Abstract: An authentication subsystem receives a request for authentication of a user to access a server. A voiceprint is determined for the user based on recordings of the user speaking. Authentication phrases is determined for the user based on the voiceprint. Based public user data and/or user transaction data, user knowledge is determined which reflects topics about which the user has knowledge. An authentication question is generated based on the authentication phrases and the user knowledge. An anticipated answer to the authentication question one of the authentication phrases. The authentication question is provided to a device operated by the user. If a response voiceprint associated with an actual spoken response to the authentication question sufficiently matches an anticipated voiceprint for an expected recording of the anticipated answer, the user is granted access to the server. Otherwise, access to the server is denied.

Abstract: A card includes a secure element hosting applications instances. An external interface receive, from an external card reader, an application selection command selecting one application instance from a set of one or more selectable application instances. A biometric interface is configured to acquire biometrics of a user via biometric sensor. A processor compares the acquired biometric data to reference biometric data stored in the card and set the selectable application instance set depending on the outcome of the biometric data comparison. An instance of a non-biometric application is provided in the set only in case of positive comparison. A non-biometric application is thus now biometric-secured. Personalized parameters configuring the instance of a same application may be determined based on the acquired biometrics, allowing configurations of the card to be proposed for several different users.

Abstract: A mobile terminal includes an output unit configured to output whether authentication successes, a controller configured to perform explicit authentication based on authentication information, to collect data for implicit authentication if the explicit authentication successes, and to enroll a user behavior pattern for the implicit authentication based on the collected data, and a memory configured to store the user behavior pattern.

Abstract: A method enables website providers to prohibit non-human users, such as programmed agents, from viewing their websites. According to a method for user authentication according to an embodiment, an authentication challenge is generated by a computing device, the authentication challenge including a number of challenge elements. The authentication challenge is presented to a user of a computing device and the user responds to the authentication challenge by selecting one or more challenge elements in accordance with an instruction provided to the user on how to complete the authentication challenge. The user is then notified whether they have successfully chosen the correct challenge element/s.

Abstract: The present disclosure provides an electronic device, a control method therefor, and a control program therefor capable of preventing an operation for activating a function protected by user authentication from becoming complicated. An electronic device includes: a keyword management DB for storing identification information of a registrant and a registered keyword in association with each other; a command management DB for storing a command and required authentication scores in association with each other; a data generator for creating grammar data including a registered keyword and a command; an utterance recognizer for matching the grammar data and extracted data extracted from an utterance of a user and acquiring a recognized authentication score and a recognized command; and an authenticator for determining that the command is recognized by comparing the required authentication score associated with the command determined to be the same as the recognized command and the recognized authentication score.

Abstract: An access control apparatus is provided. The apparatus can be used to unlock a device, wherein the device has a computation unit and at least one operator control unit that is electrically connectable to the computation unit, wherein the apparatus has a first reception unit for receiving electrical signals from the at least one operator control unit, a transmission unit for transmitting the electrical signals to the computation unit, a second reception unit for receiving at least one access message transmitted by means of an electromagnetic signal, an authorization unit for generating a switching signal if the result of the check on the access message is that unlocking of the device is permitted by means of the access message, and an unlocking unit for unlocking a transmission of electrical signals from the first reception unit to the transmission unit on the basis of the switching signal.

Abstract: A security check system using face ID sensing for secure access to an electronic platform includes a camera. The camera includes an imaging lens configured to form a modulated image of an object positioned in front of the camera. The modulated image of the object includes deviations from an ideal image. The security check system further includes a computer memory configured to store face ID data of an authorized person. The face ID data is generated from one or more modulated images of a live face of the authorized person acquired by the camera during a registration process. The security check system further includes a processing module configured to analyze the modulated image of the object to extract facial signatures, compare the facial signatures to the face ID data, and determine whether the object is the live face of the authorized person based on the comparison.

Abstract: A computing device (300) for authenticating a user (110), such as a mobile phone, a smartphone, a tablet, or the like, is provided. The computing device is operative to acquire a representation of a melody generated by the user, and authenticate the user in response to determining that the acquired representation of the user-generated melody and a representation of a reference melody fulfil a similarity condition. The user-generated melody may either be vocalized or subvocalized. If the melody is vocalized, the representation is derived from audio data captured by a microphone (102). If the melody is subvocalized, the representation is derived from nerve signals captured by sensors attached to the throat (111) of the user, or from a video sequence acquired from a camera (103), the video sequence capturing one or more body parts (111-115) of the user subvocalizing the melody, by magnifying motions of the one or more body parts which are correlated with the subvocalized melody.

Abstract: A method can include commencing generation of authentication data using a first human input component operatively coupled to a device, where the device includes a processor, memory accessible to the processor, a display operatively coupled to the processor, and a second human input component that includes an input surface, and where the input surface is inaccessible at the time of commencing generation of the authentication data; authenticating the authentication data; and responsive to the authenticating, transitioning the device to a state where the input surface of the second human input component is accessible and enabled for input.

Abstract: A user makes a request from a requesting device for access to a secure operation associated with a network-based service. A first biometric authentication is processed for the request and at least one second scope-based authentication is processed for the request based on an analysis of a physical environment for the requesting device. A determination is made based on at least the first biometric authentication and the scope-based authentication whether the secure operation can be: processed on behalf of the user by the network-based service, not processed at all, or processed only if requested from a specific medium/channel associated with a specific device, which may or may not be the requesting device.

Abstract: Disclosed embodiments relate to systems and methods for securely and seamlessly provisioning credentials for use by personal computing devices. Techniques include obtaining a session identifier; making available an encoded representation to a personal computing device, the encoded representation encoding the session identifier; wherein the personal computing device is configured to: decode the encoded representation, access an identity credential stored on the personal computing device, encrypt the identity credential using a first cryptographic key, and send, to a mediator resource, the session identifier and the encrypted identity credential; receiving, from the mediator resource, the session identifier and the encrypted identity credential; and storing the encrypted identity credential.

Abstract: A computing device includes a system that authenticates a user of the computing device. A first sensor obtains a first representation of a physical characteristic of the user that is compared to a registered representation of the physical characteristic of the user. A first level of access to the computing device is enabled based on the first representation of the physical characteristic matching the second representation of the physical characteristic. A second sensor obtains a first representation of a liveness characteristic of the user that indicates that the user is alive. The first representation of the liveness characteristic is compared to a registered representation of the liveness characteristic of the user. A second level of access to the computing device is enabled based on the first representation of the liveness characteristic of the user matching the second representation of the liveness characteristic of the user.

Abstract: Systems and methods of biometrically authenticating a user of a device. A biometric sample of a user can be analyzed to generate a user-specific biometric signature that is substantially unique to the specific user. To authenticate a user, a biometric sample can be obtained and analyzed to determine if the biometric signature is present in the sample. If so, the user can be biometrically authenticated to use the device. The device can provide a network with an indication of the authentication of the user to authenticate the device to the network. In response to the authentication, the network can provide the device access to the network, its resources, or portion(s) thereof.

Abstract: A method for biometric authentication is disclosed. Reference biometric data established at a first device can be stored at a backend server computer. The server computer can then provide the reference biometric data with a second device when needed for biometric authentication at the second device.

Abstract: Systems, devices, and methods for secure data management and transfer for secure data transactions are provided. For example, disclosed herein are secure & tamper resistant smart cards configured to immutably store data and securely exchange at least a portion of the data via, for example, wireless networks and/or peer-to-peer networks. The smart cards comprise a plurality of dedicated hardware circuit blocks electrically coupled via a bus interconnection, the plurality of dedicated hardware circuit blocks configured to authenticate users, verify trust amongst the smart card and external devices, and encrypt sensitive data for secure transmission.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is initiated to authenticate, via iris, a person claiming to be an authorized user. A trajectory is determined with respect to a display visible to the person. A plurality of focus dots are generated with corresponding coordinates on the trajectory with respect to the display and rendered to the person on the display in accordance with the corresponding coordinates during a specified period of time. A plurality of pictures of the iris of the person are captured during the period of time and used to determine whether the person is live based on the captured plurality of pictures of the iris of the person.

Abstract: In some embodiments, a method can include detecting, at a first circuit, the first circuit being operatively coupled to a memory device having a set of memory portions. The method can include receiving, from the memory device and at the first circuit, a set of encryption key portions after the detecting, each encryption key portion from the encryption key portions being a unique portion of an encryption key. The method can include assembling the encryption key by ordering each encryption key portion from the set of encryption key portions based on (1) a first previously defined list and (2) a second previously defined list. The first previously defined list and the second previously defined list each is stored at or accessible by the first circuit but not stored at or accessible by the memory device. The method can include authorizing access to a second circuit based on the encryption key.

Abstract: A method of authenticating a user includes obtaining a user authentication request for access to at least one application executed on an electronic device, identifying an actor and a task for authentication based on one or more context parameters associated with at least one of the electronic device or a user, providing a live challenge generated based on the identification, and identifying whether to access the at least one application based on whether the provided live challenge has been successfully performed.

Abstract: Methods, apparatus, computer program product and computer readable medium are disclosed for authentication. A method comprises: sending an authentication request to a relying party, wherein the authentication request comprises a voice authentication command of a user; receiving from an identity provider at least one first challenge message with respective randomly generated verification code and respective first randomly generated challenge style; and sending at least one voice verification code to the identity provider, wherein the at least one voice verification code is pronounced by the user in the light of the respective randomly generated verification code and the respective first randomly generated challenge style.

Abstract: The present invention relates to a method for authorization management in a community (106) of connected objects (103, 104, 105), a master object being determined in said community, the method comprising: receipt, by the master object (102), of a request (110, 123, 130) to carry out an action concerning: the community (106) of connected objects (103, 104, 105) or an internal object of the community (106), the internal object being distinct from the master object (102); receipt (119, 124, 137) of a list of attributes (101), by an authentication server (107) that is distinct from the master object (102); after the list of attributes is verified by the authentication server (107) and a capability of the requesting object (101) is determined based on said list of attributes, receipt (201, 211, 221) by the master object (102) of an authentication token comprising said capability; transfer (202, 212, 222) of said authentication token to said requesting object (101).