Receive a transaction generated by a user of a non-internet application; identify transaction life cycle steps of previous similar transactions; and generate a transaction risk score for the transaction using machine learning models and a blockchain record of the previous similar transactions. In response to the transaction risk score exceeding a threshold value, authenticate the transaction and the user using two-step authentication. The two-step authentication uses challenge/answer templates derived from the blockchain record of previous transactions.