Abstract: Systems, methods, and computer-readable media are disclosed for obtaining authenticated access to a service provider system, or more specifically, to a user account maintained on the service provider system, using a single key authentication mechanism. This mechanism includes generating an authentication image that includes user-generated content, user application-generated content, and service provider-generated content; sending the authentication image to the service provider system, which is configured to authenticate access to the user account based at least in part on the authentication image; and receiving an indication as to whether access to the user account has been authenticated.

Abstract: An example method includes enabling, by the user processing system, a user to associate a color with at least one of the plurality of pixels of a graphic, and generating a passcode. The passcode is based at least in part on the color associated with the at least one of the plurality of pixels. The method further includes transmitting, by the user processing system, the passcode to a host processing system. The method further includes determining, by the host processing system, whether the passcode matches an expected passcode that is based at least in part on a reference graphic comprising a plurality of reference pixels, each of the plurality of reference pixels having a color or a null value associated therewith. The method further includes, responsive to determining that the passcode matches the expected passcode, authorizing, by the host processing system, the user processing system to access a restricted resource.

Abstract: A single service proxy for requesting services from multiple different service vendors with different communication protocols. In this way, a single communication protocol can be used by a service consuming entity to request various services, through the multiple vendor proxy, from various vendors, with the multiple vendor proxy converting the requests into the communication protocol (for example, syntax) appropriate for the vendor from whom the service is being requested on behalf of the service consuming entity.

Abstract: According to aspects of the present disclosure, a computer-implemented method includes generating, by a host processing system, a single use authentication map to map a private set of characters to a public set of characters. The method further includes transmitting, by the host processing system, the single use authentication map to a user processing system that presents an authentication interface comprising the public set of characters to enable a user to enter a user passcode using the public set of characters. The user processing system encodes the user passcode into a single use passcode using the single use authentication map. The method further includes the host processing system receiving the single use passcode from the user processing system, decoding the single use passcode back the user passcode using the single use authentication map, and determining whether the user passcode matches an expected passcode.

Abstract: Examples of techniques for sequential object set passwords are disclosed. In one example implementation according to aspects of the present disclosure, a computer-implemented method may include presenting, by a processing device, an object set to a user, wherein the object set comprises a plurality of objects in a first order; receiving, by the processing device, a rearranged object set, wherein the rearranged object set comprises the plurality of objects in a second order; comparing the rearranged object set to a known sequential object set stored in a data store; and responsive to determining that the rearranged object set matches a known sequential object set, enabling the user to access a restricted resource.

Abstract: Systems, methods, and computer-readable media are disclosed for authenticating access to a service provider system, or more specifically, to a user account maintained on the service provider system, using a single key authentication mechanism. The service provider system may receive an authentication image from a user application executing on a user device. The authentication image may include first data generated in response to user input to the user device, second data generated by the user application, and third data generated by the service provider system. The service provider system may then authenticate access to the user account based at least in part on the authentication image and send an indication to the user device that access to the user account has been authenticated. Authenticating access to the user account includes determining that the first data, second data, and third data match respective data expected by the service provider system.

Abstract: A single service proxy for requesting services from multiple different service vendors with different communication protocols. In this way, a single communication protocol can be used by a service consuming entity to request various services, through the multiple vendor proxy, from various vendors, with the multiple vendor proxy converting the requests into the communication protocol (for example, syntax) appropriate for the vendor from whom the service is being requested on behalf of the service consuming entity.

Abstract: Methods, systems and computer program products for controlling access to a host site are provided. Aspects include receiving, receiving an authentication video and processing the authentication video to identify a plurality of scenes. Aspects also include identifying a representative image for each of the plurality of scenes and comparing the representative image for each of the plurality of scenes with stored one of a plurality of master images. Based on a determination that a similarity between the representative image for each of the plurality of scenes and the one of the plurality of master images is between a first threshold level and second threshold level, aspects include granting access to the host site.

Abstract: During a password entry, a matrix is traversed to select a position. The matrix includes several levels, each level in the several levels including at least one position where data can be entered, where a second level in the matrix forms a sub-level of a first level, and where the second level is reachable only from a particular position in the first level. In response to an input, a mode of the selected position is changed such that the position becomes unchangeable and unselectable during a remainder of the password entry. The selected position is encoded in an auth-step. In response to an indication of an end of the password entry, an auth-code is transmitted. The auth-code includes a set of auth-steps, and the set of auth-steps includes the auth-step.

Abstract: A computer-implemented method includes receiving an indication of a first selected instrument, where the first selected instrument is selected from a plurality of instruments. One or more first sequences of notes are received. One or more saved sound compositions are generated based on the first selected instrument and the one or more first sequences of notes. One or more current sound compositions are compared to the one or more saved sound compositions using sound analysis. A user is authenticated based on a similarity between the one or more current sound compositions and the one or more saved sound composition.

Abstract: Example techniques are described for image-based user authentication. An example method includes receiving, by a host system, a passphrase comprising a plurality of words, the passphrase being provided for authentication of a user. The method further includes generating, by the host system, an image selection grid comprising a plurality of images, each word from the passphrase corresponding to one or more images from the image selection grid. The method further includes receiving, by the host system, a plurality of selected images from the image selection grid. The method further includes storing, by the host system, the selected images as a login challenge for the user.

Abstract: During a password entry, a matrix is traversed to select a position. The matrix includes several levels, each level in the several levels including at least one position where data can be entered, where a second level in the matrix forms a sub-level of a first level, and where the second level is reachable only from a particular position in the first level. In response to an input, a mode of the selected position is changed such that the position becomes unchangeable and unselectable during a remainder of the password entry. The selected position is encoded in an auth-step. In response to an indication of an end of the password entry, an auth-code is transmitted. The auth-code includes a set of auth-steps, and the set of auth-steps includes the auth-step.

Abstract: During a password entry, a matrix is traversed to select a position. The matrix includes several levels, each level in the several levels including at least one position where data can be entered, where a second level in the matrix forms a sub-level of a first level, and where the second level is reachable only from a particular position in the first level. In response to an input, a mode of the selected position is changed such that the position becomes unchangeable and unselectable during a remainder of the password entry. The selected position is encoded in an auth-step. In response to an indication of an end of the password entry, an auth-code is transmitted. The auth-code includes a set of auth-steps, and the set of auth-steps includes the auth-step.

Abstract: A construction of a dynamic object password (DOP) is initiated by selecting an object from a set of objects in a step of the construction. A transformation is applied to the object to form a transformed object by altering a dynamic aspect of the object. A placement operation is performed on the transformed object relative to a field position of the DOP. As a part of the step, a triple is generated including an identifier of the selected object, an identifier of the transformation, and an identifier of the placement operation. The triple is transmitted as a part of transmitting an authorization code, the authorization code forming the DOP.

Abstract: A construction of a dynamic object password (DOP) is initiated by selecting an object from a set of objects in a step of the construction. A transformation is applied to the object to form a transformed object by altering a dynamic aspect of the object. A placement operation is performed on the transformed object relative to a field position of the DOP. As a part of the step, a triple is generated including an identifier of the selected object, an identifier of the transformation, and an identifier of the placement operation. The triple is transmitted as a part of transmitting an authorization code, the authorization code forming the DOP.

Abstract: Examples of techniques for encoding data in a 2D symbology are disclosed. In one example described herein, a computer-implemented method comprises capturing an image of the 2D symbology. The 2D symbology comprises a series of data symbols representing a binary string. Each of the data symbols comprises a line segment, and each data symbol in the series of data symbols are positioned in an end-to-end orientation starting at a starting indicator designated by a first symbol and ending at an ending indicator designated by a second symbol. The first symbol differs from the second symbol, and the series of data symbols comprise 0-bit symbols represented by a first data symbol and 1-bit symbols represented by a second data symbol. The method further comprises extracting the binary string from the 2D symbology by reading each of the data symbols between the starting indicator and the ending indicator.

Abstract: Systems, methods, and computer-readable media are disclosed for obtaining authenticated access to a service provider system, or more specifically, to a user account maintained on the service provider system, using a single key authentication mechanism. This mechanism includes generating an authentication image that includes user-generated content, user application-generated content, and service provider-generated content; sending the authentication image to the service provider system, which is configured to authenticate access to the user account based at least in part on the authentication image; and receiving an indication as to whether access to the user account has been authenticated.

Abstract: Examples of techniques for location validation for authentication are disclosed. In one example implementation according to aspects of the present disclosure, a computer-implemented method includes presenting, by a processing device, a location-based security challenge to a user. The method further includes responsive to presenting the location-based security challenge to the user, receiving, by the processing device, media from the user. The method further includes validating, by the processing device, the media received from the user against the location-based security challenge to determine whether the user is located at an authorized location. The method further includes responsive to determining that the user is located at an authorized location, authenticating, by the processing device, the user to grant access for the user to a resource.

Abstract: Methods, systems and computer program products for controlling access to a host site are provided. Aspects include receiving, receiving an authentication video and processing the authentication video to identify a plurality of scenes. Aspects also include identifying a representative image for each of the plurality of scenes and comparing the representative image for each of the plurality of scenes with stored one of a plurality of master images. Based on a determination that a similarity between the representative image for each of the plurality of scenes and the one of the plurality of master images is between a first threshold level and second threshold level, aspects include granting access to the host site.

Abstract: Examples of techniques for sequential object set passwords are disclosed. In one example implementation according to aspects of the present disclosure, a computer-implemented method may include receiving, at a user device, a first object set; transmitting, to a processing device, a first rearranged object set that represents the first object set rearranged into a first sequential order by the user; and responsive to the first rearranged object set matching a first known sequential object set, receiving, at the user device, a second object set.