Abstract: Systems and methods for decentralized user authentication for digital services, for example, in connection with user authentication for online services, are provided. A first mutual authentication is established between a decentralized authentication module and a first authentication server and a second mutual authentication is established between the decentralized authentication module and a second authentication server. The first mutual authentication includes exchanging security credentials between the first authentication server and the decentralized authentication module. The second mutual authentication is based on one or more second security credentials associated with the second authentication server.

Abstract: A method for authenticating a software application instance, the method includes a user device transmitting a request for access to a server device, wherein the request includes an App ID. The method further includes a server device transmitting a session ID to the user device and transmitting the session ID and the App ID to an anti-clone engine. The method further includes the anti-clone engine generating and transmitting a challenge token to the user device, and receiving and processing a response token to determine whether the user device is an authentic software application instance. The method further includes the anti-clone engine transmitting an authorization message to the server device.

Abstract: Obtaining authorization from a subscriber to an authorization service provided by an authorization provider in a data communications system. The data communications system includes a plurality of relying parties and a plurality of authorization providers. An authorization request including data identifying a subscriber to an authorization service is received from a relying party. An authorization provider is selected from the plurality of authorization providers on the basis of the subscriber-identifying data. An authorization request is transmitted to the selected authorization provider. An authorization response is received from the selected authorization provider. The authorization response indicates that the subscriber has authorized the request on a telecommunications device with which contact has been initiated by the authorization provider in response to the authorization request.

Abstract: Obtaining authorization from a subscriber to an authorization service provided by an authorization provider in a data communications system. The data communications system includes a plurality of relying parties and a plurality of authorization providers. An authorization request including data identifying is subscriber to an authorization service is received from a relying party. An authorization provider is selected from the plurality of authorization providers on the basis of the subscriber-identifying data. An authorization request is transmitted to the selected authorization provider. An authorization response is received from the selected authorization provider. The authorization response indicates that the subscriber has authorized the request on a telecommunications device with which contact has been initiated by the authorization provider in response to the authorization request.

Abstract: A method for authenticating a software application instance, the method includes a user device transmitting a request for access to a server device, wherein the request includes an App ID. The method further includes a server device transmitting a session ID to the user device and transmitting the session ID and the App ID to an anti-clone engine. The method further includes the anti-clone engine generating and transmitting a challenge token to the user device, and receiving and processing a response token to determine whether the user device is an authentic software application instance. The method further includes the anti-clone engine transmitting an authorization message to the server device.