US20100194571A1 - Point of entry authorization utilizing rfid enabled profile and biometric data - Google Patents

Point of entry authorization utilizing rfid enabled profile and biometric data Download PDF

Info

Publication number
US20100194571A1
US20100194571A1 US12/756,855 US75685510A US2010194571A1 US 20100194571 A1 US20100194571 A1 US 20100194571A1 US 75685510 A US75685510 A US 75685510A US 2010194571 A1 US2010194571 A1 US 2010194571A1
Authority
US
United States
Prior art keywords
user
biometric
entry
point
identification information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/756,855
Inventor
Luis M. Ortiz
Kermit D. Lopez
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ip Venue LLC
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=46281731&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=US20100194571(A1) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Priority claimed from US09/757,903 external-priority patent/US20020091937A1/en
Application filed by Individual filed Critical Individual
Priority to US12/756,855 priority Critical patent/US20100194571A1/en
Assigned to MESA DIGITAL, LLC reassignment MESA DIGITAL, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: LOPEZ, KERMIT D., ORTIZ, LUIS M.
Publication of US20100194571A1 publication Critical patent/US20100194571A1/en
Priority to US12/885,087 priority patent/US8462994B2/en
Assigned to RANDOM BIOMETRICS, LLC reassignment RANDOM BIOMETRICS, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MESA DIGITAL, L.L.C.
Priority to US14/611,612 priority patent/US20150172287A1/en
Assigned to MESA DIGITAL, LLC reassignment MESA DIGITAL, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: RANDOM BIOMETRICS, LLC
Assigned to IP VENUE, LLC reassignment IP VENUE, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MESA DIGITAL, LLC
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00563Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys using personal physical data of the operator, e.g. finger prints, retinal images, voicepatterns
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication

Definitions

  • Embodiments are generally related to user biometric authentication and methods or systems for security of or through electronic systems. Embodiments are also related to electronic systems that can be secured using biometric technology. Embodiments further relate to the use of biometric data for authenticating user identity and providing secure user access to data as well as authorizing transactions.
  • Password protection and/or combination type locks are employed for computer network security, automatic teller machines, telephone banking, calling cards, telephone answering services, buildings, factories, houses and safes. These systems generally require the knowledge of an entry code that has been selected by or provided to a user or has been configured in advance.
  • Pre-set codes are often forgotten, however, as users have no reliable method of remembering them.
  • Writing down codes and storing them in close proximity to an access control device results in an insecure access control system.
  • an access control device e.g., a combination lock
  • the nuisance of trying several code variations generally renders the access control system more of a problem than a solution.
  • Password systems are known to suffer from other disadvantages. Usually, a user specifies passwords. Most users, being unsophisticated users of security systems, choose passwords that are relatively insecure. As such, many password systems are easily accessed through a simple trial and error process.
  • a security guard reviews identification cards and compares pictures thereon to a person carrying the card. The security guard provides access upon recognition or upon other criteria.
  • Other building security systems use card access, password access, or another secure access approach.
  • passwords and cards have similar drawbacks when utilized for building security, particularly with computer security.
  • a number of systems have been developed to ensure that users do not gain unauthorized access to host computer systems. As explained above, some systems prompt a user for passwords. Such systems may also rely on PIN numbers, before granting the user access to the host computer system. As indicated above, however, passwords and PIN numbers may be forgotten or may fall into the wrong hands. Additionally, using passwords and PIN numbers for security purposes places an additional burden on institutions because passwords or PIN numbers require additional machinery and human resources to deal with customers when customers forget passwords or PIN numbers, or when customers request that passwords or PIN numbers be changed.
  • Biometric authentication systems have been developed to authorize accesses to various electronic and mechanical systems.
  • Biometrics can generally be defined as the science of utilizing unique physical or behavioral personal characteristics to verify the identity of an individual.
  • Biometric authentication systems are typically combined with hardware and software systems for automated biometric verification or identification.
  • Biometric authentication systems receive a biometric input, such as a fingerprint or a voice sample, from a user. This biometric input is typically compared against a prerecorded template containing biometric data associated with the user to determine whether to grant the user access to a service on the host system.
  • a biometric security access system can thus provide substantially secure access and does not require a password or access code.
  • a biometric identification system accepts unique biometric information from a user and identifies the user by matching the information against information belonging to registered users of the system.
  • One such biometric system is a fingerprint recognition system.
  • a fingerprint biometric system input transducer or sensor In a fingerprint biometric system input transducer or sensor, the finger under investigation is usually pressed against a flat surface, such as a side of a glass plate; the ridge and valley pattern of the finger tip is sensed by a sensing means such as an interrogating light beam.
  • a sensing means such as an interrogating light beam.
  • a system may be prompted through user entry that a fingertip is in place for image capture.
  • Another method of identifying fingerprints is to capture images continuously and to analyze each image to determine the presence of biometric information such as a fingerprint.
  • Various optical devices which employ prisms upon which a finger whose print is to be identified is placed.
  • the prism has a first surface upon which a finger is placed, a second surface disposed at an acute angle to the first surface through which the fingerprint is viewed and a third illumination surface through which light is directed into the prism.
  • the illumination surface is at an acute angle to the first surface.
  • the illumination surface may be parallel to the first surface.
  • Fingerprint identification devices of this nature are generally used to control the building-access or information-access of individuals to buildings, rooms, and devices such as computer terminals.
  • Fingerprint characterization is thus generally well known and can involve many aspects of fingerprint analysis.
  • biometric authentication systems have many known problems.
  • a user identification code a PIN
  • a PIN is generally required to identify each individual in order to permit comparison of the biometric information and a single user's template.
  • electromechanical device e.g., keypad
  • the device is also an additional equipment expense for a multiple entry access system.
  • a security system may be characterized as allowing 1 in 1,000 false acceptances or, alternatively, 1 in 1,000,000.
  • a probability distribution curve establishes a cut off for a given registration to determine what false acceptance rate this reflects. Curves of this type are exponential in nature and, therefore, for better false acceptance rates provide only nominal improvements to false acceptance rate for significant changes to a threshold value.
  • a low match score results in failure to authorize an individual.
  • biometrics Another potential problem with the use of biometrics is related to the unauthorized interception of a digital signal or file representing a biometric (i.e., similar to unauthorized interception of passcodes/passwords).
  • An unauthorized user may substitute a digital signal of a biometric attribute or template by bypassing biometric readers or scanners altogether. Therefore, like passwords or passcodes, use of biometrics for security purposes and user authorization, verification, and identification of data is not completely full proof.
  • biometric authentication systems are still plagued with various physical and electronic drawbacks. It is believed that the biometric methods and systems disclosed herein overcome many drawbacks known in the art.
  • Such a method includes associating an electronic system with a point of entry, the electronic system including a biometric interface, access to a data network and wireless communications hardware wirelessly communicating with a portable electronic device carried by a user approaching the point of entry, the user seeking access through the point of entry.
  • Such a method can also include wirelessly accessing, via the electronic system, identification information associated with the user from the portable electronic device carried with the user, utilizing the identification information provided from the portable electronic device to obtain a user profile from a remote server via the data network, the user profile including user identification information and a biometric template associated with the user, providing the identification information and the biometric template from the remote server to the point of entry in advance of an arrival of the user at the point of entry for passage through the point of entry, comparing at least one of the identification information and the biometric template with credentials carried with the user and at least one physical attribute of the user captured by the biometric interface, and authenticating the user via the electronic system and granting the user access through the point of entry, if the at least one of the identification information and the biometric template match at least one of the credentials carried with the user and the at least one physical attribute of the user captured by the biometric interface.
  • the portable electronic device carried by the user can be, for example, an RFID tag, a wireless electronic communications device (e.g., Smartphone, cell phone, etc).
  • the wireless electronic communications device can communication with the electronic system via a communications link, such as, for example, a Bluetooth communications link.
  • the wireless electronic communications device can communicate with the electronic system via, for example, a cellular communications link.
  • the biometric interface can be for example, a camera that captures one or more physical attribute of the user. Examples of such a “physical attribute” can be, for example, an image of a face of the user captured by the camera, a fingerprint, etc.
  • the credentials carried by the user can be, for example, an identification medium bearing a name and a photograph of the user.
  • the biometric interface can be, in other embodiments, a biometric reader that captures from the user, at least one of fingerprint data, retinal scan data, handwriting data, voice data and facial data, etc.
  • a method can be provided for the authentication of a user at a point of entry in coordination with biometric data provided from a remote server after preliminary identification of the user based on identification information provided wirelessly from an RFID tag carried with the user when the user is located near a point of entry.
  • Such a method can include, for example, associating an electronic system with a point of entry, the electronic system including a biometric interface, access to a data network and wireless communications hardware; wirelessly communicating via the wireless communications hardware with an RFID tag carried by a user approaching the point of entry, the user seeking access through the point of entry; wirelessly accessing, via the electronic system, identification information associated with the user from the RFID tag carried with the user; utilizing the identification information provided from the RFID tag to obtain a user profile from a remote server via the data network, the user profile including user identification information and a biometric template associated with the user; providing the identification information and the biometric template from the remote server to the point of entry in advance of an arrival of the user at the point of entry for passage through the point of entry; comparing at least one of the identification information and the biometric template with credentials carried with the user and at least one physical attribute of the user captured by the biometric interface; and authenticating the user via the electronic system and granting the user access through the point of entry, if the at least one of the identification information and the
  • a system can be provided for the authentication of a user at a point of entry in coordination with biometric data provided from a remote server after preliminary identification of the user based on identification information wirelessly provided from a portable electronic device carried with the user when the user is located near a point of entry.
  • a system can include, for example, a point of entry and an electronic system associated with the point of entry, the electronic system including a biometric interface, access to a data network and wireless communications hardware wirelessly communicating with a portable electronic device carried by a user approaching the point of entry. The user generally seeks access through the point of entry.
  • the electronic system can wirelessly access identification information associated with the user from the portable electronic device carried with the user.
  • Such a system can further include a remote server that stores a user profile, wherein the identification information provided by the electronic device is utilized to obtain the user profile from the remote server via the data network, the user profile including user identification information and a biometric template associated with the user.
  • the identification information and the biometric template are generally provided from the remote server by the electronic system to the point of entry in advance of an arrival of the user at the point of entry for passage through the point of entry.
  • the identification information and the biometric template are compared by the electronic system with credentials carried with the user and at least one physical attribute of the user captured by the biometric interface.
  • the use can be authenticated via the electronic system and granted access through the point of entry, if at least one of the identification information and the biometric template match at least one of the credentials carried with the user and one or more physical attributes of the user captured by the biometric interface.
  • the portable electronic device carried by the user can be, for example, an RFID tag, a wireless electronic communications device, etc.
  • the wireless electronic communications device can communicate with the electronic system via, for example, a Bluetooth communications link or a cellular communications link.
  • FIG. 1 depicts a block diagram illustrating components of an electronic system associated with a database containing biometric attributes in which embodiments can be implemented;
  • FIG. 2 illustrates a diagram illustrating client computer systems coupled to host systems through a network in which embodiments can be implemented
  • FIG. 3 illustrates a block diagram illustrating some of the functional components within the client computer system depicted in FIG. 2 , which can be utilized to implement an embodiment
  • FIG. 4 depicts a diagram illustrating biometric attributes and a user profile, which can be utilized in accordance with the disclosed embodiments
  • FIG. 5 illustrates a flow chart of logical operations depicting operations for authenticating a user in accordance with the disclosed embodiments
  • FIG. 6 depicts a flow chart illustrating additional operations for authenticating a user in accordance with the disclosed embodiments
  • FIG. 7 illustrates a system that includes a portion of a user interface that can be implemented in accordance with an alternative embodiment
  • FIG. 8 depicts a system that includes a portion of an alternative user interface that can be implemented in accordance with an alternative embodiment
  • FIG. 9 depicts illustrates a system that includes a portion of an alternative user interface that can be implemented in accordance with an alternative embodiment
  • FIG. 10 illustrates a pictorial representation of a biometric authentication system, which can be implemented in accordance with an alternative embodiment
  • FIG. 11 depicts a block diagram illustrating a skin detection apparatus, which can be utilized in accordance with an alternative embodiment
  • FIG. 12 illustrates a block diagram illustrating a skin detection apparatus, which can be utilized in accordance with an alternative embodiment
  • FIG. 13 depicts a block diagram illustrating a skin detection apparatus, which can be utilized in accordance with an alternative embodiment
  • FIG. 14 illustrates a pictorial diagram of a biometric authentication system, which can be implemented in accordance with an alternative embodiment
  • FIG. 15 depicts a high-level flow chart of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment
  • FIG. 16 illustrates a high-level flow chart of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment
  • FIG. 17 depicts a high-level flow chart of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment
  • FIG. 18 illustrates a high-level flow chart of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment
  • FIG. 19 depicts a system for biometrically authenticating a user in association with a wireless identification tag, in accordance with an alternative embodiment
  • FIG. 20 illustrates a high-level flow chart of operations illustrating logical operational steps for biometrically authenticating a user in association with a wireless identification tag, in accordance with an alternative embodiment
  • FIG. 21 depicts a high-level flow chart of operations illustrating logical operational steps for biometrically authenticating a user, in accordance with an alternative embodiment.
  • FIG. 1 depicts a block diagram illustrating components of an electronic system 12 associated with a database or memory containing biometric attributes 14 , in which embodiments can be implemented.
  • Database 14 can be linked or integrated with electronic system 12 and can include at least one user profile 15 containing biometric templates (i.e., samples) of biometric attributes provided previously by particular users.
  • Electronic system 12 can interact with and communicate with a variety of devices and mechanical systems.
  • Electronic system 12 can, for example, communicate with a computer workstation 24 .
  • electronic system 12 can be configured as a remote computer network (e.g., the Internet), or a dedicated computer network (e.g., Intranet, WLAN, LAN, etc.) operating within a particular organization, business or institution.
  • Electronic system 12 can also be configured to communicate with electromechanical systems, such as entry hardware of a secure building 22 .
  • a user can access electronic system 12 to secure entry to secure building 22 .
  • electronic system 12 can be configured as electronics associated with or resident within the user interface (e.g., typical of non-networked systems, such as secure entries).
  • electronic system 12 can be configured to communicate with an Automatic Teller Machine (ATM) 20 and/or point of sale.
  • ATM Automatic Teller Machine
  • a user attempting to retrieve cash through ATM 20 can be required to authentication his or her identification, based on previously stored biometric attributes contained within database 14 and/or user profile 15 .
  • Database 14 and user profile 15 can function as a biometric broker that communicates as a third-party service with various mechanical systems and other devices through electronic system 12 .
  • Electronic system 12 can also enable communication with a financial institution 18 and wireless device 16 .
  • wireless device 16 In order to communicate with wireless device 16 , electronic system 12 can be configured as part of a wireless network.
  • a wireless device 16 can be, for example, a wireless telephone or a wireless hand held device that can communicate with wireless networks to send and receive data.
  • Wireless device 16 can be, for example, a Wireless Application Protocol (WAP) enabled communications device configured to authenticate the identity of a user through a biometric scanner integrated with or attached to the wireless device.
  • WAP Wireless Application Protocol
  • FIG. 2 illustrates a diagram illustrating client computer systems 32 , 34 , and 36 coupled to host computer systems 48 , 40 , and 42 through a network 30 , in which embodiments can be implemented.
  • Network 30 can be any communication channel through which computer systems can communicate. This includes, but is not limited to, local area networks, such as Ethernet or Token ring, and wide area or remote computer networks, such as the Internet and World Wide Web, well known in the networking arts.
  • Network 30 can also be implemented as a wireless network through which wireless devices, such as wireless device 16 of FIG. 1 , can communicate with other devices and other systems.
  • a client such as client systems 32 , 34 , and 36 can be any node on a computer network including computational capability and including a mechanism for communication across network 30 .
  • Human users 33 , 35 , and 37 can operate client systems 32 , 34 , and 36 , respectively.
  • a host such as host systems 48 , 40 and 42 , can be any node on a computer network including a mechanism for servicing requests from a client for computational or data storage resources. Hosts can also be implemented as servers.
  • Biometric broker 44 can be implemented as a centralized repository for storing biometric attributes (i.e., biometric data), such as fingerprint data. Biometric broker 44 can also be configured as an entity that obtains biometric data form a variety of biometric databases operated by different entities and organizations, and utilizes such information for authentication purposes. FIG. 4 , which will be further described herein, lists examples of biometric data that can be utilized in accordance with the disclosed embodiments. Biometric broker 44 can also include a mechanism for managing the biometric attributes stored as data, and can additionally include a mechanism for implementing security policies for the biometric attributes. Such policies can require specific levels of authentication for different groups of users, or for access to different servers.
  • biometric attributes i.e., biometric data
  • FIG. 4 which will be further described herein, lists examples of biometric data that can be utilized in accordance with the disclosed embodiments.
  • Biometric broker 44 can also include a mechanism for managing the biometric attributes stored as data, and can additionally include a mechanism for implementing security policies for the biometric attributes. Such policies
  • Biometric brokers 44 can be implemented in any number of forms.
  • biometric broker 44 can be implemented as a node on network 30 , which communicates with host systems 48 , 40 , and 42 across network 30 .
  • biometric broker 44 can be located on a host, such as host system 48 .
  • FIG. 2 can operate generally as follows.
  • a user such as user 33
  • User 33 requests access to resources on host system 48 across network 30 .
  • host system 48 attempts to authenticate user 33 .
  • host system 48 requests a biometric attribute (i.e., biometric data) from biometric broker 44 .
  • Biometric broker 44 returns a biometric attribute or biometric template, which can be compared against sample biometric attribute(s) randomly collected from user 33 . This comparison can take place at a number of locations, including at client system 32 , at host system 48 or at biometric broker 44 . If the sample biometric attribute collected from user 33 matches the biometric attribute retrieved from biometric broker 44 , user 33 can be permitted to access resources on host system 48 .
  • Providing a centralized authentication service such as biometric broker 114 has a number of advantages.
  • One advantage is generally that centralized revocation can be supported.
  • an employee in an organization typically has access to a number of different resources on a number of different host systems. When this employee leaves the organization, it often takes a long time to explicitly revoke the employee's access rights on all host systems.
  • a centralized revocation scheme such revocation only needs to take place once at the centralized revocation service since the disparate host systems always look to the centralized revocation service to authenticate a user.
  • FIG. 3 illustrates a block diagram illustrating some of the functional components within client computer system 32 that can be utilized to implement an embodiment. Note that in FIGS. 2 and 3 identical parts are represented by identical reference numerals.
  • client system 32 can be any node on a computer network including computational capability and including a mechanism for communication across network 30 .
  • client system 32 includes user interface 62 , networking code 64 and adapter 66 . These functional components can be implemented in software running on, for example, a client CPU.
  • User interface 62 provides a mechanism through which user 33 can operate client system 32 .
  • Networking code 64 can include a library of functions, which allow client system 32 to communicate across network 30 .
  • adapter 66 can be configured to include a collection of functions that implement the client portion of a biometric authentication system.
  • Adapter 66 can communicate with sealed hardware unit 58 , which can be utilized to perform biometric authentication functions.
  • sealed hardware unit 58 can be encased in a sealed insulating layer, which prevents a malicious user of client system 32 from monitoring the computational operations performed within sealed hardware unit 58 . This can prevent a malicious user from improperly gaining access to host system 48 , even if the malicious user has the power to modify hardware and software resources on client system 32 .
  • the circuitry inside sealed hardware unit 58 can be encased in the insulating layer in such a manner that any attempt to cut through the insulating layer to monitor the circuitry is likely to render the circuitry inoperable.
  • Sealed hardware unit 58 can include a CPU 50 , which can be any type of computational engine that can be used to perform the computational and logical operations involved in biometric authentication. Sealed hardware unit 58 can additionally include threshold storage 52 and key storage 54 . Threshold storage 52 can be utilized as a memory location for storing threshold values indicating how closely a biometric attribute take as a biometric sample from a user must match a biometric attribute retrieved from a database through biometric broker 44 , in order to allow the user to access the host system.
  • Key storage 54 can store at least one encryption key that can be used to encrypt messages or computer checksums for communications across network 30 .
  • Sealed hardware unit 58 can communicate with scanner 60 , which can be utilized to take a biometric sample (i.e., biometric attribute) from user 33 .
  • This biometric attribute can be any type of biometric measurement of user 33 . This includes, but is not limited to, fingerprint data, retinal scan data, handwriting data, voice data (e.g., a voice print), and facial data (e.g., a face scan).
  • biometric attributes stored as data within a database such as biometric database 14 and/or user profile 15 of FIG. 1 , can be stored as a template or “biometric template”.
  • the components illustrated in FIG. 3 can operate as follows.
  • User 33 initiates the biometric authentication process by seeking access to resources on a host system, such as host system 48 of FIG. 2 , through user interface 62 .
  • This causes authentication code within adapter 66 to initiate communications with host system 48 (i.e., host system 48 illustrated in FIG. 2 ).
  • This authentication code within adapter 66 can additionally initiate operations within sealed hardware unit 58 to gather a biometric attribute as a biometric sample from user 33 through scanner 60 .
  • These authentication operations are described in more detail below with reference to the flow charts in FIGS. 5 and 6 .
  • FIG. 4 depicts a diagram illustrating biometric attributes and a user profile 82 , which can be utilized in accordance with the disclosed embodiments. Elements of user profile 82 in FIG. 4 can be analogous to user profile 15 of FIG. 1 .
  • Biometric attributes 80 can include fingerprints, voiceprints, retinal and iris information, hand geometry, facial information, and signatures. Thus, biometric authentication can be based on a variety of possible biometric measurements.
  • a user profile 82 of a particular user will thus include one or more of the aforementioned biometric attributes. Such biometric attributes are utilized to verify the identity of the user.
  • Typical biometric measurements which can be utilized to authenticate identity, include fingerprint verification.
  • Fingerprint images contain a large amount of information and therefore has a reliable and inherent accuracy.
  • Fingerprint identification is generally well known in the biometric arts and has been utilized since the 1800's by law enforcement agencies to assist law enforcement officers in criminal investigations.
  • Hand geometry can also be utilized to measure the physical characteristics of a user's hands and fingers.
  • Hand geometry biometric authentication has traditionally been utilized for physical access control and time/attendance systems.
  • Hand geometry has traditionally been limited to verification (i.e., one-to-one comparisons) rather than identification (one-to-many comparisons.
  • Hand geometry systems do not measure or capture finger or palm prints, but can reliably measure the physical characteristics of an individual's hands from a three dimensional perspective.
  • Voice recognition is known as another important technique for identify users.
  • a voiceprint is obtained from a user and stored as biometric attributes for later user identification. It is generally well known in the biometric arts that an individual's voice contains unique wavelength sound characteristics. Such characteristics can be analyzed and stored as biometric data.
  • Retinal scanning is another biometric measurement technique that can be utilized in accordance with the disclosed embodiments.
  • Retinal scanning is generally based on a biometric measurement process that maps the structure of veins at the back of individual's eye.
  • Retinal scanners typically send a beam of concentrated light into the eye.
  • Retinal scanners employ low intensity light for measuring the retina characteristics associated with an individual.
  • Iris scanning is another biometric measurement technique that can be utilized in accordance with the methods and systems disclosed herein.
  • Iris scanning well known in the biometric arts, scans unique random patterns of an individual's iris. Such a measurement method does not rely on the iris color. Iris scanning is generally based on the fact that the color portion of the eye that surrounds the pupil contains patterns that are unique to each individual.
  • An individual's physical signature is another important biometric attribute that can be utilized to verify the identity of an individual. Signature verification can be readily utilized with the other biometric measuring techniques utilized above.
  • Facial recognition can be utilized in accordance with the disclosed embodiments to enhance biometric authentication.
  • a facial scan of an individual is taken and stored as data which can later be compared against a user's most recently provided facial scan to confirm or deny user identity.
  • a user steps in front of a digital camera, which captures an image of the user's face. Associated software captures the image and creates a facial template.
  • LFA Local Feature Analysis
  • biometric attributes are not shown in FIG. 4 , but those skilled in the art can apply equally to the practice of the disclosed embodiments.
  • biometric attributes can include a palm print, ear shape, ear canal acoustic properties, DNA, keystroke (e.g., typing rhythm), and body odor.
  • FIG. 5 illustrates a flow chart 100 illustrating operations for authenticating a user, in accordance with an embodiment.
  • the process can be initiated as indicated at block 102 .
  • a user transaction can be initiated with an electronic system, as depicted thereafter at block 104 .
  • Such an electronic system can, for example, be configured as an ATM and/or point of sale linked to a computer network that communicates with a biometric broker, such as biometric broker 44 of FIG. 2 .
  • such a biometric broker can be composed of a database containing biometric attributes and/or a user profile integrated with or in communication with the database.
  • the user profile contains previously store biometric attributes of a particular user.
  • a user during enrollment can provide biometric attributes.
  • samples of designated biometric attributes can be acquired.
  • One or more unique features of the samples can then be configured to form a biometric template of one or more biometric attributes for subsequent comparison purposes.
  • the user is requested by the electronic system to provide at least one biometric attribute.
  • the operation described at block 106 is based on random factors.
  • the user is prompted to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user.
  • User input of a biometric attribute can be based on this random selection.
  • the user provides to the electronic system, the biometric attributes randomly selected by the electronic system from the user profile.
  • a comparison can be made between the random biometric attribute(s) selected by the electronic system from the user profile and the biometric attributes input by the user to a biometric scanner. If a match does not occur, then the process can be repeated, for example, beginning with the operation depicted at block 104 . Alternatively, the process can begin, as indicated at block 106 where the user session has not been terminated.
  • the user can be permitted to perform a user-desired activity such as, for example, performing financial transactions. If a biometric attribute input by the user to the electronic system does not match one or more of the biometric attributes randomly selected from the user profile associated with the user after, for example, three attempts, the user is not permitted to perform user-desired activities or transactions.
  • FIG. 6 depicts a flow chart 130 illustrating additional logical operations for authenticating a user, in accordance with another embodiment.
  • the process can be initiated, as indicated at block 132 .
  • a user can initiate a transaction with an electronic system via submission of a single biometric attribute.
  • This single biometric attribute can be provided via, for example, a fingerprint provided by the user through a fingerprint scanner integrated with the electronic system.
  • This single biometric attribute can also be provided via a smart card that is receivable by, or in association with, the biometric system.
  • Biometric attributes can be previously stored within a memory location contained within the smart card for later retrieved (e.g., read or scanned by an electronic system at a point of sale or ATM) for user authentication or verification purposes using biometric methods taught herein.
  • Smart cards are generally known in the art to appear as credit card sized plastic cards with an embedded computer chip.
  • the chip can either be a microprocessor with internal memory or a memory chip with non-programmable logic.
  • the chip connection can be configured via direct physical contact or remotely through a contactless electromagnetic interface.
  • Smart cards can be generally configured as either a contact or contactless smart card, or a combination thereof.
  • a contact smart card requires insertion into a smart card reader with a direct connection to, for example, a conductive micromodule on the surface of the card.
  • a micromodule can be generally gold plated. Transmission of commands, data, and card status takes place through such physical contact points.
  • a contactless card requires only close proximity to a reader. Both the reader and the card can be implemented with antenna means providing a contactless link that permits the devices to communicate with one another. Contactless cards can also maintain internal chip power or an electromagnetic signal, such as RF tagging technology, which is discussed in more detail herein with respect to FIGS. 19 and 20 .
  • RF tagging technology such as RF tagging technology
  • a Hybrid card generally can be equipped with two chips, each with a respective contact and contactless interface. The two chips are not connected, but for many applications, this Hybrid serves the needs of consumers and card issuers.
  • the Combi card can be generally based on a single chip and can be generally configured with both a contact and contactless interface.
  • Chips utilized in such smart cards are generally based on microprocessor chips or memory chips. Smart cards based on memory chips depend on the security of the card reader for their processing and can be utilized when low to medium security requirements. A microprocessor chip can add, delete and otherwise manipulate information in its memory. Microprocessor-based memory cards typically contain microprocessor chips with 8, 16, and 32 bit architectures.
  • the user can input a single biometric attribute at the request of, or to initiate, the electronic system.
  • the electronic system can be, for example, an ATM machine equipped with a biometric scanner.
  • the biometric scanner can be configured with, for example, iris scanning, retinal scanning, and fingerprint scanning capabilities.
  • the user can, for example, provide his or her left thumbprint, if requested by the electronic system, to initiate a transaction utilizing the electronic system.
  • a user profile can be retrieved by the electronic system based on the input of a single user biometric attribute, such as a fingerprint. Again, retrieval can be from a server, electronic system memory, or portable device memory (e.g., smart card or other electronic hand held device)
  • the user selects a desired user-activity at an interface associated with the electronic system, as indicated at block 138 , and thereafter, as illustrated at block 140 , the user can be requested by the electronic system to provide at least one biometric attribute via random selection of such an attribute by the electronic system from the user's template/profile. Biometric attributes are thus randomly selected from the user profile associated with the user. The user must then provide the electronic system with biometric attributes that match the biometric attributes randomly selected from the user profile, as indicated at block 142 .
  • a biometric attribute input by the user through an interface and biometric scanner associated with the electronic system does not match the biometric attributes randomly selected from the user profile, the user can be requested again, as indicated at block 140 . If, however, a match is made, then the user can be permitted to perform the user-desired activity, such as accessing secure data or entry to a secure building, as illustrated at block 146 . The process then terminates, as indicate at block 148 .
  • FIG. 7 depicts a system 200 , which can include a user interface 202 that can be implemented in accordance with the disclosed embodiments.
  • user interface 202 is shown, for example, at three different moments in time.
  • User interface 202 can be analogous to user interface 64 of FIG. 3 .
  • a user interface 202 can be of many forms depending on the type of biometric sample being requested, obtained and/or utilized. It can be appreciated by those skilled in the art that user interface 202 can be implemented in the context of a hardware unit which communicates with one or more electronic systems (e.g., a building security systems, PDA, laptop computer, computer network, wireless communications network, etc.).
  • electronic systems e.g., a building security systems, PDA, laptop computer, computer network, wireless communications network, etc.
  • a user can be requested by an electronic system to provide one or more biometric samples for authentication purposes.
  • Biometric samples can be of different types described herein (e.g., voice, fingerprint, eye, etc.).
  • the user can be prompted to input biometric samples randomly selected by the electronic system from a user profile containing biometric attributes previously obtained from the user.
  • User interface 202 can be integrated with, for example, an ATM machine, or a secure door that accesses a secure area, such as a government building or military complex.
  • user interface 202 includes an iris scanner 208 and a fingerprint scanner 206 .
  • Finger print scanner 206 can be integrated with a display area 204 , which can also be integrated with iris scanner 208 .
  • Input of a biometric attribute by a user to interface 202 can be based on the random selection of a biometric attribute from a user profile.
  • the number of biometric attributes requested from a user can also be based on a random number. For example, during one authentication session, a user can be requested to provide a left index fingerprint and a left iris scan. During another authentication session, the same user can be required to provide a left index fingerprint, followed by the fingerprint of his or her right middle finger, and immediately thereafter, an iris scan of a left eye, or perhaps, a right eye.
  • the selection of biometric attributes from the user profile can thus be based on a random selection.
  • the number of required biometric samples that a user can be required to input can also be a random number.
  • the number of biometric attributes required to be input by a user will likely be a limited number.
  • a user can be required to input only three biometric attributes during one authentication session, two biometric attributes during another authentication session, and five biometric attributes during another biometric session.
  • biometric scanning devices can also be integrated with the user interface 202 , such as, for example, a retina scanner, palm scanner, voice print scanner, and so forth.
  • FIG. 7 should not be interpreted as limiting the invention.
  • the drawing illustrated in FIG. 7 merely represents a possible embodiment.
  • FIG. 8 depicts a system 220 that can include an alternative user interface 222 that can be implemented in accordance with the disclosed embodiments.
  • User interface 222 can communicate with or be integrated with an electronic system, such as an ATM machine or point of sale.
  • User interface 222 can be integrated with a microphone 230 that can receive a voiceprint from a user.
  • User interface 222 can also be integrated with a fingerprint scanner 228 that captures fingerprints as biometric data from users.
  • user interface 222 can include a camera 226 that functions for iris, retinal, and facial scanning purposes.
  • system 220 generally illustrates first, second and third biometric attribute input stages.
  • a user can be prompted through a display unit 231 to input his or her name or other word or phrase (or other information). The user merely speaks his or her name, for example, into microphone 230 .
  • the user can be requested to input his or right hand thumbprint.
  • the user can be requested to provide a biometric sample of his or right eye, which can be scanned as a retina or iris biometric attribute of the user.
  • the user can be asked to provide a facial scan, in which case, camera 226 captures a facial image of the user for biometric authentication purposes.
  • FIG. 9 illustrates depicts a biometric authentication system 240 , which includes an alternative user interface 244 that can be implemented in accordance with an alternative embodiment.
  • user interface 244 can communicate with or be integrated with an electronic system, such as an ATM machine or point of sale.
  • System 240 can include user interface 244 in the context of a standalone hardware unit or in association with an electronic system, such as an ATM machine, point of sale, computer network, wireless network, stand-alone laptop computer, etc.
  • User interface 244 can be associated with and/or integrated with a fingerprint scanner 228 that captures fingerprints as biometric data from users.
  • user interface 244 can include a camera 226 that functions for iris, retinal, and facial scanning purposes.
  • User interface 244 can also be associated with and/or integrated with a skin sensor 242 , which senses the unique optical properties of the skin of an individual user.
  • FIG. 9 illustrates first, second and third biometric attribute input stages.
  • a user can be prompted through a display unit 231 to input a skin sample.
  • Skin sensor 242 performs a measurement and/or analysis of a skin sample, which identifies the user.
  • the user can be requested to input his or right hand thumbprint.
  • the user can be requested to provide a biometric sample of his or right eye, which can be scanned as a retina or iris biometric attribute of the user.
  • the user can be asked to provide a facial scan, in which case, camera 226 captures a facial image of the user for biometric authentication purposes.
  • a variety of types of skin sensors can be utilized for sensing the biometric properties of an individual's skin.
  • One example of a skin sensor that can be utilized in accordance with an alternative embodiment is disclosed in U.S. Patent Application No. 2002/0183624A1, “Apparatus and Method of Biometric Determination Using Specialized Optical Spectroscopy Systems,” which published on Dec. 5, 2002, and which is incorporated herein by reference.
  • U.S. Patent Application No. 2002/0183624A1 generally discloses devices and methods for performing biometric determinations using optical spectroscopy of tissue.
  • biometric determinations can include the determination or verifications of identity, estimation of age, estimation of sex, determination of sample liveness and sample authenticity.
  • Such devices are based upon discrete light sources such as light emitting diodes, laser diodes, vertical cavity surface emitting lasers (VCSELs), and broadband sources with multiple narrow-band optical filters.
  • the multiple light sources can be encoded in a manner that the tissue response for each source can be efficiently measured.
  • the light sources are spaced at multiple distances from a detector to contribute differing information to the biometric determination task as do light sources with different wavelength characteristics.
  • U.S. Patent Application No. 2002/0183624A1 also disclose devices that incorporate a spectral biometric sensor with a personal electronic device such as cellular telephones, personal digital assistants, wristwatches, electronic fobs for the purpose of providing secure biometric access to protected property. It can be appreciated by those skilled in the art that U.S. Patent Application No. 2002/0183624A1 is not considered a limiting feature of the disclosed embodiments, but is instead referenced herein for general illustrative and edification purposes only.
  • FIG. 10 illustrates a pictorial representation of a biometric authentication system 1000 , which can be implemented in accordance with an alternative embodiment.
  • Biometric authentication system 1000 includes a biometric authentication unit 1002 , which can be utilized to biometrically authenticate a user based on an individual's fingerprints and/or a skin analysis.
  • a fingerprint scanner 1004 can be associated with and/or integrated with a skin sensor 1006 .
  • Skin sensor 1006 can be, for example, a type of skin sensor as disclosed in U.S. Patent Application No. 2002/0183624A1.
  • Skin sensor 1006 can thus be generally configured as system or device for collecting spectral information from tissue for performing biometric tasks
  • a system or device can include a plurality of discrete light sources, means for directing light into the tissue, means for detecting light that substantially passed through sub-surface tissue, a means for recording and storing resulting detector signals, and a means for processing resulting spectral data to perform a biometric determination.
  • a user can place his or her fingertip at fingerprint scanner 1004 .
  • a fingerprint can then be sensed either alone or in concert with skin sensor 1006 (i.e., a skin detection apparatus), which detects skin properties for biometric authentication thereof.
  • Fingerprint scanner 1004 can be optionally configured such that the entire fingerprint of an individual scan or only a portion, as indicated by arrow 1008 , in concert with skin sensor 1006 .
  • System 1000 generally comprises three features as indicated at block 1110 , including pattern recognition (i.e., fingerprint scanning), and/or skin sensing (i.e., illumination/detection of skin) and/or in concert with a random challenge, which is discussed in detail herein.
  • Skin sensor 1006 is generally analogous to skin sensor 242 of FIG. 9 , but can be configured with different features, which are illustrated in more detail in FIGS. 11 to 13 herein.
  • FIG. 10 thus generally illustrates system 1000 for the random biometric authentication of a user utilizing unique biometric attributes associated with the user.
  • System 1000 can additionally be configured to include a plurality of modules 1032 .
  • modules 1032 can be configured as software modules, as described in further detail herein.
  • Modules 1032 can include a random challenge module 1034 for challenging a user to provide at least one randomly selected biometric attribute, a comparison module 1036 for automatically comparing the at least one randomly selected biometric attribute to a plurality of biometric attributes of the user contained in a user profile; and an authentication module 1038 for authenticating the user in association with skin sensor 1006 for analyzing the issue of the user for one or more tissue biometric attributes associated with the user.
  • Authentication module 1038 can authenticate the user of one or more randomly selected biometric attributes input by the user matches at least one of the plurality of biometric attributes of the user contained in the user profile and if the tissue biometric attribute of the user matches at least one tissue biometric attribute of the user contained in the user profile.
  • Modules 1032 are processible via a microprocessor 1040 , which can be associated with and/or integrated with biometric authentication unit 1002 . Additionally, such modules 1032 can be stored within a memory location (not shown), which can also be associated with and/or integrated with biometric authentication unit 1002 .
  • FIG. 11 depicts a block diagram illustrating a skin detection apparatus, which can be utilized in accordance with an alternative embodiment.
  • Skin sensor 1006 indicated in FIG. 11 can be composed of two portions, a detector 1012 and a light source 1014 . Light from light source 1014 is transmitted to a portion of an individual's skin, which is illuminated thereof for detection and analysis (e.g., spectroscopy) by detector 1012 .
  • FIGS. 10 to 14 herein like or analogous parts are indicated by identical reference numerals.
  • FIG. 12 illustrates a block diagram illustrating a skin detection apparatus, which can be utilized in accordance with an alternative embodiment.
  • FIG. 13 depicts a block diagram illustrating a skin detection apparatus, which can be utilized in accordance with an alternative embodiment.
  • a VCSEL 1016 can be utilized as a light source
  • a photodiode can be utilized as a light source.
  • other types of light sources e.g., a laser light source
  • FIG. 14 illustrates a pictorial representation of a biometric authentication system 1200 , which can be implemented in accordance with an alternative embodiment.
  • the biometric authentication system 1200 of FIG. 14 is generally analogous to the biometric authentication system 1000 depicted in FIG. 10 , the difference being that additional sensors 1020 , 1022 and 1024 can also be utilized in association with fingerprint scanner 1004 and skin sensor 1006 .
  • Sensors 1020 , 1022 and 1023 can be the same type of sensor as skin sensors 1006 , or one or more of these additional sensors can be used to obtain a biomedical attribute in accordance with an alternate embodiment.
  • the interface allows a biometric system to obtain distributed illumination sample over a broader area of a user's finder. More than one sample enables a system to obtain better results through redundancy.
  • the results of several sensors can processed by a system by averaging plural samples, or by using different wavelengths of light to test the skin.
  • a processor associated with the sensor can determine authentication using a broader range of criteria using more than one sensor, especially when combined with a fingerprint scanner 1004 .
  • the system can be provided with biomedical data from the specimen (e.g., user's finger), such as pulse and heart rate. Obtaining pulse and heart rate reading can be useful to verify whether the specimen being read is alive.
  • the prior art uses data obtained from photo-illumination of the skin to determine if the skin is associated with a live person, it should be appreciated that a specimen, such as an amputated finger, may not show signs that can be associated with death until several minutes, which leaves enough time for an unauthorized user to gain access to an electronic system using prior art fingerprint scanners.
  • sensors 1006 , 1020 , 1022 and 1023 can be deployed on fingerprint scanner 1006 as a combination of skin illumination and biomedical sensors.
  • a system similar to that illustrated in FIG. 10 with a skin sensor 1006 , could also be provided that incorporates a biomedical sensor together with a fingerprint scanner as a single interface.
  • a hardware interface as described can be useful for carrying out simple biometric authentication methods where the user is not challenged or required to provide random biometrics.
  • a device that is physically layered with at least two different types of biometric input sensors/readers would be generally useful in the field of biometrics.
  • the present teaching can also be implemented, although not shown, in an interface that combines at least two biometric measurement layered into a single interface, such as: hand geometry, fingerprint, biomedical, skin illumination.
  • Embodiments can be configured as a system for biometrically securing access to an electronic system.
  • a system can include modules thereof.
  • a module in software use, is generally a collection of routines and data structures that performs a particular task or implements a particular abstract data type. Module typically are composed of an interface, which lists the constants, data types variables, and routines that can be accessed by other modules or routines, and an implementation, which can be accessible only by the module. The implementation contains the source code that actually implements the routines in the module.
  • the method and system described herein can include a module for prompting a user to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user. Additionally, the system can include a module for permitting the user to perform a user-desired activity if at least one biometric attribute input by the user to the electronic system matches the at least one biometric attribute randomly selected from the user profile.
  • a module for prompting a user to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user can include a module for permitting the user to perform a user-desired activity if at least one biometric attribute input by the user to the electronic system matches the at least one biometric attribute randomly selected from the user profile.
  • hardware described herein can be used without regard to random challenges as discussed previously.
  • the user profile can be accessed from a server and/or memory through the electronic system.
  • the user profile can also be accessible from a biometric broker through the electronic system over a secure network connection.
  • one or more biometric attributes can be obtained from the user for compilation in a user profile.
  • the user profile is generally stored in a location accessible by at least one electronic system. The user can generally be permitted to modify the user profile, in response to approval by the system or an administrator.
  • Such a system can also include a module for comparing at least one biometric attribute input by the user to the electronic system with the at least one biometric attribute randomly selected from the user profile. Additionally, such a system can include a module for subsequently prompting a user to input to the electronic system at least one additional biometric attribute randomly selected from the user profile, if at least one biometric attribute previously input by the user to the electronic system does not match the at least one biometric attribute randomly previously selected from the user profile.
  • the electronic system can be configured as one or more wireless devices that operate with a wireless network.
  • the electronic system can also be configured as one or more computer workstations operable over an associated network.
  • the electronic system can include an automated teller machine, or a secured entry system to a secured environment.
  • the electronic system can simply be a wireless network or a computer network, or a combination thereof.
  • the electronic system can also be a wireless device.
  • Such a system can also include a module for identifying at least one defective biometric attribute associated with the user.
  • the user can be prompted to input to the electronic system at least one additional biometric attribute randomly selected from a user profile containing biometric attributes of the user.
  • the user-desired activity can comprise activities, such as, for example, a financial transaction, an ATM transaction, access to a secure area, or access to data from the electronic system.
  • the user-desired activity can also simply comprise the execution of a mechanical activity.
  • a system for biometrically securing access to an electronic system can include a module for prompting a user to input to the electronic system at least two biometric attributes randomly selected from a user profile containing biometric attributes of the user.
  • Such an alternative system can also include a module for permitting the user to perform a user-desired activity, if biometric attributes input by the user to the electronic system matches the at least two biometric attribute randomly selected from the user profile.
  • FIG. 15 depicts a high-level flow chart 1500 of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment.
  • a biometric authentication system such as, for example, biometric authentication system 1000 or 1200 , can be activated.
  • a biometric authentication system can be configured to include, for example, a fingerprint scanner 1004 associated with a skin sensor 1006 (and/or skin sensors 1020 , 1022 and/or 1024 ).
  • a fingerprint of a user is scanned utilizing fingerprint scanner 1004 .
  • a skin sensor 1006 either alone or in association with sensors 1020 , 1022 , and/or 1024 analyzes a portion of skin on the user's finger.
  • the user's fingerprint is matched with/or against a user profile associated with the user.
  • the user profile can be stored within a database associated with a biometric authentication system 1000 or 1200 .
  • the database can also be stored remotely at a server in communication with such the biometric authentication system 1000 or 1200 .
  • User authentication can then take place, as depicted at block 1510 .
  • FIG. 16 depicts a high-level flow chart 1600 of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment.
  • a biometric authentication system such as, for example, biometric authentication system 1000 or 1200 , can be activated.
  • a biometric authentication system can be configured to include, for example, a fingerprint scanner 1004 in layered or integrated associated with another sensor (e.g., skin sensor 1006 and/or skin or biomedical sensors 1020 , 1022 and/or 1024 ).
  • the user can be randomly challenged to provide a fingerprint.
  • the user can be randomly challenged to provide a fingerprint from his or left index finger.
  • Such a random challenge can also include subsequent random challenges.
  • the user can be randomly challenged to provide a fingerprint of his or her right thumb.
  • the user places his or finger on the fingerprint scanner 1004 as illustrated at block 1606 and thereafter, as indicated at block 1608 , the fingerprint can be scanned utilizing fingerprint scanner 1004 .
  • a skin sensor 1006 either alone or in association with sensors 1020 , 1022 , and/or 1024 analyzes a portion of skin on the user's finger and/or pulse.
  • the user's fingerprint is matched with/or against a user profile associated with the user.
  • the user profile can be stored within a database associated with the biometric authentication system 1000 or 1200 .
  • the database can also be stored remotely at a server in communication with such the biometric authentication system 1000 or 1200 .
  • User authentication can then take place, as illustrated at block 1614 .
  • FIG. 17 depicts a high-level flow chart 1700 of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment.
  • a biometric authentication system such as, for example, biometric authentication system 1000 or 1200 , can be activated.
  • a biometric authentication system can be configured to include, for example, a fingerprint scanner 1004 associated with a skin sensor 1006 (and/or skin sensors 1020 , 1022 and/or 1024 ).
  • a skin sensor 1006 analyzes a portion of skin on the user's finger.
  • the user is randomly challenged to provide a fingerprint.
  • the user can be randomly challenged to provide a fingerprint from his or left index finger.
  • Such a random challenge can also include subsequent random challenges.
  • the user can be randomly challenged to provide a fingerprint of his or her right thumb.
  • the user places his or finger on the fingerprint scanner 1004 as illustrated at block 1708 and thereafter, as indicated at block 1710 , the fingerprint can be scanned utilizing fingerprint scanner 1004 .
  • the user's fingerprint is matched with/or against a user profile associated with the user.
  • the user profile can be stored within a database associated with the biometric authentication system 1000 or 1200 .
  • the database can also be stored remotely at a server in communication with such the biometric authentication system 1000 or 1200 .
  • User authentication can then take place, as indicated at block 1714 .
  • FIG. 18 depicts a high-level flow chart 1800 of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment.
  • a biometric authentication system such as, for example, biometric authentication system 1000 or 1200 , can be activated.
  • a biometric authentication system can be configured to include, for example, a fingerprint scanner 1004 associated with a skin sensor 1006 (and/or sensors 1020 , 1022 and/or 1024 ).
  • skin sensor 1006 can analyze a portion of skin on the user's finger or search for a heart rate/pulse, depending on what type of sensor is being used (e.g., biomedical or skin) for sensors 1020 , 1022 and 1024 .
  • the user places his or finger on the fingerprint scanner 1004 as illustrated at block 1806 and thereafter, as indicated at block 1808 , the fingerprint can be scanned utilizing fingerprint scanner 1004 .
  • the user's fingerprint can be matched with/or against a user profile associated with the user.
  • the user profile can be stored within a database associated with the biometric authentication system 1000 or 1200 .
  • the database can also be stored remotely at a server in communication with such the biometric authentication system 1000 or 1200 .
  • User authentication can then take place, as indicated at block 1812 .
  • sensors 1006 , 1020 , 1022 and/or 1024 in methods as described in flow diagrams associated with FIGS. 15-18 is not limited with respect to the order for which skin or biomedical results are obtained from a sample.
  • Skin and biomedical readings can be obtained initially (prior to fingerprint scanning), concurrently, during template retrieval, or after authentication. Skin and biomedical sensors can be active throughout the authentication process, as long as the user remains in contact with the user interface.
  • FIG. 19 depicts a system 1900 for biometrically authenticating a user in association with a wireless identification tag, in accordance with an alternative embodiment.
  • System 1900 generally includes at least one wireless identification tag 1902 , which can be identified by a tag reader 1904 , which can be a wireless radio frequency transceiver such as a wireless access point familiar in with WiFi (e.g., 802.11) and cellular networking systems.
  • System 1900 also includes at least one biometric authentication point 1910 , which can be, for example, a biometric authentication apparatus or device, such as, for example, biometric authentication systems 200 , 220 , 240 , 244 , 1000 , and/or 1200 disclosed herein.
  • Biometric authentication point 1910 can be, for example, a point of sale (POS) equipped with a biometric reader, which can randomly challenge a user to input biometric data for authentication purposes as disclosed herein.
  • the biometric authentication point can also be an international border crossing, which is becoming important for Homeland Security initiatives passed into U.S. Federal Legislation in 2002.
  • Other biometric authentication points that can benefit from advanced template retrieval include public transportation (e.g., airport bordering systems), time and attendance equipment, building access, and any other application where a user can be waiting in line behind other users to be authenticated.
  • System 1900 permits a wireless identification tag, such as tag 1902 , to provide the biometric authentication point with appropriate biometric template information obtained from a biometric database 1908 associated with the user through a network 1906 (i.e., wireless and/or wireline) so that when the holder of the identified tag 1902 is ready to be biometrically authorized, his or her biometric data can already be available to the system for a biometric challenge thereof.
  • a wireless identification tag such as tag 1902
  • a network 1906 i.e., wireless and/or wireline
  • Intelligent networks are mobile communications systems familiar to the wireless telecommunications industry for the use of Home Location Registers (HLRs) and Visiting Location Registers (VLRs) to enable a user's profile to follow the user throughout a network.
  • HLRs Home Location Registers
  • VLRs Visit Location Registers
  • the general methodologies behind intelligent networks can be used with the disclosed embodiments to provide user biometric template in advance of authentication.
  • a user's profile which will generally include subscription services, billing information, voice mail, email, E911 location information, and other data, is kept at the HLR.
  • the HLR is typically associated with the user's home network.
  • the intelligent network determines that the user is visiting (roaming) and also determines where to get a copy of the user's profile.
  • a system similar to an intelligent network can be used in association with biometric authentication using existing networks and standards (e.g., LAN, WLAN, WiFi, Bluetooth, CDMA, TDMA, WAP, etc.) and networked servers and databases to provide for advanced biometric retrieval.
  • existing networks and standards e.g., LAN, WLAN, WiFi, Bluetooth, CDMA, TDMA, WAP, etc.
  • FIG. 20 illustrates a high-level flow chart 2000 of operations illustrating logical operational steps for biometrically authenticating a user in association with a wireless identification tag, in accordance with an alternative embodiment.
  • information from a wireless identification tag such as tag 1902 of FIG. 19 can be read when the tag 1902 is located in the vicinity of biometric authentication point 1910 .
  • the tag 1902 can be validated.
  • biometric information associated with the user of tag 1902 can be retrieved from biometric database 1908 through a network 1906 . This information is thus prepared for eventual use at the biometric authentication point, as indicated at block 2010 .
  • the user is then biometrically challenged at the biometric authentication point, as indicated at block 2012 .
  • the user is then denied or authorized, as indicated at block 2014 , depending on the results of the biometric challenge.
  • FIG. 21 depicts a high-level flow chart 2100 of operations illustrating logical operational steps for biometrically authenticating a user, in accordance with an alternative embodiment.
  • the step of wirelessly recognizing the presence of a user near a biometric authentication point can be processed.
  • the user is preliminarily identified by wireless means.
  • a biometric template associated with the user can be retrieved, based on the preliminary wireless identification of the user.
  • the biometric template associated with the user is provided in advance to the biometric authentication point in advance of the biometric authentication.
  • the user can now be authenticated (or denied authorization), depending on the results of the biometric authentication process he or she will undergo via the biometric authentication point.

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Collating Specific Patterns (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)

Abstract

A method and system for the authentication of a user at a point of entry. Biometric data can be provided from a remote server after preliminary identification of the user based on identification information wirelessly provided from a portable electronic device carried with the user when the user is located near a point of entry, such as, for example, a border crossing or access point to a secure facility. Such a method and system can incorporate RFID tags, cellular wireless communications data and links, and/or Bluetooth communications link, etc.

Description

    CROSS-REFERENCE TO PATENT APPLICATION
  • This patent application is a continuation U.S. patent application Ser. No. 10/321,872, entitled “Random Biometric Authentication Utilizing Unique Biometric Signatures,” which was filed on Dec. 17, 2002 and is incorporated herein by reference in its entirety. This patent application therefore claims priority to the Dec. 17, 2002 filing date of U.S. patent application Ser. No. 10/321,872.
  • TECHNICAL FIELD
  • Embodiments are generally related to user biometric authentication and methods or systems for security of or through electronic systems. Embodiments are also related to electronic systems that can be secured using biometric technology. Embodiments further relate to the use of biometric data for authenticating user identity and providing secure user access to data as well as authorizing transactions.
  • BACKGROUND OF THE INVENTION
  • Security for electronic and mechanical systems has rapidly become an important issue in recent years. With the proliferation of computers, computer networks and other electronic device and networks into all aspects of business and daily life, the concern over secure file and transaction access has grown tremendously. The ability to secure data and transactions is particularly important for financial, medical, education, government, military, and communications endeavors.
  • Using passwords is a common method of providing security for electrical or mechanical systems. Password protection and/or combination type locks are employed for computer network security, automatic teller machines, telephone banking, calling cards, telephone answering services, buildings, factories, houses and safes. These systems generally require the knowledge of an entry code that has been selected by or provided to a user or has been configured in advance.
  • Pre-set codes are often forgotten, however, as users have no reliable method of remembering them. Writing down codes and storing them in close proximity to an access control device (e.g., a combination lock) results in an insecure access control system. Alternatively, the nuisance of trying several code variations generally renders the access control system more of a problem than a solution.
  • Password systems are known to suffer from other disadvantages. Usually, a user specifies passwords. Most users, being unsophisticated users of security systems, choose passwords that are relatively insecure. As such, many password systems are easily accessed through a simple trial and error process.
  • To secure access to physical areas, such as buildings, the most common building security system relied on traditionally has been a security guard. A security guard reviews identification cards and compares pictures thereon to a person carrying the card. The security guard provides access upon recognition or upon other criteria. Other building security systems use card access, password access, or another secure access approach. Unfortunately, passwords and cards have similar drawbacks when utilized for building security, particularly with computer security.
  • As computer networks are increasingly used to link remote computer systems together, applications have been developed to allow a user on a remote client computer system to access a service on a host computer system. For example, a user on a client system may be able to access information contained in a database associated with a host computer system. Unfortunately, along with increased accessibility comes increased potential for security breaches. For example, communications, including authentication, between a client system and a host system can be intercepted and tampered with while in transit over the computer network. This may allow third parties or malicious users on a client computer system to gain access to, or security codes for, a service on a host computer system without proper authorization.
  • A number of systems have been developed to ensure that users do not gain unauthorized access to host computer systems. As explained above, some systems prompt a user for passwords. Such systems may also rely on PIN numbers, before granting the user access to the host computer system. As indicated above, however, passwords and PIN numbers may be forgotten or may fall into the wrong hands. Additionally, using passwords and PIN numbers for security purposes places an additional burden on institutions because passwords or PIN numbers require additional machinery and human resources to deal with customers when customers forget passwords or PIN numbers, or when customers request that passwords or PIN numbers be changed.
  • As an alternative to traditional security approaches, such as security guards, passwords or PIN numbers, biometric authentication systems have been developed to authorize accesses to various electronic and mechanical systems. Biometrics can generally be defined as the science of utilizing unique physical or behavioral personal characteristics to verify the identity of an individual. Biometric authentication systems are typically combined with hardware and software systems for automated biometric verification or identification. Biometric authentication systems receive a biometric input, such as a fingerprint or a voice sample, from a user. This biometric input is typically compared against a prerecorded template containing biometric data associated with the user to determine whether to grant the user access to a service on the host system.
  • A biometric security access system can thus provide substantially secure access and does not require a password or access code. A biometric identification system accepts unique biometric information from a user and identifies the user by matching the information against information belonging to registered users of the system. One such biometric system is a fingerprint recognition system.
  • In a fingerprint biometric system input transducer or sensor, the finger under investigation is usually pressed against a flat surface, such as a side of a glass plate; the ridge and valley pattern of the finger tip is sensed by a sensing means such as an interrogating light beam. In order to capture an image of a fingerprint, a system may be prompted through user entry that a fingertip is in place for image capture. Another method of identifying fingerprints is to capture images continuously and to analyze each image to determine the presence of biometric information such as a fingerprint.
  • Various optical devices are known which employ prisms upon which a finger whose print is to be identified is placed. The prism has a first surface upon which a finger is placed, a second surface disposed at an acute angle to the first surface through which the fingerprint is viewed and a third illumination surface through which light is directed into the prism. In some cases, the illumination surface is at an acute angle to the first surface. In other cases, the illumination surface may be parallel to the first surface. Fingerprint identification devices of this nature are generally used to control the building-access or information-access of individuals to buildings, rooms, and devices such as computer terminals.
  • Before the advent of computers and imaging devices, research was conducted into fingerprint characterization and identification. Today, much of the research focus in biometrics has been directed toward improving the input transducer and the quality of the biometric input data. Fingerprint characterization is thus generally well known and can involve many aspects of fingerprint analysis.
  • For doorway security systems, biometric authentication systems have many known problems. For example, a user identification code, a PIN, is generally required to identify each individual in order to permit comparison of the biometric information and a single user's template. Remembering a PIN can be inconvenient and electromechanical device (e.g., keypad) needed to accept a PIN are sometimes subject to damage and failure. The device is also an additional equipment expense for a multiple entry access system.
  • Because a single processor can provide processing for several doors, for a multiple doorway system, the enterprise-side deployment of multiple equipment such as a biometric reader and a PIN entry unit will result in a significant portion of the overall system maintenance and associated cost. It would be advantageous to provide a system wherein provision of a PIN is not always necessary for identification. To date most biometric authentication systems or services rely on some form of PIN input device or a card reader, which also typically requires mechanical-mechanical operation (e.g., card swipe or slot entry) and hardware redundancy.
  • In evaluating security of biometric authorization systems, false acceptance and false rejections are sometimes evaluated as a fraction of a user population. A security system may be characterized as allowing 1 in 1,000 false acceptances or, alternatively, 1 in 1,000,000. Typically a probability distribution curve establishes a cut off for a given registration to determine what false acceptance rate this reflects. Curves of this type are exponential in nature and, therefore, for better false acceptance rates provide only nominal improvements to false acceptance rate for significant changes to a threshold value. Typically when using a biometric information sample, a low match score results in failure to authorize an individual.
  • In the past, a one-to-many search of biometric information has generally been considered undesirable because security may be compromised. For example, when a single biometric template is compared and a resulting comparison having an approximately 1/1,000,000 likelihood of false acceptance is desired, it should be clear that approximately 1/1,000,000 users may be misidentified. When, however, a forty-user system is provided with equivalent individual comparison criteria, the probability of false acceptance can escalate to 1-(0.999999)40, which is approximately 1/25,000. Whereas 1/1,000,000 is generally acceptable for many applications, 1/25,000 is likely not as acceptable. Further, as the number of individual templates grows, the rate of false acceptance increases; when 250 templates exist, a likelihood of about 1/4,000 of false acceptance exists.
  • In order to solve this problem, one might reduce the false acceptance rate to 1/10,000,000; however, this results in problems identifying some people and makes such a system inconvenient. A system of this type is unlikely to provide consistent results and therefore, requires a security guard at least at a door to provide access for those who are not identifiable to 1/10,000,000.
  • Another potential problem with the use of biometrics is related to the unauthorized interception of a digital signal or file representing a biometric (i.e., similar to unauthorized interception of passcodes/passwords). An unauthorized user may substitute a digital signal of a biometric attribute or template by bypassing biometric readers or scanners altogether. Therefore, like passwords or passcodes, use of biometrics for security purposes and user authorization, verification, and identification of data is not completely full proof.
  • Based on the foregoing, those skilled in the art can appreciate that despite the advances in biometric authentication, most biometric authentication systems are still plagued with various physical and electronic drawbacks. It is believed that the biometric methods and systems disclosed herein overcome many drawbacks known in the art.
  • BRIEF SUMMARY
  • The following summary is provided to facilitate an understanding of some of the innovative features unique to the disclosed embodiment and is not intended to be a full description. A full appreciation of the various aspects of the embodiments disclosed herein can be gained by taking the entire specification, claims, drawings, and abstract as a whole.
  • It is, therefore, one aspect of the disclosed embodiments to provide for an improved port of entry authorization method and system.
  • It is another aspect of the disclosed embodiments to provide for a method for the authentication of a user at a point of entry in coordination with biometric data and RFID components and tags.
  • The aforementioned aspects and other objectives and advantages can now be achieved as described herein. A method is disclosed for the authentication of a user at a point of entry in coordination with biometric data provided from a remote server after preliminary identification of the user based on identification information wirelessly provided from a portable electronic device carried with the user when the user is located near a point of entry. Such a method includes associating an electronic system with a point of entry, the electronic system including a biometric interface, access to a data network and wireless communications hardware wirelessly communicating with a portable electronic device carried by a user approaching the point of entry, the user seeking access through the point of entry. Such a method can also include wirelessly accessing, via the electronic system, identification information associated with the user from the portable electronic device carried with the user, utilizing the identification information provided from the portable electronic device to obtain a user profile from a remote server via the data network, the user profile including user identification information and a biometric template associated with the user, providing the identification information and the biometric template from the remote server to the point of entry in advance of an arrival of the user at the point of entry for passage through the point of entry, comparing at least one of the identification information and the biometric template with credentials carried with the user and at least one physical attribute of the user captured by the biometric interface, and authenticating the user via the electronic system and granting the user access through the point of entry, if the at least one of the identification information and the biometric template match at least one of the credentials carried with the user and the at least one physical attribute of the user captured by the biometric interface.
  • The portable electronic device carried by the user can be, for example, an RFID tag, a wireless electronic communications device (e.g., Smartphone, cell phone, etc). In some embodiments, the wireless electronic communications device can communication with the electronic system via a communications link, such as, for example, a Bluetooth communications link. In other embodiments, the wireless electronic communications device can communicate with the electronic system via, for example, a cellular communications link. The biometric interface can be for example, a camera that captures one or more physical attribute of the user. Examples of such a “physical attribute” can be, for example, an image of a face of the user captured by the camera, a fingerprint, etc. The credentials carried by the user can be, for example, an identification medium bearing a name and a photograph of the user. The biometric interface can be, in other embodiments, a biometric reader that captures from the user, at least one of fingerprint data, retinal scan data, handwriting data, voice data and facial data, etc.
  • In another embodiment, a method can be provided for the authentication of a user at a point of entry in coordination with biometric data provided from a remote server after preliminary identification of the user based on identification information provided wirelessly from an RFID tag carried with the user when the user is located near a point of entry. Such a method can include, for example, associating an electronic system with a point of entry, the electronic system including a biometric interface, access to a data network and wireless communications hardware; wirelessly communicating via the wireless communications hardware with an RFID tag carried by a user approaching the point of entry, the user seeking access through the point of entry; wirelessly accessing, via the electronic system, identification information associated with the user from the RFID tag carried with the user; utilizing the identification information provided from the RFID tag to obtain a user profile from a remote server via the data network, the user profile including user identification information and a biometric template associated with the user; providing the identification information and the biometric template from the remote server to the point of entry in advance of an arrival of the user at the point of entry for passage through the point of entry; comparing at least one of the identification information and the biometric template with credentials carried with the user and at least one physical attribute of the user captured by the biometric interface; and authenticating the user via the electronic system and granting the user access through the point of entry, if the at least one of the identification information and the biometric template match at least one of the credentials carried with the user and the at least one physical attribute of the user captured by the biometric interface.
  • In another embodiment, a system can be provided for the authentication of a user at a point of entry in coordination with biometric data provided from a remote server after preliminary identification of the user based on identification information wirelessly provided from a portable electronic device carried with the user when the user is located near a point of entry. Such a system can include, for example, a point of entry and an electronic system associated with the point of entry, the electronic system including a biometric interface, access to a data network and wireless communications hardware wirelessly communicating with a portable electronic device carried by a user approaching the point of entry. The user generally seeks access through the point of entry. The electronic system can wirelessly access identification information associated with the user from the portable electronic device carried with the user.
  • Such a system can further include a remote server that stores a user profile, wherein the identification information provided by the electronic device is utilized to obtain the user profile from the remote server via the data network, the user profile including user identification information and a biometric template associated with the user. In such a system, the identification information and the biometric template are generally provided from the remote server by the electronic system to the point of entry in advance of an arrival of the user at the point of entry for passage through the point of entry. The identification information and the biometric template are compared by the electronic system with credentials carried with the user and at least one physical attribute of the user captured by the biometric interface. In such a system, the use can be authenticated via the electronic system and granted access through the point of entry, if at least one of the identification information and the biometric template match at least one of the credentials carried with the user and one or more physical attributes of the user captured by the biometric interface. The portable electronic device carried by the user can be, for example, an RFID tag, a wireless electronic communications device, etc. The wireless electronic communications device can communicate with the electronic system via, for example, a Bluetooth communications link or a cellular communications link.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • The accompanying figures, in which like reference numerals refer to identical or functionally-similar elements throughout the separate views and which are incorporated in and form a part of the specification, further illustrate the embodiments and, together with the detailed description of the invention, serve to explain the principles of the embodiments.
  • FIG. 1 depicts a block diagram illustrating components of an electronic system associated with a database containing biometric attributes in which embodiments can be implemented;
  • FIG. 2 illustrates a diagram illustrating client computer systems coupled to host systems through a network in which embodiments can be implemented;
  • FIG. 3 illustrates a block diagram illustrating some of the functional components within the client computer system depicted in FIG. 2, which can be utilized to implement an embodiment;
  • FIG. 4 depicts a diagram illustrating biometric attributes and a user profile, which can be utilized in accordance with the disclosed embodiments;
  • FIG. 5 illustrates a flow chart of logical operations depicting operations for authenticating a user in accordance with the disclosed embodiments;
  • FIG. 6 depicts a flow chart illustrating additional operations for authenticating a user in accordance with the disclosed embodiments;
  • FIG. 7 illustrates a system that includes a portion of a user interface that can be implemented in accordance with an alternative embodiment;
  • FIG. 8 depicts a system that includes a portion of an alternative user interface that can be implemented in accordance with an alternative embodiment;
  • FIG. 9 depicts illustrates a system that includes a portion of an alternative user interface that can be implemented in accordance with an alternative embodiment;
  • FIG. 10 illustrates a pictorial representation of a biometric authentication system, which can be implemented in accordance with an alternative embodiment;
  • FIG. 11 depicts a block diagram illustrating a skin detection apparatus, which can be utilized in accordance with an alternative embodiment;
  • FIG. 12 illustrates a block diagram illustrating a skin detection apparatus, which can be utilized in accordance with an alternative embodiment;
  • FIG. 13 depicts a block diagram illustrating a skin detection apparatus, which can be utilized in accordance with an alternative embodiment;
  • FIG. 14 illustrates a pictorial diagram of a biometric authentication system, which can be implemented in accordance with an alternative embodiment;
  • FIG. 15 depicts a high-level flow chart of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment;
  • FIG. 16 illustrates a high-level flow chart of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment;
  • FIG. 17 depicts a high-level flow chart of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment;
  • FIG. 18 illustrates a high-level flow chart of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment;
  • FIG. 19 depicts a system for biometrically authenticating a user in association with a wireless identification tag, in accordance with an alternative embodiment;
  • FIG. 20 illustrates a high-level flow chart of operations illustrating logical operational steps for biometrically authenticating a user in association with a wireless identification tag, in accordance with an alternative embodiment; and
  • FIG. 21 depicts a high-level flow chart of operations illustrating logical operational steps for biometrically authenticating a user, in accordance with an alternative embodiment.
  • DETAILED DESCRIPTION
  • The particular values and configurations discussed in these non-limiting examples can be varied and are cited merely to illustrate at least one embodiment and are not intended to limit the scope thereof.
  • FIG. 1 depicts a block diagram illustrating components of an electronic system 12 associated with a database or memory containing biometric attributes 14, in which embodiments can be implemented. Database 14 can be linked or integrated with electronic system 12 and can include at least one user profile 15 containing biometric templates (i.e., samples) of biometric attributes provided previously by particular users. Electronic system 12 can interact with and communicate with a variety of devices and mechanical systems.
  • Electronic system 12 can, for example, communicate with a computer workstation 24. In such an example, electronic system 12 can be configured as a remote computer network (e.g., the Internet), or a dedicated computer network (e.g., Intranet, WLAN, LAN, etc.) operating within a particular organization, business or institution. Electronic system 12 can also be configured to communicate with electromechanical systems, such as entry hardware of a secure building 22. A user can access electronic system 12 to secure entry to secure building 22. In some applications, electronic system 12 can be configured as electronics associated with or resident within the user interface (e.g., typical of non-networked systems, such as secure entries).
  • Additionally, electronic system 12 can be configured to communicate with an Automatic Teller Machine (ATM) 20 and/or point of sale. A user attempting to retrieve cash through ATM 20 can be required to authentication his or her identification, based on previously stored biometric attributes contained within database 14 and/or user profile 15. Database 14 and user profile 15 can function as a biometric broker that communicates as a third-party service with various mechanical systems and other devices through electronic system 12. Electronic system 12 can also enable communication with a financial institution 18 and wireless device 16.
  • In order to communicate with wireless device 16, electronic system 12 can be configured as part of a wireless network. A wireless device 16 can be, for example, a wireless telephone or a wireless hand held device that can communicate with wireless networks to send and receive data. Wireless device 16 can be, for example, a Wireless Application Protocol (WAP) enabled communications device configured to authenticate the identity of a user through a biometric scanner integrated with or attached to the wireless device.
  • FIG. 2 illustrates a diagram illustrating client computer systems 32, 34, and 36 coupled to host computer systems 48, 40, and 42 through a network 30, in which embodiments can be implemented. Network 30 can be any communication channel through which computer systems can communicate. This includes, but is not limited to, local area networks, such as Ethernet or Token ring, and wide area or remote computer networks, such as the Internet and World Wide Web, well known in the networking arts.
  • Network 30 can also be implemented as a wireless network through which wireless devices, such as wireless device 16 of FIG. 1, can communicate with other devices and other systems. A client, such as client systems 32, 34, and 36 can be any node on a computer network including computational capability and including a mechanism for communication across network 30. Human users 33, 35, and 37 can operate client systems 32, 34, and 36, respectively. A host, such as host systems 48, 40 and 42, can be any node on a computer network including a mechanism for servicing requests from a client for computational or data storage resources. Hosts can also be implemented as servers.
  • Host systems 48, 40 and 42 can be coupled to biometric broker 44. Biometric broker 44 can be implemented as a centralized repository for storing biometric attributes (i.e., biometric data), such as fingerprint data. Biometric broker 44 can also be configured as an entity that obtains biometric data form a variety of biometric databases operated by different entities and organizations, and utilizes such information for authentication purposes. FIG. 4, which will be further described herein, lists examples of biometric data that can be utilized in accordance with the disclosed embodiments. Biometric broker 44 can also include a mechanism for managing the biometric attributes stored as data, and can additionally include a mechanism for implementing security policies for the biometric attributes. Such policies can require specific levels of authentication for different groups of users, or for access to different servers.
  • Biometric brokers 44 can be implemented in any number of forms. In one possible embodiment, biometric broker 44 can be implemented as a node on network 30, which communicates with host systems 48, 40, and 42 across network 30. In another possible embodiment, biometric broker 44 can be located on a host, such as host system 48.
  • The example illustrated in FIG. 2 can operate generally as follows. A user, such as user 33, works on a client, such as client system 32. User 33 requests access to resources on host system 48 across network 30. In response to this request, host system 48 attempts to authenticate user 33. In doing so, host system 48 requests a biometric attribute (i.e., biometric data) from biometric broker 44. Biometric broker 44 returns a biometric attribute or biometric template, which can be compared against sample biometric attribute(s) randomly collected from user 33. This comparison can take place at a number of locations, including at client system 32, at host system 48 or at biometric broker 44. If the sample biometric attribute collected from user 33 matches the biometric attribute retrieved from biometric broker 44, user 33 can be permitted to access resources on host system 48.
  • Providing a centralized authentication service such as biometric broker 114 has a number of advantages. One advantage is generally that centralized revocation can be supported. For example, an employee in an organization typically has access to a number of different resources on a number of different host systems. When this employee leaves the organization, it often takes a long time to explicitly revoke the employee's access rights on all host systems. Under a centralized revocation scheme, such revocation only needs to take place once at the centralized revocation service since the disparate host systems always look to the centralized revocation service to authenticate a user.
  • FIG. 3 illustrates a block diagram illustrating some of the functional components within client computer system 32 that can be utilized to implement an embodiment. Note that in FIGS. 2 and 3 identical parts are represented by identical reference numerals. As mentioned above, client system 32 can be any node on a computer network including computational capability and including a mechanism for communication across network 30. In the illustrated embodiment, client system 32 includes user interface 62, networking code 64 and adapter 66. These functional components can be implemented in software running on, for example, a client CPU. User interface 62 provides a mechanism through which user 33 can operate client system 32. Networking code 64 can include a library of functions, which allow client system 32 to communicate across network 30. In some embodiments, adapter 66 can be configured to include a collection of functions that implement the client portion of a biometric authentication system.
  • Adapter 66 can communicate with sealed hardware unit 58, which can be utilized to perform biometric authentication functions. In the example illustrated in FIG. 3, sealed hardware unit 58 can be encased in a sealed insulating layer, which prevents a malicious user of client system 32 from monitoring the computational operations performed within sealed hardware unit 58. This can prevent a malicious user from improperly gaining access to host system 48, even if the malicious user has the power to modify hardware and software resources on client system 32. The circuitry inside sealed hardware unit 58 can be encased in the insulating layer in such a manner that any attempt to cut through the insulating layer to monitor the circuitry is likely to render the circuitry inoperable. Of course, such features are presented herein for illustrative purposes only and should not be interpreted as limiting features of the disclosed embodiments.
  • Sealed hardware unit 58 can include a CPU 50, which can be any type of computational engine that can be used to perform the computational and logical operations involved in biometric authentication. Sealed hardware unit 58 can additionally include threshold storage 52 and key storage 54. Threshold storage 52 can be utilized as a memory location for storing threshold values indicating how closely a biometric attribute take as a biometric sample from a user must match a biometric attribute retrieved from a database through biometric broker 44, in order to allow the user to access the host system. Key storage 54 can store at least one encryption key that can be used to encrypt messages or computer checksums for communications across network 30.
  • Sealed hardware unit 58 can communicate with scanner 60, which can be utilized to take a biometric sample (i.e., biometric attribute) from user 33. This biometric attribute can be any type of biometric measurement of user 33. This includes, but is not limited to, fingerprint data, retinal scan data, handwriting data, voice data (e.g., a voice print), and facial data (e.g., a face scan). Note that the biometric attributes stored as data within a database, such as biometric database 14 and/or user profile 15 of FIG. 1, can be stored as a template or “biometric template”.
  • The components illustrated in FIG. 3 can operate as follows. User 33 initiates the biometric authentication process by seeking access to resources on a host system, such as host system 48 of FIG. 2, through user interface 62. This causes authentication code within adapter 66 to initiate communications with host system 48 (i.e., host system 48 illustrated in FIG. 2). This authentication code within adapter 66 can additionally initiate operations within sealed hardware unit 58 to gather a biometric attribute as a biometric sample from user 33 through scanner 60. These authentication operations are described in more detail below with reference to the flow charts in FIGS. 5 and 6.
  • FIG. 4 depicts a diagram illustrating biometric attributes and a user profile 82, which can be utilized in accordance with the disclosed embodiments. Elements of user profile 82 in FIG. 4 can be analogous to user profile 15 of FIG. 1. Biometric attributes 80 can include fingerprints, voiceprints, retinal and iris information, hand geometry, facial information, and signatures. Thus, biometric authentication can be based on a variety of possible biometric measurements. A user profile 82 of a particular user will thus include one or more of the aforementioned biometric attributes. Such biometric attributes are utilized to verify the identity of the user.
  • Typical biometric measurements, which can be utilized to authenticate identity, include fingerprint verification. Fingerprint images contain a large amount of information and therefore has a reliable and inherent accuracy. Fingerprint identification is generally well known in the biometric arts and has been utilized since the 1800's by law enforcement agencies to assist law enforcement officers in criminal investigations.
  • Hand geometry can also be utilized to measure the physical characteristics of a user's hands and fingers. Hand geometry biometric authentication has traditionally been utilized for physical access control and time/attendance systems. Hand geometry has traditionally been limited to verification (i.e., one-to-one comparisons) rather than identification (one-to-many comparisons. Hand geometry systems do not measure or capture finger or palm prints, but can reliably measure the physical characteristics of an individual's hands from a three dimensional perspective.
  • Voice recognition is known as another important technique for identify users. In voice recognition systems, a voiceprint is obtained from a user and stored as biometric attributes for later user identification. It is generally well known in the biometric arts that an individual's voice contains unique wavelength sound characteristics. Such characteristics can be analyzed and stored as biometric data.
  • Retinal scanning is another biometric measurement technique that can be utilized in accordance with the disclosed embodiments. Retinal scanning is generally based on a biometric measurement process that maps the structure of veins at the back of individual's eye. Retinal scanners typically send a beam of concentrated light into the eye. Retinal scanners, however, employ low intensity light for measuring the retina characteristics associated with an individual.
  • Iris scanning is another biometric measurement technique that can be utilized in accordance with the methods and systems disclosed herein. Iris scanning, well known in the biometric arts, scans unique random patterns of an individual's iris. Such a measurement method does not rely on the iris color. Iris scanning is generally based on the fact that the color portion of the eye that surrounds the pupil contains patterns that are unique to each individual. An individual's physical signature is another important biometric attribute that can be utilized to verify the identity of an individual. Signature verification can be readily utilized with the other biometric measuring techniques utilized above.
  • Facial recognition can be utilized in accordance with the disclosed embodiments to enhance biometric authentication. In facial recognition techniques, a facial scan of an individual is taken and stored as data which can later be compared against a user's most recently provided facial scan to confirm or deny user identity. In typical facial scan systems, a user steps in front of a digital camera, which captures an image of the user's face. Associated software captures the image and creates a facial template.
  • Some facial recognition software currently in use relies on Local Feature Analysis (LFA) to measure the size and shape of features around the eyes or center of the face captured in the image, along with the width of the bridge of the nose or distance form the nose to each eye. Such software relies on features that are not statistically change altered to weight gain or loss, aging, facial hair growth and so forth.
  • An example of a facial recognition system that uses facial recognition software is software, which functions with simple digital Web cameras to verify a user's identity for access to computers and associated computer network. Other biometric attributes are not shown in FIG. 4, but those skilled in the art can apply equally to the practice of the disclosed embodiments. Such biometric attributes can include a palm print, ear shape, ear canal acoustic properties, DNA, keystroke (e.g., typing rhythm), and body odor.
  • FIG. 5 illustrates a flow chart 100 illustrating operations for authenticating a user, in accordance with an embodiment. The process can be initiated as indicated at block 102. A user transaction can be initiated with an electronic system, as depicted thereafter at block 104. Such an electronic system can, for example, be configured as an ATM and/or point of sale linked to a computer network that communicates with a biometric broker, such as biometric broker 44 of FIG. 2.
  • As explained previously, such a biometric broker can be composed of a database containing biometric attributes and/or a user profile integrated with or in communication with the database. The user profile contains previously store biometric attributes of a particular user. A user during enrollment can provide biometric attributes. During such an enrollment stage, samples of designated biometric attributes can be acquired. One or more unique features of the samples can then be configured to form a biometric template of one or more biometric attributes for subsequent comparison purposes.
  • As depicted next at block 106, the user is requested by the electronic system to provide at least one biometric attribute. The operation described at block 106 is based on random factors. In the operation depicted at block 106, the user is prompted to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user. User input of a biometric attribute can be based on this random selection. Thereafter, as illustrated at block 108, the user provides to the electronic system, the biometric attributes randomly selected by the electronic system from the user profile.
  • As described next at block 110, a comparison can be made between the random biometric attribute(s) selected by the electronic system from the user profile and the biometric attributes input by the user to a biometric scanner. If a match does not occur, then the process can be repeated, for example, beginning with the operation depicted at block 104. Alternatively, the process can begin, as indicated at block 106 where the user session has not been terminated.
  • If a match does occur, then as depicted at block 112, the user can be permitted to perform a user-desired activity such as, for example, performing financial transactions. If a biometric attribute input by the user to the electronic system does not match one or more of the biometric attributes randomly selected from the user profile associated with the user after, for example, three attempts, the user is not permitted to perform user-desired activities or transactions.
  • FIG. 6 depicts a flow chart 130 illustrating additional logical operations for authenticating a user, in accordance with another embodiment. The process can be initiated, as indicated at block 132. Thereafter, as illustrated at block 134, a user can initiate a transaction with an electronic system via submission of a single biometric attribute. This single biometric attribute can be provided via, for example, a fingerprint provided by the user through a fingerprint scanner integrated with the electronic system.
  • This single biometric attribute can also be provided via a smart card that is receivable by, or in association with, the biometric system. Biometric attributes can be previously stored within a memory location contained within the smart card for later retrieved (e.g., read or scanned by an electronic system at a point of sale or ATM) for user authentication or verification purposes using biometric methods taught herein. Smart cards are generally known in the art to appear as credit card sized plastic cards with an embedded computer chip. The chip can either be a microprocessor with internal memory or a memory chip with non-programmable logic. The chip connection can be configured via direct physical contact or remotely through a contactless electromagnetic interface.
  • Smart cards can be generally configured as either a contact or contactless smart card, or a combination thereof. A contact smart card requires insertion into a smart card reader with a direct connection to, for example, a conductive micromodule on the surface of the card. Such a micromodule can be generally gold plated. Transmission of commands, data, and card status takes place through such physical contact points.
  • A contactless card requires only close proximity to a reader. Both the reader and the card can be implemented with antenna means providing a contactless link that permits the devices to communicate with one another. Contactless cards can also maintain internal chip power or an electromagnetic signal, such as RF tagging technology, which is discussed in more detail herein with respect to FIGS. 19 and 20. Two additional categories of smart codes, well known in the art, which are based on contact and contactless cards are the so-called Combi cards and Hybrid cards.
  • A Hybrid card generally can be equipped with two chips, each with a respective contact and contactless interface. The two chips are not connected, but for many applications, this Hybrid serves the needs of consumers and card issuers. The Combi card can be generally based on a single chip and can be generally configured with both a contact and contactless interface.
  • Chips utilized in such smart cards are generally based on microprocessor chips or memory chips. Smart cards based on memory chips depend on the security of the card reader for their processing and can be utilized when low to medium security requirements. A microprocessor chip can add, delete and otherwise manipulate information in its memory. Microprocessor-based memory cards typically contain microprocessor chips with 8, 16, and 32 bit architectures.
  • When a transaction is initiated with a biometric attribute, the user can input a single biometric attribute at the request of, or to initiate, the electronic system. The electronic system can be, for example, an ATM machine equipped with a biometric scanner. The biometric scanner can be configured with, for example, iris scanning, retinal scanning, and fingerprint scanning capabilities. The user can, for example, provide his or her left thumbprint, if requested by the electronic system, to initiate a transaction utilizing the electronic system. Following user input of a single biometric attribute, a user profile can be retrieved by the electronic system based on the input of a single user biometric attribute, such as a fingerprint. Again, retrieval can be from a server, electronic system memory, or portable device memory (e.g., smart card or other electronic hand held device)
  • The user selects a desired user-activity at an interface associated with the electronic system, as indicated at block 138, and thereafter, as illustrated at block 140, the user can be requested by the electronic system to provide at least one biometric attribute via random selection of such an attribute by the electronic system from the user's template/profile. Biometric attributes are thus randomly selected from the user profile associated with the user. The user must then provide the electronic system with biometric attributes that match the biometric attributes randomly selected from the user profile, as indicated at block 142.
  • If a biometric attribute input by the user through an interface and biometric scanner associated with the electronic system does not match the biometric attributes randomly selected from the user profile, the user can be requested again, as indicated at block 140. If, however, a match is made, then the user can be permitted to perform the user-desired activity, such as accessing secure data or entry to a secure building, as illustrated at block 146. The process then terminates, as indicate at block 148.
  • FIG. 7 depicts a system 200, which can include a user interface 202 that can be implemented in accordance with the disclosed embodiments. In the drawing illustrated in FIG. 7, user interface 202 is shown, for example, at three different moments in time. User interface 202 can be analogous to user interface 64 of FIG. 3. Those skilled in the art can appreciate that a user interface 202 can be of many forms depending on the type of biometric sample being requested, obtained and/or utilized. It can be appreciated by those skilled in the art that user interface 202 can be implemented in the context of a hardware unit which communicates with one or more electronic systems (e.g., a building security systems, PDA, laptop computer, computer network, wireless communications network, etc.).
  • As indicated previously, a user can be requested by an electronic system to provide one or more biometric samples for authentication purposes. Biometric samples can be of different types described herein (e.g., voice, fingerprint, eye, etc.). The user can be prompted to input biometric samples randomly selected by the electronic system from a user profile containing biometric attributes previously obtained from the user. User interface 202 can be integrated with, for example, an ATM machine, or a secure door that accesses a secure area, such as a government building or military complex. In the example depicted in FIG. 7, user interface 202 includes an iris scanner 208 and a fingerprint scanner 206. Finger print scanner 206 can be integrated with a display area 204, which can also be integrated with iris scanner 208.
  • Input of a biometric attribute by a user to interface 202 can be based on the random selection of a biometric attribute from a user profile. The number of biometric attributes requested from a user can also be based on a random number. For example, during one authentication session, a user can be requested to provide a left index fingerprint and a left iris scan. During another authentication session, the same user can be required to provide a left index fingerprint, followed by the fingerprint of his or her right middle finger, and immediately thereafter, an iris scan of a left eye, or perhaps, a right eye.
  • The selection of biometric attributes from the user profile can thus be based on a random selection. The number of required biometric samples that a user can be required to input can also be a random number. Those skilled in the art will appreciate, however, that the number of biometric attributes required to be input by a user will likely be a limited number. Thus, a user can be required to input only three biometric attributes during one authentication session, two biometric attributes during another authentication session, and five biometric attributes during another biometric session.
  • Those skilled in the art can also appreciate that other biometric scanning devices can also be integrated with the user interface 202, such as, for example, a retina scanner, palm scanner, voice print scanner, and so forth. Thus, the example illustrated in FIG. 7 should not be interpreted as limiting the invention. The drawing illustrated in FIG. 7 merely represents a possible embodiment.
  • FIG. 8 depicts a system 220 that can include an alternative user interface 222 that can be implemented in accordance with the disclosed embodiments. User interface 222 can communicate with or be integrated with an electronic system, such as an ATM machine or point of sale. User interface 222 can be integrated with a microphone 230 that can receive a voiceprint from a user. User interface 222 can also be integrated with a fingerprint scanner 228 that captures fingerprints as biometric data from users. Additionally, user interface 222 can include a camera 226 that functions for iris, retinal, and facial scanning purposes.
  • Note that system 220 generally illustrates first, second and third biometric attribute input stages. During a first biometric attribute input stage, a user can be prompted through a display unit 231 to input his or her name or other word or phrase (or other information). The user merely speaks his or her name, for example, into microphone 230. During a second biometric attribute input stage, the user can be requested to input his or right hand thumbprint. Finally, during a third biometric attribute input stage, the user can be requested to provide a biometric sample of his or right eye, which can be scanned as a retina or iris biometric attribute of the user. Alternatively, the user can be asked to provide a facial scan, in which case, camera 226 captures a facial image of the user for biometric authentication purposes.
  • FIG. 9 illustrates depicts a biometric authentication system 240, which includes an alternative user interface 244 that can be implemented in accordance with an alternative embodiment. Note that in FIGS. 8 and 9, similar, analogous or identical parts or features are indicated by identical reference numerals. Thus, as indicated in FIG. 9, user interface 244 can communicate with or be integrated with an electronic system, such as an ATM machine or point of sale. System 240 can include user interface 244 in the context of a standalone hardware unit or in association with an electronic system, such as an ATM machine, point of sale, computer network, wireless network, stand-alone laptop computer, etc. User interface 244 can be associated with and/or integrated with a fingerprint scanner 228 that captures fingerprints as biometric data from users. Additionally, user interface 244 can include a camera 226 that functions for iris, retinal, and facial scanning purposes. User interface 244 can also be associated with and/or integrated with a skin sensor 242, which senses the unique optical properties of the skin of an individual user.
  • FIG. 9 illustrates first, second and third biometric attribute input stages. During a first biometric attribute input stage, a user can be prompted through a display unit 231 to input a skin sample. Skin sensor 242 performs a measurement and/or analysis of a skin sample, which identifies the user. During a second biometric attribute input stage, the user can be requested to input his or right hand thumbprint. Finally, during a third biometric attribute input stage, the user can be requested to provide a biometric sample of his or right eye, which can be scanned as a retina or iris biometric attribute of the user. Alternatively, the user can be asked to provide a facial scan, in which case, camera 226 captures a facial image of the user for biometric authentication purposes.
  • A variety of types of skin sensors can be utilized for sensing the biometric properties of an individual's skin. One example of a skin sensor that can be utilized in accordance with an alternative embodiment is disclosed in U.S. Patent Application No. 2002/0183624A1, “Apparatus and Method of Biometric Determination Using Specialized Optical Spectroscopy Systems,” which published on Dec. 5, 2002, and which is incorporated herein by reference.
  • U.S. Patent Application No. 2002/0183624A1 generally discloses devices and methods for performing biometric determinations using optical spectroscopy of tissue. Such biometric determinations can include the determination or verifications of identity, estimation of age, estimation of sex, determination of sample liveness and sample authenticity. Such devices are based upon discrete light sources such as light emitting diodes, laser diodes, vertical cavity surface emitting lasers (VCSELs), and broadband sources with multiple narrow-band optical filters. The multiple light sources can be encoded in a manner that the tissue response for each source can be efficiently measured. The light sources are spaced at multiple distances from a detector to contribute differing information to the biometric determination task as do light sources with different wavelength characteristics.
  • U.S. Patent Application No. 2002/0183624A1 also disclose devices that incorporate a spectral biometric sensor with a personal electronic device such as cellular telephones, personal digital assistants, wristwatches, electronic fobs for the purpose of providing secure biometric access to protected property. It can be appreciated by those skilled in the art that U.S. Patent Application No. 2002/0183624A1 is not considered a limiting feature of the disclosed embodiments, but is instead referenced herein for general illustrative and edification purposes only.
  • FIG. 10 illustrates a pictorial representation of a biometric authentication system 1000, which can be implemented in accordance with an alternative embodiment. Biometric authentication system 1000 includes a biometric authentication unit 1002, which can be utilized to biometrically authenticate a user based on an individual's fingerprints and/or a skin analysis. A fingerprint scanner 1004 can be associated with and/or integrated with a skin sensor 1006. Skin sensor 1006 can be, for example, a type of skin sensor as disclosed in U.S. Patent Application No. 2002/0183624A1. Skin sensor 1006 can thus be generally configured as system or device for collecting spectral information from tissue for performing biometric tasks Such a system or device can include a plurality of discrete light sources, means for directing light into the tissue, means for detecting light that substantially passed through sub-surface tissue, a means for recording and storing resulting detector signals, and a means for processing resulting spectral data to perform a biometric determination.
  • A user can place his or her fingertip at fingerprint scanner 1004. A fingerprint can then be sensed either alone or in concert with skin sensor 1006 (i.e., a skin detection apparatus), which detects skin properties for biometric authentication thereof. Fingerprint scanner 1004 can be optionally configured such that the entire fingerprint of an individual scan or only a portion, as indicated by arrow 1008, in concert with skin sensor 1006. System 1000 generally comprises three features as indicated at block 1110, including pattern recognition (i.e., fingerprint scanning), and/or skin sensing (i.e., illumination/detection of skin) and/or in concert with a random challenge, which is discussed in detail herein. Skin sensor 1006 is generally analogous to skin sensor 242 of FIG. 9, but can be configured with different features, which are illustrated in more detail in FIGS. 11 to 13 herein.
  • FIG. 10 thus generally illustrates system 1000 for the random biometric authentication of a user utilizing unique biometric attributes associated with the user. System 1000 can additionally be configured to include a plurality of modules 1032. Such modules can be configured as software modules, as described in further detail herein. Modules 1032 can include a random challenge module 1034 for challenging a user to provide at least one randomly selected biometric attribute, a comparison module 1036 for automatically comparing the at least one randomly selected biometric attribute to a plurality of biometric attributes of the user contained in a user profile; and an authentication module 1038 for authenticating the user in association with skin sensor 1006 for analyzing the issue of the user for one or more tissue biometric attributes associated with the user.
  • Authentication module 1038 can authenticate the user of one or more randomly selected biometric attributes input by the user matches at least one of the plurality of biometric attributes of the user contained in the user profile and if the tissue biometric attribute of the user matches at least one tissue biometric attribute of the user contained in the user profile. Modules 1032 are processible via a microprocessor 1040, which can be associated with and/or integrated with biometric authentication unit 1002. Additionally, such modules 1032 can be stored within a memory location (not shown), which can also be associated with and/or integrated with biometric authentication unit 1002.
  • FIG. 11 depicts a block diagram illustrating a skin detection apparatus, which can be utilized in accordance with an alternative embodiment. Skin sensor 1006 indicated in FIG. 11 can be composed of two portions, a detector 1012 and a light source 1014. Light from light source 1014 is transmitted to a portion of an individual's skin, which is illuminated thereof for detection and analysis (e.g., spectroscopy) by detector 1012. Note that in FIGS. 10 to 14 herein like or analogous parts are indicated by identical reference numerals. Thus, FIG. 12 illustrates a block diagram illustrating a skin detection apparatus, which can be utilized in accordance with an alternative embodiment.
  • Additionally, FIG. 13 depicts a block diagram illustrating a skin detection apparatus, which can be utilized in accordance with an alternative embodiment. In FIG. 12, a VCSEL 1016 can be utilized as a light source, while in FIG. 13, a photodiode can be utilized as a light source. It can be appreciated that other types of light sources (e.g., a laser light source) can also be implemented in accordance with alternative embodiments.
  • FIG. 14 illustrates a pictorial representation of a biometric authentication system 1200, which can be implemented in accordance with an alternative embodiment. The biometric authentication system 1200 of FIG. 14 is generally analogous to the biometric authentication system 1000 depicted in FIG. 10, the difference being that additional sensors 1020, 1022 and 1024 can also be utilized in association with fingerprint scanner 1004 and skin sensor 1006. Sensors 1020, 1022 and 1023 can be the same type of sensor as skin sensors 1006, or one or more of these additional sensors can be used to obtain a biomedical attribute in accordance with an alternate embodiment.
  • Where all four sensors 1006, 1020, 1022 and 1023 are skin sensors, the interface allows a biometric system to obtain distributed illumination sample over a broader area of a user's finder. More than one sample enables a system to obtain better results through redundancy. The results of several sensors can processed by a system by averaging plural samples, or by using different wavelengths of light to test the skin. A processor associated with the sensor can determine authentication using a broader range of criteria using more than one sensor, especially when combined with a fingerprint scanner 1004.
  • Where any of sensors 1020, 1022 and 1023 are biomedical sensors, the system can be provided with biomedical data from the specimen (e.g., user's finger), such as pulse and heart rate. Obtaining pulse and heart rate reading can be useful to verify whether the specimen being read is alive. Although the prior art uses data obtained from photo-illumination of the skin to determine if the skin is associated with a live person, it should be appreciated that a specimen, such as an amputated finger, may not show signs that can be associated with death until several minutes, which leaves enough time for an unauthorized user to gain access to an electronic system using prior art fingerprint scanners. When a specimen, however, is tested for biomedical readings, such as pulse with a sensor that is associated with the fingerprint reader, the system can determine whether the specimen is associated with a live person. Given the foregoing teaching, one skilled in the art can appreciate that sensors 1006, 1020, 1022 and 1023 can be deployed on fingerprint scanner 1006 as a combination of skin illumination and biomedical sensors.
  • It should also be appreciated based on the present teaching that a system, similar to that illustrated in FIG. 10 with a skin sensor 1006, could also be provided that incorporates a biomedical sensor together with a fingerprint scanner as a single interface. Finally, with respect to the present alternate teaching and embodiment, when interpreted in light of illustrations in FIGS. 10 and 14, it should be appreciated that a hardware interface as described can be useful for carrying out simple biometric authentication methods where the user is not challenged or required to provide random biometrics. A device that is physically layered with at least two different types of biometric input sensors/readers would be generally useful in the field of biometrics. The present teaching can also be implemented, although not shown, in an interface that combines at least two biometric measurement layered into a single interface, such as: hand geometry, fingerprint, biomedical, skin illumination.
  • Those skilled in the art will appreciate that the methods, devices and techniques and systems described herein can be implemented in the context of associated systems for performing tasks resulting from the processing of such methods. Embodiments can thus be configured as a system for biometrically securing access to an electronic system. Such a system can include modules thereof. A module, in software use, is generally a collection of routines and data structures that performs a particular task or implements a particular abstract data type. Module typically are composed of an interface, which lists the constants, data types variables, and routines that can be accessed by other modules or routines, and an implementation, which can be accessible only by the module. The implementation contains the source code that actually implements the routines in the module.
  • Thus, the method and system described herein can include a module for prompting a user to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user. Additionally, the system can include a module for permitting the user to perform a user-desired activity if at least one biometric attribute input by the user to the electronic system matches the at least one biometric attribute randomly selected from the user profile. Of course, hardware described herein can be used without regard to random challenges as discussed previously.
  • The user profile can be accessed from a server and/or memory through the electronic system. The user profile can also be accessible from a biometric broker through the electronic system over a secure network connection. Additionally, one or more biometric attributes can be obtained from the user for compilation in a user profile. The user profile is generally stored in a location accessible by at least one electronic system. The user can generally be permitted to modify the user profile, in response to approval by the system or an administrator.
  • Such a system can also include a module for comparing at least one biometric attribute input by the user to the electronic system with the at least one biometric attribute randomly selected from the user profile. Additionally, such a system can include a module for subsequently prompting a user to input to the electronic system at least one additional biometric attribute randomly selected from the user profile, if at least one biometric attribute previously input by the user to the electronic system does not match the at least one biometric attribute randomly previously selected from the user profile.
  • In such a system, the electronic system can be configured as one or more wireless devices that operate with a wireless network. The electronic system can also be configured as one or more computer workstations operable over an associated network. The electronic system can include an automated teller machine, or a secured entry system to a secured environment. The electronic system can simply be a wireless network or a computer network, or a combination thereof. The electronic system can also be a wireless device.
  • Such a system can also include a module for identifying at least one defective biometric attribute associated with the user. The user can be prompted to input to the electronic system at least one additional biometric attribute randomly selected from a user profile containing biometric attributes of the user. The user-desired activity can comprise activities, such as, for example, a financial transaction, an ATM transaction, access to a secure area, or access to data from the electronic system. The user-desired activity can also simply comprise the execution of a mechanical activity.
  • Alternatively, a system for biometrically securing access to an electronic system can include a module for prompting a user to input to the electronic system at least two biometric attributes randomly selected from a user profile containing biometric attributes of the user. Such an alternative system can also include a module for permitting the user to perform a user-desired activity, if biometric attributes input by the user to the electronic system matches the at least two biometric attribute randomly selected from the user profile.
  • FIG. 15 depicts a high-level flow chart 1500 of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment. As indicated at block 1502, a biometric authentication system, such as, for example, biometric authentication system 1000 or 1200, can be activated. As indicated previously, such a biometric authentication system can be configured to include, for example, a fingerprint scanner 1004 associated with a skin sensor 1006 (and/or skin sensors 1020, 1022 and/or 1024).
  • As illustrated thereafter at block 1504, a fingerprint of a user is scanned utilizing fingerprint scanner 1004. Next, as depicted at block 1506, a skin sensor 1006, either alone or in association with sensors 1020, 1022, and/or 1024 analyzes a portion of skin on the user's finger. Next, as illustrated at block 1508, the user's fingerprint is matched with/or against a user profile associated with the user. The user profile can be stored within a database associated with a biometric authentication system 1000 or 1200. The database can also be stored remotely at a server in communication with such the biometric authentication system 1000 or 1200. User authentication can then take place, as depicted at block 1510.
  • FIG. 16 depicts a high-level flow chart 1600 of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment. As indicated at block 1602, a biometric authentication system, such as, for example, biometric authentication system 1000 or 1200, can be activated. As indicated previously, such a biometric authentication system can be configured to include, for example, a fingerprint scanner 1004 in layered or integrated associated with another sensor (e.g., skin sensor 1006 and/or skin or biomedical sensors 1020, 1022 and/or 1024).
  • As illustrated thereafter at block 1604, the user can be randomly challenged to provide a fingerprint. For example, the user can be randomly challenged to provide a fingerprint from his or left index finger. Such a random challenge can also include subsequent random challenges. For example, the user can be randomly challenged to provide a fingerprint of his or her right thumb. Thus, the user places his or finger on the fingerprint scanner 1004 as illustrated at block 1606 and thereafter, as indicated at block 1608, the fingerprint can be scanned utilizing fingerprint scanner 1004.
  • Thereafter, as depicted at block 1610, a skin sensor 1006, either alone or in association with sensors 1020, 1022, and/or 1024 analyzes a portion of skin on the user's finger and/or pulse. Next, as illustrated at block 1508, the user's fingerprint is matched with/or against a user profile associated with the user. The user profile can be stored within a database associated with the biometric authentication system 1000 or 1200. The database can also be stored remotely at a server in communication with such the biometric authentication system 1000 or 1200. User authentication can then take place, as illustrated at block 1614.
  • FIG. 17 depicts a high-level flow chart 1700 of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment. As indicated at block 1702, a biometric authentication system, such as, for example, biometric authentication system 1000 or 1200, can be activated. As indicated herein, such a biometric authentication system can be configured to include, for example, a fingerprint scanner 1004 associated with a skin sensor 1006 (and/or skin sensors 1020, 1022 and/or 1024).
  • As illustrated thereafter at block 1704, a skin sensor 1006, either alone or in association with sensors 1020, 1022, and/or 1024 analyzes a portion of skin on the user's finger. Thereafter, as indicated at block 1706, the user is randomly challenged to provide a fingerprint. For example, the user can be randomly challenged to provide a fingerprint from his or left index finger. Such a random challenge can also include subsequent random challenges. For example, the user can be randomly challenged to provide a fingerprint of his or her right thumb. Thus, the user places his or finger on the fingerprint scanner 1004 as illustrated at block 1708 and thereafter, as indicated at block 1710, the fingerprint can be scanned utilizing fingerprint scanner 1004.
  • Next, as illustrated at block 1712, the user's fingerprint is matched with/or against a user profile associated with the user. The user profile can be stored within a database associated with the biometric authentication system 1000 or 1200. The database can also be stored remotely at a server in communication with such the biometric authentication system 1000 or 1200. User authentication can then take place, as indicated at block 1714.
  • FIG. 18 depicts a high-level flow chart 1800 of operations illustrating logical operational steps, which can be implemented in accordance with an alternative embodiment. As indicated at block 1802, a biometric authentication system, such as, for example, biometric authentication system 1000 or 1200, can be activated. As indicated herein, such a biometric authentication system can be configured to include, for example, a fingerprint scanner 1004 associated with a skin sensor 1006 (and/or sensors 1020, 1022 and/or 1024).
  • Next, as indicated at block 1804, skin sensor 1006, either alone or in association with sensors 1020, 1022, and/or 1024 can analyze a portion of skin on the user's finger or search for a heart rate/pulse, depending on what type of sensor is being used (e.g., biomedical or skin) for sensors 1020, 1022 and 1024. The user then places his or finger on the fingerprint scanner 1004 as illustrated at block 1806 and thereafter, as indicated at block 1808, the fingerprint can be scanned utilizing fingerprint scanner 1004.
  • Next, as illustrated at block 1810, the user's fingerprint can be matched with/or against a user profile associated with the user. The user profile can be stored within a database associated with the biometric authentication system 1000 or 1200. The database can also be stored remotely at a server in communication with such the biometric authentication system 1000 or 1200. User authentication can then take place, as indicated at block 1812.
  • It should be appreciated that use of sensors 1006, 1020, 1022 and/or 1024 in methods as described in flow diagrams associated with FIGS. 15-18 is not limited with respect to the order for which skin or biomedical results are obtained from a sample. Skin and biomedical readings can be obtained initially (prior to fingerprint scanning), concurrently, during template retrieval, or after authentication. Skin and biomedical sensors can be active throughout the authentication process, as long as the user remains in contact with the user interface.
  • FIG. 19 depicts a system 1900 for biometrically authenticating a user in association with a wireless identification tag, in accordance with an alternative embodiment. System 1900 generally includes at least one wireless identification tag 1902, which can be identified by a tag reader 1904, which can be a wireless radio frequency transceiver such as a wireless access point familiar in with WiFi (e.g., 802.11) and cellular networking systems. System 1900 also includes at least one biometric authentication point 1910, which can be, for example, a biometric authentication apparatus or device, such as, for example, biometric authentication systems 200, 220, 240, 244, 1000, and/or 1200 disclosed herein.
  • Biometric authentication point 1910 can be, for example, a point of sale (POS) equipped with a biometric reader, which can randomly challenge a user to input biometric data for authentication purposes as disclosed herein. The biometric authentication point can also be an international border crossing, which is becoming important for Homeland Security initiatives passed into U.S. Federal Legislation in 2002. Other biometric authentication points that can benefit from advanced template retrieval, include public transportation (e.g., airport bordering systems), time and attendance equipment, building access, and any other application where a user can be waiting in line behind other users to be authenticated.
  • System 1900 permits a wireless identification tag, such as tag 1902, to provide the biometric authentication point with appropriate biometric template information obtained from a biometric database 1908 associated with the user through a network 1906 (i.e., wireless and/or wireline) so that when the holder of the identified tag 1902 is ready to be biometrically authorized, his or her biometric data can already be available to the system for a biometric challenge thereof.
  • Intelligent networks are mobile communications systems familiar to the wireless telecommunications industry for the use of Home Location Registers (HLRs) and Visiting Location Registers (VLRs) to enable a user's profile to follow the user throughout a network. The general methodologies behind intelligent networks can be used with the disclosed embodiments to provide user biometric template in advance of authentication. In an intelligent network, a user's profile, which will generally include subscription services, billing information, voice mail, email, E911 location information, and other data, is kept at the HLR. The HLR is typically associated with the user's home network.
  • If the user leaves the network and enters another network, which is commonly referred to as “roaming,” then a copy of the user's profile is placed into the VLR associated with the network within which the user is roaming. For example, this is what happens when a cellular phone user leaves Dallas, Tex. for a business trip to Los Angeles, Calif. The user is able to retrieve voice mail very shortly after turning on his or her mobile phone. After the device is turned on, the intelligent network determines that the user is visiting (roaming) and also determines where to get a copy of the user's profile.
  • It should be appreciated that a system similar to an intelligent network can be used in association with biometric authentication using existing networks and standards (e.g., LAN, WLAN, WiFi, Bluetooth, CDMA, TDMA, WAP, etc.) and networked servers and databases to provide for advanced biometric retrieval.
  • An example of a tagging system, which can be implemented in accordance with an alternative embodiment is disclosed in U.S. Patent Application No. US 2002/0178063, “Community Concept for Payment Using RF ID Transponders,” to Gravelle et al., which was published on Nov. 28, 2002, and which is incorporated herein by reference. It can be appreciated by those skilled in the art that U.S. Patent Application No. US 2002/0178063 does not limit the scope of the embodiments described herein, but is referenced for general edification and background purposes only.
  • FIG. 20 illustrates a high-level flow chart 2000 of operations illustrating logical operational steps for biometrically authenticating a user in association with a wireless identification tag, in accordance with an alternative embodiment. As indicated at blocks 2000, and 2004 information from a wireless identification tag, such as tag 1902 of FIG. 19 can be read when the tag 1902 is located in the vicinity of biometric authentication point 1910. As indicated next at block 2006, the tag 1902 can be validated.
  • Thereafter, as indicated at block 2008, in response to validation of the tag 1902, biometric information associated with the user of tag 1902 can be retrieved from biometric database 1908 through a network 1906. This information is thus prepared for eventual use at the biometric authentication point, as indicated at block 2010. The user is then biometrically challenged at the biometric authentication point, as indicated at block 2012. The user is then denied or authorized, as indicated at block 2014, depending on the results of the biometric challenge.
  • FIG. 21 depicts a high-level flow chart 2100 of operations illustrating logical operational steps for biometrically authenticating a user, in accordance with an alternative embodiment. As indicated at block 2102, the step of wirelessly recognizing the presence of a user near a biometric authentication point can be processed. In other words, the user is preliminarily identified by wireless means. Thereafter, as illustrated at block 2104, a biometric template associated with the user can be retrieved, based on the preliminary wireless identification of the user. Next, as depicted at block 2106, the biometric template associated with the user is provided in advance to the biometric authentication point in advance of the biometric authentication. Finally, as depicted at block 2108, the user can now be authenticated (or denied authorization), depending on the results of the biometric authentication process he or she will undergo via the biometric authentication point.
  • It will be appreciated that variations of the above-disclosed and other features and functions, or alternatives thereof, may be desirably combined into many other different systems or applications. Also that various presently unforeseen or unanticipated alternatives, modifications, variations or improvements therein may be subsequently made by those skilled in the art which are also intended to be encompassed by the following claims.

Claims (22)

1. A method for the authentication of a user at a point of entry in coordination with biometric data provided from a remote server after preliminary identification of the user based on identification information wirelessly provided from a portable electronic device carried with the user when the user is located near a point of entry, the method comprising:
associating an electronic system with a point of entry, the electronic system including a biometric interface, access to a data network and wireless communications hardware wirelessly communicating with a portable electronic device carried by a user approaching the point of entry, the user seeking access through the point of entry;
wirelessly accessing, via the electronic system, identification information associated with the user from the portable electronic device carried with the user;
utilizing the identification information provided from the portable electronic device to obtain a user profile from a remote server via the data network, the user profile including user identification information and a biometric template associated with the user,
providing the identification information and the biometric template from the remote server to the point of entry in advance of an arrival of the user at the point of entry for passage through the point of entry;
comparing at least one of the identification information and the biometric template with credentials carried with the user and at least one physical attribute of the user captured by the biometric interface; and
authenticating the user via the electronic system and granting the user access through the point of entry, if the at least one of the identification information and the biometric template match at least one of the credentials carried with the user and the at least one physical attribute of the user captured by the biometric interface.
2. The method of claim 1 wherein the portable electronic device carried by the user comprises an RFID tag.
3. The method of claim 1 wherein portable electronic device carried by the users comprises a wireless electronic communications device.
4. The method of claim 3 wherein the wireless electronic communications device communicates with the electronic system via a Bluetooth communications link.
5. The method of claim 3 wherein the wireless electronic communications device communicates with the electronic system via a cellular communications link.
6. The method of claim 1 wherein the biometric interface comprises a camera that captures the at least one physical attribute of the user.
7. The method of claim 6 wherein the at least one physical attribute comprises an image of a face of the user captured by the camera.
8. The method of claim 1 wherein the credentials carried by the user comprise an identification medium bearing a name and a photograph of the user.
9. The method of claim 1 wherein the biometric interface comprises a biometric reader that captures from the user, at least one of fingerprint data, retinal scan data, handwriting data, voice data and facial data.
10. A method for the authentication of a user at a point of entry in coordination with biometric data provided from a remote server after preliminary identification of the user based on identification information provided wirelessly from an RFID tag carried with the user when the user is located near a point of entry, the method comprising:
associating an electronic system with a point of entry, the electronic system including a biometric interface, access to a data network and wireless communications hardware;
wirelessly communicating via the wireless communications hardware with an RFID tag carried by a user approaching the point of entry, the user seeking access through the point of entry;
wirelessly accessing, via the electronic system, identification information associated with the user from the RFID tag carried with the user;
utilizing the identification information provided from the RFID tag to obtain a user profile from a remote server via the data network, the user profile including user identification information and a biometric template associated with the user,
providing the identification information and the biometric template from the remote server to the point of entry in advance of an arrival of the user at the point of entry for passage through the point of entry;
comparing at least one of the identification information and the biometric template with credentials carried with the user and at least one physical attribute of the user captured by the biometric interface; and
authenticating the user via the electronic system and granting the user access through the point of entry, if the at least one of the identification information and the biometric template match at least one of the credentials carried with the user and the at least one physical attribute of the user captured by the biometric interface.
11. The method of claim 10 wherein the biometric interface comprises a camera that captures the at least one physical attribute of the user.
12. The method of claim 11 wherein the at least one physical attribute comprises an image of a face of the user captured by the camera.
13. The method of claim 11 wherein the credentials carried by the user comprise an identification medium bearing a name and a photograph of the user.
14. The method of claim 11 wherein the biometric interface comprises a biometric reader that captures from the user, at least one of fingerprint data, retinal scan data, handwriting data, voice data and facial data.
15. A system for the authentication of a user at a point of entry in coordination with biometric data provided from a remote server after preliminary identification of the user based on identification information wirelessly provided from a portable electronic device carried with the user when the user is located near a point of entry, the system comprising:
a point of entry;
an electronic system associated with the point of entry, the electronic system including a biometric interface, access to a data network and wireless communications hardware wirelessly communicating with a portable electronic device carried by a user approaching the point of entry, the user seeking access through the point of entry, wherein the electronic system wirelessly accesses identification information associated with the user from the portable electronic device carried with the user;
a remote server that stores a user profile, wherein the identification information provided by the electronic device is utilized to obtain the user profile from the remote server via the data network, the user profile including user identification information and a biometric template associated with the user,
wherein the identification information and the biometric template are provided from the remote server by the electronic system to the point of entry in advance of an arrival of the user at the point of entry for passage through the point of entry;
wherein at least one of the identification information and the biometric template are compared by the electronic system with credentials carried with the user and at least one physical attribute of the user captured by the biometric interface; and
wherein the user is authenticated via the electronic system and granted access through the point of entry, if the at least one of the identification information and the biometric template match at least one of the credentials carried with the user and the at least one physical attribute of the user captured by the biometric interface.
16. The system of claim 15 wherein the portable electronic device carried by the user comprises an RFID tag.
17. The system of claim 15 wherein portable electronic device carried by the user comprises a wireless electronic communications device.
18. The system of claim 17 wherein the wireless electronic communications device communicates with the electronic system via a Bluetooth communications link.
19. The system of claim 17 wherein the wireless electronic communications device communicates with the electronic system via a cellular communications link.
20. The system of claim 15 wherein the biometric interface comprises a camera that captures the at least one physical attribute of the user.
21. The system of claim 20 wherein the at least one physical attribute comprises an image of a face of the user captured by the camera.
22. The system of claim 15 wherein the credentials carried by the user comprise an identification medium bearing a name and a photograph of the user.
US12/756,855 2001-01-10 2010-04-08 Point of entry authorization utilizing rfid enabled profile and biometric data Abandoned US20100194571A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US12/756,855 US20100194571A1 (en) 2001-01-10 2010-04-08 Point of entry authorization utilizing rfid enabled profile and biometric data
US12/885,087 US8462994B2 (en) 2001-01-10 2010-09-17 Methods and systems for providing enhanced security over, while also facilitating access through, secured points of entry
US14/611,612 US20150172287A1 (en) 2002-12-17 2015-02-02 Biometric security and authentication for a mobile device

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US09/757,903 US20020091937A1 (en) 2001-01-10 2001-01-10 Random biometric authentication methods and systems
US10/321,872 US7921297B2 (en) 2001-01-10 2002-12-17 Random biometric authentication utilizing unique biometric signatures
US12/756,855 US20100194571A1 (en) 2001-01-10 2010-04-08 Point of entry authorization utilizing rfid enabled profile and biometric data

Related Parent Applications (2)

Application Number Title Priority Date Filing Date
US10/321,872 Continuation US7921297B2 (en) 2001-01-10 2002-12-17 Random biometric authentication utilizing unique biometric signatures
US10/321,872 Continuation-In-Part US7921297B2 (en) 2001-01-10 2002-12-17 Random biometric authentication utilizing unique biometric signatures

Related Child Applications (2)

Application Number Title Priority Date Filing Date
US12/885,087 Continuation-In-Part US8462994B2 (en) 2001-01-10 2010-09-17 Methods and systems for providing enhanced security over, while also facilitating access through, secured points of entry
US13/937,418 Division US20150015365A1 (en) 2002-12-17 2013-07-09 Point of entry authorization utilizing rfid enabled profile and biometric data

Publications (1)

Publication Number Publication Date
US20100194571A1 true US20100194571A1 (en) 2010-08-05

Family

ID=46281731

Family Applications (3)

Application Number Title Priority Date Filing Date
US10/321,872 Expired - Fee Related US7921297B2 (en) 2001-01-10 2002-12-17 Random biometric authentication utilizing unique biometric signatures
US12/756,855 Abandoned US20100194571A1 (en) 2001-01-10 2010-04-08 Point of entry authorization utilizing rfid enabled profile and biometric data
US13/035,606 Expired - Fee Related US8499164B2 (en) 2001-01-10 2011-02-25 Biometric authentication utilizing unique biometric signatures and portable electronic devices

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US10/321,872 Expired - Fee Related US7921297B2 (en) 2001-01-10 2002-12-17 Random biometric authentication utilizing unique biometric signatures

Family Applications After (1)

Application Number Title Priority Date Filing Date
US13/035,606 Expired - Fee Related US8499164B2 (en) 2001-01-10 2011-02-25 Biometric authentication utilizing unique biometric signatures and portable electronic devices

Country Status (1)

Country Link
US (3) US7921297B2 (en)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040230812A1 (en) * 2003-05-16 2004-11-18 Berner Fachhochschule Method for authentication of a user with an authorizing device, and a security apparatus for carrying out the method
US20070226515A1 (en) * 2006-03-24 2007-09-27 Atmel Corporation Secure biometric processing system and method of use
US20070226787A1 (en) * 2006-03-24 2007-09-27 Atmel Corporation Method and system for secure external TPM password generation and use
US20080313230A1 (en) * 2007-06-12 2008-12-18 Jeyhan Karaoguz System and method for managing evolving user preferences
US20090083839A1 (en) * 2007-09-24 2009-03-26 Chi Mei Communication Systems, Inc. Fingerprint system and method for access control
US20090086943A1 (en) * 2007-10-01 2009-04-02 Cisco Technology, Inc. Identification of multiple persons on a phone call
WO2012047564A1 (en) * 2010-09-28 2012-04-12 Sony Computer Entertainment Inc. Method and system for access to secure resources
US20130225079A1 (en) * 2012-02-24 2013-08-29 Identive Group, Inc. Providing Continued Operation of NFC Mobile Devices and Tags
US8760291B1 (en) 2011-05-17 2014-06-24 Kevin W. Mullins Notification apparatus, system, and method
US20150142439A1 (en) * 2012-06-19 2015-05-21 Honeywell International Inc. System and method of speaker recognition
WO2015137645A1 (en) * 2014-03-13 2015-09-17 엘지전자 주식회사 Mobile terminal and method for controlling same
WO2016025961A1 (en) * 2014-08-15 2016-02-18 California Institute Of Technology Herma - heartbeat microwave authentication
WO2018076087A1 (en) * 2016-10-26 2018-05-03 Ferreira De Souza Antonio Integrated digital system for collecting, consulting and revalidating data from identity cards (rg), using mobile or static equipment, provided with devices for reading and collecting data by proximity, such as: smartphones, tablets, collectors with physical connections (usb, etc.), without the need for physical contact and/or without the need for a clear view of the medium being consulted and with biometric facial recognition and/or local or remote image recognition, to confirm the desired information with the option of an audible status signal
US10171476B2 (en) * 2015-01-12 2019-01-01 Sal Khan System and method for protecting the privacy of identity and financial information of the consumer conducting online business
US20200344231A1 (en) * 2019-04-23 2020-10-29 Microsoft Technology Licensing, Llc Resource access based on audio signal
US11017399B2 (en) 2016-07-28 2021-05-25 Samsung Electronics Co., Ltd Method and electronic device for paymnet using biometric authentication
US11171781B2 (en) * 2016-02-15 2021-11-09 Sal Khan System and method which using blockchain protects the privacy of access code and the identity of an individual seeking online access
US20210359995A1 (en) * 2020-05-12 2021-11-18 Unisys Corporation Secure access control

Families Citing this family (207)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6928547B2 (en) * 1998-07-06 2005-08-09 Saflink Corporation System and method for authenticating users in a computer network
US7237117B2 (en) 2001-03-16 2007-06-26 Kenneth P. Weiss Universal secure registry
US20020147691A1 (en) * 2001-04-05 2002-10-10 Davis Dustin M. Method and system for consummating a transaction in a biometric verification system based on prior transactional histories
US8174394B2 (en) * 2001-04-11 2012-05-08 Trutouch Technologies, Inc. System for noninvasive determination of analytes in tissue
US8581697B2 (en) * 2001-04-11 2013-11-12 Trutouch Technologies Inc. Apparatuses for noninvasive determination of in vivo alcohol concentration using raman spectroscopy
US7616123B2 (en) * 2001-04-11 2009-11-10 Trutouch Technologies, Inc. Apparatus and method for noninvasively monitoring for the presence of alcohol or substances of abuse in controlled environments
US7249112B2 (en) * 2002-07-09 2007-07-24 American Express Travel Related Services Company, Inc. System and method for assigning a funding source for a radio frequency identification device
US20030046555A1 (en) * 2001-08-31 2003-03-06 Bradley Shawn J. Identity verification using biometrics
US20040015702A1 (en) * 2002-03-01 2004-01-22 Dwayne Mercredi User login delegation
US9020114B2 (en) * 2002-04-29 2015-04-28 Securus Technologies, Inc. Systems and methods for detecting a call anomaly using biometric identification
US7494061B2 (en) * 2006-06-30 2009-02-24 Evercom Systems, Inc. Systems and methods for identity verification using continuous biometric monitoring
US7219837B2 (en) 2002-09-12 2007-05-22 Integrated Engineering B.V. Identification system
US20150015365A1 (en) * 2013-07-09 2015-01-15 Mesa Digital, LLC. Point of entry authorization utilizing rfid enabled profile and biometric data
US7460696B2 (en) 2004-06-01 2008-12-02 Lumidigm, Inc. Multispectral imaging biometrics
US7751594B2 (en) 2003-04-04 2010-07-06 Lumidigm, Inc. White-light spectral biometric sensors
AU2003902422A0 (en) * 2003-05-19 2003-06-05 Intellirad Solutions Pty. Ltd Access security system
DK1629624T3 (en) 2003-05-30 2013-06-24 Privaris Inc IN-CIRCUIT SECURITY SYSTEM AND PROCEDURES FOR MANAGING ACCESS TO AND USING SENSITIVE DATA
JP2005010826A (en) * 2003-06-16 2005-01-13 Fujitsu Ltd Authentication terminal device, biometrics information authentication system and biometrics information acquisition system
US20050043897A1 (en) * 2003-08-09 2005-02-24 Meyer Robert W. Biometric compatibility matching system
GB0319918D0 (en) * 2003-08-23 2003-09-24 Ibm Method system and device for mobile subscription content access
US20050110634A1 (en) * 2003-11-20 2005-05-26 Salcedo David M. Portable security platform
US7502793B2 (en) * 2004-02-10 2009-03-10 International Business Machines Corporation Method and apparatus for assigning roles to devices using physical tokens
EP1728219A1 (en) * 2004-03-19 2006-12-06 Roger Marcel Humbel Mobile telephone all in one remote key or software regulating card for radio bicycle locks, cars, houses, and rfid tags, with authorisation and payment function
US8407097B2 (en) * 2004-04-15 2013-03-26 Hand Held Products, Inc. Proximity transaction apparatus and methods of use thereof
US8918900B2 (en) * 2004-04-26 2014-12-23 Ivi Holdings Ltd. Smart card for passport, electronic passport, and method, system, and apparatus for authenticating person holding smart card or electronic passport
US20050255840A1 (en) * 2004-05-13 2005-11-17 Markham Thomas R Authenticating wireless phone system
US8730047B2 (en) 2004-05-24 2014-05-20 Trutouch Technologies, Inc. System for noninvasive determination of analytes in tissue
US20110178420A1 (en) * 2010-01-18 2011-07-21 Trent Ridder Methods and apparatuses for improving breath alcohol testing
US8515506B2 (en) * 2004-05-24 2013-08-20 Trutouch Technologies, Inc. Methods for noninvasive determination of in vivo alcohol concentration using Raman spectroscopy
US8229185B2 (en) 2004-06-01 2012-07-24 Lumidigm, Inc. Hygienic biometric sensors
US20050289061A1 (en) * 2004-06-24 2005-12-29 Michael Kulakowski Secure authentication system for collectable and consumer items
US7318550B2 (en) * 2004-07-01 2008-01-15 American Express Travel Related Services Company, Inc. Biometric safeguard method for use with a smartcard
US7107220B2 (en) * 2004-07-30 2006-09-12 Sbc Knowledge Ventures, L.P. Centralized biometric authentication
US7254383B2 (en) 2004-07-30 2007-08-07 At&T Knowledge Ventures, L.P. Voice over IP based biometric authentication
US8787630B2 (en) * 2004-08-11 2014-07-22 Lumidigm, Inc. Multispectral barcode imaging
WO2006034732A1 (en) * 2004-09-29 2006-04-06 Swisscom Mobile Ag Method and system for inputting user instructions of a user controllable telecommunications device
DE502004008948D1 (en) * 2004-10-11 2009-03-19 Swisscom Schweiz Ag Communication card for mobile network devices and authentication method for users of mobile network devices
FR2878631B1 (en) * 2004-11-29 2007-01-12 Sagem METHOD FOR IDENTIFYING A USER USING MODIFIED BIOMETRIC CHARACTERISTICS AND DATABASE FOR CARRYING OUT SAID METHOD
US20060206722A1 (en) * 2004-12-06 2006-09-14 Zhang George Z Method and apparatus for networked biometric authentication
US20060136741A1 (en) * 2004-12-16 2006-06-22 Saflink Corporation Two factor token identification
US20060236120A1 (en) * 2005-04-14 2006-10-19 Ibm Corporation Method and apparatus employing stress detection for highly secure communication
US20060236121A1 (en) * 2005-04-14 2006-10-19 Ibm Corporation Method and apparatus for highly secure communication
US20060239512A1 (en) * 2005-04-22 2006-10-26 Imme, Llc Anti-identity theft system and method
US20060277412A1 (en) * 2005-05-20 2006-12-07 Sameer Mandke Method and System for Secure Payer Identity Authentication
US8079079B2 (en) * 2005-06-29 2011-12-13 Microsoft Corporation Multimodal authentication
US8122259B2 (en) * 2005-09-01 2012-02-21 Bricom Technologies Ltd Systems and algorithms for stateless biometric recognition
US20070101152A1 (en) * 2005-10-17 2007-05-03 Saflink Corporation Token authentication system
US8260008B2 (en) 2005-11-11 2012-09-04 Eyelock, Inc. Methods for performing biometric recognition of a human eye and corroboration of same
US7657849B2 (en) 2005-12-23 2010-02-02 Apple Inc. Unlocking a device by performing gestures on an unlock image
US8700902B2 (en) * 2006-02-13 2014-04-15 At&T Intellectual Property I, L.P. Methods and apparatus to certify digital signatures
US8001055B2 (en) * 2006-02-21 2011-08-16 Weiss Kenneth P Method, system and apparatus for secure access, payment and identification
US11227676B2 (en) 2006-02-21 2022-01-18 Universal Secure Registry, Llc Universal secure registry
US8234220B2 (en) 2007-02-21 2012-07-31 Weiss Kenneth P Universal secure registry
WO2008011205A2 (en) * 2006-04-18 2008-01-24 Ultra-Scan Corporation Augmented biomertic authorization system and method
WO2007122726A1 (en) * 2006-04-21 2007-11-01 Mitsubishi Denki Kabushiki Kaisha Authenticating server device, terminal device, authenticating system and authenticating method
JP4240502B2 (en) * 2006-06-27 2009-03-18 インターナショナル・ビジネス・マシーンズ・コーポレーション Technology for authenticating an object based on features extracted from the object
US8355545B2 (en) 2007-04-10 2013-01-15 Lumidigm, Inc. Biometric detection using spatial, temporal, and/or spectral techniques
US7995808B2 (en) 2006-07-19 2011-08-09 Lumidigm, Inc. Contactless multispectral biometric capture
CN103336941A (en) * 2006-07-19 2013-10-02 光谱辨识公司 Multibiometric multispectral imager
US8175346B2 (en) 2006-07-19 2012-05-08 Lumidigm, Inc. Whole-hand multispectral biometric imaging
US7804984B2 (en) * 2006-07-31 2010-09-28 Lumidigm, Inc. Spatial-spectral fingerprint spoof detection
US7801339B2 (en) * 2006-07-31 2010-09-21 Lumidigm, Inc. Biometrics with spatiospectral spoof detection
US20080114988A1 (en) * 2006-11-15 2008-05-15 Lisanke Michael G Method and system for exchanging data between devices
US20080148030A1 (en) * 2006-12-14 2008-06-19 General Instrument Corporation Method and System for Configuring Electronic Communication Device
US8652040B2 (en) 2006-12-19 2014-02-18 Valencell, Inc. Telemetric apparatus for health and environmental monitoring
US20080172733A1 (en) * 2007-01-12 2008-07-17 David Coriaty Identification and verification method and system for use in a secure workstation
US8942689B2 (en) * 2007-03-06 2015-01-27 Qualcomm Incorporated Method and technology for remote administration of wireless devices
KR101484566B1 (en) * 2007-03-21 2015-01-20 루미다임 인크. Biometrics based on locally consistent features
US20090133111A1 (en) * 2007-05-03 2009-05-21 Evans Security Solutions, Llc System for centralizing personal identification verification and access control
US8457595B2 (en) 2007-07-20 2013-06-04 Broadcom Corporation Method and system for processing information based on detected biometric event data
US8914847B2 (en) 2007-06-15 2014-12-16 Microsoft Corporation Multiple user authentications on a communications device
KR20150052330A (en) 2007-09-24 2015-05-13 애플 인크. Embedded authentication systems in an electronic device
US20090094126A1 (en) * 2007-10-03 2009-04-09 Patrick Killian Dual use point of sale terminal and methods of operating same
JP2009116600A (en) * 2007-11-06 2009-05-28 Mitsubishi Electric Corp Entering and leaving management system
US8600120B2 (en) 2008-01-03 2013-12-03 Apple Inc. Personal computing device control using face detection and recognition
US8577804B1 (en) * 2008-02-20 2013-11-05 Collective Dynamics LLC Method and system for securing payment transactions
US8355992B1 (en) * 2008-05-16 2013-01-15 Michael Haugh System and method for verifying the age of a controlled substance purchaser
US20090307140A1 (en) * 2008-06-06 2009-12-10 Upendra Mardikar Mobile device over-the-air (ota) registration and point-of-sale (pos) payment
US9024722B2 (en) * 2008-06-16 2015-05-05 Bank Of America Corporation Remote identification equipped self-service monetary item handling device
US8094021B2 (en) * 2008-06-16 2012-01-10 Bank Of America Corporation Monetary package security during transport through cash supply chain
US7982604B2 (en) * 2008-06-16 2011-07-19 Bank Of America Tamper-indicating monetary package
US20110304429A1 (en) * 2008-07-08 2011-12-15 Thomas Wolfl Method and apparatus for improving biometric identification systems
JP2010020712A (en) * 2008-07-14 2010-01-28 Canon Inc Information processing apparatus, method for controlling information processing apparatus, storage medium, and program
US20100040261A1 (en) * 2008-08-12 2010-02-18 International Business Machines Corporation Biometric identification assurance method and token retrieval
US8210429B1 (en) 2008-10-31 2012-07-03 Bank Of America Corporation On demand transportation for cash handling device
EP2353125A4 (en) 2008-11-03 2013-06-12 Veritrix Inc User authentication for social networks
US8406428B2 (en) * 2008-12-11 2013-03-26 International Business Machines Corporation Secure method and apparatus to verify personal identity over a network
JP2010142572A (en) * 2008-12-22 2010-07-01 Toshiba Tec Corp Commodity display position alert system and program
US8406736B2 (en) * 2008-12-30 2013-03-26 Symbol Technologies, Inc. System and method for identifying and locating wireless devices that are being operated by unauthorized users
US20100164685A1 (en) * 2008-12-31 2010-07-01 Trevor Pering Method and apparatus for establishing device connections
CN101841614A (en) * 2009-03-17 2010-09-22 深圳富泰宏精密工业有限公司 Telephone fax information management system and method
CN101908107A (en) * 2009-06-04 2010-12-08 深圳富泰宏精密工业有限公司 Electronic device for realizing information confidentiality and method thereof
WO2011028620A1 (en) 2009-08-26 2011-03-10 Lumidigm, Inc. Multiplexed biometric imaging and dual-imager biometric sensor
US8606227B2 (en) * 2009-09-22 2013-12-10 At&T Intellectual Property I, L.P. Secure access to restricted resource
US9197736B2 (en) * 2009-12-31 2015-11-24 Digimarc Corporation Intuitive computing methods and systems
US8952781B2 (en) * 2010-02-19 2015-02-10 The Domain Standard, Inc. Method and apparatus for access control using dual biometric authentication
JP5630041B2 (en) * 2010-03-15 2014-11-26 株式会社ニコン Electronic equipment
US8570149B2 (en) 2010-03-16 2013-10-29 Lumidigm, Inc. Biometric imaging using an optical adaptive interface
US9152960B2 (en) 2010-04-01 2015-10-06 Shyam Chetal Biometric identification and authentication system
US8528072B2 (en) 2010-07-23 2013-09-03 Apple Inc. Method, apparatus and system for access mode control of a device
WO2012037479A1 (en) 2010-09-17 2012-03-22 Universal Secure Registry, Llc Apparatus, system and method employing a wireless user-device
US10216893B2 (en) 2010-09-30 2019-02-26 Fitbit, Inc. Multimode sensor devices
US9886721B2 (en) * 2011-02-18 2018-02-06 Creditregistry Corporation Non-repudiation process for credit approval and identity theft prevention
US9141779B2 (en) * 2011-05-19 2015-09-22 Microsoft Technology Licensing, Llc Usable security of online password management with sensor-based authentication
US8862767B2 (en) 2011-09-02 2014-10-14 Ebay Inc. Secure elements broker (SEB) for application communication channel selector optimization
US9761083B2 (en) 2011-09-16 2017-09-12 Elottery, Inc. Location, age and identity verification for mobile gaming
US8834251B2 (en) * 2011-09-16 2014-09-16 Elottery, Inc. Location and age verification for mobile lottery play
US8473748B2 (en) * 2011-09-27 2013-06-25 George P. Sampas Mobile device-based authentication
US9002322B2 (en) 2011-09-29 2015-04-07 Apple Inc. Authentication with secondary approver
US8769624B2 (en) 2011-09-29 2014-07-01 Apple Inc. Access control utilizing indirect authentication
US20130127591A1 (en) 2011-11-20 2013-05-23 International Business Machines Corporation Secure facilities access
US9075975B2 (en) 2012-02-21 2015-07-07 Andrew Bud Online pseudonym verification and identity validation
WO2013138714A1 (en) 2012-03-16 2013-09-19 Acuity Systems, Inc. Authentication system
US9152868B2 (en) * 2012-03-23 2015-10-06 Microsoft Technology Licensing, Llc Personal identification combining proximity sensing with biometrics
US11209961B2 (en) 2012-05-18 2021-12-28 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
DE102012209190A1 (en) * 2012-05-31 2013-12-05 Siemens Aktiengesellschaft Method for detecting information of at least one object arranged on a patient support device in a medical imaging device and a medical imaging device for carrying out the method
US9049998B2 (en) 2012-06-22 2015-06-09 Fitbit, Inc. Biometric monitoring device with heart rate measurement activated by a single user-gesture
US8948832B2 (en) 2012-06-22 2015-02-03 Fitbit, Inc. Wearable heart rate monitor
US9044149B2 (en) 2012-06-22 2015-06-02 Fitbit, Inc. Heart rate data collection
US9005129B2 (en) 2012-06-22 2015-04-14 Fitbit, Inc. Wearable heart rate monitor
US9042971B2 (en) 2012-06-22 2015-05-26 Fitbit, Inc. Biometric monitoring device with heart rate measurement activated by a single user-gesture
US8396265B1 (en) 2012-06-26 2013-03-12 Google Inc. Facial recognition
US8937528B2 (en) 2012-09-12 2015-01-20 Ford Global Technologies, Llc Apparatus and method for registering users and managing biometric data thereof in a vehicle
US9594968B1 (en) * 2012-09-27 2017-03-14 EMC IP Holding Company LLC Biometric profile creation
US8955746B2 (en) 2012-09-27 2015-02-17 Intel Corporation Providing a locking technique for electronic displays
US9405891B1 (en) * 2012-09-27 2016-08-02 Emc Corporation User authentication
US20140118520A1 (en) * 2012-10-29 2014-05-01 Motorola Mobility Llc Seamless authorized access to an electronic device
US9039614B2 (en) 2013-01-15 2015-05-26 Fitbit, Inc. Methods, systems and devices for measuring fingertip heart rate
US10075384B2 (en) 2013-03-15 2018-09-11 Advanced Elemental Technologies, Inc. Purposeful computing
US9378065B2 (en) 2013-03-15 2016-06-28 Advanced Elemental Technologies, Inc. Purposeful computing
US9721086B2 (en) * 2013-03-15 2017-08-01 Advanced Elemental Technologies, Inc. Methods and systems for secure and reliable identity-based computing
US10164974B2 (en) 2013-03-19 2018-12-25 Traitware, Inc. Authentication system
US8990922B2 (en) * 2013-05-01 2015-03-24 Cheng Uei Precision Industry Co., Ltd. Access control system and control method thereof
US10512407B2 (en) 2013-06-24 2019-12-24 Fitbit, Inc. Heart rate data collection
US9282096B2 (en) * 2013-08-31 2016-03-08 Steven Goldstein Methods and systems for voice authentication service leveraging networking
US9898642B2 (en) 2013-09-09 2018-02-20 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
EP3080932B1 (en) * 2013-12-13 2018-12-05 Intel Corporation Techniques for securing body-based communications
JP6303485B2 (en) * 2013-12-20 2018-04-04 富士通株式会社 Biometric authentication device and biometric authentication method
US9552684B2 (en) 2014-02-04 2017-01-24 Secure Gravity Inc. Methods and systems configured to detect and guarantee identity for the purpose of data protection and access control
GB2522929A (en) * 2014-02-11 2015-08-12 Mastercard International Inc Transaction authorisation method and system
US20150288604A1 (en) 2014-04-02 2015-10-08 Tyco Fire & Security Gmbh Sensor Network Gateway
CN103870735A (en) * 2014-03-18 2014-06-18 小米科技有限责任公司 Unlocking processing method and device
US10511580B2 (en) 2014-03-31 2019-12-17 Monticello Enterprises LLC System and method for providing a social media shopping experience
US10482461B2 (en) 2014-05-29 2019-11-19 Apple Inc. User interface for payments
KR20160016522A (en) * 2014-07-31 2016-02-15 삼성전자주식회사 Device and method for encrypting/decrypting content
WO2016018028A1 (en) * 2014-07-31 2016-02-04 Samsung Electronics Co., Ltd. Device and method of setting or removing security on content
US20160055429A1 (en) 2014-08-20 2016-02-25 Universal City Studios Llc Virtual queuing system and method
US9754093B2 (en) * 2014-08-28 2017-09-05 Ncr Corporation Methods and a system for automated authentication confidence
US11961105B2 (en) * 2014-10-24 2024-04-16 Ganart Technologies, Inc. Method and system of accretive value store loyalty card program
US11037212B2 (en) * 2014-12-01 2021-06-15 Comenity Llc Pre-populating a credit card number field
US9563992B2 (en) * 2014-12-01 2017-02-07 Honeywell International Inc. System and method of associating, assigning, and authenticating users with personal protective equipment using biometrics
US10395227B2 (en) 2015-01-14 2019-08-27 Tactilis Pte. Limited System and method for reconciling electronic transaction records for enhanced security
US9607189B2 (en) 2015-01-14 2017-03-28 Tactilis Sdn Bhd Smart card system comprising a card and a carrier
US10037528B2 (en) 2015-01-14 2018-07-31 Tactilis Sdn Bhd Biometric device utilizing finger sequence for authentication
WO2016144059A1 (en) * 2015-03-06 2016-09-15 삼성전자 주식회사 Electronic device driving unpowered sensor, and method of controlling same
US10013540B2 (en) 2015-03-10 2018-07-03 Lenovo (Singapore) Pte. Ltd. Authentication based on body movement
US10079827B2 (en) * 2015-03-16 2018-09-18 Ricoh Company, Ltd. Information processing apparatus, information processing method, and information processing system
US10069824B2 (en) 2015-05-12 2018-09-04 Branch Banking And Trust Company Biometric signature authentication and centralized storage system
US9392946B1 (en) 2015-05-28 2016-07-19 Fitbit, Inc. Heart rate sensor with high-aspect-ratio photodetector element
US9723353B2 (en) * 2015-06-16 2017-08-01 Sunasic Technologies Inc. Remote control for smart TV and set-top box
CN107111750B (en) 2015-10-30 2020-06-05 微软技术许可有限责任公司 Detection of deceptive faces
US10715518B2 (en) * 2015-12-08 2020-07-14 Lenovo (Singapore) Pte. Ltd. Determination of device with which to establish communication based on biometric input
US11206989B2 (en) 2015-12-10 2021-12-28 Fitbit, Inc. Light field management in an optical biological parameter sensor
US10568525B1 (en) 2015-12-14 2020-02-25 Fitbit, Inc. Multi-wavelength pulse oximetry
NO344910B1 (en) * 2016-01-12 2020-06-29 Kk88 No As Device for verifying the identity of a person
US10152840B2 (en) 2016-03-16 2018-12-11 Universal City Studios Llc Virtual queue system and method
JP6645572B2 (en) 2016-03-31 2020-02-14 日本電気株式会社 Biometric data registration support device, biometric data registration support system, biometric data registration support method, biometric data registration support program
WO2017190051A1 (en) 2016-04-29 2017-11-02 Fitbit, Inc. Multi-channel photoplethysmography sensor
DK179186B1 (en) 2016-05-19 2018-01-15 Apple Inc REMOTE AUTHORIZATION TO CONTINUE WITH AN ACTION
DK179471B1 (en) 2016-09-23 2018-11-26 Apple Inc. Image data for enhanced user interactions
US10108849B2 (en) 2016-10-14 2018-10-23 Bank Of America Corporation Biometric facial recognition for accessing device and authorizing event processing
US11074325B1 (en) * 2016-11-09 2021-07-27 Wells Fargo Bank, N.A. Systems and methods for dynamic bio-behavioral authentication
US10943188B2 (en) 2016-11-09 2021-03-09 Universal City Studios Llc Virtual queuing techniques
US11588813B2 (en) * 2016-12-08 2023-02-21 Mastercard International Incorporated Systems and methods for biometric authentication using existing databases
US11244315B2 (en) 2017-03-21 2022-02-08 Intelligent Technologies International, Inc. Authentication system for controlling access and use based on heartbeat shape
US11051706B1 (en) 2017-04-07 2021-07-06 Fitbit, Inc. Multiple source-detector pair photoplethysmography (PPG) sensor
US10217084B2 (en) 2017-05-18 2019-02-26 Bank Of America Corporation System for processing resource deposits
US10275972B2 (en) 2017-05-18 2019-04-30 Bank Of America Corporation System for generating and providing sealed containers of traceable resources
US10515518B2 (en) 2017-05-18 2019-12-24 Bank Of America Corporation System for providing on-demand resource delivery to resource dispensers
ES2862180T3 (en) * 2017-06-01 2021-10-07 Nokia Solutions & Networks Oy Authentication of users in the wireless access network
US11303631B1 (en) * 2017-06-30 2022-04-12 Wells Fargo Bank, N.A. Authentication as a service
US20190034934A1 (en) 2017-07-28 2019-01-31 Alclear, Llc Biometric payment
US20190044942A1 (en) * 2017-08-01 2019-02-07 Twosense, Inc. Deep Learning for Behavior-Based, Invisible Multi-Factor Authentication
SG10201706801YA (en) * 2017-08-21 2019-03-28 Mastercard Asia Pacific Pte Ltd Biometric system for authenticating a biometric request
KR102301599B1 (en) 2017-09-09 2021-09-10 애플 인크. Implementation of biometric authentication
KR102185854B1 (en) 2017-09-09 2020-12-02 애플 인크. Implementation of biometric authentication
JP6915481B2 (en) * 2017-09-27 2021-08-04 トヨタ自動車株式会社 Vehicle control system
FI20175862A1 (en) * 2017-09-28 2019-03-29 Kipuwex Oy System for determining sound source
US11170085B2 (en) 2018-06-03 2021-11-09 Apple Inc. Implementation of biometric authentication
JP7154061B2 (en) * 2018-08-07 2022-10-17 株式会社東海理化電機製作所 biometric authentication device
US11100349B2 (en) 2018-09-28 2021-08-24 Apple Inc. Audio assisted enrollment
US10860096B2 (en) 2018-09-28 2020-12-08 Apple Inc. Device control using gaze information
CN109451477A (en) * 2018-12-18 2019-03-08 东莞市韵茂电子科技有限公司 A kind of bluetooth communication encryption method of smart machine
KR20200092158A (en) * 2019-01-24 2020-08-03 삼성전자주식회사 Electronic apparatus and control method of the electronic apparatus
KR20200100481A (en) * 2019-02-18 2020-08-26 삼성전자주식회사 Electronic device for authenticating biometric information and operating method thereof
US11115406B2 (en) 2019-06-03 2021-09-07 Bank Of America Corporation System for security analysis and authentication
US11321449B2 (en) 2019-06-03 2022-05-03 Bank Of America Corporation System for security analysis and authentication across downstream applications
US11568333B2 (en) 2019-06-27 2023-01-31 Universal City Studios Llc Systems and methods for a smart virtual queue
US11120159B1 (en) 2019-09-02 2021-09-14 Wells Fargo Bank, N.A. Composite biometric authentication
EP3832407B1 (en) * 2019-12-06 2024-03-27 Tissot S.A. Method for secure connection of a watch to a remote server
US11462050B2 (en) * 2019-12-19 2022-10-04 Certify Global Inc. Systems and methods of liveness determination
US20210279991A1 (en) * 2020-03-06 2021-09-09 Oshkosh Corporation Advanced access control using biometric data
RU2746097C1 (en) * 2020-04-01 2021-04-07 Илья Владимирович Редкокашин Information transmission method
WO2022081658A1 (en) 2020-10-14 2022-04-21 Mastercard International Incorporated Efficient updates of biometric data for remotely connected devices
EP4264460A1 (en) 2021-01-25 2023-10-25 Apple Inc. Implementation of biometric authentication
US11645865B2 (en) 2021-03-04 2023-05-09 Qualcomm Incorporated Randomized multi-fingerprint authentication
US12111902B2 (en) 2022-05-20 2024-10-08 Advanced Elemental Technologies, Inc. Systems and methods for a connected computing resource and event/activity identification information infrastructure using near existential or existential biometric identification of humans

Citations (84)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5021776A (en) * 1988-07-11 1991-06-04 Yale Security Inc. Electronic combination of lock with changeable entry codes, lock-out and programming code
US5229764A (en) * 1991-06-20 1993-07-20 Matchett Noel D Continuous biometric authentication matrix
US5291560A (en) * 1991-07-15 1994-03-01 Iri Scan Incorporated Biometric personal identification system based on iris analysis
US5469506A (en) * 1994-06-27 1995-11-21 Pitney Bowes Inc. Apparatus for verifying an identification card and identifying a person by means of a biometric characteristic
US5586186A (en) * 1994-07-15 1996-12-17 Microsoft Corporation Method and system for controlling unauthorized access to information distributed to users
US5617082A (en) * 1994-11-15 1997-04-01 Micro Enhanced Technology, Inc. Electronic access control device utilizing a single microcomputer integrated circuit
US5712912A (en) * 1995-07-28 1998-01-27 Mytec Technologies Inc. Method and apparatus for securely handling a personal identification number or cryptographic key using biometric techniques
US5719950A (en) * 1994-03-24 1998-02-17 Minnesota Mining And Manufacturing Company Biometric, personal authentication system
US5725480A (en) * 1996-03-06 1998-03-10 Abbott Laboratories Non-invasive calibration and categorization of individuals for subsequent non-invasive detection of biological compounds
US5737439A (en) * 1996-10-29 1998-04-07 Smarttouch, Llc. Anti-fraud biometric scanner that accurately detects blood flow
US5751836A (en) * 1994-09-02 1998-05-12 David Sarnoff Research Center Inc. Automated, non-invasive iris recognition system and method
US5787187A (en) * 1996-04-01 1998-07-28 Sandia Corporation Systems and methods for biometric identification using the acoustic properties of the ear canal
US5790668A (en) * 1995-12-19 1998-08-04 Mytec Technologies Inc. Method and apparatus for securely handling data in a database of biometrics and associated data
US5802199A (en) * 1994-11-28 1998-09-01 Smarttouch, Llc Use sensitive identification system
US5806040A (en) * 1994-01-04 1998-09-08 Itt Corporation Speed controlled telephone credit card verification system
US5815252A (en) * 1995-09-05 1998-09-29 Canon Kabushiki Kaisha Biometric identification process and system utilizing multiple parameters scans for reduction of false negatives
US5842194A (en) * 1995-07-28 1998-11-24 Mitsubishi Denki Kabushiki Kaisha Method of recognizing images of faces or general images using fuzzy combination of multiple resolutions
US5886644A (en) * 1996-03-12 1999-03-23 Security People, Inc. Programmable digital electronic lock
US5894277A (en) * 1996-03-12 1999-04-13 Security People, Inc. Programmable digital electronic lock
US5901238A (en) * 1996-02-07 1999-05-04 Oki Electric Industry Co., Ltd. Iris identification system and iris identification method
US5915035A (en) * 1997-01-27 1999-06-22 Aetex Biometric Corporation Method for extracting high-level features for fingerprint recognition
EP0924655A2 (en) * 1997-12-22 1999-06-23 TRW Inc. Controlled access to doors and machines using fingerprint matching
US5956122A (en) * 1998-06-26 1999-09-21 Litton Systems, Inc Iris recognition apparatus and method
US5973624A (en) * 1991-06-21 1999-10-26 C & M Technology, Inc. Electronic combination lock with high security features
US5991408A (en) * 1997-05-16 1999-11-23 Veridicom, Inc. Identification and security using biometric measurements
US5995642A (en) * 1997-06-30 1999-11-30 Aetex Biometric Corporation Method for automatic fingerprint classification
US6011858A (en) * 1996-05-10 2000-01-04 Biometric Tracking, L.L.C. Memory card having a biometric template stored thereon and system for using same
US6012064A (en) * 1997-08-21 2000-01-04 Lucent Technologies Inc. Maintaining a random sample of a relation in a database in the presence of updates to the relation
US6016476A (en) * 1997-08-11 2000-01-18 International Business Machines Corporation Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US6018739A (en) * 1997-05-15 2000-01-25 Raytheon Company Biometric personnel identification system
US6038334A (en) * 1997-02-21 2000-03-14 Dew Engineering And Development Limited Method of gathering biometric information
US6038332A (en) * 1997-09-05 2000-03-14 Digital Biometrics, Inc. Method and apparatus for capturing the image of a palm
US6038315A (en) * 1997-03-17 2000-03-14 The Regents Of The University Of California Method and system for normalizing biometric variations to authenticate users from a public database and that ensures individual biometric data privacy
US6047282A (en) * 1997-12-05 2000-04-04 Authentec, Inc. Apparatus and method for expandable biometric searching
US6047281A (en) * 1997-12-05 2000-04-04 Authentec, Inc. Method and apparatus for expandable biometric searching
USD426237S (en) * 1998-11-19 2000-06-06 Precise Biometrics Ab Card reader
US6072891A (en) * 1997-02-21 2000-06-06 Dew Engineering And Development Limited Method of gathering biometric information
US6092192A (en) * 1998-01-16 2000-07-18 International Business Machines Corporation Apparatus and methods for providing repetitive enrollment in a plurality of biometric recognition systems based on an initial enrollment
US6104922A (en) * 1998-03-02 2000-08-15 Motorola, Inc. User authentication in a communication system utilizing biometric information
US6105010A (en) * 1997-05-09 2000-08-15 Gte Service Corporation Biometric certifying authorities
US6108638A (en) * 1992-12-11 2000-08-22 Fujitsu Limited Data processing system and data processing method using same
US6111977A (en) * 1997-04-17 2000-08-29 Cross Match Technologies, Inc. Hand-held fingerprint recognition and transmission device
US6119096A (en) * 1997-07-31 2000-09-12 Eyeticket Corporation System and method for aircraft passenger check-in and boarding using iris recognition
US6140939A (en) * 1995-04-14 2000-10-31 Flick; Kenneth E. Biometric characteristic vehicle control system having verification and reset features
US6154879A (en) * 1994-11-28 2000-11-28 Smarttouch, Inc. Tokenless biometric ATM access system
US6160903A (en) * 1998-04-24 2000-12-12 Dew Engineering And Development Limited Method of providing secure user access
US6167517A (en) * 1998-04-09 2000-12-26 Oracle Corporation Trusted biometric client authentication
US6175922B1 (en) * 1996-12-04 2001-01-16 Esign, Inc. Electronic transaction systems and methods therefor
US6213391B1 (en) * 1997-09-10 2001-04-10 William H. Lewis Portable system for personal identification based upon distinctive characteristics of the user
US6256737B1 (en) * 1999-03-09 2001-07-03 Bionetrix Systems Corporation System, method and computer program product for allowing access to enterprise resources using biometric devices
US6363485B1 (en) * 1998-09-09 2002-03-26 Entrust Technologies Limited Multi-factor biometric authenticating device and method
US6360953B1 (en) * 1998-07-15 2002-03-26 Magnex Corporation Secure print sensing smart card with on-the-fly-operation
US6424249B1 (en) * 1995-05-08 2002-07-23 Image Data, Llc Positive identity verification system and method including biometric user authentication
US20020138768A1 (en) * 2001-03-22 2002-09-26 Murakami Rick V. Method for biometric authentication through layering biometric traits
US20020140542A1 (en) * 2001-04-02 2002-10-03 Prokoski Francine J. Personal biometric key
US20020152178A1 (en) * 2001-04-12 2002-10-17 M-Commerce Co., Ltd. Credit card transaction authentication system and method using mobile terminal
US20020164058A1 (en) * 2001-05-04 2002-11-07 International Business Machines Corporation Remote authentication of fingerprints over an insecure network
US6483929B1 (en) * 2000-06-08 2002-11-19 Tarian Llc Method and apparatus for histological and physiological biometric operation and authentication
US6487662B1 (en) * 1999-05-14 2002-11-26 Jurij Jakovlevich Kharon Biometric system for biometric input, comparison, authentication and access control and method therefor
US20020183624A1 (en) * 2001-06-05 2002-12-05 Rio Grande Medical Technologies, Inc. Apparatus and method of biometric determination using specialized optical spectroscopy systems
US6522722B1 (en) * 2000-09-28 2003-02-18 Xcounter Ab Collimation of radiation from line-like ionizing radiation sources and planar radiation beam detection related thereto
US6532298B1 (en) * 1998-11-25 2003-03-11 Iridian Technologies, Inc. Portable authentication device and method using iris patterns
US6618806B1 (en) * 1998-04-01 2003-09-09 Saflink Corporation System and method for authenticating users in a computer network
US6624739B1 (en) * 1998-09-28 2003-09-23 Anatoli Stobbe Access control system
US6697947B1 (en) * 1999-06-17 2004-02-24 International Business Machines Corporation Biometric based multi-party authentication
US6725303B1 (en) * 2000-08-31 2004-04-20 At&T Corp. Method and apparatus for establishing a personalized connection with a network
US6735695B1 (en) * 1999-12-20 2004-05-11 International Business Machines Corporation Methods and apparatus for restricting access of a user using random partial biometrics
US6751734B1 (en) * 1999-03-23 2004-06-15 Nec Corporation Authentication executing device, portable authentication device, and authentication method using biometrics identification
US6819219B1 (en) * 2000-10-13 2004-11-16 International Business Machines Corporation Method for biometric-based authentication in wireless communication for access control
US6829375B1 (en) * 1999-02-03 2004-12-07 Nec Corporation Fingerprint input apparatus
US20050038741A1 (en) * 2001-07-10 2005-02-17 American Express Travel Related Services Company, Inc. Method and system for a travel-related multi-function fob
US6871242B1 (en) * 1999-03-31 2005-03-22 International Business Machines Corporation Personal computer with a biometric sensor having improved resistance to environmental distortions
US6917801B2 (en) * 2000-12-22 2005-07-12 Ford Global Technologies, Llc Communication system for use with a vehicle
US6944773B1 (en) * 2000-05-19 2005-09-13 Sony Corporation Method and apparatus for fingerprint authentication during on-line transactions
US6957338B1 (en) * 1999-01-20 2005-10-18 Nec Corporation Individual authentication system performing authentication in multiple steps
US7005968B1 (en) * 2000-06-07 2006-02-28 Symbol Technologies, Inc. Wireless locating and tracking systems
US7076083B2 (en) * 2002-12-12 2006-07-11 Eastman Kodak Company Personnel access control system
US20070205865A1 (en) * 2006-03-02 2007-09-06 Broadcom Corporation, A California Corporation Wireless communication device with RFID reader
US20070252001A1 (en) * 2006-04-25 2007-11-01 Kail Kevin J Access control system with RFID and biometric facial recognition
US7315949B1 (en) * 2000-06-24 2008-01-01 Palm, Inc. Method and system for providing a personal identification security feature to a portable computing device
US7362210B2 (en) * 2003-09-05 2008-04-22 Honeywell International Inc. System and method for gate access control
US7522056B2 (en) * 2005-05-24 2009-04-21 V.H. Blackinton & Co., Inc. Badge verification device
US7631805B2 (en) * 2002-09-20 2009-12-15 Eid Passport, Inc. Systems and methods for managing security at plural facilities
US20100084462A1 (en) * 2008-10-02 2010-04-08 German Scipioni Systems and methods for secure photo identification at point of sale

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5222152A (en) 1991-11-19 1993-06-22 Digital Biometrics, Inc. Portable fingerprint scanning apparatus for identification verification
US5335288A (en) 1992-02-10 1994-08-02 Faulkner Keith W Apparatus and method for biometric identification
KR0147136B1 (en) * 1995-11-04 1998-08-17 양승택 Equipment and method for congestion control in atm network
US6108636A (en) * 1996-10-15 2000-08-22 Iris Corporation Berhad Luggage handling and reconciliation system using an improved security identification document including contactless communication insert unit
US6038666A (en) * 1997-12-22 2000-03-14 Trw Inc. Remote identity verification technique using a personal identification device
US6522772B1 (en) 1998-09-30 2003-02-18 Ncr Corporation Self-service checkout terminal having a biometric sensing device for verifying identity of a user and associated method
US7898385B2 (en) * 2002-06-26 2011-03-01 Robert William Kocher Personnel and vehicle identification system using three factors of authentication

Patent Citations (84)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5021776A (en) * 1988-07-11 1991-06-04 Yale Security Inc. Electronic combination of lock with changeable entry codes, lock-out and programming code
US5229764A (en) * 1991-06-20 1993-07-20 Matchett Noel D Continuous biometric authentication matrix
US5973624A (en) * 1991-06-21 1999-10-26 C & M Technology, Inc. Electronic combination lock with high security features
US5291560A (en) * 1991-07-15 1994-03-01 Iri Scan Incorporated Biometric personal identification system based on iris analysis
US6108638A (en) * 1992-12-11 2000-08-22 Fujitsu Limited Data processing system and data processing method using same
US5806040A (en) * 1994-01-04 1998-09-08 Itt Corporation Speed controlled telephone credit card verification system
US5719950A (en) * 1994-03-24 1998-02-17 Minnesota Mining And Manufacturing Company Biometric, personal authentication system
US5469506A (en) * 1994-06-27 1995-11-21 Pitney Bowes Inc. Apparatus for verifying an identification card and identifying a person by means of a biometric characteristic
US5586186A (en) * 1994-07-15 1996-12-17 Microsoft Corporation Method and system for controlling unauthorized access to information distributed to users
US5751836A (en) * 1994-09-02 1998-05-12 David Sarnoff Research Center Inc. Automated, non-invasive iris recognition system and method
US5617082A (en) * 1994-11-15 1997-04-01 Micro Enhanced Technology, Inc. Electronic access control device utilizing a single microcomputer integrated circuit
US6154879A (en) * 1994-11-28 2000-11-28 Smarttouch, Inc. Tokenless biometric ATM access system
US5802199A (en) * 1994-11-28 1998-09-01 Smarttouch, Llc Use sensitive identification system
US6140939A (en) * 1995-04-14 2000-10-31 Flick; Kenneth E. Biometric characteristic vehicle control system having verification and reset features
US6424249B1 (en) * 1995-05-08 2002-07-23 Image Data, Llc Positive identity verification system and method including biometric user authentication
US5842194A (en) * 1995-07-28 1998-11-24 Mitsubishi Denki Kabushiki Kaisha Method of recognizing images of faces or general images using fuzzy combination of multiple resolutions
US5712912A (en) * 1995-07-28 1998-01-27 Mytec Technologies Inc. Method and apparatus for securely handling a personal identification number or cryptographic key using biometric techniques
US5815252A (en) * 1995-09-05 1998-09-29 Canon Kabushiki Kaisha Biometric identification process and system utilizing multiple parameters scans for reduction of false negatives
US5790668A (en) * 1995-12-19 1998-08-04 Mytec Technologies Inc. Method and apparatus for securely handling data in a database of biometrics and associated data
US5901238A (en) * 1996-02-07 1999-05-04 Oki Electric Industry Co., Ltd. Iris identification system and iris identification method
US5725480A (en) * 1996-03-06 1998-03-10 Abbott Laboratories Non-invasive calibration and categorization of individuals for subsequent non-invasive detection of biological compounds
US5894277A (en) * 1996-03-12 1999-04-13 Security People, Inc. Programmable digital electronic lock
US5886644A (en) * 1996-03-12 1999-03-23 Security People, Inc. Programmable digital electronic lock
US5787187A (en) * 1996-04-01 1998-07-28 Sandia Corporation Systems and methods for biometric identification using the acoustic properties of the ear canal
US6011858A (en) * 1996-05-10 2000-01-04 Biometric Tracking, L.L.C. Memory card having a biometric template stored thereon and system for using same
US5737439A (en) * 1996-10-29 1998-04-07 Smarttouch, Llc. Anti-fraud biometric scanner that accurately detects blood flow
US6175922B1 (en) * 1996-12-04 2001-01-16 Esign, Inc. Electronic transaction systems and methods therefor
US5915035A (en) * 1997-01-27 1999-06-22 Aetex Biometric Corporation Method for extracting high-level features for fingerprint recognition
US6038334A (en) * 1997-02-21 2000-03-14 Dew Engineering And Development Limited Method of gathering biometric information
US6072891A (en) * 1997-02-21 2000-06-06 Dew Engineering And Development Limited Method of gathering biometric information
US6038315A (en) * 1997-03-17 2000-03-14 The Regents Of The University Of California Method and system for normalizing biometric variations to authenticate users from a public database and that ensures individual biometric data privacy
US6111977A (en) * 1997-04-17 2000-08-29 Cross Match Technologies, Inc. Hand-held fingerprint recognition and transmission device
US6105010A (en) * 1997-05-09 2000-08-15 Gte Service Corporation Biometric certifying authorities
US6018739A (en) * 1997-05-15 2000-01-25 Raytheon Company Biometric personnel identification system
US5991408A (en) * 1997-05-16 1999-11-23 Veridicom, Inc. Identification and security using biometric measurements
US5995642A (en) * 1997-06-30 1999-11-30 Aetex Biometric Corporation Method for automatic fingerprint classification
US6119096A (en) * 1997-07-31 2000-09-12 Eyeticket Corporation System and method for aircraft passenger check-in and boarding using iris recognition
US6016476A (en) * 1997-08-11 2000-01-18 International Business Machines Corporation Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US6012064A (en) * 1997-08-21 2000-01-04 Lucent Technologies Inc. Maintaining a random sample of a relation in a database in the presence of updates to the relation
US6038332A (en) * 1997-09-05 2000-03-14 Digital Biometrics, Inc. Method and apparatus for capturing the image of a palm
US6213391B1 (en) * 1997-09-10 2001-04-10 William H. Lewis Portable system for personal identification based upon distinctive characteristics of the user
US6047281A (en) * 1997-12-05 2000-04-04 Authentec, Inc. Method and apparatus for expandable biometric searching
US6047282A (en) * 1997-12-05 2000-04-04 Authentec, Inc. Apparatus and method for expandable biometric searching
EP0924655A2 (en) * 1997-12-22 1999-06-23 TRW Inc. Controlled access to doors and machines using fingerprint matching
US6092192A (en) * 1998-01-16 2000-07-18 International Business Machines Corporation Apparatus and methods for providing repetitive enrollment in a plurality of biometric recognition systems based on an initial enrollment
US6104922A (en) * 1998-03-02 2000-08-15 Motorola, Inc. User authentication in a communication system utilizing biometric information
US6618806B1 (en) * 1998-04-01 2003-09-09 Saflink Corporation System and method for authenticating users in a computer network
US6167517A (en) * 1998-04-09 2000-12-26 Oracle Corporation Trusted biometric client authentication
US6160903A (en) * 1998-04-24 2000-12-12 Dew Engineering And Development Limited Method of providing secure user access
US5956122A (en) * 1998-06-26 1999-09-21 Litton Systems, Inc Iris recognition apparatus and method
US6360953B1 (en) * 1998-07-15 2002-03-26 Magnex Corporation Secure print sensing smart card with on-the-fly-operation
US6363485B1 (en) * 1998-09-09 2002-03-26 Entrust Technologies Limited Multi-factor biometric authenticating device and method
US6624739B1 (en) * 1998-09-28 2003-09-23 Anatoli Stobbe Access control system
USD426237S (en) * 1998-11-19 2000-06-06 Precise Biometrics Ab Card reader
US6532298B1 (en) * 1998-11-25 2003-03-11 Iridian Technologies, Inc. Portable authentication device and method using iris patterns
US6957338B1 (en) * 1999-01-20 2005-10-18 Nec Corporation Individual authentication system performing authentication in multiple steps
US6829375B1 (en) * 1999-02-03 2004-12-07 Nec Corporation Fingerprint input apparatus
US6256737B1 (en) * 1999-03-09 2001-07-03 Bionetrix Systems Corporation System, method and computer program product for allowing access to enterprise resources using biometric devices
US6751734B1 (en) * 1999-03-23 2004-06-15 Nec Corporation Authentication executing device, portable authentication device, and authentication method using biometrics identification
US6871242B1 (en) * 1999-03-31 2005-03-22 International Business Machines Corporation Personal computer with a biometric sensor having improved resistance to environmental distortions
US6487662B1 (en) * 1999-05-14 2002-11-26 Jurij Jakovlevich Kharon Biometric system for biometric input, comparison, authentication and access control and method therefor
US6697947B1 (en) * 1999-06-17 2004-02-24 International Business Machines Corporation Biometric based multi-party authentication
US6735695B1 (en) * 1999-12-20 2004-05-11 International Business Machines Corporation Methods and apparatus for restricting access of a user using random partial biometrics
US6944773B1 (en) * 2000-05-19 2005-09-13 Sony Corporation Method and apparatus for fingerprint authentication during on-line transactions
US7005968B1 (en) * 2000-06-07 2006-02-28 Symbol Technologies, Inc. Wireless locating and tracking systems
US6483929B1 (en) * 2000-06-08 2002-11-19 Tarian Llc Method and apparatus for histological and physiological biometric operation and authentication
US7315949B1 (en) * 2000-06-24 2008-01-01 Palm, Inc. Method and system for providing a personal identification security feature to a portable computing device
US6725303B1 (en) * 2000-08-31 2004-04-20 At&T Corp. Method and apparatus for establishing a personalized connection with a network
US6522722B1 (en) * 2000-09-28 2003-02-18 Xcounter Ab Collimation of radiation from line-like ionizing radiation sources and planar radiation beam detection related thereto
US6819219B1 (en) * 2000-10-13 2004-11-16 International Business Machines Corporation Method for biometric-based authentication in wireless communication for access control
US6917801B2 (en) * 2000-12-22 2005-07-12 Ford Global Technologies, Llc Communication system for use with a vehicle
US20020138768A1 (en) * 2001-03-22 2002-09-26 Murakami Rick V. Method for biometric authentication through layering biometric traits
US20020140542A1 (en) * 2001-04-02 2002-10-03 Prokoski Francine J. Personal biometric key
US20020152178A1 (en) * 2001-04-12 2002-10-17 M-Commerce Co., Ltd. Credit card transaction authentication system and method using mobile terminal
US20020164058A1 (en) * 2001-05-04 2002-11-07 International Business Machines Corporation Remote authentication of fingerprints over an insecure network
US20020183624A1 (en) * 2001-06-05 2002-12-05 Rio Grande Medical Technologies, Inc. Apparatus and method of biometric determination using specialized optical spectroscopy systems
US20050038741A1 (en) * 2001-07-10 2005-02-17 American Express Travel Related Services Company, Inc. Method and system for a travel-related multi-function fob
US7631805B2 (en) * 2002-09-20 2009-12-15 Eid Passport, Inc. Systems and methods for managing security at plural facilities
US7076083B2 (en) * 2002-12-12 2006-07-11 Eastman Kodak Company Personnel access control system
US7362210B2 (en) * 2003-09-05 2008-04-22 Honeywell International Inc. System and method for gate access control
US7522056B2 (en) * 2005-05-24 2009-04-21 V.H. Blackinton & Co., Inc. Badge verification device
US20070205865A1 (en) * 2006-03-02 2007-09-06 Broadcom Corporation, A California Corporation Wireless communication device with RFID reader
US20070252001A1 (en) * 2006-04-25 2007-11-01 Kail Kevin J Access control system with RFID and biometric facial recognition
US20100084462A1 (en) * 2008-10-02 2010-04-08 German Scipioni Systems and methods for secure photo identification at point of sale

Cited By (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040230812A1 (en) * 2003-05-16 2004-11-18 Berner Fachhochschule Method for authentication of a user with an authorizing device, and a security apparatus for carrying out the method
US20070226515A1 (en) * 2006-03-24 2007-09-27 Atmel Corporation Secure biometric processing system and method of use
US20070226787A1 (en) * 2006-03-24 2007-09-27 Atmel Corporation Method and system for secure external TPM password generation and use
US8261072B2 (en) 2006-03-24 2012-09-04 Atmel Corporation Method and system for secure external TPM password generation and use
US20080313230A1 (en) * 2007-06-12 2008-12-18 Jeyhan Karaoguz System and method for managing evolving user preferences
US20090083839A1 (en) * 2007-09-24 2009-03-26 Chi Mei Communication Systems, Inc. Fingerprint system and method for access control
US7930556B2 (en) * 2007-09-24 2011-04-19 Chi Mei Communication Systems, Inc. Fingerprint system and method for access control
US20090086943A1 (en) * 2007-10-01 2009-04-02 Cisco Technology, Inc. Identification of multiple persons on a phone call
US8340270B2 (en) * 2007-10-01 2012-12-25 Cisco Technology, Inc. Identification of multiple persons on a phone call
WO2012047564A1 (en) * 2010-09-28 2012-04-12 Sony Computer Entertainment Inc. Method and system for access to secure resources
US9183683B2 (en) 2010-09-28 2015-11-10 Sony Computer Entertainment Inc. Method and system for access to secure resources
US8760291B1 (en) 2011-05-17 2014-06-24 Kevin W. Mullins Notification apparatus, system, and method
WO2013126160A1 (en) * 2012-02-24 2013-08-29 Identive Group, Inc. Providing continued operation of nfc mobile devices and tags
US20130225079A1 (en) * 2012-02-24 2013-08-29 Identive Group, Inc. Providing Continued Operation of NFC Mobile Devices and Tags
US20150142439A1 (en) * 2012-06-19 2015-05-21 Honeywell International Inc. System and method of speaker recognition
US9418664B2 (en) * 2012-06-19 2016-08-16 Honeywell International Inc. System and method of speaker recognition
WO2015137645A1 (en) * 2014-03-13 2015-09-17 엘지전자 주식회사 Mobile terminal and method for controlling same
US10162955B2 (en) 2014-03-13 2018-12-25 Lg Electronics Inc. Mobile terminal and method for controlling same
US9870457B2 (en) 2014-08-15 2018-01-16 California Institute Of Technology HERMA—heartbeat microwave authentication
WO2016025961A1 (en) * 2014-08-15 2016-02-18 California Institute Of Technology Herma - heartbeat microwave authentication
US10171476B2 (en) * 2015-01-12 2019-01-01 Sal Khan System and method for protecting the privacy of identity and financial information of the consumer conducting online business
US11171781B2 (en) * 2016-02-15 2021-11-09 Sal Khan System and method which using blockchain protects the privacy of access code and the identity of an individual seeking online access
US11017399B2 (en) 2016-07-28 2021-05-25 Samsung Electronics Co., Ltd Method and electronic device for paymnet using biometric authentication
WO2018076087A1 (en) * 2016-10-26 2018-05-03 Ferreira De Souza Antonio Integrated digital system for collecting, consulting and revalidating data from identity cards (rg), using mobile or static equipment, provided with devices for reading and collecting data by proximity, such as: smartphones, tablets, collectors with physical connections (usb, etc.), without the need for physical contact and/or without the need for a clear view of the medium being consulted and with biometric facial recognition and/or local or remote image recognition, to confirm the desired information with the option of an audible status signal
US20200344231A1 (en) * 2019-04-23 2020-10-29 Microsoft Technology Licensing, Llc Resource access based on audio signal
US11949677B2 (en) * 2019-04-23 2024-04-02 Microsoft Technology Licensing, Llc Resource access based on audio signal
US20210359995A1 (en) * 2020-05-12 2021-11-18 Unisys Corporation Secure access control

Also Published As

Publication number Publication date
US20030163710A1 (en) 2003-08-28
US20110191840A1 (en) 2011-08-04
US8499164B2 (en) 2013-07-30
US7921297B2 (en) 2011-04-05

Similar Documents

Publication Publication Date Title
US8499164B2 (en) Biometric authentication utilizing unique biometric signatures and portable electronic devices
US20150172287A1 (en) Biometric security and authentication for a mobile device
US7793109B2 (en) Random biometric authentication apparatus
Bolle et al. Guide to biometrics
US8694792B2 (en) Biometric based repeat visitor recognition system and method
US20080005578A1 (en) System and method for traceless biometric identification
US20060072793A1 (en) Security alarm notification using iris detection systems
Matyas Jr et al. A biometric standard for information management and security
US11716330B2 (en) Mobile enrollment using a known biometric
JP2010020785A (en) Method for biometric-based authentication in wireless communication for access control
Podio Personal authentication through biometric technologies
Armington et al. Biometric authentication in infrastructure security
Syed et al. Biometric Authentication Systems in Banking: A Technical Evaluation of Security Measures
Bengs Putting authentication in the palm of your hand
Tiwari et al. Biometrics based user authentication
KR200212183Y1 (en) Fingerprint recognition security computer monitor
Phang et al. Hazards of Biometric Authentication in Practice
Sumner et al. Biometrics: Fingerprint Authentication
MARKED Biometrics Guide for Access Control Applications
Das et al. Review of Recent Recognition Systems
Ratha et al. Rudolf M. Bolle, Jonathan Connell, Sharathchandra Pankanti
Sector Biometrics and Standards

Legal Events

Date Code Title Description
AS Assignment

Owner name: MESA DIGITAL, LLC, NEW MEXICO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ORTIZ, LUIS M.;LOPEZ, KERMIT D.;REEL/FRAME:024207/0665

Effective date: 20100407

AS Assignment

Owner name: RANDOM BIOMETRICS, LLC, TEXAS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MESA DIGITAL, L.L.C.;REEL/FRAME:026182/0517

Effective date: 20110425

AS Assignment

Owner name: MESA DIGITAL, LLC, NEW MEXICO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:RANDOM BIOMETRICS, LLC;REEL/FRAME:037763/0235

Effective date: 20160218

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION

AS Assignment

Owner name: IP VENUE, LLC, NEW MEXICO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MESA DIGITAL, LLC;REEL/FRAME:048462/0449

Effective date: 20190227