester based at least in part on determining that the requester and the owner are within a predetermined distance.

Abstract: A computer implemented method of authenticating a user based on comparison of biometric data authentication process parameters measured during a biometric authentication process against a biometric signature authentication process model of the user, comprising receiving sensory data captured by one or more sensors operated to capture biometric data of a user during a biometric authentication process conducted to verify a biometric signature of the user, calculating a deviation of values of a plurality of authentication process parameters measured during analysis of the sensory data from the values of corresponding reference authentication process parameters retrieved from a biometric signature authentication process model of the user and authenticating the user based on verification of the biometric signature and according to the deviation.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is first initiated to authenticate, via iris, a person claiming to be an authorized user, in which a first set of signals is randomly generated for controlling light strobing to be applied to the iris of the person for detecting liveness of the iris. A second set of signals is accordingly generated for controlling iris picture capturing synchronized with the light strobing. The light strobing is applied to the person via strobes generated based on the first set of signals and pictures of the iris of the person are acquired, based on the second set of signals, that are synchronized with the light strobing. Whether the person is live is then determined based on the synchronized pictures acquired when the light strobing is applied.

Abstract: Methods and systems for visualizing, analyzing, archiving and securing computer and internet of things (IoT) data networks are disclosed. The system includes a data collection device (sensor), preprocessing unit, analysis unit containing at least the Koopman mode analysis unit, and a postprocessing unit. The methods include Koopman mode analysis, support vector machines or deep learning used to compute the baseline, detect and rank known and unknown threats to the system, visualize and archive them. The methods also include creating and representing an Artificial Intelligence (AI) determined risk level indicators; using combined intel and notice alert severities with the AI risk level indicators to rank the alerts; using the AI indicators to create zero day risks; an AI Button to show the AI indicators and ranked alerts on a computer screen; and graphic user interfaces (GUI) to intuitively represent and interact with the AI indicators and ranked alerts.

Abstract: An information processing apparatus includes a storage unit configured to store therein address book information in which at least tag identification information for identifying a wireless tag that indicates a medium capable of performing wireless communication and personal information on a user are associated with each other, a tag identification information acquiring unit configured to acquire the tag identification information, a face information acquiring unit configured to refer to the address book information, and when face information on the user is not associated with the tag identification information, acquire the face information based on a captured image that is obtained by capturing an image of an imaging range corresponding to a range in which the tag identification information can be acquired, and a registration control unit configured to control registration of the face information in the address book information in association with the tag identification information.

Abstract: The disclosed embodiments provide a system that processes data. During operation, the system uses a first key to protect a write operation on the data. Next, the system uses a second key to protect a read operation on the data.

Abstract: This invention provides systems and methods for data processing by means of an ongoing background process on an end-user's computer. As a user receives and generates data, files are analyzed. A container file is opened into the volatile memory and its contents (including data and metadata) are extracted, without requiring an index to be created. The extracted components are analyzed based on predefined characteristics.

Abstract: Systems and methods for analyzing network traffic are provided. An exemplary system may include a plurality of network nodes distributed in multiple geographical regions. The plurality of network nodes may be configured to collect mass scanning network traffic data. The system may also include at least one processor. The processor may be configured to receive, from a first network node, a first network scanning request from a source scanner. In response to the reception of the first network scanning request, the processor may also be configured to transmit, via a second network node, a second network scanning request to the source scanner. The processor may further be configured to determine, based on feedback from the source scanner, whether the source scanner is compromised.

Abstract: Embodiments of the disclosure include methods, apparatus and computer programs for detecting the proximity of an ear to an audio device. In one embodiment, the disclosure provides a system for detecting the presence of an ear in proximity to an audio device. The system comprises: an input for obtaining a data signal from the environment of the audio device; and an ear biometric authentication module configured to: compare one or more ear biometric features, extracted from the data signal, to an ear biometric template; and generate a first output indicative of the presence or absence of any ear in proximity to the audio device based on the comparison of the one or more extracted ear biometric features to the ear biometric template.

Abstract: Methods and a system for secure data storage are described. In particular, a digital storage system for storing and retrieving user data is described, said system comprising: one or more independent digital storage devices, each digital storage device comprising a data storage device configured to store user data; a switch for regulating a supply of electrical power to the or each data storage device; and a security module for activating the switch and for storing timing restrictions that define a time window. The switch may only be activated to power the data storage device during the time window, improving the security of the user data.

Abstract: A method for processing files as a preemptive measure against a ransomware activity. The method comprises scanning a plurality of file operation requests sent to an operating system (OS) executed on a computing device to detect a guarded file operation request that comprises instructions to process a file managed by a file system used by said OS, delaying an execution of said guarded file operation request, temporarily storing a copy of said file in a backup storage in response to said detection of said guarded file operation request, and stop delaying said execution of said guarded file operation request when said copy is stored in said backup storage.

Abstract: Methods and systems are provided for sending messages in a security system. In particular, a new message syntax can include one or more positive assertions that may be verified. The receiver of the message or credential may verify all the positive assertions. In other configurations, one or more nodes that relay the message from the sender to the receiver can verify the positive assertions or may create one or more of the positive assertions. In this way, the network or entities used to relay the message can also be checked.

Abstract: A new approach is proposed that contemplates systems and methods to support email account takeover detection and remediation by utilizing an artificial intelligence (AI) engine/classifier that detects and remediates such attacks in real time. The AI engine is configured to continuously monitor and identify communication patterns of a user on an electronic messaging system of an entity via application programming interface (API) calls. The AI engine is then configured to collect and utilize a variety of features and/or signals from an email sent from an internal email account of the entity. The AI engine combines these signals to automatically detect whether the email account has been compromised by an external attacker and alert the individual user of the account and/or a system administrator accordingly in real time. The AI engine further enables the parties to remediate the effects of the compromised email account by performing one or more remediating actions.

Abstract: A method is used in managing passwords. A proposed new password is received. The proposed new password is associated with contextual information indicating a context in which the proposed password is to be used. A machine learning model is dynamically selected from a set of machine learning models based on the contextual information. A quality metric is derived from the proposed new password based on the selected machine learning model.

Abstract: Aspects of the disclosure relates to managed access to content and/or services. In certain aspects, tokens or other artifacts can be utilized for authentication and authorization.