Abstract: Methods, systems, apparatuses, and computer-readable media for providing enhanced user authentication functionalities are presented. In one or more embodiments, a server computing device may authenticate a user of a user computing device to a customer portal. Subsequently, the server computing device may receive a click-to-call request from the user computing device. In response to receiving the click-to-call request, the server computing device may generate a one-time passcode for the user. Then, the server computing device may provide the one-time passcode to the user. Thereafter, the server computing device may receive one-time-passcode input from an interactive voice response (IVR) server, and such input may be received from a caller. The server computing device then may validate the one-time-passcode input based on the one-time passcode provided to the user. In response to validating the one-time-passcode input, the server computing device may cause the IVR server to authenticate the caller as the user.

Abstract: Methods, systems, and computer-readable media for authenticating customers of an organization and managing authenticated sessions of various customers are presented. Some aspects of the disclosure provide ways for a customer of an organization to authenticate using a mobile computing device, such as the customer's personal mobile device, when interacting with the organization in various contexts, such as when accessing an automated transaction device or when interacting with an agent of the organization during an in-person session or during a teleconference session. In some arrangements, the customer's authentication status, which may be established on the mobile computing device and which, in some instances, may be verified based on the location of the mobile computing device, may be carried over from the mobile computing device to another computing device or system, such as an automated transaction device or a teller terminal device, which may be used by an agent of the organization.

Abstract: Methods, systems, and computer-readable media for authenticating customers of an organization and managing authenticated sessions of various customers are presented. Some aspects of the disclosure provide ways for a customer of an organization to authenticate using a mobile computing device, such as the customer's personal mobile device, when interacting with the organization in various contexts, such as when accessing an automated transaction device or when interacting with an agent of the organization during an in-person session or during a teleconference session. In some arrangements, the customer's authentication status, which may be established on the mobile computing device and which, in some instances, may be verified based on the location of the mobile computing device, may be carried over from the mobile computing device to another computing device or system, such as an automated transaction device or a teller terminal device, which may be used by an agent of the organization.

Abstract: A computer system receives a service request over a service channel from a user device, initiates a challenge to the user device to provide authentication information based on a set of authenticators, and determines an initial level of authentication. When the initial level of authentication is not sufficient for the service channel or protected resource, the apparatus generates a challenge to the user device with at least one additional authenticator and determines an achieved level of authentication based on the further authentication information. When the achieved level of authentication reaches a target authentication level for the service channel, the apparatus continues processing the service request by the service channel. The computer may transfer the service request to another service channel with the authentication token obtained on the original service channel and further challenges the user device with additional authenticators when a higher level of authentication is necessary.

Abstract: Methods, systems, apparatuses, and computer-readable media for providing enhanced user authentication functionalities are presented. In one or more embodiments, a server computing device may authenticate a user of a user computing device to a customer portal. Subsequently, the server computing device may receive a click-to-call request from the user computing device. In response to receiving the click-to-call request, the server computing device may generate a one-time passcode for the user. Then, the server computing device may provide the one-time passcode to the user. Thereafter, the server computing device may receive one-time-passcode input from an interactive voice response (IVR) server, and such input may be received from a caller. The server computing device then may validate the one-time-passcode input based on the one-time passcode provided to the user. In response to validating the one-time-passcode input, the server computing device may cause the IVR server to authenticate the caller as the user.

Abstract: A computer system receives a service request over a service channel from a user device, initiates a challenge to the user device to provide authentication information based on a set of authenticators, and determines an initial level of authentication. When the initial level of authentication is not sufficient for the service channel or protected resource, the apparatus generates a challenge to the user device with at least one additional authenticator and determines an achieved level of authentication based on the further authentication information. When the achieved level of authentication reaches a target authentication level for the service channel, the apparatus continues processing the service request by the service channel. The computer may transfer the service request to another service channel with the authentication token obtained on the original service channel and further challenges the user device with additional authenticators when a higher level of authentication is necessary.

Abstract: A computer system receives a service request over a service channel from a user device, initiates a challenge to the user device to provide authentication information based on a set of authenticators, and determines an initial level of authentication. When the initial level of authentication is not sufficient for the service channel or protected resource, the apparatus generates a challenge to the user device with at least one additional authenticator and determines an achieved level of authentication based on the further authentication information. When the achieved level of authentication reaches a target authentication level for the service channel, the apparatus continues processing the service request by the service channel. The computer may transfer the service request to another service channel with the authentication token obtained on the original service channel and further challenges the user device with additional authenticators when a higher level of authentication is necessary.

Abstract: A computer system receives an authentication request from a user device and determines a determined device identification from a set of received device attributes. When the device is properly authenticated, the computer system generates an authentication token that is signed by the determined device identification and returns the authentication token to the user device. When the computer system subsequently receives a service request with an authentication token and a plurality of device attributes for a protected resource from a user device, the computer system determines a derived device identification from some or all of the received device attributes. When a signed device identification of the authentication token and the derived device identification are equal, the apparatus continues processing the service request. Otherwise, the service request is rejected.

Abstract: Systems, methods and apparatuses for authenticating a user and/or authorizing use of a reusable payment device associated with the user. In some examples, user identifying information, such as a checking account number, driver's license number, username, or the like, may be received. Based on this received information, a reusable payment device number associated with a reusable payment device of the user may be determined. This information may then be encrypted. Further, additional authenticating information may be received. For instance, a user personal identification number (PIN) may be received. The PIN may also be encrypted. The encrypted PIN and encrypted reusable payment device number may be analyzed to determine whether they are associated with the same reusable payment device. If so, a user may be authenticated.