Abstract: In certain embodiments, a token (e.g., a short-range wireless token or other token) may be provided to facilitate authentication. In some embodiments, the token may obtain a first challenge from a computer system. The token may determine which challenge type of multiple challenge types the first challenge corresponds. The token may cause a secure component to use a key associated with a first challenge type to generate a first challenge response for the first challenge based on the first challenge corresponding to the first challenge type, where the key associated with first challenge type may be selected by the secure component from multiple keys (for the generation of the first challenge response) based on the first challenge corresponding to the first challenge type. The first challenge response may be provided to the computer system.

Abstract: In some embodiments, inputs provided to an application are securely stored and processed. In some embodiments, input data is obtained via a user interface of an application accessed on a network device and the input data is stored in a physical memory area of temporary storage of the network device. The physical memory area of the temporary storage is configured to be designated for securely storing data processed by the application and to remain designated for securely storing data processed by the application when the network device is rebooted. The physical memory area is inaccessible to other applications. The input data is processed via the physical memory area of the temporary storage in accordance with instructions of the application, and, in response to a reboot of the network device, the designation of the physical memory area of the temporary storage to securely store data processed by the application is reapplied.

Abstract: In certain embodiments, first and second challenge responses may be obtained at a computer system from a client device respectively via first and second connections between the computer system and the client device. The challenge responses may each be generated based on a same private key stored in a secure local storage at the client device. Confirmation of identification information associated with an entity, to which the private key corresponds, may be obtained based on information obtained from the client device via the first connection. Information obtained from the client device via the second connection may be authenticated based on (i) the obtained confirmation via the first connection and (ii) verification of the first and second challenge responses obtained respectively via the first and second connections.

Abstract: In some embodiments, inputs provided to an application are securely stored and processed. In some embodiments, input data is obtained via a user interface of an application accessed on a network device and the input data is stored in a physical memory area of temporary storage of the network device. The physical memory area of the temporary storage is configured to be designated for securely storing data processed by the application and to remain designated for securely storing data processed by the application when the network device is rebooted. The physical memory area is inaccessible to other applications. The input data is processed via the physical memory area of the temporary storage in accordance with instructions of the application, and, in response to a reboot of the network device, the designation of the physical memory area of the temporary storage to securely store data processed by the application is reapplied.

Abstract: In certain embodiments, a token (e.g., a short-range wireless token or other token) may be provided to facilitate authentication. In some embodiments, the token may obtain a first challenge from a computer system. The token may determine which challenge type of multiple challenge types the first challenge corresponds. The token may cause a secure component to use a key associated with a first challenge type to generate a first challenge response for the first challenge based on the first challenge corresponding to the first challenge type, where the key associated with first challenge type may be selected by the secure component from multiple keys (for the generation of the first challenge response) based on the first challenge corresponding to the first challenge type. The first challenge response may be provided to the computer system.

Abstract: In certain embodiments, a token (e.g., a short-range wireless token or other token) may be provided to facilitate authentication. In some embodiments, the token may obtain a first challenge from a computer system. The token may determine which challenge type of multiple challenge types the first challenge corresponds. The token may cause a secure component to use a key associated with a first challenge type to generate a first challenge response for the first challenge based on the first challenge corresponding to the first challenge type, where the key associated with first challenge type may be selected by the secure component from multiple keys (for the generation of the first challenge response) based on the first challenge corresponding to the first challenge type. The first challenge response may be provided to the computer system.

Abstract: In certain embodiments, first and second challenge responses may be obtained at a computer system from a client device respectively via first and second connections between the computer system and the client device. The challenge responses may each be generated based on a same private key stored in a secure local storage at the client device. Confirmation of identification information associated with an entity, to which the private key corresponds, may be obtained based on information obtained from the client device via the first connection. Information obtained from the client device via the second connection may be authenticated based on (i) the obtained confirmation via the first connection and (ii) verification of the first and second challenge responses obtained respectively via the first and second connections.

Abstract: In certain embodiments, first and second challenge responses may be obtained at a computer system from a client device respectively via first and second connections between the computer system and the client device. The challenge responses may each be generated based on a same private key stored in a secure local storage at the client device. Confirmation of identification information associated with an entity, to which the private key corresponds, may be obtained based on information obtained from the client device via the first connection. Information obtained from the client device via the second connection may be authenticated based on (i) the obtained confirmation via the first connection and (ii) verification of the first and second challenge responses obtained respectively via the first and second connections.

Abstract: In certain embodiments, a token (e.g., a short-range wireless token or other token) may be provided to facilitate authentication. In some embodiments, the token may obtain a first challenge from a computer system. The token may determine which challenge type of multiple challenge types the first challenge corresponds. The token may cause a secure component to use a key associated with a first challenge type to generate a first challenge response for the first challenge based on the first challenge corresponding to the first challenge type, where the key associated with first challenge type may be selected by the secure component from multiple keys (for the generation of the first challenge response) based on the first challenge corresponding to the first challenge type. The first challenge response may be provided to the computer system.

Abstract: In certain embodiments, first and second challenge responses may be obtained at a computer system from a client device respectively via first and second connections between the computer system and the client device. The challenge responses may each be generated based on a same private key stored in a secure local storage at the client device. Confirmation of identification information associated with an entity, to which the private key corresponds, may be obtained based on information obtained from the client device via the first connection. Information obtained from the client device via the second connection may be authenticated based on (i) the obtained confirmation via the first connection and (ii) verification of the first and second challenge responses obtained respectively via the first and second connections.

Abstract: An approach for facilitating secured use of short-range wireless tokens is disclosed. In some implementations, a short-range wireless token may be wirelessly powered based on the short-range wireless token being within a powering range of an electromagnetic field of a user device. The short-range wireless token may be configured to generate output signals while being powered. The output signals of the short-range wireless token may be disabled while the short-range wireless token continues to be powered by the electromagnetic field based on a predetermined condition determined by the short-range wireless token. The output signals of the short-range wireless token may be re-enabled based on a discontinuing of the powering of the short-range wireless token by the electromagnetic field and then a resuming of the powering of the short-range wireless token by the electromagnetic field.

Abstract: An approach for facilitating secured use of short-range wireless tokens is disclosed. In some implementations, a short-range wireless token may be wirelessly powered based on the short-range wireless token being within a powering range of an electromagnetic field of a user device. The short-range wireless token may be configured to generate output signals while being powered. The output signals of the short-range wireless token may be disabled while the short-range wireless token continues to be powered by the electromagnetic field based on a predetermined condition determined by the short-range wireless token. The output signals of the short-range wireless token may be re-enabled based on a discontinuing of the powering of the short-range wireless token by the electromagnetic field and then a resuming of the powering of the short-range wireless token by the electromagnetic field.

Abstract: In a server-client computer network system, for carrying out cryptographic operations via a network between a client computer workstation and a cryptography server computer system, in the client computer workstation and in the cryptography server computer system, computer software programs which are set up to communicate with each other are installed. These computer software programs are executed so that when the client computer workstation directs a request to carry out a cryptographic operation to the cryptography server computer system, the cryptography server computer system responds to it. For this purpose, the cryptography server computer system requests strong authentication from the requesting client computer workstation. As a reaction to this, the client computer workstation accesses a key of its user, under strong authentication. In the case of successful authentication, the client computer workstation receives a release to initiate just one or a few cryptographic operations using the private key.