Abstract: A user of a device is authenticated after providing a pass code or other data confirming the user can access data on the device. While the user uses the device, behaviometric data is recorded which includes measures of how the user uses the device. Additional data, however, can only be accessed with a biometric and/or second authentication after collecting at least some behaviometric data, in embodiments of the disclosed technology. Depending on how close of a match the behaviometric data received is to previously recorded behaviometric data for the particular user, a threshold minimum is set for the biometric match in order to grant stepped up authentication and authorization to view the additional data. In this manner, a legitimate user often requires less time to authenticate compared to the prior art and a fraudulent user is rejected from access to sensitive data more accurately.

Abstract: A user of a device is authenticated after providing a pass code or other data confirming the user can access data on the device. While the user uses the device, behaviometric data is recorded which includes measures of how the user uses the device. Additional data, however, can only be accessed with a biometric and/or second authentication after collecting at least some behaviometric data, in embodiments of the disclosed technology. Depending on how close of a match the behaviometric data received is to previously recorded behaviometric data for the particular user, a threshold minimum is set for the biometric match in order to grant stepped up authentication and authorization to view the additional data. In this manner, a legitimate user often requires less time to authenticate compared to the prior art and a fraudulent user is rejected from access to sensitive data more accurately.

Abstract: A first behaviometric user profile for a first user is generated and stored, by detecting a position and velocity of the first user relative to the mobile device based on a received response from a radar transmission while the first user uses the mobile device, the received response over time indicating a position and velocity of the first user. Based on further received responses of additional radar transmissions an additional behavioral pattern of an unknown user is determined. The additional behavioral pattern is then compared to the first behaviometric user profile, and based on the comparison, a measure of similarity between the first behaviometric user profile and the additional behavioral pattern, measuring if the first user and the unknown user are a same user is heuristically determined. As a result of the comparison, operation or access to at least some data stored on the mobile device is prevented.

Abstract: A first behaviometric user profile for a first user is generated and stored, by detecting a position and velocity of the first user relative to the mobile device based on a received response from a radar transmission while the first user uses the mobile device, the received response over time indicating a position and velocity of the first user. Based on further received responses of additional radar transmissions an additional behavioral pattern of an unknown user is determined. The additional behavioral pattern is then compared to the first behaviometric user profile, and based on the comparison, a measure of similarity between the first behaviometric user profile and the additional behavioral pattern, measuring if the first user and the unknown user are a same user is heuristically determined. As a result of the comparison, operation or access to at least some data stored on the mobile device is prevented.

Abstract: A method of granting or denying access to data is disclosed herein. A server requests behaviometric data from a device regarding a user thereof. If behaviometric data is provided, the server uses it to authenticate the user. If behaviometric data is not provided, the server requests device-identifying data from the device. If the device-identifying data matches data of a device from which a user previously consented to collection of behaviometric data, behaviometric data is collected. If not, a request for collection is made.

Abstract: A first behaviometric user profile for a first user is generated and stored, by detecting a position and velocity of the first user relative to the mobile device based on a received response from a radar transmission while the first user uses the mobile device, the received response over time indicating a position and velocity of the first user. Based on further received responses of additional radar transmissions an additional behavioral pattern of an unknown user is determined. The additional behavioral pattern is then compared to the first behaviometric user profile, and based on the comparison, a measure of similarity between the first behaviometric user profile and the additional behavioral pattern, measuring if the first user and the unknown user are a same user is heuristically determined. As a result of the comparison, operation or access to at least some data stored on the mobile device is prevented.

Abstract: Disclosed is a method for continuously authenticating a user based on motion input data. The method includes recording motion input data from a keyboard such as starting coordinates, ending coordinates, and timestamps of key-up actions to determine that a key has been pressed, recording a timestamp of motion input at the starting coordinate, mapping the timestamp of said motion input at the starting coordinate to a key-down action for the key press, determining which key of said virtual keyboard said key-down action refers to, and granting or denying access to a device if the timing of the key which was pressed and released in the key-down action and the corresponding key-up action matches the press and flight timing of a key which was pressed and released in a previously-recorded key-down action and a previously-recorded key-up action.

Abstract: A first behaviometric user profile for a first user is generated and stored, by detecting a position and velocity of the first user relative to the mobile device based on a received response from a radar transmission while the first user uses the mobile device, the received response over time indicating a position and velocity of the first user. Based on further received responses of additional radar transmissions an additional behavioral pattern of an unknown user is determined. The additional behavioral pattern is then compared to the first behaviometric user profile, and based on the comparison, a measure of similarity between the first behaviometric user profile and the additional behavioral pattern, measuring if the first user and the unknown user are a same user is heuristically determined. As a result of the comparison, operation or access to at least some data stored on the mobile device is prevented.

Abstract: A method for denying or nullifying a specific online transaction carried out by a specific user using a computing device associated with at least one input interface, while the specific user was coached by a fraudster. The method includes collecting a specific set of behavioral data relating to the behavior of the specific user during a specific online transaction, and using a multi-dimensional classification module to determine a probability that the specific user was coached during collection of the set of behavioral data. In response to the probability being greater than a predefined threshold, the specific transaction is denied or nullified.

Abstract: A method for denying or nullifying a specific online transaction carried out by a specific user using a computing device associated with at least one input interface, while the specific user was coached by a fraudster. The method includes collecting a specific set of behavioral data relating to the behavior of the specific user during a specific online transaction, and using a multi-dimensional classification module to determine a probability that the specific user was coached during collection of the set of behavioral data. In response to the probability being greater than a predefined threshold, the specific transaction is denied or nullified.

Abstract: A first behaviometric user profile for a first user is generated and stored, by detecting a position and velocity of the first user relative to the mobile device based on a received response from a radar transmission while the first user uses the mobile device, the received response over time indicating a position and velocity of the first user. Based on further received responses of additional radar transmissions an additional behavioral pattern of an unknown user is determined. The additional behavioral pattern is then compared to the first behaviometric user profile, and based on the comparison, a measure of similarity between the first behaviometric user profile and the additional behavioral pattern, measuring if the first user and the unknown user are a same user is heuristically determined. As a result of the comparison, operation or access to at least some data stored on the mobile device is prevented.

Abstract: FIDO authentication is augmented to include a behavioral score indicating that during a secure network session between a host and client device, the client device is being operated by a user with expected behavioral actions. The authenticated network session is maintained, stepped-up, or ended based on either or a combination of a positive response to a FIDO challenge and threshold of match between a current behavioral profile and a stored behavioral profile for the user.

Abstract: FIDO authentication is augmented to include a behavioral score indicating that during a secure network session between a host and client device, the client device is being operated by a user with expected behavioral actions. The authenticated network session is maintained, stepped-up, or ended based on either or a combination of a positive response to a FIDO challenge and threshold of match between a current behavioral profile and a stored behavioral profile for the user.

Abstract: A user of a device is authenticated after providing a pass code or other data confirming the user can access data on the device. While the user uses the device, behaviometric data is recorded which includes measures of how the user uses the device. Additional data, however, can only be accessed with a biometric and/or second authentication after collecting at least some behaviometric data, in embodiments of the disclosed technology. Depending on how close of a match the behaviometric data received is to previously recorded behaviometric data for the particular user, a threshold minimum is set for the biometric match in order to grant stepped up authentication and authorization to view the additional data. In this manner, a legitimate user often requires less time to authenticate compared to the prior art and a fraudulent user is rejected from access to sensitive data more accurately.

Abstract: Detecting unauthorized access to a device is detected in embodiments of the disclosed technology. After downloading a webpage, code is executed in a browser to scan network ports and determine which ports are open. Further webpage content sent from a web server is determined and/or modified in embodiments of the disclosed technology based on which ports are open. In some embodiments, when a particular port or ports are already in use it is determined that a malfeasant actor has access to the end user device and as such, sensitive data or secure data which is intended for a specific user is no longer sent to the end user device.

Abstract: Detecting unauthorized access to a device is detected in embodiments of the disclosed technology. After downloading a webpage, code is executed in a browser to scan network ports and determine which ports are open. Further webpage content sent from a web server is determined and/or modified in embodiments of the disclosed technology based on which ports are open. In some embodiments, when a particular port or ports are already in use it is determined that a malfeasant actor has access to the end user device and as such, sensitive data or secure data which is intended for a specific user is no longer sent to the end user device.

Abstract: A computer-implemented method, program-code, web-client device and computer system to realize and guard over a secure input routine based on their behavior.

Abstract: A user accessing data from a server in an authenticated session is determined to be human, an authorized bot, or a non-authorized bot based on receipt of behaviometric information from the user's interactions and responses to and with the server. The user is then denied or granted continued access to receive data, such as financial data, after it is determined if the user is authorized to do so by way of comparing the behaviometric data to known prior behaviometric data for particular humans and bots in embodiments of the disclosed technology.

Abstract: Detecting unauthorized access to a device is detected in embodiments of the disclosed technology. After downloading a webpage, code is executed in a browser to scan network ports and determine which ports are open. Further webpage content sent from a web server is determined and/or modified in embodiments of the disclosed technology based on which ports are open. In some embodiments, when a particular port or ports are already in use it is determined that a malfeasant actor has access to the end user device and as such, sensitive data or secure data which is intended for a specific user is no longer sent to the end user device.

Abstract: A device identifying a coached fraudulent transaction carried out by a specific user using a computing device. A storage medium of the device has stored a training phase module, including instructions to receive a plurality of training sets of behavioral data and corresponding classifications indicating whether that training set was generated when the user was coached during the online transaction. The training phase module further includes instructions to generate a multi-dimensional classification model for classification of a set of behavioral data. The storage medium has stored an operational phase module, which includes instructions to receive, from the computing device via the network interface, a specific set of behavioral data relating to the behavior of the specific user during a specific online transaction, and instructions to determine, using the multi-dimensional classification model, a likelihood that the specific user was coached during the specific online transaction.