Abstract: A processing system including at least one processor may obtain a first input data set associated with a telephone number from a first service provider that implements a multi-factor authentication process for permitting an access to a service of the first service provider and may apply at least the first input data set to a machine learning model implemented by the processing system to obtain a risk score associated with the telephone number for a subscriber identity module swap of a subscriber identity module, where the machine learning model is trained to generate the risk score associated with the telephone number in accordance with at least the first input data set. The processing system may then perform at least one remedial action associated with the telephone number and the subscriber identity module, in response to the risk score.

Abstract: A method can include capturing biometric data of a subject via at least one computing device. The method can include rendering, on a display of the at least one computing device, at least one shape overlay. The method can include, during capture of the biometric data, receiving, via the at least one computing device, a tracing input of the at least one shape overlay. The method can include receiving the biometric data the at least one computing device. The method can include comparing the tracing input and the at least one shape overlay. The method can include, based on the comparison, determining that the biometric data satisfies at least one liveness threshold.

Abstract: Methods and systems are described herein for an authentication mechanism that uses cryptographic tokens and eye-tracking data. In particular, the disclosed mechanism may receive an authentication request that includes an identifier of a cryptographic token and retrieve eye-tracking data and an image associated with the cryptographic token. The eye-tracking data may store various coordinates within the image and may be encoded for use in authentication. The disclosed mechanism may then transmit the image to a computing device (e.g., associated with a user) that is able to perform gaze detection as part of an authentication operation. In response, the disclosed mechanism may receive user gaze data collected during the authentication operation and determine whether the eye-tracking data matches the user gaze data. Based on determining that the eye-tracking data matches the user gaze data, the disclosed mechanism may transmit to the computing device an indication of successful authentication.

Abstract: A shared computer device configured to receive a reservation request associated with a user at the shared computer device to reserve a predetermined period of time for usage of the shared computer device, receive an input from the user on the shared computer device during the predetermined period of time to sign in to and use the shared computer device to access and use a predetermined application, based on the signing in, downloading, from a server, predetermined personal information of the user stored in the server regarding the predetermined application and granting access to the user to use the predetermined application on the shared computer device during the predetermined period of time using the downloaded personal information of the user, and delete the personal information of the user from the shared computer device after the predetermined period of time expires.

Abstract: Logged-in-user-specific 802.1x security can be applied on a multi-user client computing device. An 802.1x extension can be provided on a multi-user client computing device to leverage user credentials that are verified to log a user into the multi-user client computing device to select and perform 802.1x authentication for connecting the multi-user client computing device to a LAN. The 802.1x extension may also leverage the user credentials to obtain and use one or more certificates as part of the 802.1x authentication. When the user logs off of the multi-user client computing device, the 802.1x extension can automatically disconnect the multi-user client computing device from the LAN to prevent a subsequently logged in user from obtaining unauthorized access to the LAN.

Abstract: Embodiments are provided for protecting boot block space in a memory device. Such a memory device may include a memory array having a protected portion and a serial interface controller. The memory device may have a register that enables or disables access to the portion when data indicating whether to enable or disable access to the portion is written into the register via a serial data in (SI) input.

Abstract: A sequence of data entry screens are configured to collect the data from a user. The method and system receive data entered by a user into a data entry screen. The method and system then determine metrics of the collected data, and ranks the collected data and the data entry screens based on the determined metrics. The ranking is then used to display the next best screen in the sequence for collecting data.

Abstract: In an approach to security for displayed confidential holographic objects, one or more computer processors receive a request from a user to display a holographic object in association with a device. One or more computer processors identify content to be moved to the holographic object. One or more computer processors determine the content includes confidential information. One or more computer processors request authentication from the user. One or more computer processors receive the authentication from the user. One or more computer processors create a holographic boundary, where the holographic boundary blocks a view of the holographic object from one or more unauthorized users. One or more computer processors display the holographic boundary. One or more computer processors display the holographic object in association with the device.

Abstract: An ultrasound diagnosis apparatus according to an embodiment of the present disclosure includes an acquirer configured to acquire an ultrasound image, an analyzer configured to analyze appearances of a fetus using the image acquired in the acquirer, and a sorter configured to sort out the image of the fetus corresponding to a target of interest among the appearances of the fetus analyzed in the analyzer.

Abstract: In order to provide a wearable device that enables determining with high accuracy whether the wearable device is mounted on a living body or a fitting to be worn by a living body, the wearable device includes a base member, a receiving quality index acquisition unit, a sensor, and a transmitter. The receiving quality index acquisition unit receives a GPS signal, and acquires a receiving quality index of the GPS signal. The sensor outputs a signal depending on a positional relation of the living body and the sensor or the fitting and the sensor. The transmitter transmits the receiving quality index and the output of the sensor to a mounting determination unit. The determination unit determines whether the wearable device is mounted on the living body or the fitting, based on the receiving quality index and the output of the sensor.

Abstract: A method of creating a root-of-trust (RoT) within a network fabric may include powering on a network interface card (NIC) baseboard management controller (BMC) (NIC BMC), booting up a NIC via the NIC BMC, obtaining an address for the NIC, verifying an identity of the NIC at a fabric trust identity server using a key obtained from a secure vault communicatively coupled to the NIC BMC, verifying with the fabric trust identity server a number of images of a host device residing in the NIC based at least in part on the identity of the NIC being verified, and instructing a platform BMC to boot up the host device based at least in part on the number of images of the host device being verified.

Abstract: Upon obtaining biometric data for a user of a structure while the user is outside the structure, user data for the user is updated based on a confidence score for the biometric data exceeding a first confidence threshold. Based on the confidence score for the biometric data not exceeding the first confidence threshold, instructions are provided to the user to provide updated biometric data. Then the user data is updated based on a confidence score for the updated biometric data exceeding a second confidence threshold. The second confidence threshold is greater than the first confidence threshold. Structure components are controlled based on the updated user data.

Abstract: A method, apparatus and computer program product, the method comprising: an enrollment phase, comprising: retrieving information related to a trigger subject and generating a question a potential answer, wherein the trigger subject is concealed therein; generating and transmitting to the device a first token; generating a second token for encrypting data of the user or the device; and deleting the second token; and an account setting phase, comprising: regenerating the question and potential answer; regenerating the first token; transmitting the question to the user and receiving an answer; upon verifying that the answer being in line with the potential answer and that the first token provided is correct: upon the second token not being regenerated, regenerating the second token; transmitting to the device the second token, to be used by the device for receiving the service or data; and verifying deletion of the second token from the device.

Abstract: Disclosed are a detection apparatus for biological characteristic information and an electronic device. The detection apparatus including a first button. A cavity is formed in a shell of the first button. The detection apparatus includes: a first detection part. The first detection part includes: a first pulse wave detection module at least partially arranged in the cavity and configured to detect a first pulse wave signal of a user when the user presses the first button; and a pressure sensing module at least partially arranged in the cavity of the first button and configured to detect a pressure signal applied to the first button by the user, where the first pulse wave signal is a corresponding pulse wave signal when the user applies the pressure signal, and the pressure signal and the first pulse wave signal are used to detect first biological characteristic information of the user.

Abstract: A method for obtaining information from a server. The method includes a client device receiving a link layer message transmitted by a network node, the link layer message comprising authentication information; and the client device using the authentication information to obtain information from the server.

Abstract: Various embodiments support or provide for an extensible electronic claim verification system that offers extensible support for electronic verification by one or more external electronic claim verification services that are external to the extensible electronic claim verification system. For some embodiments, the extensible claim verification system is readily configurable (e.g., by a user) to add or remove access to one or more external claim verification services available for use through the extensible electronic claim verification system by a client device. Some embodiments implement the extensible support by using a unified protocol for interfacing with different external claim verification services. By use of the unified protocol, various embodiments enable an external claim verification service to plug into an extensible claim verification system, thereby permitting a user to extend support of the extensible claim verification system to different types of external claim verification services.

Abstract: An electronic circuit including a plurality of common terminals, a first circuit, a second circuit, and a plurality of switch units is provided. The first circuit is configured to output display driving signals to data lines of a display panel via the common terminals. The second circuit is configured to receive fingerprint sensing signals from fingerprint sensing lines of the display panel via the common terminals. Each of the switch units includes a first terminal coupled to one of the common terminals and a plurality of second terminals coupled to the first circuit and the second circuit. The switch units are grouped into a plurality of groups, and each group corresponds to a fingerprint sensing channel of the second circuit.

Abstract: Various embodiments may include methods and systems for providing security on a system-on-a-chip (SoC). A method may include receiving, from a service requesting environment by a secure subsystem, a request to perform a cryptographic function, in which the secure subsystem stores a condition for performing the requested cryptographic function. The method may further include receiving, by the secure subsystem, an input from a sensing circuit that includes at least one indication relevant to the condition for performing the requested cryptographic function, determining, by the secure subsystem, whether the input indicates that the condition for performing the requested cryptographic function is satisfied, and performing the requested cryptographic function using a cryptographic key stored in the secure subsystem in response to determining that the condition is satisfied.

Abstract: With Convolutional Neural Networks (CNN), facial alignment networks (FAN) have achieved significant accuracy on a wide range of public datasets, which comes along with larger model size and expensive computation costs, making it infeasible to adapt them to real-time applications on edge devices. There is provided a model compression approach on FAN using One-Shot Neural Architecture Search to overcome this problem while preserving performance criteria. Methods and devices provide efficient training and searching (on a single GPU), and resultant models can deploy to run real-time in browser-based applications on edge devices including tablets and smartphones. The compressed models provide comparable cutting-edge accuracy, while having a 30 times smaller model size and can run 40.7 ms per frame in a popular browser on a popular smartphone and OS.

Abstract: A method for authenticating a user for performing a transaction comprises receiving unique knowledge of the user such as photoauthentication, and receiving a hardware profile associated with the user. The unique knowledge and the hardware profile are compared against previously stored data representing unique knowledge of the user and a hardware profile associated with the user. If both the received data representing the unique knowledge of the user and the received hardware profile are authenticated, the transaction is allowed to go forward.

Abstract: Implementations of the subject technology provide systems and methods for determining whether to interrupt a user of an audio device that is operating in a noise-cancelling mode of operation. For example, the user may desire to be interrupted by one or more pre-designated contacts that are identified at an associated electronic device as interrupt-authorized contacts, or by a person who speaks a designated keyword to the user.

Abstract: In an example implementation according to aspects of the present disclosure, a system receives behavioral biometric data associated with a user of a computing device. The system determines whether an identity of the user is authenticated based on a comparison of the received behavior biometric data and historical behavioral biometric data associated with the user of the computing device. In response to determining that the identity of the user is not authenticated based on the comparison of the received behavioral biometric data and the historical behavioral biometric data, the system receives physiological biometric data associated with the user. The system determines whether the identity of the user is authenticated based on a comparison of the received physiological biometric data and historical physiological biometric data associated with the user of the computing device.

Abstract: A device implementing a system to render widget user interfaces for display of dynamic application content on a home screen includes a processor configured to identify a container associated with a first home screen, the container corresponding to an application. The processor is further configured to retrieve data describing a plurality of user interfaces, associated with respective times, of the application. The processor is further configured to render, based on the data, the plurality of the user interfaces in advance of the respective times. The processor is further configured to determine that the first home screen is currently displayed. The processor is further configured to select a first rendered user interface from the rendered user interfaces, wherein the respective time associated with the first rendered user interface corresponds to a current time. The processor is further configured to display the selected first rendered user interface on the first home screen.

Abstract: A method includes providing a distributed instance of a machine learning model to a client computing device and access to a predetermined token associated with a predetermined label to a client-side application at the client computing device. The client-side application is configured to cause the client computing device to detect a user input that includes the first predetermined token, provide the user input to the distributed instance to obtain a first predicted label for the first predetermined token, and update a set of model parameters of the distributed instance based on the first predicted label and the first predetermined label. The method may also include updating the machine learning model by obtaining the one or more updated model parameters of the distributed instance from the client computing device.

Abstract: The present invention allows for the creation of a biometrically secure environment that allows viewing, editing and sharing of confidential documents, or the like, in public places, without worrying that someone will see the contents. The invention provides privacy, for example for the purposes of reading documents, in a public environment while having the confidence that you are the only one able to read the document. Privacy may be achieved through methods of identification using biometric features, such as: face, iris or voice recognition. Verification that a real person is viewing the document may also be achieved by pulse recognition. In one embodiment, the screen will shut down when more than one person looks directly at the screen. In different embodiments, the present invention may use voice recognition, print behavior, iris scan, finger print, face verification, etc. A control panel and dashboard may be used, and liveness check or activity audit may be performed.

Abstract: A method may include accessing a key from a secure storage. A payload may be encrypted using the key. A policy token may be generated. The policy token may include a publicly-readable header including a header identifier of the key and the payload encrypted using the key. The policy token may be sent. The policy token may be received. The publicly-readable header may be read. The key may be identified using the header identifier of the key from the publicly-readable header. The key may be accessed from the secure storage. The payload may be decrypted using the key.

Abstract: The present disclosure relates to deriving cryptographic keys for use in encrypting data based on a plaintext to be encrypted. An example method generally includes receiving, from a querying device, a request for a cryptographic key. The request generally includes data derived from a plaintext value to be encrypted and an indication of a type of the plaintext value to be encrypted. A cryptographic key is generated based, at least in part, on the derived data and the type of the plaintext value to be encrypted. The key deriver transmits the generated cryptographic key to the querying device.

Abstract: Systems and methods are described for modifying a setting of a second user device based on derived contextual information or outputting a recommendation of media content based on the contextual information. A modification of a setting of a first user device is determined. Contextual information relating to the modification is derived.

Abstract: Aspects of the present disclosure describe systems, methods, and structures for anti-spoofing 3D face reconstruction using infrared structured light that advantageously reconstructs 3D face structures for facial recognition and detect face surface material(s) such that human skin may be effectively distinguished from artifacts thereby providing additional security for facial recognition including immunity from 2D/3D print attacks including face masks and special make-ups.

Abstract: According to an embodiment, an authentication device includes an apparatus main body interface, a memory, a biosensor, and a processor. The apparatus main body interface communicates with an apparatus main body controlling a locking mechanism. The memory stores therein biological information of a registrant. The biosensor acquires biological information The processor transmits information that an operator has been authenticated as the registrant with the biological information to the apparatus main body and controlles the locking mechanism, when the processor determines that the biological information acquired with the biosensor and the biological information of the registrant are pieces of biological information of the same person.

Abstract: Aspects of the disclosure describe methods and systems for detecting malicious entities using weak passwords for unauthorized access. In one exemplary aspect, a method may comprise intercepting, using a WAF, a password input during a login attempt to a web application by an entity. In response to determining that the password is in a database of weak passwords, the method may comprise generating for display, using the WAF, a web page prompting for a password reset for the web application, storing, in a database, an IP address of the entity and information about the login attempt, retrieving information about a first plurality of login attempts made by the entity in the web application for different user profiles. In response to determining that at least a first threshold number of login attempts have been performed by the entity, the method may comprise storing the IP address in a black list.

Abstract: Disclosed systems and methods allow a user to input digital content along with identification of one or more social media websites on which the user desires to publish the digital content. The systems and methods then query the identified social media webservers and retrieve a first set of publishing rules. When the digital content satisfies the first set of rules, the systems and methods query a database to retrieve a second set of rules comprising user restrictions specific to the identified social media websites. When the digital content does not satisfy at least one rule within the second set of rules, the systems and methods render a prompt on the user device to receive modified digital content. Subsequently, the systems and methods instruct the one or more social media websites to publish the modified digital content.

Abstract: A method for comparatively evaluating end user experiences (EUX's) for different configurations of an enterprise computer system includes: setting the enterprise computer system to have different first and second configurations; for each of the configurations defining a number of artificial end users and instantiating the artificial end users as each driving a corresponding workstation with a respective copy of a predefined workload for stressing the given configuration of the enterprise computer system with imposition by the instantiated artificial end users of their respective copies of the predefined workload; while the instantiated artificial end users drive their corresponding workstations with the respective copies of the predefined workload, measuring time durations for task performance attributes for each of the driving artificial end users; and comparing normalized time duration measurements of the first configuration with the normalized time duration measurements of the second configuration.

Abstract: A head-mounted device (HMD) may be used to determine an access request for accessing a device. An identifier identifying the device may be received at the HMD and from the device. By verifying receipt of the identifier at the HMD, and that access rights associated with the HMD enable granting of the access request, the access request may be granted.

Abstract: A training method includes: acquiring voice data of a user on a plurality of devices, and extracting acoustic features based on the voice data to construct a training data set; inputting the training data set into a neural network model, training the neural network model, and acquiring a loss function of each training of the neural network model; and determining that the training of the neural network model is completed when the loss function converges, wherein the loss function is a weighted sum of a classification loss function, a reconstruction loss function, a difference loss function, and a similarity loss function.

Abstract: A method includes detecting an initial vocalization by a user in an environment including a primary device and a secondary device, analyzing the initial vocalization to determine whether a future vocalization is likely to contain sensitive information based on the initial vocalization where the future vocalization is a potential future vocalization, and controlling, based on determining that the future vocalization is likely to contain sensitive information, a speaker of the primary device to output a noise canceling signal configured to prevent the secondary device from detecting the future vocalization.

Abstract: A method of forming augmented corpus related to articulation disorder includes acquiring target speech feature data from a target corpus; acquiring training speech feature data from training corpora; training a conversion model to make it capable of converting training speech feature data into a respective output that is similar to the target speech feature data; receiving an augmenting source corpus and acquiring augmenting source speech feature data therefrom; converting, by the conversion model thus trained, the augmenting source speech feature data into converted speech feature data; and synthesizing the augmented corpus based on the converted speech feature data.

Abstract: Biometric-based graded authentication provides a passive, graded authentication system, which uses face authentication to provide users access to their devices without requiring manual interaction with the lock screen. Biometric-based graded authentication permits users to categorize applications into various security bins based on their sensitivity. By doing so biometric-based graded authentication method grants access to different sensitivity applications, based on varying degrees of confidence in user authentication. Thus, allowing the device to be used even in adverse lighting conditions without hampering user experience. While the use of face authentication is used to discuss the system, biometric-based graded authentication as disclosed herein may be used with any confidence-based biometric system.

Abstract: Methods, systems, and apparatus for automatically obtaining tax documents. The system includes a taxpayer client device and a server configured to automatically identify tax return items associated with the taxpayer by analyzing a prior year tax return. The server is configured to generate a list of tax return items including the automatically identified tax return items. The server is configured to receive, from the taxpayer client device, authentication data for a third party database. The server is configured to access the third party database using the authentication data. The server is configured to receive a document from the third party database and automatically determine whether the document corresponds to a tax return item from the list of tax return items. The server is configured to automatically store the document when the document corresponds to one of the tax return items from the list of tax return items.

Abstract: An electronic device and an operating method are provided. The electronic device includes a display and a processor. The processor may be configured to display a first-mode launch screen for an application on the display based on an application launching request in a state where a lock function is set, switch the first-mode launch screen displayed on the display to a second-mode launch screen of the application based on a mode switching request, and determine whether to proceed with an authentication operation based on an operation selected from the second-mode launch screen.

Abstract: Described herein are various methods of securing a computer system. One or more methods include starting a security process after basic functionality on a computer is initiated at startup. The security process performs one or more reviews, such as audits, of the computer to verify that there have not been unauthorized changes to the computer, such as to any settings or executable files.

Abstract: An authentication system includes an authentication apparatus to perform user authentication in the background and an information processing device including first pair key generation means for generating a first pair key including a first public key and a first secret key, the information processing device being configured to provide a service. The authentication apparatus generates a biometric key from biometric information of the user when background authentication is successful, generates a second pair key including a second public key and a second secret key, based on the biometric key and random information, acquires the first public key, generates a common key, based on the acquired first public key and the second secret key, and then generates specification information, based on the random information and the common key. The information processing device acquires the generated specification information and provides a service related to a user specified by the specification information.

Abstract: A method controls access to at least one confidential datum archived in a memory element of a watch. The memory element includes general data and confidential data, the access to which by a function of the watch requires the wearer of the watch to be identified. The method includes authenticating the wearer to grant access to the functions of the watch, selecting one of the functions of the watch requiring the use of at least one of the confidential data or general data archived in the memory element, determining the category to which the at least one datum required by the function belongs, verifying the identity of the wearer based on an interaction between the wearer and a graphical representation included in the watch, and authorizing use of the at least one confidential datum by the function when the identity of the wearer has been verified.

Abstract: A method of authenticating a user on client equipment, the user equipped with a personal terminal, the method wherein it comprises implementing by data processing means in said client equipment the following steps: (a) When said user's personal terminal is in proximity to said client equipment, receiving from the terminal and temporarily storing on data storage means in the client equipment: —a reference biometric data item of the user; and—at least one alphanumeric user authentication data item; stored on the data storage means in the terminal; (b) Identifying said user via biometric recognition from a candidate biometric data item of the user and the reference biometric data item(s) stored on the data storage means in the client equipment; (c) Using at least one alphanumeric authentication data item of the identified user stored on the data storage means in the client equipment, for authentication of said user.

Abstract: Authentication translation is disclosed. A request to access a resource is received at an authentication translator, as is an authentication input. The authentication input corresponds to at least one stored record. The stored record is associated at least with the resource. In response to the receiving, a previously stored credential associated with the resource is accessed. The credential is provided to the resource.

Abstract: Provisioning of resources to service consumers using flexible credentials scoped to enable the permissible uses of the resources. The credentials are not tied to a specific user, and can be shared among users, e.g., the credentials can be transferred, moved, pointed, or allocated to users collaborating on a particular project.

Abstract: A split-screen display method and an electronic device are provided. The method may be applied to the field of human-machine interaction. The method includes: A user enters an operation for a split-screen display area, for example, taps a lock control in a split-screen display area; and the electronic device locks display content in the split-screen display area in response to the operation.

Abstract: Methods, system, and non-transitory processor-readable storage medium for distributed and multi-level server authentication are provided herein. An example method includes receiving, by a plurality of second servers, a plurality of authentication secret slices, where a first server transmits each of the plurality of authentication secret slices to a respective second server of the plurality of second servers, receiving, by the first server, an authentication confirmation from each of the plurality of second servers and confirming, by the first server to a client, that an authentication request has succeeded.

Abstract: There is provided mechanisms for remote provisioning of a SIM profile to a subscriber entity. A method is performed by a remote SIM provisioning server. The method comprises obtaining a request from an MNO entity for generation of the SIM profile. The method comprises generating the SIM profile. The method comprises providing, to a storage entity, a key-value pair of the SIM profile. The key-value pair comprises a unique identifier comprising at least one profile specific element of the SIM profile as key and binding information of the at least one profile specific element as value. The unique identifier comprising at least one profile specific element of the SIM profile is represented by profile/subscription unique data elements for the SIM profile. The binding information of the at least one profile specific element is represented by an BID of the subscriber entity, ICCID of the SIM profile, IMSI, and an MNO identifier.

Abstract: The present disclosure generally relates to user interface for electronic devices, including wearable electronic devices, and device settings based on user identification.