Abstract: A computer-implemented method for remote management of hardware security modules (HSMs) includes receiving a command request from a mobile device. The command request includes an encrypted key part and an encrypted signing key. The HSM decrypts the command request using a key associated with a security zone of the mobile device. The HSM decrypts the encrypted key part and the encrypted signing key. Decrypting the encrypted key part and the encrypted signing key includes using the key associated with the security zone of the mobile device and a key associated with a remote administrator associated with the mobile device. A command is generated for a domain with a target HSM. The command is generated using the decrypted key part and the decrypted signing key. The command is transmitted to the domain for execution by the target HSM. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A method includes receiving an agreement associated with a signing party by a computing system, receiving a biometric sample captured from the signing party by the computing system, generating a hash of the agreement by the computing system, and receiving a secret knowledge factor by the computing system. The method further includes generating an encryption key using the secret knowledge factor as an input to a password authenticated key exchange protocol by the computing system and generating a biometric-based electronic signature token by encrypting the biometric sample and the hash of the agreement with the encryption key by the computing system. The method further includes generating a smart contract based on the agreement by the computing system. The smart contract includes terms of the agreement and the biometric-based electronic signature token. The biometric-based electronic signature token providing biometric-based pre-authorization to be initiated by the smart contract.

Abstract: In an approach to obfuscation of sensitive information through non-visual feedback, responsive to receiving a signal from a user to start a session requiring input of sensitive data, one or more dummy character positions are determined, where the one or more dummy character positions represent characters that are not part of the sensitive data. Responsive to a current character position is any dummy character position of the one or more dummy character positions, the user is signaled that a next input character will be ignored, where the user is signaled using non-visual feedback. Responsive to receiving the next input character from the user, where the current character position is any dummy character position of the one or more dummy character positions, the next input character is ignored.

Abstract: Techniques are described herein that are capable of provisioning a trusted execution environment (TEE) based on (e.g., based at least in part on) a chain of trust that includes a platform on which the TEE executes. Any suitable number of TEEs may be provisioned. For instance, a chain of trust may be established from each TEE to the platform on which an operating system that launched the TEE runs. Any two or more TEEs may be launched by operating system(s) running on the same platform or by different operating systems running on respective platforms. Once the chain of trust is established for a TEE, the TEE can be provisioned with information, including but not limited to policies, secret keys, secret data, and/or secret code. Accordingly, the TEE can be customized with the information without other parties, such as a cloud provider, being able to know or manipulate the information.

Abstract: Disclosed are systems and methods that require/force bots to access and interact with webpages at a similar level to humans, by including an executable script that generates/updates a test value for a webpage. The client devices must perform certain processing and/or rendering of the webpage to call the computations necessary for generating the updated test value. The script must be executed as a function of processing and/or rendering the webpage. The script may be retrieved from the webserver as a function of processing and/or rendering the webpage. When the browser executes this script, the browser generates the updated test value. At some point, the client device submits a request for certain process with the updated test value. The server compares the inbound test value from the client device against an initial/previously received test value or an expected test value to determine whether the browser is being operated by a human.

Abstract: A data deidentification system that extracts insights from user data, and retains both the insights and user data in a form that complies with applicable data privacy and related standards. The system receives user data, which can include personal identifying information and other sensitive data governed by one or more standards, including standards specifying how the data can be used and how long it can be retained. From the data, the system extracts insights characterizing various aspects of the associated users. The system also selectively hashes portions of the data, obscuring the identity of associated users. Neither the insights nor the selectively hashed data identify individual users, and therefore they are not subject to the same standards and can be retained indefinitely. Later, after the standards-protected data has been discarded, the system can provide insight information in response to a request.

Abstract: Provided is a surveillance planning device configured to generate a checklist with respect to a region based on spatial information and object information of the region, obtain device installation condition information based on a user response to the checklist, and recommend, to a user, a list of devices to be installed in the region and an installation location of the devices based on the spatial information, the object information, and the device installation condition information.

Abstract: A computing device includes a memory and a processor configured to cooperate with the memory to receive a connection lease and a token from a client device, with the token being generated responsive to the client device completing multi-factor authentication (MFA) with a provider of MFA. The processor further verifies, responsive to unavailability of the provider of MFA, that the client device has previously performed MFA based upon the token, and connect the client device to a computing session with use of the connection lease and responsive to the verification that the client device has performed MFA.

Abstract: A circuit and corresponding method enable bitcoin mining in a blockchain network. The circuit comprises a nonce generator that generates a nonce value, on a cycle-by-cycle basis, and changes only one binary digit of the nonce value per cycle. The circuit further comprises a hash engine that inserts, on the cycle-by-cycle basis, the nonce value into a block header of a block candidate and generates a digest by applying a hash function to the block header. The block header includes a representation of a target value. The circuit further comprises a validator that compares, on the cycle-by-cycle basis, the digest to the target value. In an event the digest satisfies the target value, the validator submits the block candidate to the blockchain network, causing newly minted bitcoin to be mined from the blockchain network. Changing only one binary digit of the nonce value, per cycle, reduces power consumption of the circuit.

Abstract: Method and apparatus for authentication of a user to a server that involves the user performing a requested act and that further involves relative movement between the user and a camera wherein fiducial marks are captured.

Abstract: A device that includes a secure element or a secure environment receives a token for authenticating a user that has an account with a service provider. The device generates, based on the token, a set of keys that include at least a private key and a public key. The device performs a key authentication procedure to compare the set of keys and a configured set of keys and selects a public key, of the set of keys or the configured set of keys, based on a result of the key authentication procedure. The device causes a device identifier of the device and the public key to be provided to another device that uses the device identifier and the public key to perform an authentication procedure to authenticate the user. The device receives, from the other device, an indication of whether the device is connected to a network.

Abstract: Briefly, example methods, apparatuses, and/or articles of manufacture are disclosed that may be implemented, in whole or in part, using one or more computing devices to receive at a server device coupled to a communications network, a first signal indicating that a subscriber of a mobile device has initiated a transaction. The method may continue with accessing a data store to determine occurrence of one or more deterministic events with respect to the mobile device and accessing the data store to determine one or more behavior norms specific to the subscriber with respect to the mobile device. The method may additionally include generating, by the server coupled to the communications network, a second signal indicating an authorization status of the transaction, the authorization status being dependent on the occurrence of the one or more deterministic events in relation to the one or more behavior norms.

Abstract: There is provided an information processing device including: a communication unit configured to receive a first hash value calculated using a first sharing key from a terminal; and a dividing unit configured to determine a division unit of a word used for document search on the basis of matching between an encryption dictionary and a second hash value that is calculated by performing a homomorphic hash operation on the first hash value using a second sharing key corresponding to the first sharing key, in which the communication unit transmits, to the terminal, encrypted information related to the division unit determined by the dividing unit.

Abstract: The disclosed embodiments relate to a system that authenticates and/or identifies a user of an electronic device based on passive factors, which do not require conscious user actions. During operation of the system, in response to detecting a trigger event, the system collects sensor data from one or more sensors in the electronic device. Next, the system extracts a feature vector from the sensor data. The system then analyzes the feature vector to authenticate and/or identify the user, wherein the feature vector is analyzed using a model trained with sensor data previously obtained from the electronic device while the user was operating the electronic device.

Abstract: A method for a gradual credential disablement is provided. The method includes receiving, at data processing hardware, a request for access to a resource. The request includes a request authenticator. The method also includes comparing, by the data processing hardware, the request authenticator against a security credential associated with the resource. The method further includes determining, by the data processing hardware, whether the request authenticator satisfies the security credential. When the request authenticator satisfies the security credential, the method includes granting or denying, by the data processing hardware, access to the resource based on a request failure rate associated with the security credential.

Abstract: A network and a device can support a secure session with both (i) multiple post-quantum cryptography (PQC) key encapsulation mechanisms (KEM) and (ii) forward secrecy. The network can operate (i) a first server for conducting KEM with the device and (ii) a second server for generating a digital signature which can be verified by the device with a server certificate. The first server can receive a device ephemeral public key (ePK.device) and generate (i) a server ephemeral public key (ePK.server) and private key. The first server can send, to the second server, data comprising ciphertext for the ePK.device, ePK.server and the server certificate. The second server can (i) generate the digital signature over the data, and (ii) send the digital signature to the first server. The first server can conduct a KEM with ePK.device and the ciphertext in order to encrypt at least ePK.server and the digital signature.

Abstract: A method, apparatus and product comprising: identifying a login session in a Graphical User Interface (GUI) of a user device, wherein the login session is configured to enable a user of the user device to login to a first software system; extracting one or more user credentials from the login session, wherein the one or more user credentials comprise one or more user inputs to the login session; manipulating the one or more user credentials using one or more manipulations, thereby obtaining manipulated credentials; and automatically utilizing the manipulated credentials in order to login the user into a second software system.

Abstract: A method, apparatus and product comprising: identifying a login session in a Graphical User Interface (GUI) of a user device, wherein the login session is configured to enable a user of the user device to login to a first software system; extracting one or more user credentials from the login session, wherein the one or more user credentials comprise one or more user inputs to the login session; manipulating the one or more user credentials using one or more manipulations, thereby obtaining manipulated credentials; and automatically utilizing the manipulated credentials in order to login the user into a second software system.

Abstract: An authentication device includes: a wearing position determination unit that determines a wearing position, the wearing position being a position at which a wearable article comprising a sensor is being worn on a body; and an authentication unit that performs authentication by using biometric information of the body, the biometric information being detected by the sensor at the wearing position.

Abstract: Embodiments described herein provide a system and method for controlling access to electronic files by linking the files to a file access monitoring system, called the file access monitor in this application. The file access monitor then authorizes the use of the one or more files by performing one or more qualifying steps on the accessing computer system. The file access monitor may be a standalone program or an embedded logic within a closed system like an application, an operating system (O/S), an external device like a printer, a web browser or a web browsing application. Access to electronic files can include the exchange, modification, execution, printing, viewing, listening, copying and replication of these files to name a few. A given protected electronic file is transferred from a sending computer system to a receiving computer system for eventual access. The receiving computer may also become the accessing computer should a user on the receiving computer wish to access the transferred file.

Abstract: An example method of file transfer between a client and a server includes: initiating, by the client, a front-end control connection between the client and a horizontally scaled proxy service; creating, by a first proxy instance of a plurality of proxy instances of the horizontally scaled proxy service, a back-end control connection between the first proxy instance and the server; returning, to the client from the first proxy instance, a unique client parameter associated with the front-end connection as a destination port for a front-end data connection; initiating, by the client, the front-end data connection between the client and the horizontally scaled proxy service, the front-end data connection using the destination port as returned by the first proxy instance; and creating, by the first proxy instance, a back-end data connection between the first proxy instance and the server.

Abstract: Secrets such as secure session cookies for a web browser can be protected on a compute instance with multiple layers of encryption, such as by encrypting key material that in turn controls cryptographic access to the secret. A compute instance can be instrumented to detect when a process attempts to decrypt this key material so that the process requesting decryption can be compared to authorized or legitimate users of the secret.

Abstract: Described herein are computerized methods and systems for user authentication using an imaged machine-readable identity document. A server receives an authentication request from a first client device, including image files corresponding to a user's machine-readable identity document. The server displays on the first client device user-identifying data elements extracted from the image files. The server captures additional user-identifying data elements from the first client device, and verifies the user's identity based upon the user-identifying data elements. The server determines user contact channel data based upon the verified identity. The server displays the contact channel data on the first client device, and generates a transient access code upon receiving a contact channel selection.

Abstract: Embodiments provide methods and systems for preventing a fraudulent payment transaction. The method performed by issuer system associated with payment account of user includes generating unique data for payment transaction of the user upon approval of payment transaction authorization request signal. The method includes facilitating encryption of the unique data based on encryption key and sending payment transaction authorization response signal to payment server associated with payment network. The payment transaction authorization response signal includes at least the encrypted unique data. The method includes processing the payment transaction upon receiving a notification of a successful validation of the payment transaction authorization response signal from payment server. The validation of the payment transaction authorization response signal is performed by payment server.

Abstract: A method for data transfer and storage is provided. The method may include: encrypting data generated by a terminal device; storing duplicated copies of the encrypted data respectively in a first storage device and a second storage device, which are removably inserted into the terminal device; generating, with the terminal device, a message authentication code associated with the encrypted data; transmitting the message authentication code to a first server; physically transporting the first storage device to a remote location of the first server, and upon the first storage device being inserted into the first server, determining whether the encrypted data stored in the first storage device are damaged using the message authentication code; and in response to a determination that the encrypted data stored in the first storage device are not damaged, transmitting the encrypted data from the first storage device to the first server.

Abstract: Disclosed herein are systems and methods allowing provider server and an analytics server to communicate confidential information but not compromise the anonymity of the customers if the data transmitted in either direction were to be intercepted or otherwise viewed by an unauthorized party, each server is configured to transmit the data records of the customers without any personally identifying information (PII) associated with the customers. The databases may “link” the data records by separately generating customer key identifiers for each unique customer having data in the one or both of the databases, according to predefined parameters and a predetermined one-way hashing algorithm. The unique customer key identifier may then be concatenated to, appended to, or otherwise associated with each data record for a particular customer that is being communicated between the servers.

Abstract: An encryption system for encrypting data of a party, wherein the party is provided with an encryption key wallet and one or more encryption keys of the encryption key wallet are identifiable using at least one reference code. The encryption key wallet is opened for accessing an encryption key via its reference code, for encrypting data to generate corresponding encrypted data and/or for decrypting encrypted data to generate corresponding decrypted data, wherein the encryption key is reproducibly generated by the encryption key wallet. When the encryption system enables exchange of encrypted data via the encryption system between two or more parties the two or more parties are provided with the encryption key wallet; data exchanged between the parties are encrypted using one or more encryption keys obtained from the encryption key wallet; and the encryption key wallet is opened for use when encrypting and/or decrypting the data exchanged between the parties.

Abstract: A management device calculates, from access information transmitted from a token terminal and a site seed assigned to a server, a user seed, and registers the user seed in the token terminal. The token terminal obtains a share seed, calculates a key code from the share seed and the user seed, and presents the key code to the user. When the user enters the key code to an access terminal, the access terminal transmits, to the server, a request having the key code specified. The server obtains access information relating to the transmitted request, calculates a checkup seed from the access information and the site seed assigned to the server, obtains a share seed independently from the token terminal, calculates a checkup code from the share seed and the checkup seed, and sets a necessary condition for sign-in that is consistent between the key code and the checkup code.

Abstract: A method, system, and apparatus comprising: automatically identifying a login session to a first software system in a Graphical User Interface (GUI) of a user device; automatically extracting user credentials from the login session; automatically manipulating at least a portion of the user credentials to obtain manipulated credentials; automatically verifying that the login session is authentic by: encrypting the user credentials, providing the encrypted credentials to a separate environment, and reconstructing the login session at the separate environment; and automatically adding the manipulated credentials to an account of the user in a second software system that is independent from the separate environment.

Abstract: A method, system, and apparatus comprising: automatically identifying a login session to a first software system in a Graphical User Interface (GUI) of a user device; automatically extracting user credentials from the login session; automatically manipulating at least a portion of the user credentials to obtain manipulated credentials; automatically verifying that the login session is authentic by: encrypting the user credentials, providing the encrypted credentials to a separate environment, and reconstructing the login session at the separate environment; and automatically adding the manipulated credentials to an account of the user in a second software system that is independent from the separate environment.

Abstract: A method for synchronizing an identity of a user between a network observer and a third party includes: reading, by the network observer, a connection request sent from the user to the third party, the connection request including a host field having a host part corresponding to the third party and a sub-host part corresponding to identification information of the user; and associating, by the network observer in a database, the identification information of the user derived from the sub-host part with the identity of the user and an identity of the third party.

Abstract: The present disclosure provides an information processing system and an information processing method that, in a material analyzing service that is provided via a network, can appropriately manage data of a high degree of confidentiality. The system and method involve a user terminal that provides a data ID to a combination of first data that relates to a material, and second data that is data obtained by measuring the material and is data whose degree of confidentiality is lower than the first data. The user terminal stores the first data and data ID and transmits the second data and data ID to an information processing device. The information processing device carries out material analysis corresponding to the second data and transmits analysis results data to the user terminal. Accordingly, data having a high degree of confidentiality can be managed appropriately in a material analyzing service over a network.

Abstract: Techniques for determining and using interaction affinity data are described. Interaction affinity data may indicate a latent affinity between information corresponding to an interaction, such as, intents, entities, device type from which a user input is received, domain, etc. A system may use the interaction affinity data to determine an alternative input representation for a spoken input to cause output of a desired response to the spoken input. The system may also use the interaction affinity data to recommend an action to a user.

Abstract: Systems and methods for automatically generating search list rankings of software components are provided. An exemplary method includes generating a list of software components in response to a request, generating ranking parameters, determining first weight values correlating with each of the ranking parameters, generating an index correlating each of the software components with each of the ranking parameters, parsing web data to populate the index, determining, via the ranking parameters, scores for each of the software components, storing the scores on the index, applying the first weight values to the scores on the index, and generating, for each of the software components, a combined score, wherein the combined score is a combination of each of the scores that are associated with each of the software components.

Abstract: Provided is a video playback system based on approval of a playback approver. A decryption key that can decrypt an encrypted and stored recorded video is generated only when video playback is approved by a playback approver using an appointed playback approval method and transmitted to the video recording device so that it is possible to prevent leakage of the recorded video with sensitive personal information.

Abstract: Systems and methods are provided for authenticating mobile payments from a customer account to a merchant. The systems and methods may include a financial service provider receiving a request to authorize an electronic transaction at a point-of-sale. A financial service provider server computer may verify that the customer is present at the point-of-sale using received location data. An image having distorted text such as a captcha may be transmitted to a device at the point-of-sale, and the customer may read the captcha aloud. A voice sample of the customer may be sent to the financial service provider for comparison to stored voice recordings, to verify that the customer's voice sample is authentic if the voice matches a previously generated voice recording for the account. If the voice sample is authentic, the financial service provider may authorize the mobile payment.

Abstract: Provided are systems and methods for remotely debugging a software application hosted on a cloud platform. Rather than download and test code locally, a developer may login directly to the cloud platform, and debug the software application in its native cloud environment. In one example, the method may include establishing a communication channel between a remote computing terminal and an application instance hosted on a cloud platform, enabling port forwarding at the remote computing terminal to redirect requests from the remote computing terminal to the application instance hosted on the cloud platform via the communication channel, attaching a debugger to a port at the remote computing terminal that is associated with the communication channel, and forwarding, via the debugger, debugging commands input at the remote computing terminal to the application instance hosted on the cloud platform via the communication channel.

Abstract: Various embodiments of the present disclosure provide techniques for facilitating a credential-less exchange over a network using a plurality of identifier mapping and member interfaces. The techniques may include initiating the presentation of an enrollment user interface via a client device of a user and receiving selection data indicative of a selection of a service provider instrument from the enrollment user interface. The techniques include generating a matching code for authenticating the user, providing the matching code to a service provider platform, and receiving the matching code from a partner platform. In response to an authentication of the user based on the matching code, the techniques may include generating an UUEK for the user that may be used to replace persistent credentials.

Abstract: A method for anonymizing documents before publication is provided. The method includes identifying regular expressions configured to match strings to be anonymized in a document, selecting a readable identifier as an anonymized reference for a string replacement, searching the document for a match string that fits the regular expression, hashing the match string using a collision resistant, deterministic, non-inverting cryptographic hashing function, and comparing a cryptographic hash of the match string with a database including multiple previous hashes and multiple corresponding readable identifiers. When none of the previous hashes matching the cryptographic hash, the method includes creating a new database record including the cryptographic hash, incrementing a counter in the readable identifier and associating the readable identifier with the new database record, and replacing the match string with the readable identifier, throughout the document.

Abstract: A wireless interface device for communicating an input signal to a processor-based host is provided. The wireless interface device includes a processor, a display and a wireless communication component. The display comprises a touchscreen, a touchscreen controller and a memory liquid crystal display. The display is configured to receive and translate an input to an input signal and communicate the input signal to the microprocessor. The wireless communication component is configured to receive the input signal from the processor and communicate the input signal over a communications channel to the processor-based host.

Abstract: A non-transitory computer readable storage medium has instructions executed by a processor to collect keystroke data of a user for a designated time period. A number of distinct keys is derived from the keystroke data. A maximum character frequency is derived from the keystroke data. Digital gaming activity is selectively designated based upon the number of distinct keys and the maximum character frequency.

Abstract: Techniques are described for managing master keys for token requestors to use in generating cryptograms such as TAVVs. A processor computer generates a first master key for a token requestor, the first master key being generated based on (a) a second master key managed by the processor computer and (b) an identifier of the token requestor. The processor computer transmits, to a token requestor computer corresponding to the token requestor, the first master key. The processor computer receives, from the token requestor computer, a request for a token. Responsive to receiving the request for the token, the processor computer transmits the token to the token requestor computer; and receives, from the token requestor computer, an authorization request message comprising the token and a cryptogram generated by the token requestor computer using the first master key and the token.

Abstract: A method, computing device and computer program product generate a temporary password to control access to a record created in response to an electronic message. An electronic message is parsed to separately identify a plurality of fields that provide different types of information. Record(s) are accessed from a database that are associated with the information provided by at least one field. An action to be initiated by the electronic message is determined to either be taken or to be rejected based upon information provided by the field(s) of the electronic message and also based upon information from the record(s) accessed from the database. If the action is rejected, a record of the electronic message is created for transmission along with information regarding the rejection. A temporary password is also generated to control access to the record created regarding the electronic message and its rejection. The response includes the temporary password.

Abstract: Disclosed embodiments relate to systems and methods for securing the use of temporary access tokens in network environments. Techniques include identifying a request for an action involving a target network resource requiring a temporary access token; receiving, from the target network resource, a temporary access token; storing the temporary access token separate from the network identity; generating a customized replacement token having an attribute different from the temporary access token such that the customized replacement token cannot be used directly with the target network resource; providing the customized replacement token to the network identity; monitoring use of the customized replacement token to detect an activity identified as being at least one of potentially anomalous or potentially malicious; receiving an access request to access the target network resource; and based on the detected activity, denying the access request from the network identity.

Abstract: Disclosed are an access rejection method, apparatus and system, where the access rejection method includes: a first base station receives an access request from a terminal; and the first base station sends an access rejection message to the terminal; where the access rejection message at least carries: a check value generated based on a key of the terminal and at least part of contents of the access rejection message. And further disclosed are related computer storage media and processors.

Abstract: Techniques for measuring firmware at the point and time of execution are described. Hardware logic can be implemented in a processing unit that is tasked with executing firmware code to make on-the-fly measurements of the instructions being executed by the processing unit. For example, an instruction register that stores instructions being executed by the processing unit can be monitored to obtain a set of instructions corresponding to the firmware being executed. Firmware verification circuitry can be implemented to compute a cryptographic measurement of the instructions being executed to verify the authenticity of the firmware.

Abstract: Methods and systems described herein authenticate a user and help secure transaction. A display screen presents images that are difficult for malware to recognize but a person can recognize. In at least one embodiment, a person communicates transaction information using visual images received from the service provider system. In at least one embodiment, a user selects a sequence of visual images as a means of authenticating the user and logging into a financial account or other corporate account. In some embodiments, methods and systems are provided for determining whether to grant access, by generating and displaying visual images on a screen that the user can recognize, and select. In an embodiment, a user presses his or her finger or fingers on a display screen to select images as a method for authenticating and protecting communication from malware.

Abstract: The present disclosure describes techniques for accessing user accounts and data from any computing device. It may be determined whether an account of a user exists in a cloud service in response to receiving information associated with the user from any computing device. Data associated with the account may be stored by the cloud service. There may be a plurality of types of data associated with a plurality of security levels. The plurality of security levels may correspond to different security requirements. The data associated with the account may belong to at least one of the plurality of types of data. An instance of the account may be deployed to the computing device in response to determining that the account exists in the cloud service. The instance of the account may enable the user to access services via the computing device.

Abstract: Disclosed are systems and methods that require/force bots to access and interact with webpages at a similar level to humans, by including an executable script that generates/updates a test value for a webpage. The client devices must perform certain processing and/or rendering of the webpage to call the computations necessary for generating the updated test value. The script must be executed as a function of processing and/or rendering the webpage. The script may be retrieved from the webserver as a function of processing and/or rendering the webpage. When the browser executes this script, the browser generates the updated test value. At some point, the client device submits a request for certain process with the updated test value. The server compares the inbound test value from the client device against an initial/previously received test value or an expected test value to determine whether the browser is being operated by a human.

Abstract: Systems and methods for improved security authentication are disclosed. In some embodiments, an improved system for security authentication may include a plurality of computing devices, and a server system communicatively coupled to the plurality of computing devices. The server system may be configured to receive a request for security authentication, determine an authorization providing computing device from among the plurality of computer devices based on authentication preferences stored in a database communicatively coupled to the server system, generate and transmit authentication information to the determined authorization providing computing device, receive, from an initiating computing device an authentication input, determine whether the received authentication input matches the transmitted authentication information, and complete the request for security authentication when the received authentication input matches the generated and transmitted authentication information.