Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. A first request is received to set up authentication information with respect to a user, wherein the first request specifies a type of information to be used for future authentication of the user. It is determined whether the type of information related to the user poses risks based on a reverse information search result. The type of information for being used for future authentication of the user is rejected when the type of information is determined to pose risks.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management by a service provider. A request is first received for carrying out a transaction with a user and one or more data items associated with the user are then determined that need to be validated prior to the transaction. A request is then sent to the user seeking to validate the one or more data items. When a cloaked identifier is received from the user with information related to a trusted party, the cloaked identifier is then sent to the trusted party with a request for a validation response. When the validation response is received with an indication that the one or more data items are validated, the transaction with the user is carried out.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management by a trusted entity. A request is first received for validating one or more data items related to a record owner in order to carry out a transaction between the record owner and a service provider. With respect to the one or more data items, at least one access limitation associated therewith is determined. A cloaked identifier is generated for the request with information related to the transaction and the one or more data items incorporated therein and sent to the record owner to proceed with the validation.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management associated with a record owner. A request is first received from a service provider for validating one or more data items in order to carry out a transaction between the record owner and the service provider. The record owner performs authentication required and send the request to a trusted party seeking to validate the one or more data items, wherein the trusted party is authorized to access the one or more data items. When a cloaked identifier to be used for validating the one or more data items is received from the trusted party, it is sent to the service provider for the service provider to use for validating the one or more data items.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is initiated to authenticate, via iris, a person claiming to be an authorized user. A trajectory is determined with respect to a display visible to the person. A plurality of focus dots are generated with corresponding coordinates on the trajectory with respect to the display and rendered to the person on the display in accordance with the corresponding coordinates during a specified period of time. A plurality of pictures of the iris of the person are captured during the period of time and used to determine whether the person is live based on the captured plurality of pictures of the iris of the person.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. A first request is received to set up authentication information with respect to a user, wherein the first request specifies a type of information to be used for future authentication of the user. It is determined whether the type of information related to the user poses risks based on a reverse information search result. The type of information for being used for future authentication of the user is rejected when the type of information is determined to pose risks.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is initiated to authenticate, via iris, a person claiming to be an authorized user. An obfuscation configuration is retrieved with respect to the authorized user and used to determine a sub-obfuscation configuration in accordance with information associated with the authentication session. A set of expected features associated with the sub-obfuscation configuration is obtained. One or more pictures are captured from the iris of the person who is expected to carry out at least one obfuscation measure consistent with the sub-obfuscation configuration for the authorized user in accordance with the information related to the authentication session and are used to determine whether the person is live based on the set of expected features associated with the sub-obfuscation configuration.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. A first request is received to set up authentication information with respect to a user, wherein the first request specifies a type of information to be used for future authentication of the user. It is determined whether the type of information related to the user poses risks based on a reverse information search result. The type of information for being used for future authentication of the user is rejected when the type of information is determined to pose risks.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is first initiated to authenticate, via iris, a person claiming to be an authorized user, in which a first set of signals is randomly generated for controlling light strobing to be applied to the iris of the person for detecting liveness of the iris. A second set of signals is accordingly generated for controlling iris picture capturing synchronized with the light strobing. The light strobing is applied to the person via strobes generated based on the first set of signals and pictures of the iris of the person are acquired, based on the second set of signals, that are synchronized with the light strobing. Whether the person is live is then determined based on the synchronized pictures acquired when the light strobing is applied.

Abstract: The present teaching relates to method, system, medium, and implementation for authenticating a user. An authentication session is initiated to authenticate, via iris, a person claiming to be an authorized user. A challenge is determined to be used to challenge the person and a set of expected features associated with the challenge is obtained. The challenge is presented to the person and one or more pictures are captured from the person reacting in response to the challenge and are used to determine whether the person is live.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management by a transaction engine. A request is received from a record owner for validating one or more data items related to a record owner in order to carry out a transaction involving the record owner and a service provider. A trusted entity that is in possession of the one or more data items is determined and a request is sent to the trusted entity with first information related to the record owner. A cloaked identifier is obtained where the cloaked identifier is generated in connection with the request for validating the one or more data items. The obtained cloaked identifier is then forwarded to the record owner.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management associated with a record owner. A request is first received from a service provider for validating one or more data items in order to carry out a transaction between the record owner and the service provider. The record owner performs authentication required and send the request to a trusted party seeking to validate the one or more data items, wherein the trusted party is authorized to access the one or more data items. When a cloaked identifier to be used for validating the one or more data items is received from the trusted party, it is sent to the service provider for the service provider to use for validating the one or more data items.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management by a trusted entity. A request is first received for validating one or more data items related to a record owner in order to carry out a transaction between the record owner and a service provider. With respect to the one or more data items, at least one access limitation associated therewith is determined. A cloaked identifier is generated for the request with information related to the transaction and the one or more data items incorporated therein and sent to the record owner to proceed with the validation.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is first initiated to authenticate, via iris, a person claiming to be an authorized user, in which a first set of signals is randomly generated for controlling light strobing to be applied to the iris of the person for detecting liveness of the iris. A second set of signals is accordingly generated for controlling iris picture capturing synchronized with the light strobing. The light strobing is applied to the person via strobes generated based on the first set of signals and pictures of the iris of the person are acquired, based on the second set of signals, that are synchronized with the light strobing. Whether the person is live is then determined based on the synchronized pictures acquired when the light strobing is applied.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. A first request is received to set up authentication information with respect to a user, wherein the first request specifies a type of information to be used for future authentication of the user. It is determined whether the type of information related to the user poses risks based on a reverse information search result. The type of information for being used for future authentication of the user is rejected when the type of information is determined to pose risks.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is initiated to authenticate, via iris, a person claiming to be an authorized user. A trajectory is determined with respect to a display visible to the person. A plurality of focus dots are generated with corresponding coordinates on the trajectory with respect to the display and rendered to the person on the display in accordance with the corresponding coordinates during a specified period of time. A plurality of pictures of the iris of the person are captured during the period of time and used to determine whether the person is live based on the captured plurality of pictures of the iris of the person.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management by a service provider. A request is first received for carrying out a transaction with a user and one or more data items associated with the user are then determined that need to be validated prior to the transaction. A request is then sent to the user seeking to validate the one or more data items. When a cloaked identifier is received from the user with information related to a trusted party, the cloaked identifier is then sent to the trusted party with a request for a validation response. When the validation response is received with an indication that the one or more data items are validated, the transaction with the user is carried out.

Abstract: The present teaching relates to method, system, medium and implementation for secure transaction. A transaction package is received from a trusted entity, which is generated by a trusted entity in response to a request for validating one or more data items related to a record owner in order to carry out a transaction involving the record owner and a service provider and incorporates at least one access limitation associated with the one or more data items. A transaction package identifier is provided to the trusted entity, which uniquely identifies the transaction package and is used to store the transaction package.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is initiated to authenticate, via iris, a person claiming to be an authorized user. An obfuscation configuration is retrieved with respect to the authorized user and used to determine a sub-obfuscation configuration in accordance with information associated with the authentication session. A set of expected features associated with the sub-obfuscation configuration is obtained. One or more pictures are captured from the iris of the person who is expected to carry out at least one obfuscation measure consistent with the sub-obfuscation configuration for the authorized user in accordance with the information related to the authentication session and are used to determine whether the person is live based on the set of expected features associated with the sub-obfuscation configuration.