Abstract: According to one embodiment, a system includes a memory comprising instructions, an interface, and a processor communicatively coupled to the memory and the interface. The interface is configured to receive, from a first user associated with an online account, a first request to allow access, by a second user not associated with the online account, to the online account, send, in response to the first request, a second request to the second user for credentials, and receive, in response to the second request, credentials from the second user. The process is configured, when executing the instructions, to generate, for the online account based on the first and the credentials received from the second user, an access profile associated with the second user.

Abstract: According to one embodiment, a system comprises a memory comprising instructions, an interface, and a processor communicatively coupled to the memory and the interface. The processor is configured, when executing the instructions, to determine one or more characteristics of a user device, determine, based on the one or more characteristics of the user device, a risk level associated with the user device, and apply, to the user device, one or more access restrictions for an online account based on the determined risk level.

Abstract: Embodiments of the invention comprise systems, computer program products, and methods for a financial and social management system that provides improved tracking and management related to how, where, when, and with whom a user enters into activities. The financial and social management system captures activity information and images from various sources of information, including but not limited to social networking accounts, e-receipts, location determination devices, and the like, and associates the activity information and images with the activities. The financial and social management system may display the activities, activity information, and images in an interactive map using markers. The markers in the interactive may be displayed as a function of the time of the activity, include images, or transaction data related to the activity. Positioning information related to the location of the user at the time of the activities may also be overlaid on the interactive map.

Abstract: Methods, systems, and computer-readable media for selectively enabling and disabling biometric authentication are presented. In some embodiments, a computing platform may receive, from a device monitoring and management computer system, a device state indicator message comprising device state information associated with a mobile computing device. Subsequently, the computing platform may set a biometric authentication flag for the mobile computing device based on the device state indicator message received from the device monitoring and management computer system. Then, the computing platform may generate an authentication functionality message for the mobile computing device based on the biometric authentication flag set for the mobile computing device, and the authentication functionality message may be configured to selectively enable or disable one or more biometric authentication functions provided by the mobile computing device.

Abstract: Aspects of the disclosure relate to controlling device data collectors using omni-collection techniques. A computing platform may receive configuration settings associated with a first collector and a second collector. Subsequently, the computing platform may generate one or more configuration commands for a native collector based on the configuration settings. The computing platform may send, to a client interface computing platform associated with the native collector, the one or more configuration commands generated for the native collector. Thereafter, the computing platform may receive state information collected by the native collector based on the one or more configuration commands generated for the native collector.

Abstract: A computing platform may receive, from a social messaging server, a request to authenticate a user to a user account associated with a client portal. In response to receiving the request, the computing platform may send, to the social messaging server, an authentication token request message. Thereafter, the computing platform may receive, from the social messaging server, an authentication token. The computing platform may validate the authentication token received from the social messaging server. Based on validating the authentication token received from the social messaging server, the computing platform may generate a validation message directing a client support server to provide the user with access to the user account. Subsequently, the computing platform may send the validation message to the client support server, which may cause the client support server to initiate a client support session with the user via the social messaging service provided by the social messaging server.

Abstract: A computing platform may receive, from a client portal server, a request to authenticate a user to a user account associated with a client portal provided by the client portal server. Based on receiving the request to authenticate, the computing platform may send, to a social messaging server, an authentication token request message. Subsequently, the computing platform may receive, from the social messaging server, an authentication token. Thereafter, the computing platform may validate the authentication token received from the social messaging server. Based on validating the authentication token received from the social messaging server, the computing platform may generate a validation message directing the client portal server to provide the user with access to the user account. Subsequently, the computing platform may send, to the client portal server, the validation message directing the client portal server to provide the user with access to the user account.

Abstract: A computing platform may receive, from a client portal server, a request to authenticate a user to a user account associated with a client portal. Based on identifying an activity associated with the request, the computing platform may select a multi-device authentication method for authenticating the user. The computing platform may generate a first one-time passcode for a first registered device and a second one-time passcode for a second registered device, and may send the one-time passcodes to the registered devices. Thereafter, the computing platform may receive and validate one-time passcode input from the client portal server. Based on validating the one-time passcode input, the computing platform may generate a validation message directing the client portal server to provide the user with access to the user account, and may send the validation message to the client portal server. In some instances, different authentication methods may be selected for different activities.

Abstract: A computing platform may receive, from a client portal server, a request to authenticate a user to a user account associated with a client portal provided by the client portal server, as well as device selection input selecting a first registered device and a second registered device to receive one-time passcodes. The computing platform may generate a first one-time passcode for the first registered device and a second one-time passcode for the second registered device, and may send the first one-time passcode to the first registered device and the second one-time passcode to the second registered device. The computing platform may receive and validate one-time passcode input. Based on validating the one-time passcode input, the computing platform may generate a validation message directing the client portal server to provide the user with access to the user account, and may send the validation message to the client portal server.

Abstract: A computing platform may receive, from a client server, a request to authenticate a user to a user account, as well as device selection input selecting a registered device to receive a one-time passcode. The computing platform may evaluate the device selection input based on contextual login information associated with the user account, determine that the registered device selected to receive the one-time passcode is out of context, and execute a security procedure. Based on validating a response to the security procedure, the computing platform may generate a one-time passcode and may send the one-time passcode to the registered device selected to receive the one-time passcode. Thereafter, the computing platform may receive one-time passcode input, validate the one-time passcode input, generate a validation message directing the client server to provide the user with access to the user account, and send the validation message to the client server.

Abstract: A computing platform may receive, from a client portal server, a request to authenticate a user to a user account. The computing platform may generate a first one-time passcode for a first computing device associated with the user account and may send, to the first computing device, the first one-time passcode. The computing platform also may generate a first registered-device authentication prompt for a second computing device associated with the user account and may send, to the second computing device, the first registered-device authentication prompt. Thereafter, the computing platform may receive first one-time passcode input and a first response to the first registered-device authentication prompt, which the computing platform may validate. Based on the validating, the computing platform may generate a validation message directing the client portal server to provide the user with access to the user account, which the computing platform may send to the client portal server.

Abstract: Aspects of the disclosure relate to linking channel-specific systems with a user authentication hub. In some embodiments, a computing platform may receive, from a mobile device, an authentication request for a user account and may generate one or more authentication prompts. Subsequently, the computing platform may provide the one or more authentication prompts and may validate responses to the authentication prompts. Based on validating the responses to the authentication prompts, the computing platform may generate one or more security questions based on historical information associated with the user account. Subsequently, the computing platform may provide the one or more security questions and may validate one or more responses to the one or more security questions. Based on validating the one or more responses to the one or more security questions, the computing platform may provide user account information associated with the user account to the mobile device.

Abstract: Aspects of the disclosure relate to linking channel-specific systems with a user authentication hub. In some embodiments, a computing platform may receive, from a telephone agent support computer system associated with a telephone agent channel, an authentication request for a user account. The computing platform may generate a set of one or more authentication prompts based on a set of authentication rules defined for the telephone agent channel and may provide the set of one or more authentication prompts generated based on the set of authentication rules defined for the telephone agent channel. Subsequently, the computing platform may validate one or more responses to the set of one or more authentication prompts. Based on validating the one or more responses, the computing platform may provide user account information associated with the user account to the telephone agent support computer system associated with the telephone agent channel.

Abstract: A computing platform may receive, from a client portal server, a request to authenticate a first user to a first user account. The computing platform may generate a first one-time passcode for a first computing device associated with the first user account and may send, to the first computing device, the first one-time passcode. The computing platform also may generate a second one-time passcode for a second computing device associated with the first user account and may send, to the second computing device, the second one-time passcode. Thereafter, the computing platform may receive first one-time passcode input and second one-time passcode input, which the computing platform may validate. Based on the validating, the computing platform may generate a validation message directing the client portal server to provide the first user with access to the first user account, which the computing platform may send to the client portal server.

Abstract: Aspects of the disclosure relate to recognizing and authenticating mobile devices based on unique cross-channel bindings. In some embodiments, a computing platform may receive, from a telephone agent support computer system, call information associated with a telephone call. Subsequently, the computing platform may identify a source device that placed the telephone call, based on binding information maintained by the computing platform for the source device. Based on identifying the source device that placed the telephone call, the computing platform may load user information associated with a user account linked to the source device. Next, the computing platform may set one or more authentication flags for the user account based on the binding information. Then, the computing platform may send, to the telephone agent support computer system, the user information and authentication information based on the one or more authentication flags set for the user account linked to the source device.

Abstract: Embodiments of the invention are directed to a system, method, or computer program product for providing a permanently affixed un-decryptable coded identifier onto a mobile device. The identifier may be one or more applications, pictures, widgets, tokens, or the like that may be transformed into an identifier to include the objects original functionality plus additional coding. The identifier, once selected by the user may be coded to include a tracker, beacon, and coded with remote access abilities. The identifier may then be permanently installed onto the user's mobile device. As such providing a trackable code associated with a mobile device, if the mobile device is misplaced. Furthermore, the identifier may be permanently stored within the mobile device preventing complete erasing of the identifier upon complete data deletion of the user device.

Abstract: Embodiments of the invention are directed to a system, method, or computer program product for a passive based security escalation to shut off of applications on a mobile device based on rules. As such, the system may identify, via extraction of data, time periods correlating to events that the user may be offline or inactive with respect to his/her mobile device. Once the time periods are identified, rules are created for the level of security escalation required based on the event. Subsequently, a trigger is identified at a time leading up to the event, where the system integrates with the mobile device and requires additional authentication to access one or more applications. Once the offline event starts, the system initiates a shutdown of the functions of one or more applications on the user's mobile device. The system then reinstates the application functionality after the offline event has ended.

Abstract: Embodiments of the invention comprise systems, computer program products, and methods for a financial and social management system that provides improved tracking and management related to how, where, when, and with whom a user enters into activities. The financial and social management system captures activity information and images from various sources of information, including but not limited to social networking accounts, e-receipts, contact lists, stored database images, images over the Internet, and the like, and associates the activity information and images with the activities. The financial and social management system may determine images for other users associated with an activity of a first user by identifying tag users in a social networking account of the first user or contacts in a social networking account of the first user that participated in activities at the same time or locations as the activities of the first user.

Abstract: Embodiments of the invention comprise systems, computer program products, and methods for a financial and social management system that provides improved tracking and management related to how, where, when, and with whom a user enters into activities. The financial and social management system captures activity information and images from various sources of information, including but not limited to social networking accounts, e-receipts, calendars, contact lists, location determination devices, and the like, and associates the activity information and images with the activities of one or more users. The financial and social management system captures past and future activities of the multiple users based on a location or time period, and assembles the activities into group packages. The group packages are supplemented with the images and the activity information related to the past and future activities captured from the various sources of information of the multiple users.

Abstract: Systems, methods, and computer program products are provided for prompting categorization during payment authorization. The system includes a computer apparatus including a processor and a memory; and a software module stored in the memory. The software module includes executable instructions that when executed by the processor cause the processor receive an authorization request for a transaction being conducted by a user; prompt the user to categorize at least one component of the transaction; receive a category from the user for the at least one component of the transaction; and store the category in association with the transaction. In some embodiments, the system will not authorize the transaction until the user categorizes at least one component of the transaction. In further embodiments, the system evaluates the transaction and only prompts the user to categorize the transaction if predefined criteria are met.