Abstract: In some embodiments, a malware detection system includes an attack channel removal unit, a feature extraction unit coupled to the attack channel removal unit, and a graphical encoding unit coupled to the feature extraction unit and a malware detection unit. In some embodiments, based upon graphically-encoded component-based features and monotonic features extracted from attack-channel-free software output by the attack channel removal unit, the malware detection unit detects malware in software input into the malware detection system. In some embodiments, the monotonic features extracted from the attack-channel free software and the graphically-encoded component-based features are combined to generate a combination monotonic-component based feature vector. In some embodiments, the combination monotonic-component based feature vector is used to detect malware using the malware detection system.

Abstract: A method is disclosed. The method comprises receiving, by an identity network computer, a query set including a plurality of test identity attributes. After receiving the query set, the identity network computer may retrieve derivatives of identity attributes associated with a user, and an encrypted trapdoor, then compute an obscured query set using the query set, and optionally the derivatives of identity attributes. The identity network computer may transmit the obscured query set (i) and the encrypted trapdoor to a user device associated with the user, which generates and transmits a first modified trapdoor and the obscured query set to a relying party computer, or (ii) and a second modified trapdoor to the relying party computer. The relying party computer may thereafter use the obscured query set, and the first modified trapdoor or the second modified trapdoor, to determine if the identity attributes is a member of the query set.

Abstract: Provided is a computer-implemented method for authenticating a customer during payment transactions based on biometric identification parameters of the customer that includes receiving image data associated with an image template for identification of a customer, receiving image data associated with an image of a biometric identification parameter of the customer during a payment transaction between the customer and a merchant, establishing a short-range communication connection with a user device associated with the customer during the payment transaction between the customer and the merchant, authenticating an identity of the customer for the payment transaction via the short-range communication connection, determining an account identifier of an account of the customer based on authenticating the identity of the customer for the payment transaction, and processing the payment transaction using the account identifier of the account of the customer. A system and computer program product are also disclosed.

Abstract: Provided is a computer-implemented method for authenticating an identification document. The method includes determining, with at least one processor, whether image data associated with the identification document has at least one predetermined indicia. In response to determining that the image data has the at least one predetermined indicia, the method includes determining whether the at least one predetermined indicia corresponds to at least one invalidation mark on the identification document, and, in response to determining that the at least one predetermined indicia corresponds to the at least one invalidation mark, determining, that the identification document is invalid. In response to determining that the identification document is invalid, the method includes preventing or causing the prevention of at least one action from being performed. A system and computer program product for authenticating identification documents are also disclosed.

Abstract: Acoustic signatures can be used in connection with a voice-enabled computer system. An acoustic signature can be a specific noise pattern (or other sound) that is played while the user is speaking and that is mixed in the acoustic channel with the user's speech. The microphone of the voice-enabled computer system can capture, as recorded audio, a mix of the acoustic signature and the user's voice. The voice-enabled computer system can analyze the recorded audio (locally or at a backend server) to verify that the expected acoustic signature is present and/or that no previous acoustic signature is present.

Abstract: Embodiments of the invention are directed to systems, methods, and devices for testing the security of a facial recognition system (FRS). A target image depicting a target person enrolled in the FRS and a tester image depicting a tester may be obtained. A plurality of transformed images may be generated from an image of the target person or the tester image. A processed tester image (e.g., one that is likely to cause the FRS to misclassify) may be identified using the plurality of transformed images, the tester image, and the target image. Data representing a light pattern can be generated using the processed tester image and the light pattern can be projected onto a second person. Another image may be captured of the second person with the light pattern as projected. This image may be provided to the FRS and a remedial action may be performed based on the corresponding output.

Abstract: Provided is a computer-implemented method for authenticating an identification document. The method includes determining, with at least one processor, whether image data associated with the identification document has at least one predetermined indicia. In response to determining that the image data has the at least one predetermined indicia, the method includes determining whether the at least one predetermined indicia corresponds to at least one invalidation mark on the identification document, and, in response to determining that the at least one predetermined indicia corresponds to the at least one invalidation mark, determining, that the identification document is invalid. In response to determining that the identification document is invalid, the method includes preventing or causing the prevention of at least one action from being performed. A system and computer program product for authenticating identification documents are also disclosed.

Abstract: Provided is a computer-implemented method for authenticating a customer during payment transactions based on biometric identification parameters of the customer that includes receiving image data associated with an image template for identification of a customer, receiving image data associated with an image of a biometric identification parameter of the customer during a payment transaction between the customer and a merchant, establishing a short-range communication connection with a user device associated with the customer during the payment transaction between the customer and the merchant, authenticating an identity of the customer for the payment transaction via the short-range communication connection, determining an account identifier of an account of the customer based on authenticating the identity of the customer for the payment transaction, and processing the payment transaction using the account identifier of the account of the customer. A system and computer program product are also disclosed.

Abstract: Training an adversarial perturbation detector comprises accessing a training set comprising an enrolled biometric sample xi and a public biometric sample x of an enrolled user, and submitted biometric samples x? of a second user, the submitted biometric samples x? comprising perturbed adversarial samples x?+?x?. A transformation function k(?) is provided having learnable a parameter ? and a classifier having a learnable parameter ?. The training set is used to learn the parameters ? and ? by inputting the training set to the transformation function k(?). The transformation function k(?) generates transformed enrolled samples k(xi), a transformed public biometric sample k(x), and a transformed adversarial sample k(x?+?x?). The classifier classifies the transformed adversarial sample k(x?+?x?) as a success or as a fail based on the transformed enrolled samples k(xi). Based on a result of the classification, the learnable parameters ? and ? are updated.

Abstract: A computer-implemented method for improving security of a biometrics-based authentication system comprises receiving, by one or more servers, enrolled biometric samples of an enrolled user during an enrollment stage of the biometrics-based authentication system. Augmented biometric samples are created by adding learned perturbations to the enrolled biometric samples of the enrolled user. During a request for authentication, submitted biometric samples are received from a second user. The submitted biometric samples of the second user are compared to the enrolled biometric samples and to the augmented biometric samples of the enrolled user based on predefined metrics. Based on the comparison it is determined whether the submitted biometric samples of the second user have been modified to impersonate the enrolled user.

Abstract: Methods and systems for performing demographics filtering based on biometric information are disclosed. An access terminal can capture a biometric instance corresponding to a user, such as a fingerprint scan, iris scan, etc. The access terminal can determine demographics information from the biometric instance, such as the age, biological sex, or ethnicity of the user. The access terminal can compare the demographics information to demographics information stored on a group of mobile devices corresponding to a group of users, in order to identify candidate user mobile devices. Once candidate user mobile devices are identified, the access terminal can perform a biometric match between the biometric instance corresponding to the user and biometric instances stored on the candidate user mobile devices. Once a biometric match and the corresponding mobile device are determined, the access terminal can conduct a further interaction with the mobile device.

Abstract: Acoustic signatures can be used in connection with a voice-enabled computer system. An acoustic signature can be a specific noise pattern (or other sound) that is played while the user is speaking and that is mixed in the acoustic channel with the user's speech. The microphone of the voice-enabled computer system can capture, as recorded audio, a mix of the acoustic signature and the user's voice. The voice-enabled computer system can analyze the recorded audio (locally or at a backend server) to verify that the expected acoustic signature is present and/or that no previous acoustic signature is present.

Abstract: Techniques for intelligently deciding the optimal authenticator(s) from amongst those supported by an electronic device are described. The authentication system according to some embodiments may include a dynamic machine learner that incorporates the attributes of: (i) user behavior attributes (e.g., preferred authenticator); (ii) device attributes (e.g., hardware and software specifications, applications, etc.); and (iii) operating environment attributes (e.g., ambient light, noise, etc.), as well as the interplay between the aforementioned attributes over time to make the decision. In some embodiments, the authentication activities and patterns of other users of similar type (e.g., users exhibiting similar behavior across different operating environments) can also be learned and employed to improve the decision making process over time.

Abstract: A delegated biometric authentication system and related methods are disclosed. Using the system, a user can securely delegate biometric authentication to a public device from his communication device. This public device may be an Internet of things device that is not owned by the user, such as a computer, smart TV. tablet, etc. The public device may operate in a public place, such as a hotel or library. The communication device may be the users own smartphone or tablet, etc. A fuzzy vault process can be used to store the user's biometric template in the system Embodiments preserver the user's privacy without compromising authentication security and user convenience.

Abstract: Techniques for intelligently deciding the optimal authenticator(s) from amongst those supported by an electronic device are described. The authentication system according to some embodiments may include a dynamic machine learner that incorporates the attributes of: (i) user behavior attributes (e.g., preferred authenticator); (ii) device attributes (e.g., hardware and software specifications, applications, etc.); and (iii) operating environment attributes (e.g., ambient light, noise, etc.), as well as the interplay between the aforementioned attributes over time to make the decision. In some embodiments, the authentication activities and patterns of other users of similar type (e.g., users exhibiting similar behavior across different operating environments) can also be learned and employed to improve the decision making process over time.

Abstract: A method is disclosed. An authentication node may receive a plurality of encrypted match values, wherein the plurality of encrypted match values were formed by a plurality of worker nodes that compare a plurality of encrypted second biometric template parts derived from a second biometric template to a plurality of encrypted first biometric template parts derived from a first biometric template. The authentication node may decrypt the plurality of encrypted match values resulting in a plurality of decrypted match values. The authentication node may then determine if a first biometric template matches the second biometric template using the plurality of decrypted match values. An enrollment node may be capable of enrolling a biometric template and storing encrypted biometric template parts at worker nodes.

Abstract: Acoustic signatures can be used in connection with a voice-enabled computer system. An acoustic signature can be a specific noise pattern (or other sound) that is played while the user is speaking and that is mixed in the acoustic channel with the user's speech. The microphone of the voice-enabled computer system can capture, as recorded audio, a mix of the acoustic signature and the user's voice. The voice-enabled computer system can analyze the recorded audio (locally or at a backend server) to verify that the expected acoustic signature is present and/or that no previous acoustic signature is present.

Abstract: Described herein are a system and techniques for detecting whether biometric data provided in an access request is genuine or a replay. In some embodiments, the system uses an machine learning model trained using genuine and replay sample data which is optimized in order to produce a result set in which results for the genuine samples are pulled closer to a genuine center and results for the replay samples are pushed away from the genuine center. Subjecting input biometric data (e.g., an audio sample) to the trained model results in a classification of the input biometric data as genuine or replay, which can then be used to determine whether or not to verify the input biometric data.

Abstract: A computer-implemented method is disclosed. The method includes a) accessing a first image, b) accessing a second image, c) from an adversarial pattern generating system, generating a face recognition adversarial pattern for display from a specified region of a face corresponding to the second image, the face recognition adversarial pattern operable to minimize a measure of distance as determined by a face recognition system, between the face and a class of the first image, or to maximize a probability of the misclassification of the second image by the face recognition system, d) providing a face mountable device, that is mounted on the face, access to the face recognition adversarial pattern in real time via a communications component, and e) controlling light patterns on the face mountable device according to the face recognition adversarial pattern.

Abstract: A delegated biometric authentication system and related methods are disclosed. Using the system, a user can securely delegate biometric authentication to a public device from his communication device. This public device may be an Internet of things device that is not owned by the user, such as a computer, smart TV, tablet, etc. The public device may operate in a public place, such as a hotel or library. The communication device may be the user's own smartphone or tablet, etc. A fuzzy vault process can be used to store the user's biometric template in the system Embodiments preserver the user's privacy without compromising authentication security and user convenience.