Abstract: Various embodiments may include methods and systems for providing security on a system-on-a-chip (SoC). A method may include receiving, from a service requesting environment by a secure subsystem, a request to perform a cryptographic function, in which the secure subsystem stores a condition for performing the requested cryptographic function. The method may further include receiving, by the secure subsystem, an input from a sensing circuit that includes at least one indication relevant to the condition for performing the requested cryptographic function, determining, by the secure subsystem, whether the input indicates that the condition for performing the requested cryptographic function is satisfied, and performing the requested cryptographic function using a cryptographic key stored in the secure subsystem in response to determining that the condition is satisfied.

Abstract: With Convolutional Neural Networks (CNN), facial alignment networks (FAN) have achieved significant accuracy on a wide range of public datasets, which comes along with larger model size and expensive computation costs, making it infeasible to adapt them to real-time applications on edge devices. There is provided a model compression approach on FAN using One-Shot Neural Architecture Search to overcome this problem while preserving performance criteria. Methods and devices provide efficient training and searching (on a single GPU), and resultant models can deploy to run real-time in browser-based applications on edge devices including tablets and smartphones. The compressed models provide comparable cutting-edge accuracy, while having a 30 times smaller model size and can run 40.7 ms per frame in a popular browser on a popular smartphone and OS.

Abstract: An electronic circuit including a plurality of common terminals, a first circuit, a second circuit, and a plurality of switch units is provided. The first circuit is configured to output display driving signals to data lines of a display panel via the common terminals. The second circuit is configured to receive fingerprint sensing signals from fingerprint sensing lines of the display panel via the common terminals. Each of the switch units includes a first terminal coupled to one of the common terminals and a plurality of second terminals coupled to the first circuit and the second circuit. The switch units are grouped into a plurality of groups, and each group corresponds to a fingerprint sensing channel of the second circuit.

Abstract: Various embodiments support or provide for an extensible electronic claim verification system that offers extensible support for electronic verification by one or more external electronic claim verification services that are external to the extensible electronic claim verification system. For some embodiments, the extensible claim verification system is readily configurable (e.g., by a user) to add or remove access to one or more external claim verification services available for use through the extensible electronic claim verification system by a client device. Some embodiments implement the extensible support by using a unified protocol for interfacing with different external claim verification services. By use of the unified protocol, various embodiments enable an external claim verification service to plug into an extensible claim verification system, thereby permitting a user to extend support of the extensible claim verification system to different types of external claim verification services.

Abstract: A method for authenticating a user for performing a transaction comprises receiving unique knowledge of the user such as photoauthentication, and receiving a hardware profile associated with the user. The unique knowledge and the hardware profile are compared against previously stored data representing unique knowledge of the user and a hardware profile associated with the user. If both the received data representing the unique knowledge of the user and the received hardware profile are authenticated, the transaction is allowed to go forward.

Abstract: Implementations of the subject technology provide systems and methods for determining whether to interrupt a user of an audio device that is operating in a noise-cancelling mode of operation. For example, the user may desire to be interrupted by one or more pre-designated contacts that are identified at an associated electronic device as interrupt-authorized contacts, or by a person who speaks a designated keyword to the user.

Abstract: In an example implementation according to aspects of the present disclosure, a system receives behavioral biometric data associated with a user of a computing device. The system determines whether an identity of the user is authenticated based on a comparison of the received behavior biometric data and historical behavioral biometric data associated with the user of the computing device. In response to determining that the identity of the user is not authenticated based on the comparison of the received behavioral biometric data and the historical behavioral biometric data, the system receives physiological biometric data associated with the user. The system determines whether the identity of the user is authenticated based on a comparison of the received physiological biometric data and historical physiological biometric data associated with the user of the computing device.

Abstract: A device implementing a system to render widget user interfaces for display of dynamic application content on a home screen includes a processor configured to identify a container associated with a first home screen, the container corresponding to an application. The processor is further configured to retrieve data describing a plurality of user interfaces, associated with respective times, of the application. The processor is further configured to render, based on the data, the plurality of the user interfaces in advance of the respective times. The processor is further configured to determine that the first home screen is currently displayed. The processor is further configured to select a first rendered user interface from the rendered user interfaces, wherein the respective time associated with the first rendered user interface corresponds to a current time. The processor is further configured to display the selected first rendered user interface on the first home screen.

Abstract: A method includes providing a distributed instance of a machine learning model to a client computing device and access to a predetermined token associated with a predetermined label to a client-side application at the client computing device. The client-side application is configured to cause the client computing device to detect a user input that includes the first predetermined token, provide the user input to the distributed instance to obtain a first predicted label for the first predetermined token, and update a set of model parameters of the distributed instance based on the first predicted label and the first predetermined label. The method may also include updating the machine learning model by obtaining the one or more updated model parameters of the distributed instance from the client computing device.

Abstract: The present invention allows for the creation of a biometrically secure environment that allows viewing, editing and sharing of confidential documents, or the like, in public places, without worrying that someone will see the contents. The invention provides privacy, for example for the purposes of reading documents, in a public environment while having the confidence that you are the only one able to read the document. Privacy may be achieved through methods of identification using biometric features, such as: face, iris or voice recognition. Verification that a real person is viewing the document may also be achieved by pulse recognition. In one embodiment, the screen will shut down when more than one person looks directly at the screen. In different embodiments, the present invention may use voice recognition, print behavior, iris scan, finger print, face verification, etc. A control panel and dashboard may be used, and liveness check or activity audit may be performed.

Abstract: A method may include accessing a key from a secure storage. A payload may be encrypted using the key. A policy token may be generated. The policy token may include a publicly-readable header including a header identifier of the key and the payload encrypted using the key. The policy token may be sent. The policy token may be received. The publicly-readable header may be read. The key may be identified using the header identifier of the key from the publicly-readable header. The key may be accessed from the secure storage. The payload may be decrypted using the key.

Abstract: The present disclosure relates to deriving cryptographic keys for use in encrypting data based on a plaintext to be encrypted. An example method generally includes receiving, from a querying device, a request for a cryptographic key. The request generally includes data derived from a plaintext value to be encrypted and an indication of a type of the plaintext value to be encrypted. A cryptographic key is generated based, at least in part, on the derived data and the type of the plaintext value to be encrypted. The key deriver transmits the generated cryptographic key to the querying device.

Abstract: According to an embodiment, an authentication device includes an apparatus main body interface, a memory, a biosensor, and a processor. The apparatus main body interface communicates with an apparatus main body controlling a locking mechanism. The memory stores therein biological information of a registrant. The biosensor acquires biological information The processor transmits information that an operator has been authenticated as the registrant with the biological information to the apparatus main body and controlles the locking mechanism, when the processor determines that the biological information acquired with the biosensor and the biological information of the registrant are pieces of biological information of the same person.

Abstract: Aspects of the present disclosure describe systems, methods, and structures for anti-spoofing 3D face reconstruction using infrared structured light that advantageously reconstructs 3D face structures for facial recognition and detect face surface material(s) such that human skin may be effectively distinguished from artifacts thereby providing additional security for facial recognition including immunity from 2D/3D print attacks including face masks and special make-ups.

Abstract: Systems and methods are described for modifying a setting of a second user device based on derived contextual information or outputting a recommendation of media content based on the contextual information. A modification of a setting of a first user device is determined. Contextual information relating to the modification is derived.

Abstract: Aspects of the disclosure describe methods and systems for detecting malicious entities using weak passwords for unauthorized access. In one exemplary aspect, a method may comprise intercepting, using a WAF, a password input during a login attempt to a web application by an entity. In response to determining that the password is in a database of weak passwords, the method may comprise generating for display, using the WAF, a web page prompting for a password reset for the web application, storing, in a database, an IP address of the entity and information about the login attempt, retrieving information about a first plurality of login attempts made by the entity in the web application for different user profiles. In response to determining that at least a first threshold number of login attempts have been performed by the entity, the method may comprise storing the IP address in a black list.

Abstract: Disclosed systems and methods allow a user to input digital content along with identification of one or more social media websites on which the user desires to publish the digital content. The systems and methods then query the identified social media webservers and retrieve a first set of publishing rules. When the digital content satisfies the first set of rules, the systems and methods query a database to retrieve a second set of rules comprising user restrictions specific to the identified social media websites. When the digital content does not satisfy at least one rule within the second set of rules, the systems and methods render a prompt on the user device to receive modified digital content. Subsequently, the systems and methods instruct the one or more social media websites to publish the modified digital content.

Abstract: A head-mounted device (HMD) may be used to determine an access request for accessing a device. An identifier identifying the device may be received at the HMD and from the device. By verifying receipt of the identifier at the HMD, and that access rights associated with the HMD enable granting of the access request, the access request may be granted.

Abstract: A method for comparatively evaluating end user experiences (EUX's) for different configurations of an enterprise computer system includes: setting the enterprise computer system to have different first and second configurations; for each of the configurations defining a number of artificial end users and instantiating the artificial end users as each driving a corresponding workstation with a respective copy of a predefined workload for stressing the given configuration of the enterprise computer system with imposition by the instantiated artificial end users of their respective copies of the predefined workload; while the instantiated artificial end users drive their corresponding workstations with the respective copies of the predefined workload, measuring time durations for task performance attributes for each of the driving artificial end users; and comparing normalized time duration measurements of the first configuration with the normalized time duration measurements of the second configuration.

Abstract: A training method includes: acquiring voice data of a user on a plurality of devices, and extracting acoustic features based on the voice data to construct a training data set; inputting the training data set into a neural network model, training the neural network model, and acquiring a loss function of each training of the neural network model; and determining that the training of the neural network model is completed when the loss function converges, wherein the loss function is a weighted sum of a classification loss function, a reconstruction loss function, a difference loss function, and a similarity loss function.

Abstract: A method includes detecting an initial vocalization by a user in an environment including a primary device and a secondary device, analyzing the initial vocalization to determine whether a future vocalization is likely to contain sensitive information based on the initial vocalization where the future vocalization is a potential future vocalization, and controlling, based on determining that the future vocalization is likely to contain sensitive information, a speaker of the primary device to output a noise canceling signal configured to prevent the secondary device from detecting the future vocalization.

Abstract: A method of forming augmented corpus related to articulation disorder includes acquiring target speech feature data from a target corpus; acquiring training speech feature data from training corpora; training a conversion model to make it capable of converting training speech feature data into a respective output that is similar to the target speech feature data; receiving an augmenting source corpus and acquiring augmenting source speech feature data therefrom; converting, by the conversion model thus trained, the augmenting source speech feature data into converted speech feature data; and synthesizing the augmented corpus based on the converted speech feature data.

Abstract: Biometric-based graded authentication provides a passive, graded authentication system, which uses face authentication to provide users access to their devices without requiring manual interaction with the lock screen. Biometric-based graded authentication permits users to categorize applications into various security bins based on their sensitivity. By doing so biometric-based graded authentication method grants access to different sensitivity applications, based on varying degrees of confidence in user authentication. Thus, allowing the device to be used even in adverse lighting conditions without hampering user experience. While the use of face authentication is used to discuss the system, biometric-based graded authentication as disclosed herein may be used with any confidence-based biometric system.

Abstract: Methods, systems, and apparatus for automatically obtaining tax documents. The system includes a taxpayer client device and a server configured to automatically identify tax return items associated with the taxpayer by analyzing a prior year tax return. The server is configured to generate a list of tax return items including the automatically identified tax return items. The server is configured to receive, from the taxpayer client device, authentication data for a third party database. The server is configured to access the third party database using the authentication data. The server is configured to receive a document from the third party database and automatically determine whether the document corresponds to a tax return item from the list of tax return items. The server is configured to automatically store the document when the document corresponds to one of the tax return items from the list of tax return items.

Abstract: An electronic device and an operating method are provided. The electronic device includes a display and a processor. The processor may be configured to display a first-mode launch screen for an application on the display based on an application launching request in a state where a lock function is set, switch the first-mode launch screen displayed on the display to a second-mode launch screen of the application based on a mode switching request, and determine whether to proceed with an authentication operation based on an operation selected from the second-mode launch screen.

Abstract: Described herein are various methods of securing a computer system. One or more methods include starting a security process after basic functionality on a computer is initiated at startup. The security process performs one or more reviews, such as audits, of the computer to verify that there have not been unauthorized changes to the computer, such as to any settings or executable files.

Abstract: A method of authenticating a user on client equipment, the user equipped with a personal terminal, the method wherein it comprises implementing by data processing means in said client equipment the following steps: (a) When said user's personal terminal is in proximity to said client equipment, receiving from the terminal and temporarily storing on data storage means in the client equipment: —a reference biometric data item of the user; and—at least one alphanumeric user authentication data item; stored on the data storage means in the terminal; (b) Identifying said user via biometric recognition from a candidate biometric data item of the user and the reference biometric data item(s) stored on the data storage means in the client equipment; (c) Using at least one alphanumeric authentication data item of the identified user stored on the data storage means in the client equipment, for authentication of said user.

Abstract: An authentication system includes an authentication apparatus to perform user authentication in the background and an information processing device including first pair key generation means for generating a first pair key including a first public key and a first secret key, the information processing device being configured to provide a service. The authentication apparatus generates a biometric key from biometric information of the user when background authentication is successful, generates a second pair key including a second public key and a second secret key, based on the biometric key and random information, acquires the first public key, generates a common key, based on the acquired first public key and the second secret key, and then generates specification information, based on the random information and the common key. The information processing device acquires the generated specification information and provides a service related to a user specified by the specification information.

Abstract: A method controls access to at least one confidential datum archived in a memory element of a watch. The memory element includes general data and confidential data, the access to which by a function of the watch requires the wearer of the watch to be identified. The method includes authenticating the wearer to grant access to the functions of the watch, selecting one of the functions of the watch requiring the use of at least one of the confidential data or general data archived in the memory element, determining the category to which the at least one datum required by the function belongs, verifying the identity of the wearer based on an interaction between the wearer and a graphical representation included in the watch, and authorizing use of the at least one confidential datum by the function when the identity of the wearer has been verified.

Abstract: Authentication translation is disclosed. A request to access a resource is received at an authentication translator, as is an authentication input. The authentication input corresponds to at least one stored record. The stored record is associated at least with the resource. In response to the receiving, a previously stored credential associated with the resource is accessed. The credential is provided to the resource.

Abstract: Provisioning of resources to service consumers using flexible credentials scoped to enable the permissible uses of the resources. The credentials are not tied to a specific user, and can be shared among users, e.g., the credentials can be transferred, moved, pointed, or allocated to users collaborating on a particular project.

Abstract: A split-screen display method and an electronic device are provided. The method may be applied to the field of human-machine interaction. The method includes: A user enters an operation for a split-screen display area, for example, taps a lock control in a split-screen display area; and the electronic device locks display content in the split-screen display area in response to the operation.

Abstract: There is provided mechanisms for remote provisioning of a SIM profile to a subscriber entity. A method is performed by a remote SIM provisioning server. The method comprises obtaining a request from an MNO entity for generation of the SIM profile. The method comprises generating the SIM profile. The method comprises providing, to a storage entity, a key-value pair of the SIM profile. The key-value pair comprises a unique identifier comprising at least one profile specific element of the SIM profile as key and binding information of the at least one profile specific element as value. The unique identifier comprising at least one profile specific element of the SIM profile is represented by profile/subscription unique data elements for the SIM profile. The binding information of the at least one profile specific element is represented by an BID of the subscriber entity, ICCID of the SIM profile, IMSI, and an MNO identifier.

Abstract: Methods, system, and non-transitory processor-readable storage medium for distributed and multi-level server authentication are provided herein. An example method includes receiving, by a plurality of second servers, a plurality of authentication secret slices, where a first server transmits each of the plurality of authentication secret slices to a respective second server of the plurality of second servers, receiving, by the first server, an authentication confirmation from each of the plurality of second servers and confirming, by the first server to a client, that an authentication request has succeeded.

Abstract: The present disclosure generally relates to user interface for electronic devices, including wearable electronic devices, and device settings based on user identification.

Abstract: A system and method for authenticating an authentication requesting device (ARD) is disclosed. The system is configured to provide validation encryptions (VEs) for each given device of devices, each given encryption of the VEs being encrypted using an encryption function (EF) using a derived key (DK) generated from a currently used root key (RK) of the respective given device using a derivation function (DF) designed to generate a different derivation for identical data for each execution; obtain an authentication encryption (AE) generated by the ARD and a timestamp indicative of a time of creation of the AE, the AE being encrypted using the EF using an ARD DK generated from the currently used ARD RK, and wherein the ARD DK is generated using the DF; and authenticating the ARD only if one of the VEs matches the AE and the timestamp is within an allowed time window.

Abstract: A device is configured to identify a physical location within a virtual environment for an avatar that is associated with a user and to obtain a first token from a token map based on the physical location within the virtual environment for the avatar that is associated with the user. The device is further configured to receive physical attribute information for the user in the real world and to obtain a second token from the token map based on the physical attribute information for the user in the real world. The device is further configured to generate an authentication token by combining the first token and the second token and to verify an identify of the user based on the authentication token.

Abstract: A system and method for the privilege assurance of enterprise computer network environments using lateral movement detection and prevention. The system uses local session monitors to monitor logon sessions within a network, generating and verifying event logs and authentication records to ensure the legitimacy of authenticated user sessions and to revoke credentials when an illicit session is detected, halting lateral movement in real-time.

Abstract: Systems and methods for authenticating identification information are disclosed. For example, a system may include an Automated Teller Machine (ATM). An ATM may comprise a user interface. The user interface may comprise a joystick. The user interface may be configured to receive joystick input from a user. The ATM may comprise at least one memory storing instructions. The ATM may comprise at least one processor configured to execute the instructions to perform operations. The operations may comprise receiving identification information from the user. The operations may comprise receiving the joystick input. The operations may comprise extracting a joystick sequence from the joystick input. When the joystick sequence is within a predetermined threshold from a stored joystick sequence corresponding to the identification information, the operations may comprise authenticating the user for an ATM operation.

Abstract: A method of unlocking software including providing an electronic device having a processing unit and a gesture input device connected therewith. Detecting an input gesture operable to initiate password entry, wherein the electronic device is in a software locked state, and randomly assigning a predefined set of input gestures to a predefined set of password symbols. The method of unlocking software additionally includes detecting one of the assigned input gestures via the gesture input device and comparing the entered password symbols, corresponding to the detected input gestures, to a stored unlock password via the processing unit. Further, where the entered password symbols match the stored unlock password, the method enables operation of the electronic device in a software unlocked state.

Abstract: A method may include receiving, by a computing system and from a first device, first data. The first data may be based at least in part on a first output from a first instance of a model processed by the first device. The method may further include receiving, by the computing system and from the first device, second data that was processed by the first instance of the model to produce the first output. The method may also include processing, by the computing system, the second data with at least a portion of a second instance of the model to produce a second output. The method may additionally include determining, by the computing system, third data based at least in part on the second output. Further, the method may include determining, by the computing system, that the third data is consistent with the first data.

Abstract: A machine has a processor and a memory connected to the processor. The memory stores instructions executed by the processor to supply a name page in response to a request from an administrator machine. Name page updates are received from the administrator machine. The name page updates include participants and associated network contact information for the participants. A code is utilized to form a link to the name page. Prompts for textual name information and audio name information are supplied to a client machine that activates the link to the name page. Textual name information and audio name information are received from the client machine. The textual name information and audio name information are stored in association with the name page. Navigation tools are supplied to facilitate access to the textual name information and audio name information.

Abstract: A moving device includes a first camera, a second camera, and a controller. The first and second cameras capture first and second images at a first time and includes first and second object images of an object, respectively. The controller: receives the first and second images from the first and second cameras; retrieves the first and second object images in the first and second images, respectively; determines first and second object image sizes of the object in the first and second object images, respectively; calculates an object distance between the first camera and the object using the camera distance between the first and second camera and the first and second object image sizes; determines whether the object distance satisfies criteria of a detection policy; and (f) if so, apply an action associated with the detection policy.

Abstract: In one or more embodiments, one or more systems, one or more methods, and/or one or more processes may: prohibit data communications, via a serial communication port of an information handling system, with an operating system executing on the information handling system; determine that a serial communication cable has been connected to the serial communication port; receive, via the serial communication port, first biometric data associated with a user from an integrated circuit of the serial communication cable; retrieve encrypted information associated with the user from a nonvolatile memory medium; decrypt the encrypted information associated with the user to determine second biometric data; determine that the first biometric data matches the second biometric data; and in response to determining that the first biometric data matches the second biometric data, permit the data communications via the serial communication port.

Abstract: A vector graphics file includes at least one artwork layer and at least one watermark layer. The watermark layer comprises a pattern of vector graphics primitives, each of which is filled with a color that is a tinted variant of the color of the location in the artwork that the primitive overlies. Such layered arrangement enables the watermark to be added or omitted, and varied in strength, payload and appearance, at will. Yet the artwork is left unchanged through such manipulations. In some embodiments the watermark conveys a multi-symbol Global Trade Item Number (GTIN), and the file is used to generate a label or packaging for a food or general merchandise retail item. A great number of other arrangements, features and advantages are also detailed.

Abstract: A method and system for generating password based on images captured by a user is disclosed. In some embodiments, the method includes identifying a relevant event associated with a user; determining a set of preliminary information associated with the relevant event and a first set of images captured by the user during the relevant event; creating a plurality of second sets of images; presenting the plurality of second sets of images to the user; receiving from the user, for each of the plurality of second sets of images, user selection of the associated image added from the first set of images; generating a plurality of sets of keywords; receiving for each of the plurality of sets of keywords, a user selection of one or more keywords; and generating a password based on the one or more keywords selected by the user and associated images selected by the user.

Abstract: An embodiment of this application provides a method and apparatus for testing control software, and a computer-readable storage medium to reduce the time consumed in the simulation-based debugging and enhance efficiency. The method may include obtaining test information of a plurality of fault signals; and injecting, based on the test information of the plurality of fault signals, the plurality of fault signals into a simulation environment in sequence to obtain test results of the plurality of fault signals handled by the control software, where the simulation environment may be a simulation environment of a control object of the control software.

Abstract: A system for tracking the location of an electronic device includes an electronic device and a wireless location tag. The wireless location tag includes a microcontroller unit, and a modular connector interface configured to be communicatively coupled to a port of the electronic device. The wireless location tag is configured to establish an Internet connection to one or more backend electronic devices in response to detecting that the wireless location tag has been communicatively coupled to the port of the electronic device, obtain identifying information that is associated with the electronic device, and identify tag identifying information associated with the wireless location tag. The wireless location tag is also configured to send one or more instructions to the one or more backend electronic devices via the Internet connection, and send one or more ping messages to the one or more backend electronic devices.

Abstract: In one aspect, a device includes a processor and storage accessible to the processor. The storage includes instructions executable by the processor to present, on a display and in virtual space, at least first and second three-dimensional (3D) objects to which user input is directable in a particular sequence to provide a passcode associated with the device. The instructions are also executable to identify receipt of the passcode based on detection of first user input directed in the particular sequence to the first and second 3D objects. The instructions are then executable to authenticate a user responsive to the identification. In various examples, the virtual space may form part of an augmented reality presentation, a mixed reality presentation, and/or a virtual reality presentation.

Abstract: An aspect of the disclosure relates to a navigation system configured to use GPS or Wi-Fi to navigate users within a structure as well as on roadways. A mapping system may be configured to generate maps and transmit the maps to user devices in association with turn-by-turn instructions. A given user's current position may be monitored and corrective navigation instructions may be provided. A given user may be navigated to a position of a second user.