Abstract: A frictionless automated teller machine (ATM) computing system may include an ATM, an authentication server, and a mobile device running a mobile application. The devices of the frictionless ATM computing system facilitates simplified user interaction with the ATM. As a user approaches the ATM, the user may log into the mobile device, which triggers the mobile device to send a geographic location to the authentication server. The authentication server then notifies the mobile device of a close ATM. In response, the mobile device may display a user interface screen to initiate a transaction. The ATM may be woken by the authorization server or a user input to complete the transaction causing the ATM to dispense the requested amount of currency.

Abstract: A transaction access point computing system may include an automated teller machine (ATM) or other transaction access point and an authentication server, a beacon device and, in some cases, a mobile device running a mobile application. The devices of the frictionless ATM computing system facilitates simplified user interaction with the ATM. As a user approaches the ATM, the mobile device may receive the beacon signal including a command to awaken the mobile application. After receipt, the mobile application may communicate an identifier to the authentication server, and the ATM may capture an image of the user. At the application server, the user image may be authenticated and confirmation returned to the ATM along with a unified user identifier. After confirmation of the additional identifier, the ATM may dispense a specified amount of currency.

Abstract: A system implements a QKD-secured logon widget. The system generates a first random quantum key using a first random measurement basis; transmits over a fiber optic network, a first random quantum key to a device, encrypts a logon widget instruction set using the first random quantum key and a first encryption algorithm, resulting in an encrypted message. The system then transmits the encrypted message, and the device receives a second random quantum key from the system, and measures the second random quantum key using a second random measurement basis, where the second random measurement basis is compared to the first random measurement basis, resulting in a comparison basis result. The system uses the comparison basis result to determine a level of anomalies present in the second random quantum key and a shared key, and, based on the level of anomalies, determines whether to render a logon widget at the device.

Abstract: A network authentication device that includes an authentication engine. The authentication engine is configured to receive an authentication key request from a user device that identifies an account. The authentication engine is configured to obtain an authentication key and to establish a first set of authentication rules for the authentication key. The authentication engine is configured to identify one or more triggering events associated with an increased threat to the account and to establish a second set of authentication rules for the authentication key. The authentication engine is configured to perform key validation for the authentication key using the first set of authentication rules and to send the authentication key to the user device. The authentication engine is configured to detect a triggering event from the one or more triggering events has occurred and perform the key validation for the authentication key using the second set of authentication rules.

Abstract: A network authentication device that includes an authentication engine in signal communication with a network interface. The authentication engine is configured to receive an authentication key request from a first user device that identifies an account linked with a first user and a second user device. The authentication engine is configured to generate an authentication key and to establish a first set of authentication rules for the first user and a second set of authentication rules for the second user. The authentication engine is configured to generate a first authentication key fragment comprising a first portion of the authentication key and a second authentication key fragment comprising a second portion of the authentication key and to send the first authentication key fragment to the first user device and the second authentication key fragment to the second user device.

Abstract: Systems for dynamically authenticating users are provided. A system may receive a request to access functionality. In response to the received request, an authentication grid may be dynamically generated. The authentication grid may include a plurality of fields, each identifiable by a field identifier, and including one or more characters that may be used to authenticate a user. The authentication grid may be transmitted to a computing device of a user. A character for authentication may be identified by the system. In some arrangements, the system may generate a request for user input including a character appearing in the authentication grid. The user may identify the field and input the character appearing in the field. The system may receive the requested character and may compare it to the identified character for authentication. If the received character and the identified character match, functionality may be enabled. If a match does not exist, functionality may be disabled.

Abstract: Systems, methods and computer readable media for implementing a Focus-Driven User Interface using a Focus-Driven MVC architecture are described. The Focus-Driven MVC architecture builds on the traditional MVC framework, adding a Focus component between the Controller and Model components. The Focus component implements Focus Logic to handle Focus-Driven features. The Focus component may receive access commands or requests from the Controller, relay those commands to the Model and, in response, obtain data from the Model. The Focus Logic applies rules to the data, determines relevancy rankings for the given property, and sends the processed data to the Controller which, in turn, may update the user interface with the processed data.

Abstract: A network authentication device that includes an authentication engine. The authentication engine is configured to receive an authentication key request from a user device that identifies an account. The authentication engine is configured to obtain an authentication key and to establish a first set of authentication rules for the authentication key. The authentication engine is configured to identify one or more triggering events associated with an increased threat to the account and to establish a second set of authentication rules for the authentication key. The authentication engine is configured to perform key validation for the authentication key using the first set of authentication rules and to send the authentication key to the user device. The authentication engine is configured to detect a triggering event from the one or more triggering events has occurred and perform the key validation for the authentication key using the second set of authentication rules.

Abstract: A network authentication device that includes an authentication engine in signal communication with a network interface. The authentication engine is configured to receive an authentication key request from a first user device that identifies an account linked with a first user and a second user device. The authentication engine is configured to generate an authentication key and to establish a first set of authentication rules for the first user and a second set of authentication rules for the second user. The authentication engine is configured to generate a first authentication key fragment comprising a first portion of the authentication key and a second authentication key fragment comprising a second portion of the authentication key and to send the first authentication key fragment to the first user device and the second authentication key fragment to the second user device.

Abstract: A computing platform may receive, from a client portal server, a request to authenticate a user to a user account associated with a client portal provided by the client portal server, as well as device selection input selecting a first registered device and a second registered device to receive one-time passcodes. The computing platform may generate a first one-time passcode for the first registered device and a second one-time passcode for the second registered device, and may send the first one-time passcode to the first registered device and the second one-time passcode to the second registered device. The computing platform may receive and validate one-time passcode input. Based on validating the one-time passcode input, the computing platform may generate a validation message directing the client portal server to provide the user with access to the user account, and may send the validation message to the client portal server.

Abstract: A computing platform may receive, from a social messaging server, a request to authenticate a user to a user account associated with a client portal. In response to receiving the request, the computing platform may send, to the social messaging server, an authentication token request message. Thereafter, the computing platform may receive, from the social messaging server, an authentication token. The computing platform may validate the authentication token received from the social messaging server. Based on validating the authentication token received from the social messaging server, the computing platform may generate a validation message directing a client support server to provide the user with access to the user account. Subsequently, the computing platform may send the validation message to the client support server, which may cause the client support server to initiate a client support session with the user via the social messaging service provided by the social messaging server.

Abstract: Aspects of the disclosure relate to preventing unauthorized access to secured information systems. A computing platform may receive, from an end user desktop computing device, a request to login to a user account associated with a user account portal. In response to receiving the request, the computing platform may generate an authentication token in an authentication database and may send a notification to at least one registered device linked to the user account. After sending the notification, the computing platform may receive, from the at least one registered device, an authentication response message. If the authentication response message indicates that valid authentication input was received, the computing platform may update the authentication token to indicate that the request to login to the user account has been approved. After updating the authentication token, the computing platform may provide, to the end user desktop computing device, access to a portal interface.

Abstract: A system implements a QKD-secured logon widget. The system generates a first random quantum key using a first random measurement basis; transmits over a fiber optic network, a first random quantum key to a device, encrypts a logon widget instruction set using the first random quantum key and a first encryption algorithm, resulting in an encrypted message. The system then transmits the encrypted message, and the device receives a second random quantum key from the system, and measures the second random quantum key using a second random measurement basis, where the second random measurement basis is compared to the first random measurement basis, resulting in a comparison basis result. The system uses the comparison basis result to determine a level of anomalies present in the second random quantum key and a shared key, and, based on the level of anomalies, determines whether to render a logon widget at the device.

Abstract: A computing platform may receive, from a client portal server, a request to authenticate a user to a user account associated with a client portal provided by the client portal server. Based on receiving the request to authenticate, the computing platform may send, to a social messaging server, an authentication token request message. Subsequently, the computing platform may receive, from the social messaging server, an authentication token. Thereafter, the computing platform may validate the authentication token received from the social messaging server. Based on validating the authentication token received from the social messaging server, the computing platform may generate a validation message directing the client portal server to provide the user with access to the user account. Subsequently, the computing platform may send, to the client portal server, the validation message directing the client portal server to provide the user with access to the user account.

Abstract: A computing platform may receive, from a client portal server, a request to authenticate a user to a user account associated with a client portal provided by the client portal server. Based on receiving the request to authenticate, the computing platform may send, to a social messaging server, an authentication token request message. Subsequently, the computing platform may receive, from the social messaging server, an authentication token. Thereafter, the computing platform may validate the authentication token received from the social messaging server. Based on validating the authentication token received from the social messaging server, the computing platform may generate a validation message directing the client portal server to provide the user with access to the user account. Subsequently, the computing platform may send, to the client portal server, the validation message directing the client portal server to provide the user with access to the user account.

Abstract: A computing platform may receive, from a social messaging server, a request to authenticate a user to a user account associated with a client portal. In response to receiving the request, the computing platform may send, to the social messaging server, an authentication token request message. Thereafter, the computing platform may receive, from the social messaging server, an authentication token. The computing platform may validate the authentication token received from the social messaging server. Based on validating the authentication token received from the social messaging server, the computing platform may generate a validation message directing a client support server to provide the user with access to the user account. Subsequently, the computing platform may send the validation message to the client support server, which may cause the client support server to initiate a client support session with the user via the social messaging service provided by the social messaging server.

Abstract: A computing platform may receive, from a client portal server, a request to authenticate a user to a user account associated with a client portal provided by the client portal server, as well as device selection input selecting a first registered device and a second registered device to receive one-time passcodes. The computing platform may generate a first one-time passcode for the first registered device and a second one-time passcode for the second registered device, and may send the first one-time passcode to the first registered device and the second one-time passcode to the second registered device. The computing platform may receive and validate one-time passcode input. Based on validating the one-time passcode input, the computing platform may generate a validation message directing the client portal server to provide the user with access to the user account, and may send the validation message to the client portal server.

Abstract: Methods, systems, and computer-readable media for providing access to account information using authentication tokens are presented. In some embodiments, a customer of a financial institution may visit an account information aggregator site and request to add an account maintained by the financial institution to a collection of accounts for which the aggregator collects account information on behalf of the customer. Rather than providing their username, password, or other bank login credentials to the aggregator, the customer may be redirected to a page provided by the financial institution where the customer can enter the customer's credentials and authenticate with the financial institution. After authenticating the customer, the financial institution may generate a token and provide the token to the aggregator.

Abstract: Methods, systems, and computer-readable media for providing access to account information using authentication tokens are presented. In some embodiments, a customer of a financial institution may visit an account information aggregator site and request to add an account maintained by the financial institution to a collection of accounts for which the aggregator may collect account information on behalf of the customer. Rather than providing their username, password, and/or other bank login credentials to the aggregator, the customer may be redirected to a page provided by the financial institution where the customer can enter their credentials and authenticate with the financial institution. After authenticating the customer, the financial institution may generate a token and provide the token to the aggregator.

Abstract: A computing platform may receive, from a client communication server, a first token request requesting a token for a first client. The computing platform may generate a first token linked to a first record associated with the first client. Subsequently, the computing platform may send, to the client communication server, the first token linked to the first record associated with the first client. Thereafter, the computing platform may receive, from a client portal server, a first token validation request comprising the first token linked to the first record associated with the first client, and may validate the first token linked to the first record associated with the first client. Based on validating the first token, the computing platform may send, to the client portal server, a first token validation message directing the client portal server to provide the first record associated with the first client to the first client.