Abstract: In an illustrative embodiment, a user device may block all the phone numbers used by an enterprise. When an enterprise wants to call the user, the enterprise may notify the user device through a separate secure channel that an enterprise phone number is in the process of making a phone call to the user device. The secure channel may include an authentication server that may request the user device to unblock the enterprise phone number. An incoming phone call from the enterprise phone number therefore can be trusted. After the phone call is terminated, the user device may again block the enterprise phone number. An attacker may not have access to the authentication server and a phone call from the attacker with a spoofed enterprise phone number (now blocked) may be dropped by the user device.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprises an authentication server for authentication leveraging multiple audio channels. The server receives an authentication request regarding a user upon the user interacting with a first electronic device. The server requests the first device to transmit a first audio file of an audio sample to the server. The audio sample may be the user's audio command or a machine-generated audio signal. The server requests a second electronic device to transmit a second audio file that is the recording of the same audio sample to the server. The second electronic device is a trusted device in proximity of the first device and executes an authentication function to enable the recording and transmitting of the audio sample. The server determines a similarity score between the first audio file and the second audio file and authenticates the user based on the similarity score.

Abstract: A technique to establish a secure session to a network-accessible application from a mobile device executing a native app. Initially, the network-accessible application is provisioned for access by an enterprise associating a set of one or more of its enterprise users with the network-accessible application. Thereafter, access to the application is enabled via an identity provider. In operation, the identity provider receives a request to validate that an enterprise user seeking access to the network-accessible application is associated with the application. The request is generated by the application in response to a login request initiated from the native app from a mobile device, wherein a certificate for the application is not available to the native app.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprises an authentication server for authentication leveraging multiple audio channels. The server receives an authentication request regarding a user upon the user interacting with a first electronic device. The server requests the first device to transmit a first audio file of an audio sample to the server. The audio sample may be the user's audio command or a machine-generated audio signal. The server requests a second electronic device to transmit a second audio file that is the recording of the same audio sample to the server. The second electronic device is a trusted device in proximity of the first device and executes an authentication function to enable the recording and transmitting of the audio sample. The server determines a similarity score between the first audio file and the second audio file and authenticates the user based on the similarity score.

Abstract: In an illustrative embodiment, a user device may block all the phone numbers used by an enterprise. When an enterprise wants to call the user, the enterprise may notify the user device through a separate secure channel that an enterprise phone number is in the process of making a phone call to the user device. The secure channel may include an authentication server that may request the user device to unblock the enterprise phone number. An incoming phone call from the enterprise phone number therefore can be trusted. After the phone call is terminated, the user device may again block the enterprise phone number. An attacker may not have access to the authentication server and a phone call from the attacker with a spoofed enterprise phone number (now blocked) may be dropped by the user device.

Abstract: A method of obtaining and automatically providing secure authentication information includes registering a client device over a data line, storing information and a changeable value for authentication in subsequent telephone-only transactions. In the subsequent transactions, a telephone call placed from the client device to an interactive voice response server is intercepted and modified to include dialing of a delay and at least a passcode, the passcode being based on the unique information and the changeable value, where the changeable value is updated for every call session. The interactive voice response server forwards the passcode and a client device identifier to an authentication function, which compares the received passcode to plural passcodes generated based on information and iterations of a value stored in correspondence with the client device identifier. Authentication is confirmed when a generated passcode matches the passcode from the client device.

Abstract: The invention may verify calls to a telephone device by activating call forwarding to redirect calls for the telephone device to a prescribed destination; receiving a message from a server verifying the call; deactivating call forwarding to receive the call; and reactivating call forwarding when the call is concluded. In another embodiment, the invention may, in response to a telephone device initiating a call to a second telephone device installed with a particular application or software, transmit a message to a server causing it to instruct the second telephone device to deactivate call forwarding. In yet another embodiment, the invention may cause a server to receive a message from a prescribed location indicating that a call was received via call forwarding, and in response to the message, transmit an instruction to the intended recipient to deactivate the call forwarding if the call is verified as legitimate.

Abstract: In an illustrative embodiment, a user device may block all the phone numbers used by an enterprise. When an enterprise wants to call the user, the enterprise may notify the user device through a separate secure channel that an enterprise phone number is in the process of making a phone call to the user device. The secure channel may include an authentication server that may request the user device to unblock the enterprise phone number. An incoming phone call from the enterprise phone number therefore can be trusted. After the phone call is terminated, the user device may again block the enterprise phone number. An attacker may not have access to the authentication server and a phone call from the attacker with a spoofed enterprise phone number (now blocked) may be dropped by the user device.

Abstract: In an illustrative embodiment, a user device may block all the phone numbers used by an enterprise. When an enterprise wants to call the user, the enterprise may notify the user device through a separate secure channel that an enterprise phone number is in the process of making a phone call to the user device. The secure channel may include an authentication server that may request the user device to unblock the enterprise phone number. An incoming phone call from the enterprise phone number therefore can be trusted. After the phone call is terminated, the user device may again block the enterprise phone number. An attacker may not have access to the authentication server and a phone call from the attacker with a spoofed enterprise phone number (now blocked) may be dropped by the user device.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprises an authentication server for caller ID verification. When a caller makes a phone call, the server receives the phone call and verifies whether the phone call is from a registered device associated with the phone number. The server queries the registered device to retrieve one or more current call states via an authentication function on the registered device. The server compares the states and/or state transitions to the observed states and/or state transitions of the phone call. If the registered device states and/or state transitions match the observed phone call states and/or state transitions, the server verifies that the phone call is from the registered device and not some imposter's device. If there is no such match, the server rejects the phone call before the call phone is connected or terminates the phone call after the phone call is connected.

Abstract: A method of obtaining and automatically providing secure authentication information includes registering a client device over a data line, storing information and a changeable value for authentication in subsequent telephone-only transactions. In the subsequent transactions, a telephone call placed from the client device to an interactive voice response server is intercepted and modified to include dialing of a delay and at least a passcode, the passcode being based on the unique information and the changeable value, where the changeable value is updated for every call session. The interactive voice response server forwards the passcode and a client device identifier to an authentication function, which compares the received passcode to plural passcodes generated based on information and iterations of a value stored in correspondence with the client device identifier. Authentication is confirmed when a generated passcode matches the passcode from the client device.

Abstract: The invention may verify calls to a telephone device by activating call forwarding to redirect calls for the telephone device to a prescribed destination; receiving a message from a server verifying the call; deactivating call forwarding to receive the call; and reactivating call forwarding when the call is concluded. In another embodiment, the invention may, in response to a telephone device initiating a call to a second telephone device installed with a particular application or software, transmit a message to a server causing it to instruct the second telephone device to deactivate call forwarding. In yet another embodiment, the invention may cause a server to receive a message from a prescribed location indicating that a call was received via call forwarding, and in response to the message, transmit an instruction to the intended recipient to deactivate the call forwarding if the call is verified as legitimate.

Abstract: Disclosed herein are embodiments of systems and methods for zero-knowledge multiparty secure sharing of voiceprints. In an embodiment, an illustrative computer may receive, through a remote server, a plurality of encrypted voiceprints. When the computer receives an incoming call, the computer may generate a plaintext i-vector of the incoming call. Using the plaintext i-vector and the encrypted voiceprints, the computer may generate one or more encrypted comparison models. The remote server may decrypt the encrypted comparison model to generate similarity scores between the plaintext i-vector and the plurality of encrypted voiceprints.

Abstract: The invention may verify calls to a telephone device by activating call forwarding to redirect calls for the telephone device to a prescribed destination; receiving a message from a server verifying the call; deactivating call forwarding to receive the call; and reactivating call forwarding when the call is concluded. In another embodiment, the invention may, in response to a telephone device initiating a call to a second telephone device installed with a particular application or software, transmit a message to a server causing it to instruct the second telephone device to deactivate call forwarding. In yet another embodiment, the invention may cause a server to receive a message from a prescribed location indicating that a call was received via call forwarding, and in response to the message, transmit an instruction to the intended recipient to deactivate the call forwarding if the call is verified as legitimate.

Abstract: A method of obtaining and automatically providing secure authentication information includes registering a client device over a data line, storing information and a changeable value for authentication in subsequent telephone-only transactions. In the subsequent transactions, a telephone call placed from the client device to an interactive voice response server is intercepted and modified to include dialing of a delay and at least a passcode, the passcode being based on the unique information and the changeable value, where the changeable value is updated for every call session. The interactive voice response server forwards the passcode and a client device identifier to an authentication function, which compares the received passcode to plural passcodes generated based on information and iterations of a value stored in correspondence with the client device identifier. Authentication is confirmed when a generated passcode matches the passcode from the client device.

Abstract: The invention may verify calls to a telephone device by activating call forwarding to redirect calls for the telephone device to a prescribed destination; receiving a message from a server verifying the call; deactivating call forwarding to receive the call; and reactivating call forwarding when the call is concluded. In another embodiment, the invention may, in response to a telephone device initiating a call to a second telephone device installed with a particular application or software, transmit a message to a server causing it to instruct the second telephone device to deactivate call forwarding. In yet another embodiment, the invention may cause a server to receive a message from a prescribed location indicating that a call was received via call forwarding, and in response to the message, transmit an instruction to the intended recipient to deactivate the call forwarding if the call is verified as legitimate.

Abstract: The invention may verify calls to a telephone device by activating call forwarding to redirect calls for the telephone device to a prescribed destination; receiving a message from a server verifying the call; deactivating call forwarding to receive the call; and reactivating call forwarding when the call is concluded. In another embodiment, the invention may, in response to a telephone device initiating a call to a second telephone device installed with a particular application or software, transmit a message to a server causing it to instruct the second telephone device to deactivate call forwarding. In yet another embodiment, the invention may cause a server to receive a message from a prescribed location indicating that a call was received via call forwarding, and in response to the message, transmit an instruction to the intended recipient to deactivate the call forwarding if the call is verified as legitimate.