Abstract: Embodiments of the present invention provide a system for employing a smart device for secure and authenticated event. The system may include a smart assistant device that receives an audible request from a user for an event with a merchant. The smart assistant device then establishes a secure active session with a mobile device associated with the user over a wireless network. The smart assistant device determines a digital voice ID for the received audible request for the event and transmits the digital voice ID and event information to the mobile device of the user. A smart assistant application of the mobile device validates the digital voice ID based on stored reference data. Event information and additional user execution information is then provided to an event processing system for asynchronous processing.

Abstract: A fog/edge server machine for authenticating a user in an edge computing model is disclosed using a data spectrum table and spectrum hash values to improve performance, efficiency, and/or security. The edge computing model may include, in some examples, a secure Internet of Things (IoT) and/or mobile-based authentication system. Illustrative embodiments of a spectrum table stored at fog/edge server, a spectrum data array and spectrum hash value generated and stored in memory at the fog/edge sever, and a large, data table stored at an application server are disclosed herein to show continuous/subsequent authentication of the user with attributes/values/inputs collected by one or more edge devices during post-login activities/interactions to re-authenticate/maintain the authentication.

Abstract: Embodiments of the present invention provide a system for secure transfer of encrypted resources and asynchronous execution. In general, a user initiates an event with a merchant system and requests a secure resource transfer process associated with the event. Encrypted initial event details are transmitted through an asynchronous command form the merchant system to a computing device of the user, and resource information is identified at the computing device of the user. The computing device of the user then transmits the event details and the resource information to an event processing system for final execution.

Abstract: A memory stores a first voice record of a first user and a second voice record of a second user. A processor receives from a device of the first user a recording of a voice conversation between the first and second users and compares the recording with the first and second voice records to determine that the voice conversation is between the first and second users. The processor also determines that the first and second users intend to conduct a transaction with each other and determines a transaction amount for the transaction. The processor further communicates, to the device of the first user, a message, receives, from the device of the first user, a confirmation of the transaction in response to the message, and in response to the confirmation, initiates the transaction.

Abstract: A client-server security architecture is disclosed that uses a masked grid, a seed, and mutual unlocking techniques to authentication a client device with a server machine using a one-time code (OTC). The client device in the client-server architecture stores a masked grid that is used to unlock an authentication code using a seed. Once mutually unlocked, the client device may generate an OTC to attempt to authenticate the client device with a server machine. The server machine validates that OTC with the OTC stored at the server to confirm they match. Each subsequent access may repeat the aforementioned steps. Moreover, in a multi-device ecosystem, a plurality of client devices may leverage a primary client device to connect with the server machine. For example, one or more subordinate client devices may connect to the primary client device to then tunnel through to the server machine in a secure manner.

Abstract: A client-server security architecture is disclosed that uses a masked grid, a seed, and mutual unlocking techniques to authentication a client device with a server machine using a one-time code (OTC). The client device in the client-server architecture stores a masked grid that is used to unlock an authentication code using a seed. Once mutually unlocked, the client device may generate an OTC to attempt to authenticate the client device with a server machine. The server machine validates that OTC with the OTC stored at the server to confirm they match. Each subsequent access may repeat the aforementioned steps. Moreover, in a multi-device ecosystem, a plurality of client devices may leverage a primary client device to connect with the server machine. For example, one or more subordinate client devices may connect to the primary client device to then tunnel through to the server machine in a secure manner.

Abstract: A client-server security architecture is disclosed that uses a masked grid, a seed, and mutual unlocking techniques to authentication a client device with a server machine using a one-time code (OTC). The client device in the client-server architecture stores a masked grid that is used to unlock an authentication code using a seed. Once mutually unlocked, the client device may generate an OTC to attempt to authenticate the client device with a server machine. The server machine validates that OTC with the OTC stored at the server to confirm they match. Each subsequent access may repeat the aforementioned steps. Moreover, in a multi-device ecosystem, a plurality of client devices may leverage a primary client device to connect with the server machine. For example, one or more subordinate client devices may connect to the primary client device to then tunnel through to the server machine in a secure manner.

Abstract: A client-server security architecture is disclosed that uses a masked grid, a seed, and mutual unlocking techniques to authentication a client device with a server machine using a one-time code (OTC). The client device in the client-server architecture stores a masked grid that is used to unlock an authentication code using a seed. Once mutually unlocked, the client device may generate an OTC to attempt to authenticate the client device with a server machine. The server machine validates that OTC with the OTC stored at the server to confirm they match. Each subsequent access may repeat the aforementioned steps. Moreover, in a multi-device ecosystem, a plurality of client devices may leverage a primary client device to connect with the server machine. For example, one or more subordinate client devices may connect to the primary client device to then tunnel through to the server machine in a secure manner.

Abstract: The present disclosure is directed to a novel system for using a dual factor authorization design for generating channel-dependent one-time passwords. In particular, the system may extract a client code and user code from an authorization code to be sent to a client and a user, respectively. When the user submits the user code via the client, the user code is combined with the client code to create the full authorization code to allow for the authentication of the user. The authorization code may further be mapped to a specific client and/or context. In this way, the system provides a secure way to minimize the incidence of unauthorized access to a user's account without creating additional technical burdens for the user.

Abstract: Arrangements for dynamically authenticating multiple devices in a key network are provided. In some examples, registration information associated with a plurality of devices in a key network may be received. The registration information may include device attributes. Device keys including cross reference data may be generated and transmitted to the plurality of devices. A reference key including one or more starting points for executing one or more hop sequences based on generated hop counts in the reference key may be generated. A first authentication code may also be generated and a hash value of the first authentication code may be stored. Upon receiving a request for authentication, the reference key may be transmitted to the requesting device. The hop sequence(s) may then be executed by one or more of the computing devices in the key network to generate a comparison authentication code.

Abstract: A device that includes a network interface configured to communicate with a remote database and a memory operable to store a set of applications. The device further includes an authentication engine implemented by a processor. The authentication engine is configured to receive log-in credentials for a user on a first application, to send a user information request to the remote database, and to receive user information in response to sending the request. The authentication engine is further configured to send a user profile information request to a second application and to receive user profile information in response to sending the request. The authentication engine is further configured to identify corresponding information between the user information and the user profile information, to determine that at least a portion of the corresponding information between the user information and the user profile information matches, and to authenticate the user in response to determination.

Abstract: A memory stores a first voice record of a first user and a second voice record of a second user. A processor receives from a device of the first user a recording of a voice conversation between the first and second users and compares the recording with the first and second voice records to determine that the voice conversation is between the first and second users. The processor also determines that the first and second users intend to conduct a transaction with each other and determines a transaction amount for the transaction. The processor further communicates, to the device of the first user, a message, receives, from the device of the first user, a confirmation of the transaction in response to the message, and in response to the confirmation, initiates the transaction.

Abstract: A fog/edge server machine for authenticating a user in an edge computing model is disclosed using a data spectrum table and spectrum hash values to improve performance, efficiency, and/or security. The edge computing model may include, in some examples, a secure Internet of Things (IoT) and/or mobile-based authentication system. Illustrative embodiments of a spectrum table stored at fog/edge server, a spectrum data array and spectrum hash value generated and stored in memory at the fog/edge sever, and a large, data table stored at an application server are disclosed herein to show continuous/subsequent authentication of the user with attributes/values/inputs collected by one or more edge devices during post-login activities/interactions to re-authenticate/maintain the authentication.

Abstract: Arrangements for dynamically authenticating multiple devices in a key network are provided. In some examples, registration information associated with a plurality of devices in a key network may be received. The registration information may include device attributes. Device keys including cross reference data may be generated and transmitted to the plurality of devices. A reference key including one or more starting points for executing one or more hop sequences based on generated hop counts in the reference key may be generated. A first authentication code may also be generated and a hash value of the first authentication code may be stored. Upon receiving a request for authentication, the reference key may be transmitted to the requesting device. The hop sequence(s) may then be executed by one or more of the computing devices in the key network to generate a comparison authentication code.

Abstract: Arrangements for dynamically authenticating multiple devices in a key network are provided. In some examples, registration information associated with a plurality of devices in a key network may be received. The registration information may include device attributes. Device keys including cross reference data may be generated and transmitted to the plurality of devices. A reference key including one or more starting points for executing one or more hop sequences based on generated hop counts in the reference key may be generated. A first authentication code may also be generated and a hash value of the first authentication code may be stored. Upon receiving a request for authentication, the reference key may be transmitted to the requesting device. The hop sequence(s) may then be executed by one or more of the computing devices in the key network to generate a comparison authentication code.

Abstract: Arrangements for dynamically authenticating multiple devices in a key network are provided. In some examples, registration information associated with a plurality of devices in a key network may be received. The registration information may include device attributes. Device keys including cross reference data may be generated and transmitted to the plurality of devices. A reference key including one or more starting points for executing one or more hop sequences based on generated hop counts in the reference key may be generated. A first authentication code may also be generated and a hash value of the first authentication code may be stored. Upon receiving a request for authentication, the reference key may be transmitted to the requesting device. The hop sequence(s) may then be executed by one or more of the computing devices in the key network to generate a comparison authentication code.

Abstract: A device that includes a network interface configured to communicate with a remote database and a memory operable to store a set of applications. The device further includes an authentication engine implemented by a processor. The authentication engine is configured to receive log-in credentials for a user on a first application, to send a user information request to the remote database, and to receive user information in response to sending the request. The authentication engine is further configured to send a user profile information request to a second application and to receive user profile information in response to sending the request. The authentication engine is further configured to identify corresponding information between the user information and the user profile information, to determine that at least a portion of the corresponding information between the user information and the user profile information matches, and to authenticate the user in response to determination.

Abstract: A computer system supports secondary authentication mechanism for authentication of a user, where the computer system may provide a variety of services including financial, scientific, academic, or governmental services. The computer system utilizes a multiphase distributed trust model in which the user is authenticated based on distributed trust of a set of randomly selected trusted contacts from a large set of trusted contacts initially chosen during an enrollment phase. During the authentication phase, a subset of contacts (affirmers) is selected from the contact list. The computer system then provides additional authentication information to each of the affirmers who subsequently share the information with the user. The user then provides this information from the computer system in order to complete the secondary authentication.

Abstract: Apparatus and methods for protecting biometric authentication information associated with a paper document are provided. A mobile device application may pre-associate the document with a biometric input. The mobile device application may generate a first composite hash value based on a combination of a numerical representation of a first image of the paper document and a numerical representation of a first biometric input. Subsequently, an authentication server may generate a second composite hash value based on a combination of a numerical representation of a second image of the paper document and a numerical representation of a second biometric input. The authentication server may determine whether an edit distance separating the second composite hash value and the first composite hash value is less than a threshold distance. If the edit distance is less than a threshold distance, the paper document may be authenticated.

Abstract: Embodiments of the present invention provide a system for employing a smart device for secure and authenticated event. The system may include a smart assistant device that receives an audible request from a user for an event with a merchant. The smart assistant device then establishes a secure active session with a mobile device associated with the user over a wireless network. The smart assistant device determines a digital voice ID for the received audible request for the event and transmits the digital voice ID and event information to the mobile device of the user. A smart assistant application of the mobile device validates the digital voice ID based on stored reference data. Event information and additional user execution information is then provided to an event processing system for asynchronous processing.