US20020091937A1 - Random biometric authentication methods and systems - Google Patents

Random biometric authentication methods and systems Download PDF

Info

Publication number
US20020091937A1
US20020091937A1 US09/757,903 US75790301A US2002091937A1 US 20020091937 A1 US20020091937 A1 US 20020091937A1 US 75790301 A US75790301 A US 75790301A US 2002091937 A1 US2002091937 A1 US 2002091937A1
Authority
US
United States
Prior art keywords
user
electronic system
biometric
user profile
input
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US09/757,903
Inventor
Luis Ortiz
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ip Venue LLC
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=25049694&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=US20020091937(A1) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Priority to US09/757,903 priority Critical patent/US20020091937A1/en
Application filed by Individual filed Critical Individual
Publication of US20020091937A1 publication Critical patent/US20020091937A1/en
Priority to US10/322,018 priority patent/US7793109B2/en
Priority to US10/321,872 priority patent/US7921297B2/en
Assigned to MESA DIGITAL LLC reassignment MESA DIGITAL LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: LOPEZ, KERMIT, ORTIZ, LUIS M.
Priority to US12/756,855 priority patent/US20100194571A1/en
Priority to US12/885,087 priority patent/US8462994B2/en
Priority to US13/035,606 priority patent/US8499164B2/en
Assigned to RANDOM BIOMETRICS, LLC reassignment RANDOM BIOMETRICS, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MESA DIGITAL, L.L.C.
Assigned to MESA DIGITAL, LLC reassignment MESA DIGITAL, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: RANDOM BIOMETRICS, LLC
Assigned to IP VENUE, LLC reassignment IP VENUE, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MESA DIGITAL, LLC
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles

Definitions

  • the present invention relates to authentication for and security of electronic systems, such as computers, kiosks, wireless devices, associated fixed and wireless networks, and mechanical systems, such as secure buildings.
  • the present invention also relates to the use of biometric data for authenticating user identity and providing secure user access to data and/or transactions.
  • passwords is a common method of providing security for electrical or mechanical systems.
  • Password protection and/or combination type locks are employed for computer network security, automatic teller machines, telephone banking, calling cards, telephone answering services, buildings, factories, houses and safes. These systems generally require the knowledge of an entry code that has been selected by or provided to a user or has been configured in advance.
  • Pre-set codes are often forgotten, however, as users have no reliable method of remember them. Writing down the codes and storing them in close proximity to an access control device (e.g., a combination lock) results in a secure access control system with a very insecure code. Alternatively, the nuisance of trying several code variations renders the access control system more of a problem than a solution.
  • an access control device e.g., a combination lock
  • Password systems are known to suffer from other disadvantages. Usually, a user specifies passwords. Most users, being unsophisticated users of security systems, choose passwords that are relatively insecure. As such, many password systems are easily accessed through a simple trial and error process.
  • a security guard reviews identification cards and compares pictures thereon to a person carrying the card. The security guard provides access upon recognition or upon other criteria.
  • Other building security systems use card access, password access, or another secure access approach.
  • passwords and cards have the same drawbacks when used for building security as when used for computer security.
  • a number of systems have been developed to ensure that users do not gain unauthorized access to host computer systems. As explained above, some systems prompt a user for passwords. Such systems may also rely on PIN numbers, before granting the user access to the host computer system. As indicated above, however, passwords and PIN numbers may be forgotten or may fall into the wrong hands. Additionally, using passwords and PIN numbers for security purposes places an additional burden on institutions because passwords or PIN numbers require additional machinery and human resources to deal with customers when customers forget passwords or PIN numbers, or when customers request that passwords or PIN numbers be changed.
  • Biometric authentication systems As an alternative to traditional security systems, such as security guards, passwords or PIN numbers, biometric authentication systems have been developed to authorize accesses to various electronic and mechanical systems. Biometrics can generally be defined as the science of utilizing unique physical or behavioral personal characteristics to verify the identity of an individual. Biometric authentication systems are typically combined with hardware and software systems for automated biometric verification or identification. Biometric authentication systems receive a biometric input, such as a fingerprint or a voice sample, from a user. This biometric input is typically compared against a prerecorded template containing biometric data associated with the user to determine whether to grant the user access to a service on the host system.
  • a biometric input such as a fingerprint or a voice sample
  • a biometric security access system can thus provide substantially secure access and does not require a password or access code.
  • a biometric identification system accepts unique biometric information from a user and identifies the user by matching the information against information belonging to registered users of the system.
  • One such biometric system is a fingerprint recognition system.
  • a fingerprint biometric system input transducer or sensor the finger under investigation is usually pressed against a flat surface, such as a side of a glass plate; the ridge and valley pattern of the finger tip is sensed by a sensing means such as an interrogating light beam.
  • a sensing means such as an interrogating light beam.
  • a system may be prompted through user entry that a fingertip is in place for image capture.
  • Another method of identifying fingerprints is to capture images continuously and to analyze each image to determine the presence of biometric information such as a fingerprint.
  • Various optical devices which employ prisms upon which a finger whose print is to be identified is placed.
  • the prism has a first surface upon which a finger is placed, a second surface disposed at an acute angle to the first surface through which the fingerprint is viewed and a third illumination surface through which light is directed into the prism.
  • the illumination surface is at an acute angle to the first surface.
  • the illumination surface may be parallel to the first surface.
  • Fingerprint identification devices of this nature are generally used to control the building-access or information-access of individuals to buildings, rooms, and devices such as computer terminals.
  • biometric authentication systems have many known problems.
  • a user identification code a PIN
  • a PIN is generally required to identify each individual in order to permit comparison of the biometric information and a single user's template.
  • a PIN can be inconvenient and the device needed to accept a PIN are sometimes subject to damage and failure.
  • the device is also an additional expense in a doorway access system. Since a single processor can provide processing for several doors, for a multiple doorway system, the PIN entry unit forms a significant portion of the overall system cost. It would be advantageous to provide a system wherein provision of a PIN is not always necessary for identification.
  • most biometric authentication systems or services rely on some form of PIN input.
  • a security system may be characterized as allowing 1 in 1,000 false acceptances or, alternatively, 1 in 1,000,000.
  • a probability distribution curve establishes a cut off for a given registration to determine what false acceptance rate this reflects. Curves of this type are exponential in nature and, therefore for better false acceptance rates provide only nominal improvements to false acceptance rate for significant changes to a threshold value.
  • a biometric information sample Typically when using a biometric information sample, a low match score results in failure to authorize an individual.
  • biometrics Another potential problem with the use of biometrics is related to the unauthorized interception of a digital signal or file representing a biometric (i.e., similar to unauthorized interception of passcodes/passwords).
  • An unauthorized user may substitute a digital signal of a biometric attribute or template by bypassing biometric readers or scanners altogether. Therefore, like passwords or passcodes, use of biometrics for security purposes and user authorization, verification, and identification is not full proof.
  • biometric authentication systems are still plagued with various physical and algorithmic drawbacks. It is believed that the biometric methods and systems disclosed herein overcome such drawbacks by employing a unique random method and system of biometric identification and verification that correlates directly to biometric attributes themselves.
  • the present invention provides biometric authentication methods and systems.
  • a user may be prompted to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user.
  • a user may be permitted to perform a user-desired activity if at least one biometric attribute input by the user to the electronic system matches the at least one biometric attribute randomly selected from the user profile.
  • a user profile may be generally accessible from a server through the electronic system.
  • a user profile may also be accessible from a biometric broker through an electronic system over a secure network connection.
  • a user profile may also be accessible from a portable electronic device such as smart cards PDAs and/or other wireless hand held devices.
  • methods may include processing steps which result in obtaining at least one biometric attribute from a user for compilation in a user profile or template, compiling the user profile, and subsequently storing the user profile in a location accessible by at least one electronic system.
  • the user may be permitted to modify the user profile in response to approval of a request by the user.
  • a method can involve the processing step of comparing at least one biometric attribute input by the user to an electronic system with at least one biometric attribute randomly selected from the user profile. The user can then be subsequently prompted to input to the electronic system at least one additional biometric attribute randomly selected from the user profile, if at least one biometric attribute previously input by the user to the electronic system does not match the at least one biometric attribute previously selected randomly from the user profile.
  • the electronic system itself may be configured with at least one wireless device that operates with a wireless network.
  • the electronic system can also be configured with at least one computer workstation operable over an associated network.
  • the electronic system may be configured as an automated teller machine.
  • the electronic system can also be configured as a secured entry system to a secured environment.
  • the electronic system may also be part of a point of sale in a retail establishment that relies on credit card authorization to enable customer transactions.
  • the electronic system may simply be a wireless network or a computer network, or a combination thereof.
  • the electronic system may simply be a wireless device, such as, for example, a Wireless Application Protocol (WAP) enabled cellular telephone and/or PDA (Personal Digital Assistant).
  • WAP Wireless Application Protocol
  • PDA Personal Digital Assistant
  • Biometric attributes can comprise fingerprints, facial information, voice print data, retinal data, hand geometry measurements, scanned iris data, and/or signature verification data. Other biometric attributes not listed herein may also be utilized in accordance with the present invention.
  • At least one defective biometric attribute associated with the user may be identified as defective (or otherwise un-readable), according to a method disclosed herein. Thereafter, a user can be prompted to input to the electronic system at least one additional biometric attribute randomly selected from a user profile containing biometric attributes of the user.
  • a user-desired activity may be, for example, a financial transaction, an ATM transaction, access to a secure area, access to data from the electronic system, and/or execution of a mechanical activity.
  • a method for biometrically securing access to an electronic system may be prompted to input to an electronic system at least two biometric attributes randomly selected from a user profile containing biometric attributes of the user. The user may then be permitted to perform a user-desired activity if biometric attributes input by the user to the electronic system matches the at least two biometric attribute randomly selected from the user profile.
  • FIG. 1 depicts a block diagram illustrating components of an electronic system associated with a database containing biometric attributes in which preferred embodiments of the present invention may be implemented;
  • FIG. 2 illustrates a diagram illustrating client computer systems coupled to host systems through a network in which preferred embodiments of the present invention may be implemented;
  • FIG. 3 illustrates a block diagram illustrating some of the functional components within the client computer system depicted in FIG. 2, which may be utilized to implement an embodiment of the present invention
  • FIG. 4 depicts a diagram illustrating biometric attributes and a user profile, which may be utilized in accordance with preferred embodiments of the present invention
  • FIG. 5 illustrates a flow chart illustrating operations for authenticating a user in accordance with an embodiment of the present invention
  • FIG. 6 depicts a flow chart illustrating additional operations for authenticating a user in accordance with an embodiment of the present invention
  • FIG. 7 depicts a portion of a user interface that may be implemented in accordance with the present invention.
  • FIG. 8 depicts a portion of an alternative user interface that may be implemented in accordance with the present invention.
  • FIG. 1 depicts a block diagram illustrating components of an electronic system 12 associated with a database or memory containing biometric attributes 14 , in which preferred embodiments of the present invention may be implemented.
  • Database 14 may be linked or integrated with electronic system 12 and may include a at least one user profile 15 containing biometric templates (i.e., samples) of biometric attributes provided previously by particular users.
  • Electronic system 12 may interact with and communicate with a variety of devices and mechanical systems.
  • Electronic system 12 may, for example, communicate with a computer workstation 24 .
  • electronic system 12 may be configured as a remote computer network, such as the Internet, or a dedicated computer network operating within a particular organization, business or institution.
  • Electronic system 12 may also be configured to communicate with electromechanical systems, such as entry hardware of a secure building 22 .
  • a user may access electronic system 12 to secure entry to secure building 22 .
  • electronic system 12 may be configured as electronics associated with or resident within the user interface (e.g., typical of non-networked systems, such as secure entries).
  • electronic system 12 may be configured to communicate with an Automatic Teller Machine (ATM) 20 and/or point of sale.
  • ATM Automatic Teller Machine
  • a user attempting to retrieve cash through ATM 20 can be required to authentication his or her identification, based on previously stored biometric attributes contained within database 14 and/or user profile 15 .
  • Database 14 and user profile 15 may together function as a biometric broker that communicates as a third-party service with various mechanical systems and other devices through electronic system 12 .
  • Electronic system 12 may also communicate with a financial institution 18 and wireless device 16 .
  • wireless device 16 In order to communicate with wireless device 16 , electronic system 12 may be configured as part of a wireless network.
  • a wireless device 16 may be, for example, a wireless telephone or a wireless hand held device that can communicate with wireless networks to send and receive data.
  • Wireless device 16 may be, for example, a Wireless Application Protocol (WAP) enabled communications device configured to authenticate the identity of a user through a biometric scanner integrated with or attached to the wireless device.
  • WAP Wireless Application Protocol
  • FIG. 2 illustrates a diagram illustrating client computer systems 32 , 34 , and 36 coupled to host computer systems 48 , 40 , and 42 through a network 30 , in which preferred embodiments of the present invention may be implemented.
  • Network 30 may be any communication channel through which computer systems can communicate. This includes, but is not limited to, local area networks, such as Ethernet or Token ring, and wide area or remote computer networks, such as the Internet and World Wide Web, well known in the networking arts.
  • Network 30 may also be implemented as a wireless network through which wireless devices, such as wireless device 16 of FIG. 1, may communicate with other devices and other systems.
  • a client such as client systems 32 , 34 , and 36 can be any node on a computer network including computational capability and including a mechanism for communication across network 30 .
  • Human users 33 , 35 , and 37 may operate client systems 32 , 34 , and 36 , respectively.
  • a host such as host systems 48 , 40 and 42 , can be any node on a computer network including a mechanism for servicing requests from a client for computational or data storage resources. Hosts may also be implemented as servers.
  • Biometric broker 44 can be implemented as a centralized repository for storing biometric attributes (i.e., biometric data), such as fingerprint data. Biometric broker 44 may also be configured as an entity that obtains biometric data form a variety of biometric databases operated by different entities and organizations, and utilizes such information for authentication purposes. FIG. 4, which will be further described herein, lists examples of biometric data that may be utilized in accordance with the present invention. Biometric broker 44 may also include a mechanism for managing the biometric attributes stored as data, and may additionally include a mechanism for implementing security policies for the biometric attributes. Such policies may require specific levels of authentication for different groups of users, or for access to different servers.
  • biometric attributes i.e., biometric data
  • FIG. 4 which will be further described herein, lists examples of biometric data that may be utilized in accordance with the present invention.
  • Biometric broker 44 may also include a mechanism for managing the biometric attributes stored as data, and may additionally include a mechanism for implementing security policies for the biometric attributes. Such policies may require specific levels
  • Biometric brokers 44 may be implemented in any number of forms.
  • biometric broker 44 may be implemented as a node on network 30 , which communicates with host systems 48 , 40 , and 42 across network 30 .
  • biometric broker 44 is located on a host, such as host system 48 .
  • FIG. 2 may operate generally as follows.
  • a user such as user 33
  • User 33 requests access to resources on host system 48 across network 30 .
  • host system 48 attempts to authenticate user 33 .
  • host system 48 requests a biometric attribute (i.e., biometric data) from biometric broker 44 .
  • Biometric broker 44 returns a biometric attribute or biometric template, which may be compared against sample biometric attribute(s) randomly collected from user 33 . This comparison may take place at a number of locations, including at client system 32 , at host system 48 or at biometric broker 44 . If the sample biometric attribute collected from user 33 matches the biometric attribute retrieved from biometric broker 44 , user 33 may be permitted to access resources on host system 48 .
  • Providing a centralized authentication service such as biometric broker 114 has a number of advantages.
  • One advantage is generally that centralized revocation can be supported.
  • an employee in an organization typically has access to a number of different resources on a number of different host systems. When this employee leaves the organization, it often takes a long time to explicitly revoke the employee's access rights on all host systems.
  • Under a centralized revocation scheme such revocation only needs to take place once at the centralized revocation service since the disparate host systems always look to the centralized revocation service to authenticate a user.
  • FIG. 3 illustrates a block diagram illustrating some of the functional components within client computer system 32 that may be utilized to implement an embodiment of the present invention.
  • client system 32 can be any node on a computer network including computational capability and including a mechanism for communication across network 30 .
  • client system 32 includes user interface 62 , networking code 64 and adapter 66 .
  • These functional components can be implemented in software running on, for example, a client CPU.
  • User interface 62 provides a mechanism through which user 33 can operate client system 32 .
  • Networking code 64 may include a library of functions, which allow client system 32 to communicate across network 30 .
  • Adapter 66 may include a collection of functions that implement the client portion of a biometric authentication system according to one embodiment of the present invention.
  • Adapter 66 may communicate with sealed hardware unit 58 , which can be utilized to perform biometric authentication functions.
  • sealed hardware unit 58 can be encased in a sealed insulating layer, which prevents a malicious user of client system 32 from monitoring the computational operations performed within sealed hardware unit 58 . This can prevent a malicious user from improperly gaining access to host system 48 , even if the malicious user has the power to modify hardware and software resources on client system 32 .
  • the circuitry inside sealed hardware unit 58 may be encased in the insulating layer in such a manner that any attempt to cut through the insulating layer to monitor the circuitry is likely to render the circuitry inoperable.
  • such features may or may not be implemented and are presented here for illustrative purposes only and are not meant to be interpreted as limited features of the present invention.
  • Sealed hardware unit 58 can include a CPU 50 , which can be any type of computational engine that can be used to perform the computational and logical operations involved in biometric authentication. Sealed hardware unit 58 can additionally include threshold storage 52 and key storage 54 . Threshold storage 52 may be utilized as a memory location for storing threshold values indicating how closely a biometric attribute take as a biometric sample from a user must match a biometric attribute retrieved from a database through biometric broker 44 , in order to allow the user to access the host system.
  • Key storage 54 can store at least one encryption key that can be used to encrypt messages or computer checksums for communications across network 30 .
  • Sealed hardware unit 58 may communicate with scanner 60 , which can be utilized to take a biometric sample (i.e., biometric attribute) from user 33 .
  • This biometric attribute can be any type of biometric measurement of user 33 . This includes, but is not limited to, fingerprint data, retinal scan data, handwriting data, voice data (e.g., a voice print), and facial data (e.g., a face scan).
  • biometric attributes stored as data within a database such as biometric database 14 and/or user profile 15 of FIG. 1, may be stored as a template or biometric template.
  • FIG. 3 The components illustrated in FIG. 3 can operate as follows.
  • User 33 initiates the biometric authentication process by seeking access to resources on a host system, such as host system 48 of FIG. 2, through user interface 62 .
  • This causes authentication code within adapter 66 to initiate communications with host system 48 (i.e., host system 48 illustrated in FIG. 2).
  • This authentication code within adapter 66 may additionally initiate operations within sealed hardware unit 58 to gather a biometric attribute as a biometric sample from user 33 through scanner 60 .
  • These authentication operations are described in more detail below with reference to the flow charts in FIGS. 5 and 6.
  • FIG. 4 depicts a diagram illustrating biometric attributes and a user profile 82 , which may be utilized in accordance with preferred embodiments of the present invention. Elements of user profile 82 in FIG. 4 can be analogous to user profile 15 of FIG. 1.
  • Biometric attributes 80 may include fingerprints, voiceprints, retinal and iris information, hand geometry, facial information, and signatures. Thus, biometric authentication may be based on a variety of possible biometric measurements.
  • a user profile 82 of a particular user will thus include one or more of the aforementioned biometric attributes. Such biometric attributes are utilized to verify the identity of the user.
  • Typical biometric measurements which may be utilized to authenticate identity, include fingerprint verification. Fingerprint images contain a large amount of information and therefore has a reliable and inherent accuracy. Fingerprint identification is generally well known in the biometric arts and has been utilized since the 1800's by law enforcement agencies to assist law enforcement officers in criminal investigations.
  • Hand geometry may also be utilized to measure the physical characteristics of a user's hands and fingers.
  • Hand geometry biometric authentication has traditionally been utilized for physical access control and time/attendance systems.
  • Hand geometry has traditionally been limited to verification (i.e., one-to-one comparisons) rather than identification (one-to-many comparisons.
  • Hand geometry does not measure or capture finger or palm prints, but can reliably measure the physical characteristics of an individual's hands from a three dimensional perspective.
  • Voice recognition is known as another important technique for identify users.
  • a voiceprint is obtained from a user and stored as biometric attributes for later user identification. It is generally well known in the biometric arts that an individual's voice contains unique wavelength sound characteristics. Such characteristics can be analyzed and stored as biometric data.
  • Retinal scanning is another biometric measurement technique that can be utilized in accordance with the present invention.
  • Retinal scanning is generally based on a biometric measurement process that maps the structure of veins at the back of individual's eye.
  • Retinal scanners typically send a beam of concentrated light into the eye.
  • Retinal scanners employ low intensity light for measuring the retina characteristics associated with an individual.
  • Iris scanning is another biometric measurement technique that can be utilized in accordance with the methods and systems disclosed herein.
  • Iris scanning well known in the biometric arts, scans unique random patterns of an individual's iris. Such a measurement method does not rely on the iris color. Iris scanning is generally based on the fact that the color portion of the eye that surrounds the pupil contains patterns that are unique to each individual.
  • An individual's signature is another important biometric attribute that can be utilized to verify the identity of an individual. Signature verification can be readily utilized with the other biometric measuring techniques utilized above.
  • Facial recognition may be utilized in accordance with the present invention to enhance biometric authentication.
  • a facial scan of an individual is taken and stored as data which may later be compared against a user's most recently provided facial scan to confirm or deny user identity.
  • a user steps in front of a digital camera, which captures an image of the user's face. Associated software captures the image and creates a facial template.
  • Some facial recognition software currently in use relies on Local Feature Analysis (LFA) to measure the size and shape of features around the eyes or center of the face captured in the image, along with the width of the bridge of the nose or distance form the nose to each eye.
  • LFA Local Feature Analysis
  • Such software relies on features that are not statistically change altered to weight gain or loss, aging, facial hair growth and so forth.
  • An example of a facial recognition system that uses facial recognition software is Visionics' Faceit software, which works with simple digital Web cameras to verify a user's identity for access to computers and associated computer networks.
  • biometric attributes are not shown in FIG. 4, but those skilled in the art can apply equally to the practice of the present invention.
  • biometric attributes may include a palm print, ear shape, ear canal acoustic properties, DNA, keystroke (e.g., typing rhythm), and body odor.
  • FIG. 5 illustrates a flow chart 100 illustrating operations for authenticating a user, in accordance with an embodiment of the present invention.
  • the process can be initiated as indicated at block 102 .
  • a user transaction may be initiated with an electronic system, as depicted thereafter at block 104 .
  • Such an electronic system may, for example, be configured as an ATM and/or point of sale linked to a computer network that communicates with a biometric broker, such as biometric broker 44 of FIG. 2.
  • such a biometric broker can be composed of a database containing biometric attributes and/or a user profile integrated with or in communication with the database.
  • the user profile contains previously store biometric attributes of a particular user.
  • a user during enrollment may provide a biometric attribute.
  • samples of designated biometric attributes may be acquired.
  • One or more unique features of the samples can then be configured to form a biometric template of one or more biometric attributes for subsequent comparison purposes.
  • the user is requested by the electronic system to provide at least one biometric attribute.
  • the operation described at block 106 is based on random factors.
  • the user is prompted to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user.
  • User input of a biometric attribute can be based on this random selection.
  • the user provides to the electronic system, the biometric attributes randomly selected by the electronic system from the user profile.
  • a comparison may be made between the random biometric attribute(s) selected by the electronic system from the user profile and the biometric attributes input by the user to a biometric scanner. If a match does not occur, then the process may be repeated, beginning with the operation depicted at block 104 .
  • the user may be permitted to perform a user-desired activity such as, for example, performing financial transactions. If a biometric attribute input by the user to the electronic system does not match one or more of the biometric attributes randomly selected from the user profile associated with the user after, for example, three attempts, the user is not permitted to perform user-desired activities or transactions.
  • FIG. 6 depicts a flow chart 130 illustrating additional operations for authenticating a user, in accordance with an embodiment of the present invention.
  • the process may be initiated, as indicated at block 132 .
  • a user initiates a transaction with an electronic system via a single biometric attribute.
  • This single biometric attribute may be provided via, for example, a fingerprint provided by the user through a fingerprint scanner integrated with the electronic system.
  • This single biometric attribute may also be provided via a smart card that is receivable by the biometric system.
  • Biometric attributes may be previously stored within a memory location contained within the smart card for later retrieved (e.g., read or scanned by an electronic system at a point of sale or ATM) for user authentication or verification purposes using biometric method taught herein.
  • Smart cards are generally known in the art as credit-card sized plastic cards with an embedded computer chip.
  • the chip can either be a microprocessor with internal memory or a memory chip with non-programmable logic.
  • the chip connection can be configured via direct physical contact or remotely through a contactless electromagnetic interface.
  • Smart cards may be generally configured as either a contact or contactless smart card, or a combination thereof.
  • a contact smart card requires insertion into a smart card reader with a direct connection to, for example, a conductive micromodule on the surface of the card.
  • a micromodule may be generally gold plated. Transmission of commands, data, and card status takes place through such physical contact points.
  • a contactless card requires only close proximity to a reader. Both the reader and the card may be implemented with antenna means providing a contactless link that permits the devices to communicate with one another. Contactless cards can also maintain internal chip power or an electromagnetic signal (e.g., RF tagging technology).
  • RF tagging technology e.g., RF tagging technology
  • a Hybrid card generally may be equipped with two chips, each with a respective contact and contactless interface. The two chips are not connected, but for many applications, this Hybrid serves the needs of consumers and card issuers.
  • the Combi card may be generally based on a single chip and can be generally configured with both a contact and contactless interface.
  • Chips utilized in such smart cards are generally based on microprocessor chips or memory chips. Smart cards based on memory chips depend on the security of the card reader for their processing and can be utilized when low to medium security requirements. A microprocessor chip can add, delete and otherwise manipulate information in its memory. Microprocessor-based memory cards typically contain microprocessor chips with 8, 16, and 32 bit architectures.
  • the user may input a single biometric attribute at the request of, or to initiate, the electronic system.
  • the electronic system may be, for example, an ATM machine equipped with a biometric scanner.
  • the biometric scanner may be configured with, for example, iris scanning, retinal scanning, and fingerprint scanning capabilities.
  • the user may, for example, provide his or her left thumbprint, if requested by the electronic system, to initiate a transaction utilizing the electronic system.
  • a user profile may be retrieved by the electronic system based on the input of a single user biometric attribute, such as a fingerprint. Again, retrieval may be from a server, electronic system memory, or portable device memory (e.g., smart card or other electronic hand held device)
  • the user selects a desired user-activity at an interface associated with the electronic system, as indicated at block 138 , and thereafter, as illustrated at block 140 , the user may be requested by the electronic system to provide at least one biometric attribute via random selection of such an attribute by the electronic system.
  • Biometric attributes are thus randomly selected from the user profile associated with the user.
  • the user must then provide the electronic system with biometric attributes that match the biometric attributes randomly selected from the user profile, as indicated at block 142 .
  • a biometric attribute input by the user through an interface and biometric scanner associated with the electronic system does not match the biometric attributes randomly selected from the user profile, the user can be requested again, as indicated at block 140 . If, however, a match is made, then the user may be permitted to perform the user-desired activity, such as accessing secure data or entry to a secure building, as illustrated at block 146 . The process then terminates, as indicate at block 148 .
  • FIG. 7 depicts a pictorial diagram 200 of a user interface 202 that may be implemented in accordance with the present invention.
  • user interface 202 is shown, for example, at three different moments in time.
  • User interface 202 can be analogous to user interface 64 of FIG. 3.
  • a user interface 202 may be of many forms depending on the type of biometric sample being requested, obtained and/or utilized.
  • Biometric samples may be of different types (e.g., voice, fingerprint, eye, etc.).
  • the user may be prompted to input biometric samples randomly selected by the electronic system from a user profile containing biometric attributes previously obtained from the user.
  • User interface 202 may be integrated with, for example, an ATM machine, or a secure door that accesses a secure area, such as a government building or military complex.
  • user interface 202 includes an iris scanner 208 and a fingerprint scanner 206 .
  • Finger print scanner 206 may be integrated with a display area 204 , which may also be integrated with iris scanner 208 .
  • Input of a biometric attribute by a user to interface 202 may be based on the random selection of a biometric attribute from a user profile.
  • the number of biometric attributes requested from a user may also based on a random number. For example, during one authentication session, a user may be requested to provide a left index fingerprint and a left iris scan. During another authentication session, the same user may be required to provide a left index fingerprint, followed by the fingerprint of his or her right middle finger, and immediately thereafter, an iris scan of a left eye, or perhaps, a right eye.
  • the selection of biometric attributes from the user profile may thus be based on a random selection.
  • the number of required biometric samples that a user may be required to input may also be a random number.
  • the number of biometric attributes required to be input by a user will likely be a limited number. Thus, a user may be required to input only three biometric attributes during one authentication session, two biometric attributes during another authentication session, and five biometric attributes during another biometric session.
  • biometric scanning devices may also be integrated with the user interface 202 , such as, for example, a retina scanner, palm scanner, voice print scanner, and so forth.
  • FIG. 7 should not be interpreted as limiting the invention.
  • the drawing illustrated in FIG. 7 merely represents one possible embodiment in which the present invention may be implemented.
  • FIG. 8 depicts a pictorial diagram 220 illustrating a portion of an alternative user interface 222 that may be implemented in accordance with the present invention.
  • User interface 222 may communicate with or be integrated with an electronic system, such as an ATM machine or point of sale.
  • User interface 222 may be integrated with a microphone 230 that may receive a voiceprint from a user.
  • User interface 222 may also be integrated with a fingerprint scanner 228 that captures fingerprints as biometric data from users.
  • user interface 222 may include a camera 226 that functions for iris, retinal, and facial scanning purposes.
  • pictorial diagram 220 illustrates first, second and third biometric attribute input stages.
  • a user may be prompted through a display unit 231 to input his or her name or other word or phrase. The user merely speaks his or her name, for example, into microphone 230 .
  • the user may be requested to input his or right hand thumbprint.
  • the user may be requested to provide a biometric sample of his or right eye, which may be scanned as a retina or iris biometric attribute of the user.
  • the user may be asked to provide a facial scan, in which case, camera 226 captures a facial image of the user for biometric authentication purposes.
  • the present invention may be configured as a system for biometrically securing access to an electronic system.
  • a system may include modules thereof.
  • a module in software use, is generally a collection of routines and data structures that performs a particular task or implements a particular abstract data type. Module typically are composed of an interface, which lists the constants, data types variables, and routines that can be accessed by other modules or routines, and an implementation, which can be accessible only by the module. The implementation contains the source code that actually implements the routines in the module.
  • the system described herein may include a module for prompting a user to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user. Additionally, the system can include a module for permitting the user to perform a user-desired activity if at least one biometric attribute input by the user to the electronic system matches the at least one biometric attribute randomly selected from the user profile.
  • the user profile is generally accessible from a server and/or memory through the electronic system.
  • the user profile may also be accessible from a biometric broker through the electronic system over a secure network connection.
  • at least one biometric attribute may be obtained from the user for compilation in a user profile.
  • the user profile is generally stored in a location accessible by at least one electronic system. The user is generally permitted to modify the user profile, in response to approval of a request by the user.
  • Such a system can also include a module for comparing at least one biometric attribute input by the user to the electronic system with the at least one biometric attribute randomly selected from the user profile. Additionally, such a system includes a module for subsequently prompting a user to input to the electronic system at least one additional biometric attribute randomly selected from the user profile, if at least one biometric attribute previously input by the user to the electronic system does not match the at least one biometric attribute randomly previously selected from the user profile.
  • the electronic system may be configured as one or more wireless devices that operate with a wireless network.
  • the electronic system may also be configured as one or more computer workstations operable over an associated network.
  • the electronic system may comprise an automated teller machine, or a secured entry system to a secured environment.
  • the electronic system may simply be a wireless network or a computer network, or a combination thereof.
  • the electronic system may also be a wireless device.
  • Such a system may also include a module for identifying at least one defective biometric attribute associated with the user. The user can be prompted to input to the electronic system at least one additional biometric attribute randomly selected from a user profile containing biometric attributes of the user.
  • the user-desired activity may comprise activities, such as, for example, a financial transaction, an ATM transaction, access to a secure area, or access to data from the electronic system.
  • activities such as, for example, a financial transaction, an ATM transaction, access to a secure area, or access to data from the electronic system.
  • the user-desired activity may also simply comprise the execution of a mechanical activity.
  • a system for biometrically securing access to an electronic system may include a module for prompting a user to input to the electronic system at least two biometric attributes randomly selected from a user profile containing biometric attributes of the user.
  • Such an alternative system can also include a module for permitting the user to perform a user-desired activity, if biometric attributes input by the user to the electronic system matches the at least two biometric attribute randomly selected from the user profile.

Abstract

Methods and systems for biometrically securing access to electronic systems. A user prompted to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user. A user may be prompted to input such a biometric sample through a user interface integrated with the electronic system. A user may be permitted to perform a user-desired activity, such as accessing an ATM machine, particular data, or entry to a secure area, if at least one biometric attribute input by the user to the electronic system matches at least one biometric attribute randomly selected from the user profile. A user profile may be generally accessible from a server through the electronic system. A user profile may also be accessible from a biometric broker through the electronic system over a secure network connection. A user profile may also be accessible from a hand held device, such as a smart card, wireless PDA or wireless communication device.

Description

    BACKGROUND OF THE INVENTION
  • 1. Technical Field of the Invention [0001]
  • The present invention relates to authentication for and security of electronic systems, such as computers, kiosks, wireless devices, associated fixed and wireless networks, and mechanical systems, such as secure buildings. The present invention also relates to the use of biometric data for authenticating user identity and providing secure user access to data and/or transactions. [0002]
  • 2. Description of the Related Art [0003]
  • Security for electronic and mechanical systems has rapidly become an important issue in recent years. With the proliferation of computers, computer networks and other electronic device and networks into all aspects of business and daily life, the concern over secure file and transaction access has grown tremendously. The ability to secure data and transactions is particularly important for financial, medical, education, government, military, and communications endeavors. [0004]
  • Using passwords is a common method of providing security for electrical or mechanical systems. Password protection and/or combination type locks are employed for computer network security, automatic teller machines, telephone banking, calling cards, telephone answering services, buildings, factories, houses and safes. These systems generally require the knowledge of an entry code that has been selected by or provided to a user or has been configured in advance. [0005]
  • Pre-set codes are often forgotten, however, as users have no reliable method of remember them. Writing down the codes and storing them in close proximity to an access control device (e.g., a combination lock) results in a secure access control system with a very insecure code. Alternatively, the nuisance of trying several code variations renders the access control system more of a problem than a solution. [0006]
  • Password systems are known to suffer from other disadvantages. Usually, a user specifies passwords. Most users, being unsophisticated users of security systems, choose passwords that are relatively insecure. As such, many password systems are easily accessed through a simple trial and error process. [0007]
  • To secure access to particular areas, such as buildings, the most common building security system relied on traditionally has been a security guard. A security guard reviews identification cards and compares pictures thereon to a person carrying the card. The security guard provides access upon recognition or upon other criteria. Other building security systems use card access, password access, or another secure access approach. Unfortunately, passwords and cards have the same drawbacks when used for building security as when used for computer security. [0008]
  • As computer networks are increasingly used to link computer systems together, applications have been developed to allow a user on a client computer system to access a service on a host computer system. For example, a user on a client system may be able to access information contained in a database on a host computer system. Unfortunately, along with this increased accessibility comes increased potential for security problems. For example, communications, including authentication, between a client system and a host system can be intercepted and tampered with while in transit over the computer network. This may allow third parties or malicious users on a client computer system to gain access to, or security codes for, a service on a host computer system without proper authorization. [0009]
  • A number of systems have been developed to ensure that users do not gain unauthorized access to host computer systems. As explained above, some systems prompt a user for passwords. Such systems may also rely on PIN numbers, before granting the user access to the host computer system. As indicated above, however, passwords and PIN numbers may be forgotten or may fall into the wrong hands. Additionally, using passwords and PIN numbers for security purposes places an additional burden on institutions because passwords or PIN numbers require additional machinery and human resources to deal with customers when customers forget passwords or PIN numbers, or when customers request that passwords or PIN numbers be changed. [0010]
  • As an alternative to traditional security systems, such as security guards, passwords or PIN numbers, biometric authentication systems have been developed to authorize accesses to various electronic and mechanical systems. Biometrics can generally be defined as the science of utilizing unique physical or behavioral personal characteristics to verify the identity of an individual. Biometric authentication systems are typically combined with hardware and software systems for automated biometric verification or identification. Biometric authentication systems receive a biometric input, such as a fingerprint or a voice sample, from a user. This biometric input is typically compared against a prerecorded template containing biometric data associated with the user to determine whether to grant the user access to a service on the host system. [0011]
  • A biometric security access system can thus provide substantially secure access and does not require a password or access code. A biometric identification system accepts unique biometric information from a user and identifies the user by matching the information against information belonging to registered users of the system. One such biometric system is a fingerprint recognition system. [0012]
  • In a fingerprint biometric system input transducer or sensor, the finger under investigation is usually pressed against a flat surface, such as a side of a glass plate; the ridge and valley pattern of the finger tip is sensed by a sensing means such as an interrogating light beam. In order to capture an image of a fingerprint, a system may be prompted through user entry that a fingertip is in place for image capture. Another method of identifying fingerprints is to capture images continuously and to analyze each image to determine the presence of biometric information such as a fingerprint. [0013]
  • Various optical devices are known which employ prisms upon which a finger whose print is to be identified is placed. The prism has a first surface upon which a finger is placed, a second surface disposed at an acute angle to the first surface through which the fingerprint is viewed and a third illumination surface through which light is directed into the prism. In some cases, the illumination surface is at an acute angle to the first surface. In other cases, the illumination surface may be parallel to the first surface. Fingerprint identification devices of this nature are generally used to control the building-access or information-access of individuals to buildings, rooms, and devices such as computer terminals. [0014]
  • Before the advent of computers and imaging devices, research was conducted into fingerprint characterization and identification. Today, much of the research focus in biometrics has been directed toward improving the input transducer and the quality of the biometric input data. Fingerprint characterization is thus generally well known and can involve many aspects of fingerprint analysis. [0015]
  • For doorway security systems, biometric authentication systems have many known problems. For example, a user identification code, a PIN, is generally required to identify each individual in order to permit comparison of the biometric information and a single user's template. Remembering a PIN can be inconvenient and the device needed to accept a PIN are sometimes subject to damage and failure. The device is also an additional expense in a doorway access system. Since a single processor can provide processing for several doors, for a multiple doorway system, the PIN entry unit forms a significant portion of the overall system cost. It would be advantageous to provide a system wherein provision of a PIN is not always necessary for identification. To date most biometric authentication systems or services rely on some form of PIN input. [0016]
  • In evaluating security of biometric authorization systems, false acceptance and false rejections are sometimes evaluated as a fraction of a user population. A security system may be characterized as allowing 1 in 1,000 false acceptances or, alternatively, 1 in 1,000,000. Typically a probability distribution curve establishes a cut off for a given registration to determine what false acceptance rate this reflects. Curves of this type are exponential in nature and, therefore for better false acceptance rates provide only nominal improvements to false acceptance rate for significant changes to a threshold value. Typically when using a biometric information sample, a low match score results in failure to authorize an individual. [0017]
  • In the past, a one-to-many search of biometric information has generally been considered undesirable because security may be compromised. For example, when a single biometric template is compared and a resulting comparison having a 1/1,000,000 likelihood of false acceptance is desired, it should be clear that 1/1,000,000 users may be misidentified. When, however, a forty user system is provided with equivalent individual comparison criteria, the probability of false acceptance can escalate to 1-(0.999 999)[0018] 40 which is about 1/25,000. Whereas 1/1,000,000 is generally acceptable for many applications, 1/25,000 is likely not as acceptable. Further, as the number of individual templates grows, the rate of false acceptance increases; when 250 templates exist, a likelihood of about 1/4,000 of false acceptance exists.
  • In order to solve this problem, one might reduce the false acceptance rate to 1/10,000,000; however, this results in problems identifying some people and makes such a system inconvenient. A system of this type is unlikely to provide consistent results and therefore, requires a security guard at least at a door to provide access for those who are not identifiable to 1/10,000,000. [0019]
  • Another potential problem with the use of biometrics is related to the unauthorized interception of a digital signal or file representing a biometric (i.e., similar to unauthorized interception of passcodes/passwords). An unauthorized user may substitute a digital signal of a biometric attribute or template by bypassing biometric readers or scanners altogether. Therefore, like passwords or passcodes, use of biometrics for security purposes and user authorization, verification, and identification is not full proof. [0020]
  • Based on the foregoing, those skilled in the art can appreciate that despite the advances in biometric authentication, most biometric authentication systems are still plagued with various physical and algorithmic drawbacks. It is believed that the biometric methods and systems disclosed herein overcome such drawbacks by employing a unique random method and system of biometric identification and verification that correlates directly to biometric attributes themselves. [0021]
    • SUMMARY OF THE INVENTION
  • The present invention provides biometric authentication methods and systems. [0022]
  • It is a feature of the present invention to provide biometric authentication based on random factors. [0023]
  • It is still another feature of the present invention to provide a biometric authentication methods and systems based on the random selection of biometric attributes from a user profile containing biometric information about the user. [0024]
  • The above and other features of the invention are achieved as will now be further described. Methods for biometrically securing access to an electronic system are disclosed. According to one such method, a user may be prompted to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user. [0025]
  • A user may be permitted to perform a user-desired activity if at least one biometric attribute input by the user to the electronic system matches the at least one biometric attribute randomly selected from the user profile. A user profile may be generally accessible from a server through the electronic system. A user profile may also be accessible from a biometric broker through an electronic system over a secure network connection. A user profile may also be accessible from a portable electronic device such as smart cards PDAs and/or other wireless hand held devices. [0026]
  • Additionally, methods may include processing steps which result in obtaining at least one biometric attribute from a user for compilation in a user profile or template, compiling the user profile, and subsequently storing the user profile in a location accessible by at least one electronic system. The user may be permitted to modify the user profile in response to approval of a request by the user. [0027]
  • Additionally, a method can involve the processing step of comparing at least one biometric attribute input by the user to an electronic system with at least one biometric attribute randomly selected from the user profile. The user can then be subsequently prompted to input to the electronic system at least one additional biometric attribute randomly selected from the user profile, if at least one biometric attribute previously input by the user to the electronic system does not match the at least one biometric attribute previously selected randomly from the user profile. [0028]
  • The electronic system itself may be configured with at least one wireless device that operates with a wireless network. The electronic system can also be configured with at least one computer workstation operable over an associated network. The electronic system may be configured as an automated teller machine. The electronic system can also be configured as a secured entry system to a secured environment. The electronic system may also be part of a point of sale in a retail establishment that relies on credit card authorization to enable customer transactions. The electronic system may simply be a wireless network or a computer network, or a combination thereof. Alternatively, the electronic system may simply be a wireless device, such as, for example, a Wireless Application Protocol (WAP) enabled cellular telephone and/or PDA (Personal Digital Assistant). [0029]
  • Biometric attributes can comprise fingerprints, facial information, voice print data, retinal data, hand geometry measurements, scanned iris data, and/or signature verification data. Other biometric attributes not listed herein may also be utilized in accordance with the present invention. [0030]
  • Additionally, at least one defective biometric attribute associated with the user may be identified as defective (or otherwise un-readable), according to a method disclosed herein. Thereafter, a user can be prompted to input to the electronic system at least one additional biometric attribute randomly selected from a user profile containing biometric attributes of the user. [0031]
  • A user-desired activity, according to the present invention, may be, for example, a financial transaction, an ATM transaction, access to a secure area, access to data from the electronic system, and/or execution of a mechanical activity. [0032]
  • In accordance with the present invention, there is also provided a method for biometrically securing access to an electronic system. In such a method, a user may be prompted to input to an electronic system at least two biometric attributes randomly selected from a user profile containing biometric attributes of the user. The user may then be permitted to perform a user-desired activity if biometric attributes input by the user to the electronic system matches the at least two biometric attribute randomly selected from the user profile. [0033]
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The novel features believed characteristic of this invention are set forth in the appended claims. The invention itself, however, as well as a preferred mode of use, further objects, and advantages thereof, will best be understood by reference to the following detailed description of an illustrative embodiment when read in conjunction with the accompanying drawings, wherein: [0034]
  • FIG. 1 depicts a block diagram illustrating components of an electronic system associated with a database containing biometric attributes in which preferred embodiments of the present invention may be implemented; [0035]
  • FIG. 2 illustrates a diagram illustrating client computer systems coupled to host systems through a network in which preferred embodiments of the present invention may be implemented; [0036]
  • FIG. 3 illustrates a block diagram illustrating some of the functional components within the client computer system depicted in FIG. 2, which may be utilized to implement an embodiment of the present invention [0037]
  • FIG. 4 depicts a diagram illustrating biometric attributes and a user profile, which may be utilized in accordance with preferred embodiments of the present invention; [0038]
  • FIG. 5 illustrates a flow chart illustrating operations for authenticating a user in accordance with an embodiment of the present invention; [0039]
  • FIG. 6 depicts a flow chart illustrating additional operations for authenticating a user in accordance with an embodiment of the present invention; [0040]
  • FIG. 7 depicts a portion of a user interface that may be implemented in accordance with the present invention; and [0041]
  • FIG. 8 depicts a portion of an alternative user interface that may be implemented in accordance with the present invention. [0042]
    • DETAILED DESCRIPTION OF PREFERRED EMBODIMENT
  • The following description is presented to enable any person skilled in the art to make and use the invention, and is provided in the context of particular applications and its requirements. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the present invention. [0043]
  • Thus, the present invention is not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with principles and features disclosed herein. Although preferred embodiments of the present invention are described herein, those skilled in the art can appreciate that a number of varying embodiments may be implemented in accordance with the present invention. [0044]
  • FIG. 1 depicts a block diagram illustrating components of an [0045] electronic system 12 associated with a database or memory containing biometric attributes 14, in which preferred embodiments of the present invention may be implemented. Database 14 may be linked or integrated with electronic system 12 and may include a at least one user profile 15 containing biometric templates (i.e., samples) of biometric attributes provided previously by particular users. Electronic system 12 may interact with and communicate with a variety of devices and mechanical systems.
  • [0046] Electronic system 12 may, for example, communicate with a computer workstation 24. In such an example, electronic system 12 may be configured as a remote computer network, such as the Internet, or a dedicated computer network operating within a particular organization, business or institution. Electronic system 12 may also be configured to communicate with electromechanical systems, such as entry hardware of a secure building 22. A user may access electronic system 12 to secure entry to secure building 22. In some applications, electronic system 12 may be configured as electronics associated with or resident within the user interface (e.g., typical of non-networked systems, such as secure entries).
  • Additionally, [0047] electronic system 12 may be configured to communicate with an Automatic Teller Machine (ATM) 20 and/or point of sale. A user attempting to retrieve cash through ATM 20 can be required to authentication his or her identification, based on previously stored biometric attributes contained within database 14 and/or user profile 15. Database 14 and user profile 15 may together function as a biometric broker that communicates as a third-party service with various mechanical systems and other devices through electronic system 12. Electronic system 12 may also communicate with a financial institution 18 and wireless device 16.
  • In order to communicate with [0048] wireless device 16, electronic system 12 may be configured as part of a wireless network. A wireless device 16 may be, for example, a wireless telephone or a wireless hand held device that can communicate with wireless networks to send and receive data. Wireless device 16 may be, for example, a Wireless Application Protocol (WAP) enabled communications device configured to authenticate the identity of a user through a biometric scanner integrated with or attached to the wireless device.
  • FIG. 2 illustrates a diagram illustrating [0049] client computer systems 32, 34, and 36 coupled to host computer systems 48, 40, and 42 through a network 30, in which preferred embodiments of the present invention may be implemented. Network 30 may be any communication channel through which computer systems can communicate. This includes, but is not limited to, local area networks, such as Ethernet or Token ring, and wide area or remote computer networks, such as the Internet and World Wide Web, well known in the networking arts.
  • [0050] Network 30 may also be implemented as a wireless network through which wireless devices, such as wireless device 16 of FIG. 1, may communicate with other devices and other systems. A client, such as client systems 32, 34, and 36 can be any node on a computer network including computational capability and including a mechanism for communication across network 30. Human users 33, 35, and 37 may operate client systems 32, 34, and 36, respectively. A host, such as host systems 48, 40 and 42, can be any node on a computer network including a mechanism for servicing requests from a client for computational or data storage resources. Hosts may also be implemented as servers.
  • [0051] Host systems 48, 40 and 42 may be coupled to biometric broker 44. Biometric broker 44 can be implemented as a centralized repository for storing biometric attributes (i.e., biometric data), such as fingerprint data. Biometric broker 44 may also be configured as an entity that obtains biometric data form a variety of biometric databases operated by different entities and organizations, and utilizes such information for authentication purposes. FIG. 4, which will be further described herein, lists examples of biometric data that may be utilized in accordance with the present invention. Biometric broker 44 may also include a mechanism for managing the biometric attributes stored as data, and may additionally include a mechanism for implementing security policies for the biometric attributes. Such policies may require specific levels of authentication for different groups of users, or for access to different servers.
  • [0052] Biometric brokers 44 may be implemented in any number of forms. In one possible embodiment, biometric broker 44 may be implemented as a node on network 30, which communicates with host systems 48, 40, and 42 across network 30. In another possible embodiment, biometric broker 44 is located on a host, such as host system 48.
  • The example illustrated in FIG. 2 may operate generally as follows. A user, such as [0053] user 33, works on a client, such as client system 32. User 33 requests access to resources on host system 48 across network 30. In response to this request, host system 48 attempts to authenticate user 33. In doing so, host system 48 requests a biometric attribute (i.e., biometric data) from biometric broker 44. Biometric broker 44 returns a biometric attribute or biometric template, which may be compared against sample biometric attribute(s) randomly collected from user 33. This comparison may take place at a number of locations, including at client system 32, at host system 48 or at biometric broker 44. If the sample biometric attribute collected from user 33 matches the biometric attribute retrieved from biometric broker 44, user 33 may be permitted to access resources on host system 48.
  • Providing a centralized authentication service such as [0054] biometric broker 114 has a number of advantages. One advantage is generally that centralized revocation can be supported. For example, an employee in an organization typically has access to a number of different resources on a number of different host systems. When this employee leaves the organization, it often takes a long time to explicitly revoke the employee's access rights on all host systems. Under a centralized revocation scheme, such revocation only needs to take place once at the centralized revocation service since the disparate host systems always look to the centralized revocation service to authenticate a user.
  • FIG. 3 illustrates a block diagram illustrating some of the functional components within [0055] client computer system 32 that may be utilized to implement an embodiment of the present invention. Note that in FIGS. 2 and 3 identical parts are represented by identical reference numerals. As mentioned above, client system 32 can be any node on a computer network including computational capability and including a mechanism for communication across network 30. In the illustrated embodiment, client system 32 includes user interface 62, networking code 64 and adapter 66. These functional components can be implemented in software running on, for example, a client CPU. User interface 62 provides a mechanism through which user 33 can operate client system 32. Networking code 64 may include a library of functions, which allow client system 32 to communicate across network 30. Adapter 66 may include a collection of functions that implement the client portion of a biometric authentication system according to one embodiment of the present invention.
  • [0056] Adapter 66 may communicate with sealed hardware unit 58, which can be utilized to perform biometric authentication functions. In the example illustrated in FIG. 3, sealed hardware unit 58 can be encased in a sealed insulating layer, which prevents a malicious user of client system 32 from monitoring the computational operations performed within sealed hardware unit 58. This can prevent a malicious user from improperly gaining access to host system 48, even if the malicious user has the power to modify hardware and software resources on client system 32. The circuitry inside sealed hardware unit 58 may be encased in the insulating layer in such a manner that any attempt to cut through the insulating layer to monitor the circuitry is likely to render the circuitry inoperable. Of course, such features may or may not be implemented and are presented here for illustrative purposes only and are not meant to be interpreted as limited features of the present invention.
  • Sealed [0057] hardware unit 58 can include a CPU 50, which can be any type of computational engine that can be used to perform the computational and logical operations involved in biometric authentication. Sealed hardware unit 58 can additionally include threshold storage 52 and key storage 54. Threshold storage 52 may be utilized as a memory location for storing threshold values indicating how closely a biometric attribute take as a biometric sample from a user must match a biometric attribute retrieved from a database through biometric broker 44, in order to allow the user to access the host system. Key storage 54 can store at least one encryption key that can be used to encrypt messages or computer checksums for communications across network 30.
  • Sealed [0058] hardware unit 58 may communicate with scanner 60, which can be utilized to take a biometric sample (i.e., biometric attribute) from user 33. This biometric attribute can be any type of biometric measurement of user 33. This includes, but is not limited to, fingerprint data, retinal scan data, handwriting data, voice data (e.g., a voice print), and facial data (e.g., a face scan). Note that the biometric attributes stored as data within a database, such as biometric database 14 and/or user profile 15 of FIG. 1, may be stored as a template or biometric template.
  • The components illustrated in FIG. 3 can operate as follows. [0059] User 33 initiates the biometric authentication process by seeking access to resources on a host system, such as host system 48 of FIG. 2, through user interface 62. This causes authentication code within adapter 66 to initiate communications with host system 48 (i.e., host system 48 illustrated in FIG. 2). This authentication code within adapter 66 may additionally initiate operations within sealed hardware unit 58 to gather a biometric attribute as a biometric sample from user 33 through scanner 60. These authentication operations are described in more detail below with reference to the flow charts in FIGS. 5 and 6.
  • FIG. 4 depicts a diagram illustrating biometric attributes and a [0060] user profile 82, which may be utilized in accordance with preferred embodiments of the present invention. Elements of user profile 82 in FIG. 4 can be analogous to user profile 15 of FIG. 1. Biometric attributes 80 may include fingerprints, voiceprints, retinal and iris information, hand geometry, facial information, and signatures. Thus, biometric authentication may be based on a variety of possible biometric measurements. A user profile 82 of a particular user will thus include one or more of the aforementioned biometric attributes. Such biometric attributes are utilized to verify the identity of the user.
  • Typical biometric measurements, which may be utilized to authenticate identity, include fingerprint verification. Fingerprint images contain a large amount of information and therefore has a reliable and inherent accuracy. Fingerprint identification is generally well known in the biometric arts and has been utilized since the 1800's by law enforcement agencies to assist law enforcement officers in criminal investigations. [0061]
  • Hand geometry may also be utilized to measure the physical characteristics of a user's hands and fingers. Hand geometry biometric authentication has traditionally been utilized for physical access control and time/attendance systems. Hand geometry has traditionally been limited to verification (i.e., one-to-one comparisons) rather than identification (one-to-many comparisons. Hand geometry does not measure or capture finger or palm prints, but can reliably measure the physical characteristics of an individual's hands from a three dimensional perspective. [0062]
  • Voice recognition is known as another important technique for identify users. In voice recognition systems, a voiceprint is obtained from a user and stored as biometric attributes for later user identification. It is generally well known in the biometric arts that an individual's voice contains unique wavelength sound characteristics. Such characteristics can be analyzed and stored as biometric data. [0063]
  • Retinal scanning is another biometric measurement technique that can be utilized in accordance with the present invention. Retinal scanning is generally based on a biometric measurement process that maps the structure of veins at the back of individual's eye. Retinal scanners typically send a beam of concentrated light into the eye. Retinal scanners, however, employ low intensity light for measuring the retina characteristics associated with an individual. [0064]
  • Iris scanning is another biometric measurement technique that can be utilized in accordance with the methods and systems disclosed herein. Iris scanning, well known in the biometric arts, scans unique random patterns of an individual's iris. Such a measurement method does not rely on the iris color. Iris scanning is generally based on the fact that the color portion of the eye that surrounds the pupil contains patterns that are unique to each individual. [0065]
  • An individual's signature is another important biometric attribute that can be utilized to verify the identity of an individual. Signature verification can be readily utilized with the other biometric measuring techniques utilized above. [0066]
  • Facial recognition may be utilized in accordance with the present invention to enhance biometric authentication. In facial recognition techniques, a facial scan of an individual is taken and stored as data which may later be compared against a user's most recently provided facial scan to confirm or deny user identity. In typical facial scan systems, a user steps in front of a digital camera, which captures an image of the user's face. Associated software captures the image and creates a facial template. [0067]
  • Some facial recognition software currently in use relies on Local Feature Analysis (LFA) to measure the size and shape of features around the eyes or center of the face captured in the image, along with the width of the bridge of the nose or distance form the nose to each eye. Such software relies on features that are not statistically change altered to weight gain or loss, aging, facial hair growth and so forth. An example of a facial recognition system that uses facial recognition software is Visionics' Faceit software, which works with simple digital Web cameras to verify a user's identity for access to computers and associated computer networks. [0068]
  • Other biometric attributes are not shown in FIG. 4, but those skilled in the art can apply equally to the practice of the present invention. Such biometric attributes may include a palm print, ear shape, ear canal acoustic properties, DNA, keystroke (e.g., typing rhythm), and body odor. [0069]
  • FIG. 5 illustrates a [0070] flow chart 100 illustrating operations for authenticating a user, in accordance with an embodiment of the present invention. The process can be initiated as indicated at block 102. A user transaction may be initiated with an electronic system, as depicted thereafter at block 104. Such an electronic system may, for example, be configured as an ATM and/or point of sale linked to a computer network that communicates with a biometric broker, such as biometric broker 44 of FIG. 2.
  • As explained previously, such a biometric broker can be composed of a database containing biometric attributes and/or a user profile integrated with or in communication with the database. The user profile contains previously store biometric attributes of a particular user. A user during enrollment may provide a biometric attribute. During such an enrollment stage, samples of designated biometric attributes may be acquired. One or more unique features of the samples can then be configured to form a biometric template of one or more biometric attributes for subsequent comparison purposes. [0071]
  • As depicted next at [0072] block 106, the user is requested by the electronic system to provide at least one biometric attribute. The operation described at block 106 is based on random factors. In the operation depicted at block 106, the user is prompted to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user. User input of a biometric attribute can be based on this random selection. Thereafter, as illustrated at block 108, the user provides to the electronic system, the biometric attributes randomly selected by the electronic system from the user profile.
  • As described next at [0073] block 110, a comparison may be made between the random biometric attribute(s) selected by the electronic system from the user profile and the biometric attributes input by the user to a biometric scanner. If a match does not occur, then the process may be repeated, beginning with the operation depicted at block 104.
  • If a match does occur, then as depicted at [0074] block 112, the user may be permitted to perform a user-desired activity such as, for example, performing financial transactions. If a biometric attribute input by the user to the electronic system does not match one or more of the biometric attributes randomly selected from the user profile associated with the user after, for example, three attempts, the user is not permitted to perform user-desired activities or transactions.
  • FIG. 6 depicts a [0075] flow chart 130 illustrating additional operations for authenticating a user, in accordance with an embodiment of the present invention. The process may be initiated, as indicated at block 132. Thereafter, as illustrated at block 134, a user initiates a transaction with an electronic system via a single biometric attribute. This single biometric attribute may be provided via, for example, a fingerprint provided by the user through a fingerprint scanner integrated with the electronic system.
  • This single biometric attribute may also be provided via a smart card that is receivable by the biometric system. Biometric attributes may be previously stored within a memory location contained within the smart card for later retrieved (e.g., read or scanned by an electronic system at a point of sale or ATM) for user authentication or verification purposes using biometric method taught herein. Smart cards are generally known in the art as credit-card sized plastic cards with an embedded computer chip. The chip can either be a microprocessor with internal memory or a memory chip with non-programmable logic. The chip connection can be configured via direct physical contact or remotely through a contactless electromagnetic interface. [0076]
  • Smart cards may be generally configured as either a contact or contactless smart card, or a combination thereof. A contact smart card requires insertion into a smart card reader with a direct connection to, for example, a conductive micromodule on the surface of the card. Such a micromodule may be generally gold plated. Transmission of commands, data, and card status takes place through such physical contact points. [0077]
  • A contactless card requires only close proximity to a reader. Both the reader and the card may be implemented with antenna means providing a contactless link that permits the devices to communicate with one another. Contactless cards can also maintain internal chip power or an electromagnetic signal (e.g., RF tagging technology). Two additional categories of smart codes, well known in the art, which are based on contact and contactless cards are the so-called Combi cards and Hybrid cards. [0078]
  • A Hybrid card generally may be equipped with two chips, each with a respective contact and contactless interface. The two chips are not connected, but for many applications, this Hybrid serves the needs of consumers and card issuers. The Combi card may be generally based on a single chip and can be generally configured with both a contact and contactless interface. [0079]
  • Chips utilized in such smart cards are generally based on microprocessor chips or memory chips. Smart cards based on memory chips depend on the security of the card reader for their processing and can be utilized when low to medium security requirements. A microprocessor chip can add, delete and otherwise manipulate information in its memory. Microprocessor-based memory cards typically contain microprocessor chips with 8, 16, and 32 bit architectures. [0080]
  • When a transaction is initiated with a biometric attribute, the user may input a single biometric attribute at the request of, or to initiate, the electronic system. The electronic system may be, for example, an ATM machine equipped with a biometric scanner. The biometric scanner may be configured with, for example, iris scanning, retinal scanning, and fingerprint scanning capabilities. The user may, for example, provide his or her left thumbprint, if requested by the electronic system, to initiate a transaction utilizing the electronic system. Following user input of a single biometric attribute, a user profile may be retrieved by the electronic system based on the input of a single user biometric attribute, such as a fingerprint. Again, retrieval may be from a server, electronic system memory, or portable device memory (e.g., smart card or other electronic hand held device) [0081]
  • The user selects a desired user-activity at an interface associated with the electronic system, as indicated at [0082] block 138, and thereafter, as illustrated at block 140, the user may be requested by the electronic system to provide at least one biometric attribute via random selection of such an attribute by the electronic system. Biometric attributes are thus randomly selected from the user profile associated with the user. The user must then provide the electronic system with biometric attributes that match the biometric attributes randomly selected from the user profile, as indicated at block 142.
  • If a biometric attribute input by the user through an interface and biometric scanner associated with the electronic system does not match the biometric attributes randomly selected from the user profile, the user can be requested again, as indicated at [0083] block 140. If, however, a match is made, then the user may be permitted to perform the user-desired activity, such as accessing secure data or entry to a secure building, as illustrated at block 146. The process then terminates, as indicate at block 148.
  • FIG. 7 depicts a pictorial diagram [0084] 200 of a user interface 202 that may be implemented in accordance with the present invention. In the drawing illustrated in FIG. 7, user interface 202 is shown, for example, at three different moments in time. User interface 202 can be analogous to user interface 64 of FIG. 3. Those skilled in the art can appreciate that a user interface 202 may be of many forms depending on the type of biometric sample being requested, obtained and/or utilized. As indicated previously, a user can be requested by electronic system to provide a one or more biometric samples for authentication purposes. Biometric samples may be of different types (e.g., voice, fingerprint, eye, etc.).
  • The user may be prompted to input biometric samples randomly selected by the electronic system from a user profile containing biometric attributes previously obtained from the user. [0085] User interface 202 may be integrated with, for example, an ATM machine, or a secure door that accesses a secure area, such as a government building or military complex. In the example depicted in FIG. 7, user interface 202 includes an iris scanner 208 and a fingerprint scanner 206. Finger print scanner 206 may be integrated with a display area 204, which may also be integrated with iris scanner 208.
  • Input of a biometric attribute by a user to interface [0086] 202 may be based on the random selection of a biometric attribute from a user profile. The number of biometric attributes requested from a user may also based on a random number. For example, during one authentication session, a user may be requested to provide a left index fingerprint and a left iris scan. During another authentication session, the same user may be required to provide a left index fingerprint, followed by the fingerprint of his or her right middle finger, and immediately thereafter, an iris scan of a left eye, or perhaps, a right eye.
  • The selection of biometric attributes from the user profile may thus be based on a random selection. The number of required biometric samples that a user may be required to input may also be a random number. Those skilled in the art will appreciate, however, that the number of biometric attributes required to be input by a user will likely be a limited number. Thus, a user may be required to input only three biometric attributes during one authentication session, two biometric attributes during another authentication session, and five biometric attributes during another biometric session. [0087]
  • Those skilled in the art can also appreciate that other biometric scanning devices may also be integrated with the [0088] user interface 202, such as, for example, a retina scanner, palm scanner, voice print scanner, and so forth. Thus, the example illustrated in FIG. 7 should not be interpreted as limiting the invention. The drawing illustrated in FIG. 7 merely represents one possible embodiment in which the present invention may be implemented.
  • FIG. 8 depicts a pictorial diagram [0089] 220 illustrating a portion of an alternative user interface 222 that may be implemented in accordance with the present invention. User interface 222 may communicate with or be integrated with an electronic system, such as an ATM machine or point of sale. User interface 222 may be integrated with a microphone 230 that may receive a voiceprint from a user. User interface 222 may also be integrated with a fingerprint scanner 228 that captures fingerprints as biometric data from users. Additionally, user interface 222 may include a camera 226 that functions for iris, retinal, and facial scanning purposes.
  • Note that pictorial diagram [0090] 220 illustrates first, second and third biometric attribute input stages. During a first biometric attribute input stage, a user may be prompted through a display unit 231 to input his or her name or other word or phrase. The user merely speaks his or her name, for example, into microphone 230. During a second biometric attribute input stage, the user may be requested to input his or right hand thumbprint. Finally, during a third biometric attribute input stage, the user may be requested to provide a biometric sample of his or right eye, which may be scanned as a retina or iris biometric attribute of the user. Alternatively, the user may be asked to provide a facial scan, in which case, camera 226 captures a facial image of the user for biometric authentication purposes.
  • Those skilled in the art will appreciate that the methods described herein may be implemented in the context of associated systems for performing tasks resulting from the processing of such methods. The present invention may thus be configured as a system for biometrically securing access to an electronic system. Such a system may include modules thereof. A module, in software use, is generally a collection of routines and data structures that performs a particular task or implements a particular abstract data type. Module typically are composed of an interface, which lists the constants, data types variables, and routines that can be accessed by other modules or routines, and an implementation, which can be accessible only by the module. The implementation contains the source code that actually implements the routines in the module. [0091]
  • Thus, the system described herein may include a module for prompting a user to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user. Additionally, the system can include a module for permitting the user to perform a user-desired activity if at least one biometric attribute input by the user to the electronic system matches the at least one biometric attribute randomly selected from the user profile. [0092]
  • In such a system, the user profile is generally accessible from a server and/or memory through the electronic system. The user profile may also be accessible from a biometric broker through the electronic system over a secure network connection. Additionally, at least one biometric attribute may be obtained from the user for compilation in a user profile. The user profile is generally stored in a location accessible by at least one electronic system. The user is generally permitted to modify the user profile, in response to approval of a request by the user. [0093]
  • Such a system can also include a module for comparing at least one biometric attribute input by the user to the electronic system with the at least one biometric attribute randomly selected from the user profile. Additionally, such a system includes a module for subsequently prompting a user to input to the electronic system at least one additional biometric attribute randomly selected from the user profile, if at least one biometric attribute previously input by the user to the electronic system does not match the at least one biometric attribute randomly previously selected from the user profile. [0094]
  • In such a system, the electronic system may be configured as one or more wireless devices that operate with a wireless network. The electronic system may also be configured as one or more computer workstations operable over an associated network. The electronic system may comprise an automated teller machine, or a secured entry system to a secured environment. The electronic system may simply be a wireless network or a computer network, or a combination thereof. The electronic system may also be a wireless device. [0095]
  • Such a system may also include a module for identifying at least one defective biometric attribute associated with the user. The user can be prompted to input to the electronic system at least one additional biometric attribute randomly selected from a user profile containing biometric attributes of the user. [0096]
  • The user-desired activity may comprise activities, such as, for example, a financial transaction, an ATM transaction, access to a secure area, or access to data from the electronic system. The user-desired activity may also simply comprise the execution of a mechanical activity. [0097]
  • Alternatively, a system for biometrically securing access to an electronic system may include a module for prompting a user to input to the electronic system at least two biometric attributes randomly selected from a user profile containing biometric attributes of the user. Such an alternative system can also include a module for permitting the user to perform a user-desired activity, if biometric attributes input by the user to the electronic system matches the at least two biometric attribute randomly selected from the user profile. [0098]
  • The embodiments and examples set forth herein are presented in order to best explain the present invention and its practical application and to thereby enable those skilled in the art to make and utilize the invention. However, those skilled in the art will recognize that the foregoing description and examples have been presented for the purpose of illustration and example only. The description as set forth is not intended to be exhaustive or to limit the invention to the precise form disclosed. For example, a variety of biometric attributes may be utilized in a variety of combinations and configurations to implement particular embodiments of the present invention. Many modifications and variations are possible in light of the above teaching without departing from the spirit and scope of the following claims. [0099]

Claims (44)

1. A method for biometrically securing access to an electronic system, said method comprising the steps of:
prompting a user to input to said electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of said user; and
permitting said user to perform a user-desired activity, if at least one biometric attribute input by said user to said electronic system matches said at least one biometric attribute randomly selected from said user profile.
2. The method of claim 1 wherein said user profile is accessible from a server through said electronic system.
3. The method of claim 1 wherein said user profile is accessible from a biometric broker through said electronic system over a secure network connection.
4. The method of claim 1 further comprising the steps of:
obtaining at least one biometric attribute from said user for compilation in a user profile;
compiling said user profile; and
storing said user profile in a location accessible by at least one electronic system.
5. The method of claim 4 further comprising the step of:
permitting said user to modify said user profile, in response to approval of a request by said user.
6. The method of claim 1 further comprising the step of:
comparing at least one biometric attribute input by said user to said electronic system with said at least one biometric attribute randomly selected from said user profile.
7. The method of claim 6 further comprising the step of:
subsequently prompting a user to input to said electronic system at least one additional biometric attribute randomly selected from said user profile, if at least one biometric attribute previously input by said user to said electronic system does not match said at least one biometric attribute previously randomly selected from said user profile.
8. The method of claim 1 wherein said electronic system comprises at least one wireless device that operates with a wireless network.
9. The method of claim 1 wherein said electronic system comprises at least one computer workstation operable over an associated network.
10. The method of claim 1 wherein said electronic system comprises an automated teller machine.
11. The method of claim 1 wherein said electronic system comprises a secured entry system to a secured environment.
12. The method of claim 1 wherein said electronic system comprises a wireless network.
13. The method of claim 1 wherein said electronic system comprises a computer network.
14. The method of claim 1 wherein said electronic system comprises a wireless device.
15. The method of claim 1 further comprising the steps of:
identifying at least one defective biometric attribute associated with said user; and
thereafter prompting a user to input to said electronic system at least one additional biometric attribute randomly selected from a user profile containing biometric attributes of said user.
16. The method of claim 1 wherein said user-desired activity comprises a financial transaction.
17. The method of claim 1 wherein said user-desired activity comprises an ATM transaction.
18. The method of claim 1 wherein said user-desired activity comprises access to a secure area.
19. The method of claim 1 wherein said user-desired activity comprises access to data from said electronic system.
20. The method of claim 1 wherein said user-desired activity comprises execution of a mechanical activity.
21. The method of claim 1 further comprising the step of:
initiating access to said electronic system utilizing only one biometric attribute input to said electronic system.
22. A method for biometrically securing access to an electronic system, said method comprising the steps of:
prompting a user to input to said electronic system at least two biometric attributes randomly selected from a user profile containing biometric attributes of said user; and
permitting said user to perform a user-desired activity, if biometric attributes input by said user to said electronic system matches said at least two biometric attribute randomly selected from said user profile.
23. A system for biometrically securing access to an electronic system, said system comprising:
module for prompting a user to input to said electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of said user; and
module for permitting said user to perform a user-desired activity, if at least one biometric attribute input by said user to said electronic system matches said at least one biometric attribute randomly selected from said user profile.
24. The system of claim 23 wherein said user profile is accessible from a server through said electronic system.
25. The system of claim 23 wherein said user profile is accessible from a biometric broker through said electronic system over a secure network connection.
26. The system of claim 23 wherein:
at least one biometric attribute is obtained from said user for compilation in a user profile; and
said user profile is stored in a location accessible by at least one electronic system.
27. The system of claim 23 wherein said user is permitted to modify said user profile, in response to approval of a request by said user.
28. The system of claim 23 further comprising:
module for comparing at least one biometric attribute input by said user to said electronic system with said at least one biometric attribute randomly selected from said user profile.
29. The system of claim 28 further comprising:
module for subsequently prompting a user to input to said electronic system at least one additional biometric attribute randomly selected from said user profile, if at least one biometric attribute previously input by said user to said electronic system does not match said at least one biometric attribute randomly previously selected from said user profile.
30. The system of claim 23 wherein said electronic system comprises at least one wireless device that operates with a wireless network.
31. The system of claim 23 wherein said electronic system comprises at least one computer workstation operable over an associated network.
32. The system of claim 23 wherein said electronic system comprises an automated teller machine.
33. The system of claim 23 wherein said electronic system comprises a secured entry system to a secured environment.
34. The system of claim 23 wherein said electronic system comprises a wireless network.
35. The system of claim 23 wherein said electronic system comprises a computer network.
36. The system of claim 23 wherein said electronic system comprises a wireless device.
37. The system of claim 23 further comprising the steps of:
module for identifying at least one defective biometric attribute associated with said user; and
wherein said user is thereafter prompted to input to said electronic system at least one additional biometric attribute randomly selected from a user profile containing biometric attributes of said user.
38. The system of claim 23 wherein said user-desired activity comprises a financial transaction.
39. The system of claim 23 wherein said user-desired activity comprises an ATM transaction.
40. The system of claim 23 wherein said user-desired activity comprises access to a secure area.
41. The system of claim 23 wherein said user-desired activity comprises access to data from said electronic system.
42. The system of claim 23 wherein said user-desired activity comprises execution of a mechanical activity.
43. The system of claim 23 wherein access to said electronic system is initiated utilizing only one biometric attribute input to said electronic system.
44. A system for biometrically securing access to an electronic system, said system comprising:
module for prompting a user to input to said electronic system at least two biometric attributes randomly selected from a user profile containing biometric attributes of said user; and
module for permitting said user to perform a user-desired activity, if biometric attributes input by said user to said electronic system matches said at least two biometric attribute randomly selected from said user profile.
US09/757,903 2001-01-10 2001-01-10 Random biometric authentication methods and systems Abandoned US20020091937A1 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
US09/757,903 US20020091937A1 (en) 2001-01-10 2001-01-10 Random biometric authentication methods and systems
US10/322,018 US7793109B2 (en) 2001-01-10 2002-12-17 Random biometric authentication apparatus
US10/321,872 US7921297B2 (en) 2001-01-10 2002-12-17 Random biometric authentication utilizing unique biometric signatures
US12/756,855 US20100194571A1 (en) 2001-01-10 2010-04-08 Point of entry authorization utilizing rfid enabled profile and biometric data
US12/885,087 US8462994B2 (en) 2001-01-10 2010-09-17 Methods and systems for providing enhanced security over, while also facilitating access through, secured points of entry
US13/035,606 US8499164B2 (en) 2001-01-10 2011-02-25 Biometric authentication utilizing unique biometric signatures and portable electronic devices

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US09/757,903 US20020091937A1 (en) 2001-01-10 2001-01-10 Random biometric authentication methods and systems

Related Child Applications (3)

Application Number Title Priority Date Filing Date
US10/321,872 Continuation-In-Part US7921297B2 (en) 2001-01-10 2002-12-17 Random biometric authentication utilizing unique biometric signatures
US10/321,872 Continuation US7921297B2 (en) 2001-01-10 2002-12-17 Random biometric authentication utilizing unique biometric signatures
US10/322,018 Continuation US7793109B2 (en) 2001-01-10 2002-12-17 Random biometric authentication apparatus

Publications (1)

Publication Number Publication Date
US20020091937A1 true US20020091937A1 (en) 2002-07-11

Family

ID=25049694

Family Applications (2)

Application Number Title Priority Date Filing Date
US09/757,903 Abandoned US20020091937A1 (en) 2001-01-10 2001-01-10 Random biometric authentication methods and systems
US10/322,018 Expired - Fee Related US7793109B2 (en) 2001-01-10 2002-12-17 Random biometric authentication apparatus

Family Applications After (1)

Application Number Title Priority Date Filing Date
US10/322,018 Expired - Fee Related US7793109B2 (en) 2001-01-10 2002-12-17 Random biometric authentication apparatus

Country Status (1)

Country Link
US (2) US20020091937A1 (en)

Cited By (98)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020103827A1 (en) * 2001-01-26 2002-08-01 Robert Sesek System and method for filling out forms
US20020174346A1 (en) * 2001-05-18 2002-11-21 Imprivata, Inc. Biometric authentication with security against eavesdropping
US20030005326A1 (en) * 2001-06-29 2003-01-02 Todd Flemming Method and system for implementing a security application services provider
WO2003007215A1 (en) * 2001-07-09 2003-01-23 Infonox On The Web Identity verification and enrollment system for self-service devices
US20030074559A1 (en) * 2001-10-12 2003-04-17 Lee Riggs Methods and systems for receiving training through electronic data networks using remote hand held devices
US20030073065A1 (en) * 2001-10-12 2003-04-17 Lee Riggs Methods and systems for providing training through an electronic network to remote electronic devices
US20030200446A1 (en) * 2002-04-19 2003-10-23 Cross Match Technologies, Inc. System and methods for access control utilizing two factors to control access
US20030220095A1 (en) * 2002-05-24 2003-11-27 At&T Wireless Services, Inc. Biometric authentication of a wireless device user
US20040010597A1 (en) * 1999-04-22 2004-01-15 Kirschner Hope L. System and method for providing enhanced services in a multi-channel interactive distributed environment
US20040059950A1 (en) * 2002-09-24 2004-03-25 Bender Steven S. Key sequence rhythm recognition system and method
US20040073432A1 (en) * 2002-10-15 2004-04-15 Stone Christopher J. Webpad for the disabled
US20040088587A1 (en) * 2002-10-30 2004-05-06 International Business Machines Corporation Methods and apparatus for dynamic user authentication using customizable context-dependent interaction across multiple verification objects
WO2004084482A1 (en) * 2003-03-22 2004-09-30 You-Young Lee Data transmit system and transmit methods by using n-dimensional information
US20050018883A1 (en) * 2003-07-09 2005-01-27 Cross Match Technologies, Inc. Systems and methods for facilitating transactions
US20050031173A1 (en) * 2003-06-20 2005-02-10 Kyungtae Hwang Systems and methods for detecting skin, eye region, and pupils
US20050082364A1 (en) * 2003-10-17 2005-04-21 Nexxo Financial Corporation Systems and methods for banking transactions using a stored-value card
US20050182717A1 (en) * 2002-02-22 2005-08-18 Engelhart Robert L. Secure online purchasing
US20050190589A1 (en) * 2002-12-10 2005-09-01 Fujitsu Limited Capacitor, semiconductor device, and method of manufacturing the semiconductor device
US20060021003A1 (en) * 2004-06-23 2006-01-26 Janus Software, Inc Biometric authentication system
US20060143469A1 (en) * 2002-11-27 2006-06-29 Endress + Hauser Wetzer Gmbh + Co. Kg Method for identification a user, especially for process automation engineering devices
US20060184801A1 (en) * 2003-04-08 2006-08-17 Wood Richard G Method for controlling fraud and enhancing security and privacy by using personal hybrid card
US20060239512A1 (en) * 2005-04-22 2006-10-26 Imme, Llc Anti-identity theft system and method
US20060265340A1 (en) * 2005-05-19 2006-11-23 M-System Flash Disk Pioneers Ltd. Transaction authentication by a token, contingent on personal presence
DE102005028160A1 (en) * 2005-06-17 2006-12-28 Giesecke & Devrient Gmbh Authentication process for user involves storing of reference data for multiple biometric features of user by using portable data carrier
US20070009139A1 (en) * 2005-07-11 2007-01-11 Agere Systems Inc. Facial recognition device for a handheld electronic device and a method of using the same
US20070060334A1 (en) * 2000-12-08 2007-03-15 Igt Casino gambling system with biometric access control
US20070168283A1 (en) * 2003-10-17 2007-07-19 Nexxo Financial Corporation Self-service money remittance with an access card
US20070177771A1 (en) * 2006-02-02 2007-08-02 Masahide Tanaka Biometrics System, Biologic Information Storage, and Portable Device
US20070237319A1 (en) * 2001-12-12 2007-10-11 Michael Wayne Brown Intermediary Device Based Callee Identification
US20080034218A1 (en) * 2002-09-24 2008-02-07 Bender Steven L Key sequence rhythm guidance recognition system and method
US7350078B1 (en) * 2001-04-26 2008-03-25 Gary Odom User selection of computer login
US20080112597A1 (en) * 2006-11-10 2008-05-15 Tomoyuki Asano Registration Apparatus, Verification Apparatus, Registration Method, Verification Method and Program
US20080133933A1 (en) * 2002-09-24 2008-06-05 Bender Steven L Key sequence rhythm recognition system and method
US20080161753A1 (en) * 2002-06-14 2008-07-03 Baxter International Inc. Infusion pump
US20080168268A1 (en) * 2005-06-30 2008-07-10 Sagem Securite Method For Providing a Secured Communication Between a User and an Entity
US20080199053A1 (en) * 2007-02-15 2008-08-21 Tariq Zafar Method for consolidating various financial type cards into a single card and providing positive identification of an individual using such card
US20090171836A1 (en) * 2007-12-28 2009-07-02 Ebay Inc. System and method for identification verification over a financial network
US20090292816A1 (en) * 2008-05-21 2009-11-26 Uniloc Usa, Inc. Device and Method for Secured Communication
US20090309722A1 (en) * 2008-06-16 2009-12-17 Bank Of America Corporation Tamper-indicating monetary package
US20090309729A1 (en) * 2008-06-16 2009-12-17 Bank Of America Corporation Monetary package security during transport through cash supply chain
US20090309694A1 (en) * 2008-06-16 2009-12-17 Bank Of America Corporation Remote identification equipped self-service monetary item handling device
US20100013593A1 (en) * 2008-07-16 2010-01-21 IP Filepoint, LLC A Delaware LLC Biometric authentication and verification
US20100040261A1 (en) * 2008-08-12 2010-02-18 International Business Machines Corporation Biometric identification assurance method and token retrieval
US20100077224A1 (en) * 2002-04-23 2010-03-25 Michael Milgramm Multiplatform independent biometric identification system
US20100115607A1 (en) * 2008-11-06 2010-05-06 At&T Intellectual Property I, L.P. System and method for device security with a plurality of authentication modes
US7715593B1 (en) * 2003-06-16 2010-05-11 Uru Technology Incorporated Method and system for creating and operating biometrically enabled multi-purpose credential management devices
US20100156602A1 (en) * 2008-12-22 2010-06-24 Toshiba Tec Kabushiki Kaisha Commodity display position alert system and commodity display position alert method
US7789311B2 (en) 2003-04-16 2010-09-07 L-1 Secure Credentialing, Inc. Three dimensional data storage
US7804982B2 (en) 2002-11-26 2010-09-28 L-1 Secure Credentialing, Inc. Systems and methods for managing and detecting fraud in image databases used with identification documents
US20100325704A1 (en) * 2009-06-19 2010-12-23 Craig Stephen Etchegoyen Identification of Embedded System Devices
US20100325710A1 (en) * 2009-06-19 2010-12-23 Etchegoyen Craig S Network Access Protection
US20110009092A1 (en) * 2009-07-08 2011-01-13 Craig Stephen Etchegoyen System and Method for Secured Mobile Communication
US20110087611A1 (en) * 2009-10-14 2011-04-14 Shyam Chetal Biometric identification and authentication system for financial accounts
US20110093703A1 (en) * 2009-10-16 2011-04-21 Etchegoyen Craig S Authentication of Computing and Communications Hardware
US20110320353A1 (en) * 2010-06-23 2011-12-29 The Western Union Company Multi-user device with information capture capabilities
US8144850B2 (en) 2001-12-17 2012-03-27 International Business Machines Corporation Logging calls according to call context
US8160235B2 (en) 2001-12-12 2012-04-17 International Business Machines Corporation Controlling hold queue position adjustment
US20120120271A1 (en) * 2010-11-11 2012-05-17 Lg Electronics Inc. Multimedia device, multiple image sensors having different types and method for controlling the same
US8210429B1 (en) 2008-10-31 2012-07-03 Bank Of America Corporation On demand transportation for cash handling device
US20130016883A1 (en) * 2011-07-13 2013-01-17 Honeywell International Inc. System and method for anonymous biometrics analysis
US20130036309A1 (en) * 2009-12-15 2013-02-07 Thomas Andreas Maria Kevenaar System and method for verifying the identity of an individual by employing biometric data features associated with the individual
US20130094723A1 (en) * 2010-06-08 2013-04-18 Theodosios Kountotsis System and method for fingerprint recognition and collection at points-of-sale and points-of-entry
US20130093565A1 (en) * 2011-10-18 2013-04-18 Accenture Global Services Limited Biometric matching system
US8438394B2 (en) 2011-01-14 2013-05-07 Netauthority, Inc. Device-bound certificate authentication
US20130267204A1 (en) * 2012-02-28 2013-10-10 Verizon Patent And Licensing Inc. Method and system for multi-factor biometric authentication based on different device capture modalities
US20130275309A1 (en) * 2012-04-13 2013-10-17 Francis King Hei KWONG Electronic-payment authentication process with an eye-positioning method for unlocking a pattern lock
US20130336545A1 (en) * 2012-06-15 2013-12-19 Aoptix Technologies, Inc. User interface for combined biometric mobile device
WO2014092665A1 (en) * 2012-12-13 2014-06-19 Kuveyt Türk Katilim Bankasi Anoni̇m Şi̇rketi̇ Integrated user authentication system in self-service machines
US8898450B2 (en) 2011-06-13 2014-11-25 Deviceauthority, Inc. Hardware identity in multi-factor authentication at the application layer
US20140354401A1 (en) * 2013-05-31 2014-12-04 Microsoft Corporation Resource Management Based on Biometric Data
US20150033310A1 (en) * 2013-07-25 2015-01-29 Technion Research & Development Foundation Ltd. User authentication system and methods
US20150120557A1 (en) * 2013-10-25 2015-04-30 Tencent Technology (Shenzhen) Company Limited Fingerprint payment method and related device and system
WO2015009430A3 (en) * 2013-07-15 2015-05-07 HGN Holdings, LLC System for embedded biometric authentication, identification and differentiation
US9088645B2 (en) 2001-12-12 2015-07-21 International Business Machines Corporation Intermediary device initiated caller identification
US9141955B2 (en) 2010-06-23 2015-09-22 The Western Union Company Biometrically secured user input for forms
US9143496B2 (en) 2013-03-13 2015-09-22 Uniloc Luxembourg S.A. Device authentication using device environment information
US9286466B2 (en) 2013-03-15 2016-03-15 Uniloc Luxembourg S.A. Registration and authentication of computing devices using a digital skeleton key
US9323912B2 (en) 2012-02-28 2016-04-26 Verizon Patent And Licensing Inc. Method and system for multi-factor biometric authentication
US9355234B1 (en) * 2013-09-27 2016-05-31 Emc Corporation Authentication involving selection among different biometric methods dynamically
US9487398B2 (en) * 1997-06-09 2016-11-08 Hid Global Corporation Apparatus and method of biometric determination using specialized optical spectroscopy systems
US9554273B1 (en) 2015-09-04 2017-01-24 International Business Machines Corporation User identification on a touchscreen device
US9591481B1 (en) * 2012-03-15 2017-03-07 United Services Automobile Association (Usaa) Authentication and security features for a mobile application
US9716593B2 (en) * 2015-02-11 2017-07-25 Sensory, Incorporated Leveraging multiple biometrics for enabling user access to security metadata
US9756133B2 (en) 2011-08-15 2017-09-05 Uniloc Luxembourg S.A. Remote recognition of an association between remote devices
US9779457B1 (en) 2012-03-15 2017-10-03 United Services Automobile Association (Usaa) Personalized navigation control items for an application
JP2017530476A (en) * 2014-09-24 2017-10-12 プリンストン・アイデンティティー・インコーポレーテッド Control of wireless communication device functions in mobile devices using biometric keys
US9865267B2 (en) * 2015-06-30 2018-01-09 Baidu Online Network Technology (Beijing) Co., Ltd. Communication method, apparatus and system based on voiceprint
US20180129750A1 (en) * 2007-10-30 2018-05-10 Google Technology Holdings LLC Method and Apparatus for Context-Aware Delivery of Informational Content on Ambient Displays
US10082954B2 (en) 2015-09-04 2018-09-25 International Business Machines Corporation Challenge generation for verifying users of computing devices
CN108900368A (en) * 2018-04-12 2018-11-27 广东电网有限责任公司佛山供电局 A kind of regulator control system and peace are from bi-directional data proofreading method between system
US20180349899A1 (en) * 2001-07-10 2018-12-06 Liberty Peak Ventures, Llc Funding a radio frequency device transaction
US10217084B2 (en) 2017-05-18 2019-02-26 Bank Of America Corporation System for processing resource deposits
US10275972B2 (en) 2017-05-18 2019-04-30 Bank Of America Corporation System for generating and providing sealed containers of traceable resources
US10360356B2 (en) * 2014-09-11 2019-07-23 Bank Of America Corporation Authenticating users requesting access to computing resources
US10515518B2 (en) 2017-05-18 2019-12-24 Bank Of America Corporation System for providing on-demand resource delivery to resource dispensers
US20200042811A1 (en) * 2018-07-09 2020-02-06 Capital One Services, Llc Atm with biometric security
US11440503B2 (en) * 2018-01-30 2022-09-13 Lg Electronics Inc. Vehicle terminal and control method of transportation system including same
US11444941B2 (en) * 2019-04-08 2022-09-13 Cisco Technology, Inc. Multifactor derived identification

Families Citing this family (77)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7377647B2 (en) * 2001-11-13 2008-05-27 Philadelphia Retina Endowment Fund Clarifying an image of an object to perform a procedure on the object
US7226166B2 (en) 2001-11-13 2007-06-05 Philadelphia Retina Endowment Fund Optimizing the properties of electromagnetic energy in a medium using stochastic parallel perturbation gradient descent optimization adaptive optics
US20040165147A1 (en) * 2001-11-13 2004-08-26 Della Vecchia Michael A. Determining iris biometric and spatial orientation of an iris in accordance with same
US7775665B2 (en) * 2001-11-13 2010-08-17 Dellavecchia Michael A Method for optically scanning objects
GB0128430D0 (en) * 2001-11-28 2002-01-16 Ncr Int Inc Media dispensing
US20040052403A1 (en) * 2002-01-25 2004-03-18 Houvener Robert C. High volume mobile identity verification system and method
US6757408B2 (en) * 2002-01-25 2004-06-29 Robert C. Houvener Quality assurance and training system for high volume mobile identity verification system and method
US6993659B2 (en) * 2002-04-23 2006-01-31 Info Data, Inc. Independent biometric identification system
JP2004005042A (en) * 2002-05-30 2004-01-08 Sony Corp Information management apparatus and method, information processor and method, recording medium and program
AU2003279071A1 (en) * 2002-09-23 2004-04-08 Wimetrics Corporation System and method for wireless local area network monitoring and intrusion detection
US7941849B2 (en) * 2003-03-21 2011-05-10 Imprivata, Inc. System and method for audit tracking
CA2724292C (en) 2003-05-30 2014-09-30 Privaris, Inc. An in-circuit security system and methods for controlling access to and use of sensitive data
WO2005086802A2 (en) 2004-03-08 2005-09-22 Proxense, Llc Linked account system using personal digital key (pdk-las)
US8296573B2 (en) * 2004-04-06 2012-10-23 International Business Machines Corporation System and method for remote self-enrollment in biometric databases
FR2878631B1 (en) * 2004-11-29 2007-01-12 Sagem METHOD FOR IDENTIFYING A USER USING MODIFIED BIOMETRIC CHARACTERISTICS AND DATABASE FOR CARRYING OUT SAID METHOD
IL165586A0 (en) * 2004-12-06 2006-01-15 Daphna Palti Wasserman Multivariate dynamic biometrics system
AU2005319019A1 (en) * 2004-12-20 2006-06-29 Proxense, Llc Biometric personal data key (PDK) authentication
US8060753B2 (en) * 2005-03-07 2011-11-15 The Boeing Company Biometric platform radio identification anti-theft system
US7657849B2 (en) 2005-12-23 2010-02-02 Apple Inc. Unlocking a device by performing gestures on an unlock image
US11206664B2 (en) 2006-01-06 2021-12-21 Proxense, Llc Wireless network synchronization of cells and client devices on a network
US9113464B2 (en) 2006-01-06 2015-08-18 Proxense, Llc Dynamic cell size variation via wireless link parameter adjustment
JP4933292B2 (en) * 2006-02-28 2012-05-16 キヤノン株式会社 Information processing apparatus, wireless communication method, storage medium, program
US7904718B2 (en) 2006-05-05 2011-03-08 Proxense, Llc Personal digital key differentiation for secure transactions
US9269221B2 (en) 2006-11-13 2016-02-23 John J. Gobbi Configuration of interfaces for a location detection system and application
US8942689B2 (en) * 2007-03-06 2015-01-27 Qualcomm Incorporated Method and technology for remote administration of wireless devices
CN101398949A (en) * 2007-09-24 2009-04-01 深圳富泰宏精密工业有限公司 Fingerprint identification gate inhibition system and method
EP2947592B1 (en) 2007-09-24 2021-10-27 Apple Inc. Embedded authentication systems in an electronic device
US8659427B2 (en) 2007-11-09 2014-02-25 Proxense, Llc Proximity-sensor supporting multiple application services
US8543831B2 (en) * 2007-11-14 2013-09-24 Qimonda Ag System and method for establishing data connections between electronic devices
US8171528B1 (en) 2007-12-06 2012-05-01 Proxense, Llc Hybrid device having a personal digital key and receiver-decoder circuit and methods of use
US9251332B2 (en) 2007-12-19 2016-02-02 Proxense, Llc Security system and method for controlling access to computing resources
US8600120B2 (en) 2008-01-03 2013-12-03 Apple Inc. Personal computing device control using face detection and recognition
WO2009102979A2 (en) 2008-02-14 2009-08-20 Proxense, Llc Proximity-based healthcare management system with automatic access to private information
US20090212902A1 (en) * 2008-02-21 2009-08-27 Lasercard Corporation System and method for authorizing limited access
WO2009126732A2 (en) 2008-04-08 2009-10-15 Proxense, Llc Automated service-based order processing
US9276747B2 (en) * 2008-08-04 2016-03-01 Technology Policy Associates, Llc Remote profile security system
US8838991B2 (en) * 2009-04-01 2014-09-16 Microsoft Corporation Secure biometric identity broker module
US20110047377A1 (en) * 2009-08-19 2011-02-24 Harris Corporation Secure digital communications via biometric key generation
US9418205B2 (en) 2010-03-15 2016-08-16 Proxense, Llc Proximity-based system for automatic application or data access and item tracking
US9322974B1 (en) 2010-07-15 2016-04-26 Proxense, Llc. Proximity-based system for object tracking
US8528072B2 (en) 2010-07-23 2013-09-03 Apple Inc. Method, apparatus and system for access mode control of a device
US9007898B2 (en) 2011-02-01 2015-04-14 Google Inc. System to share network bandwidth among competing applications
US9559956B2 (en) * 2011-02-01 2017-01-31 Google Inc. Sharing bandwidth among multiple users of network applications
US8857716B1 (en) 2011-02-21 2014-10-14 Proxense, Llc Implementation of a proximity-based system for object tracking and automatic application initialization
US9002322B2 (en) 2011-09-29 2015-04-07 Apple Inc. Authentication with secondary approver
US8769624B2 (en) 2011-09-29 2014-07-01 Apple Inc. Access control utilizing indirect authentication
US10503888B2 (en) 2012-03-16 2019-12-10 Traitware, Inc. Authentication system
BR112014028774B1 (en) 2012-05-18 2022-05-10 Apple Inc Method, electronic device, computer readable storage medium and information processing apparatus
US9618428B2 (en) 2012-11-30 2017-04-11 Ge Healthcare Uk Limited Biometric device and means for electronic storage and retrieval of biometric data
WO2014153420A1 (en) 2013-03-19 2014-09-25 Acuity Systems, Inc. Authentication system
US9405898B2 (en) 2013-05-10 2016-08-02 Proxense, Llc Secure element as a digital pocket
EP3035225B1 (en) * 2013-07-30 2020-05-06 Nec Corporation Information processing device, authentication system, authentication method, and program
US9898642B2 (en) 2013-09-09 2018-02-20 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
WO2015153559A1 (en) * 2014-03-31 2015-10-08 Wi-Lan Labs, Inc. System and method for biometric key management
US9483763B2 (en) 2014-05-29 2016-11-01 Apple Inc. User interface for payments
US10061971B2 (en) * 2014-07-25 2018-08-28 Qualcomm Incorporated Enrollment and authentication on a mobile device
WO2016018028A1 (en) * 2014-07-31 2016-02-04 Samsung Electronics Co., Ltd. Device and method of setting or removing security on content
US20160055429A1 (en) 2014-08-20 2016-02-25 Universal City Studios Llc Virtual queuing system and method
US9563992B2 (en) * 2014-12-01 2017-02-07 Honeywell International Inc. System and method of associating, assigning, and authenticating users with personal protective equipment using biometrics
US10482225B1 (en) * 2015-07-14 2019-11-19 Melih Abdulhayoglu Method of authorization dialog organizing
WO2017068434A1 (en) * 2015-10-21 2017-04-27 Schuster Bob A Authentication across multiple platforms
US10152840B2 (en) 2016-03-16 2018-12-11 Universal City Studios Llc Virtual queue system and method
DK179186B1 (en) 2016-05-19 2018-01-15 Apple Inc REMOTE AUTHORIZATION TO CONTINUE WITH AN ACTION
US10453060B2 (en) * 2016-05-27 2019-10-22 Mastercard International Incorporated Systems and methods for authenticating a requestor at an ATM
US20180132107A1 (en) * 2016-11-07 2018-05-10 Mediatek Inc. Method and associated processor for improving user verification
US10943188B2 (en) 2016-11-09 2021-03-09 Universal City Studios Llc Virtual queuing techniques
SG10201706801YA (en) * 2017-08-21 2019-03-28 Mastercard Asia Pacific Pte Ltd Biometric system for authenticating a biometric request
KR102143148B1 (en) 2017-09-09 2020-08-10 애플 인크. Implementation of biometric authentication
KR102185854B1 (en) 2017-09-09 2020-12-02 애플 인크. Implementation of biometric authentication
US10372418B1 (en) * 2018-02-20 2019-08-06 Wells Fargo Bank, N.A. Apparatuses and methods for improved pseudo-random number generation
US11170085B2 (en) 2018-06-03 2021-11-09 Apple Inc. Implementation of biometric authentication
US11100349B2 (en) 2018-09-28 2021-08-24 Apple Inc. Audio assisted enrollment
US10860096B2 (en) 2018-09-28 2020-12-08 Apple Inc. Device control using gaze information
KR20200100481A (en) * 2019-02-18 2020-08-26 삼성전자주식회사 Electronic device for authenticating biometric information and operating method thereof
US11949677B2 (en) * 2019-04-23 2024-04-02 Microsoft Technology Licensing, Llc Resource access based on audio signal
US11568333B2 (en) 2019-06-27 2023-01-31 Universal City Studios Llc Systems and methods for a smart virtual queue
US11120159B1 (en) 2019-09-02 2021-09-14 Wells Fargo Bank, N.A. Composite biometric authentication

Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5719950A (en) * 1994-03-24 1998-02-17 Minnesota Mining And Manufacturing Company Biometric, personal authentication system
US5790668A (en) * 1995-12-19 1998-08-04 Mytec Technologies Inc. Method and apparatus for securely handling data in a database of biometrics and associated data
US5815252A (en) * 1995-09-05 1998-09-29 Canon Kabushiki Kaisha Biometric identification process and system utilizing multiple parameters scans for reduction of false negatives
US6104922A (en) * 1998-03-02 2000-08-15 Motorola, Inc. User authentication in a communication system utilizing biometric information
US6213391B1 (en) * 1997-09-10 2001-04-10 William H. Lewis Portable system for personal identification based upon distinctive characteristics of the user
US6360953B1 (en) * 1998-07-15 2002-03-26 Magnex Corporation Secure print sensing smart card with on-the-fly-operation
US6363485B1 (en) * 1998-09-09 2002-03-26 Entrust Technologies Limited Multi-factor biometric authenticating device and method
US6483929B1 (en) * 2000-06-08 2002-11-19 Tarian Llc Method and apparatus for histological and physiological biometric operation and authentication
US6487662B1 (en) * 1999-05-14 2002-11-26 Jurij Jakovlevich Kharon Biometric system for biometric input, comparison, authentication and access control and method therefor
US6522772B1 (en) * 1998-09-30 2003-02-18 Ncr Corporation Self-service checkout terminal having a biometric sensing device for verifying identity of a user and associated method
US6618806B1 (en) * 1998-04-01 2003-09-09 Saflink Corporation System and method for authenticating users in a computer network
US6697947B1 (en) * 1999-06-17 2004-02-24 International Business Machines Corporation Biometric based multi-party authentication
US6725303B1 (en) * 2000-08-31 2004-04-20 At&T Corp. Method and apparatus for establishing a personalized connection with a network
US6735695B1 (en) * 1999-12-20 2004-05-11 International Business Machines Corporation Methods and apparatus for restricting access of a user using random partial biometrics
US6819219B1 (en) * 2000-10-13 2004-11-16 International Business Machines Corporation Method for biometric-based authentication in wireless communication for access control
US6944773B1 (en) * 2000-05-19 2005-09-13 Sony Corporation Method and apparatus for fingerprint authentication during on-line transactions
US6957338B1 (en) * 1999-01-20 2005-10-18 Nec Corporation Individual authentication system performing authentication in multiple steps

Family Cites Families (49)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5021776A (en) 1988-07-11 1991-06-04 Yale Security Inc. Electronic combination of lock with changeable entry codes, lock-out and programming code
US5229764A (en) 1991-06-20 1993-07-20 Matchett Noel D Continuous biometric authentication matrix
CA2071577A1 (en) 1991-06-21 1992-12-22 Gerald L. Dawson Electronic combination lock with high security features
US5291560A (en) 1991-07-15 1994-03-01 Iri Scan Incorporated Biometric personal identification system based on iris analysis
US5222152A (en) 1991-11-19 1993-06-22 Digital Biometrics, Inc. Portable fingerprint scanning apparatus for identification verification
US5335288A (en) 1992-02-10 1994-08-02 Faulkner Keith W Apparatus and method for biometric identification
US5469506A (en) 1994-06-27 1995-11-21 Pitney Bowes Inc. Apparatus for verifying an identification card and identifying a person by means of a biometric characteristic
US5586186A (en) 1994-07-15 1996-12-17 Microsoft Corporation Method and system for controlling unauthorized access to information distributed to users
US5572596A (en) 1994-09-02 1996-11-05 David Sarnoff Research Center, Inc. Automated, non-invasive iris recognition system and method
US5712912A (en) 1995-07-28 1998-01-27 Mytec Technologies Inc. Method and apparatus for securely handling a personal identification number or cryptographic key using biometric techniques
US5617082A (en) 1994-11-15 1997-04-01 Micro Enhanced Technology, Inc. Electronic access control device utilizing a single microcomputer integrated circuit
US6154879A (en) * 1994-11-28 2000-11-28 Smarttouch, Inc. Tokenless biometric ATM access system
US5802199A (en) 1994-11-28 1998-09-01 Smarttouch, Llc Use sensitive identification system
US6140938A (en) 1995-04-14 2000-10-31 Flick; Kenneth E. Remote control system suitable for a vehicle and having remote transmitter verification
US5842194A (en) 1995-07-28 1998-11-24 Mitsubishi Denki Kabushiki Kaisha Method of recognizing images of faces or general images using fuzzy combination of multiple resolutions
JPH09212644A (en) 1996-02-07 1997-08-15 Oki Electric Ind Co Ltd Iris recognition device and iris recognition method
US5886644A (en) 1996-03-12 1999-03-23 Security People, Inc. Programmable digital electronic lock
US5894277A (en) 1996-03-12 1999-04-13 Security People, Inc. Programmable digital electronic lock
US5787187A (en) 1996-04-01 1998-07-28 Sandia Corporation Systems and methods for biometric identification using the acoustic properties of the ear canal
US6011858A (en) 1996-05-10 2000-01-04 Biometric Tracking, L.L.C. Memory card having a biometric template stored thereon and system for using same
US5978495A (en) * 1996-07-17 1999-11-02 Intelnet Inc. Method and apparatus for accurate determination of the identity of human beings
US6108636A (en) 1996-10-15 2000-08-22 Iris Corporation Berhad Luggage handling and reconciliation system using an improved security identification document including contactless communication insert unit
US6038334A (en) 1997-02-21 2000-03-14 Dew Engineering And Development Limited Method of gathering biometric information
US6072891A (en) 1997-02-21 2000-06-06 Dew Engineering And Development Limited Method of gathering biometric information
US5915035A (en) 1997-01-27 1999-06-22 Aetex Biometric Corporation Method for extracting high-level features for fingerprint recognition
US6038315A (en) 1997-03-17 2000-03-14 The Regents Of The University Of California Method and system for normalizing biometric variations to authenticate users from a public database and that ensures individual biometric data privacy
US6111977A (en) 1997-04-17 2000-08-29 Cross Match Technologies, Inc. Hand-held fingerprint recognition and transmission device
US6105010A (en) 1997-05-09 2000-08-15 Gte Service Corporation Biometric certifying authorities
US6018739A (en) 1997-05-15 2000-01-25 Raytheon Company Biometric personnel identification system
US5991408A (en) 1997-05-16 1999-11-23 Veridicom, Inc. Identification and security using biometric measurements
US5995642A (en) 1997-06-30 1999-11-30 Aetex Biometric Corporation Method for automatic fingerprint classification
US6119096A (en) 1997-07-31 2000-09-12 Eyeticket Corporation System and method for aircraft passenger check-in and boarding using iris recognition
US6016476A (en) 1997-08-11 2000-01-18 International Business Machines Corporation Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US6012064A (en) 1997-08-21 2000-01-04 Lucent Technologies Inc. Maintaining a random sample of a relation in a database in the presence of updates to the relation
US6038332A (en) 1997-09-05 2000-03-14 Digital Biometrics, Inc. Method and apparatus for capturing the image of a palm
US6047282A (en) 1997-12-05 2000-04-04 Authentec, Inc. Apparatus and method for expandable biometric searching
US6047281A (en) 1997-12-05 2000-04-04 Authentec, Inc. Method and apparatus for expandable biometric searching
US6038666A (en) 1997-12-22 2000-03-14 Trw Inc. Remote identity verification technique using a personal identification device
US6092192A (en) 1998-01-16 2000-07-18 International Business Machines Corporation Apparatus and methods for providing repetitive enrollment in a plurality of biometric recognition systems based on an initial enrollment
US6845453B2 (en) * 1998-02-13 2005-01-18 Tecsec, Inc. Multiple factor-based user identification and authentication
US6167517A (en) * 1998-04-09 2000-12-26 Oracle Corporation Trusted biometric client authentication
US6160903A (en) 1998-04-24 2000-12-12 Dew Engineering And Development Limited Method of providing secure user access
US5956122A (en) 1998-06-26 1999-09-21 Litton Systems, Inc Iris recognition apparatus and method
USD426237S (en) 1998-11-19 2000-06-06 Precise Biometrics Ab Card reader
US6256737B1 (en) 1999-03-09 2001-07-03 Bionetrix Systems Corporation System, method and computer program product for allowing access to enterprise resources using biometric devices
US6393305B1 (en) * 1999-06-07 2002-05-21 Nokia Mobile Phones Limited Secure wireless communication user identification by voice recognition
JP2001092786A (en) * 1999-09-24 2001-04-06 Mizobe Tatsuji Portable personal identification device and electronic system to which access is permitted by the same device
US6496595B1 (en) * 2000-05-19 2002-12-17 Nextgenid, Ltd. Distributed biometric access control apparatus and method
WO2002095543A2 (en) * 2001-02-06 2002-11-28 En Garde Systems Apparatus and method for providing secure network communication

Patent Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5719950A (en) * 1994-03-24 1998-02-17 Minnesota Mining And Manufacturing Company Biometric, personal authentication system
US5815252A (en) * 1995-09-05 1998-09-29 Canon Kabushiki Kaisha Biometric identification process and system utilizing multiple parameters scans for reduction of false negatives
US5790668A (en) * 1995-12-19 1998-08-04 Mytec Technologies Inc. Method and apparatus for securely handling data in a database of biometrics and associated data
US6213391B1 (en) * 1997-09-10 2001-04-10 William H. Lewis Portable system for personal identification based upon distinctive characteristics of the user
US6104922A (en) * 1998-03-02 2000-08-15 Motorola, Inc. User authentication in a communication system utilizing biometric information
US6618806B1 (en) * 1998-04-01 2003-09-09 Saflink Corporation System and method for authenticating users in a computer network
US6360953B1 (en) * 1998-07-15 2002-03-26 Magnex Corporation Secure print sensing smart card with on-the-fly-operation
US6363485B1 (en) * 1998-09-09 2002-03-26 Entrust Technologies Limited Multi-factor biometric authenticating device and method
US6522772B1 (en) * 1998-09-30 2003-02-18 Ncr Corporation Self-service checkout terminal having a biometric sensing device for verifying identity of a user and associated method
US6957338B1 (en) * 1999-01-20 2005-10-18 Nec Corporation Individual authentication system performing authentication in multiple steps
US6487662B1 (en) * 1999-05-14 2002-11-26 Jurij Jakovlevich Kharon Biometric system for biometric input, comparison, authentication and access control and method therefor
US6697947B1 (en) * 1999-06-17 2004-02-24 International Business Machines Corporation Biometric based multi-party authentication
US6735695B1 (en) * 1999-12-20 2004-05-11 International Business Machines Corporation Methods and apparatus for restricting access of a user using random partial biometrics
US6944773B1 (en) * 2000-05-19 2005-09-13 Sony Corporation Method and apparatus for fingerprint authentication during on-line transactions
US6483929B1 (en) * 2000-06-08 2002-11-19 Tarian Llc Method and apparatus for histological and physiological biometric operation and authentication
US6725303B1 (en) * 2000-08-31 2004-04-20 At&T Corp. Method and apparatus for establishing a personalized connection with a network
US6819219B1 (en) * 2000-10-13 2004-11-16 International Business Machines Corporation Method for biometric-based authentication in wireless communication for access control

Cited By (172)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9487398B2 (en) * 1997-06-09 2016-11-08 Hid Global Corporation Apparatus and method of biometric determination using specialized optical spectroscopy systems
US20040010597A1 (en) * 1999-04-22 2004-01-15 Kirschner Hope L. System and method for providing enhanced services in a multi-channel interactive distributed environment
US7871329B2 (en) * 2000-12-08 2011-01-18 Igt Casino gambling system with biometric access control
US20070060334A1 (en) * 2000-12-08 2007-03-15 Igt Casino gambling system with biometric access control
US20020103827A1 (en) * 2001-01-26 2002-08-01 Robert Sesek System and method for filling out forms
US7725725B1 (en) * 2001-04-26 2010-05-25 Gary Odom User-selectable signatures
US7350078B1 (en) * 2001-04-26 2008-03-25 Gary Odom User selection of computer login
US8429415B1 (en) 2001-04-26 2013-04-23 Tierra Intelectual Borinquen User-selectable signatures
US7398549B2 (en) * 2001-05-18 2008-07-08 Imprivata, Inc. Biometric authentication with security against eavesdropping
US20020174346A1 (en) * 2001-05-18 2002-11-21 Imprivata, Inc. Biometric authentication with security against eavesdropping
US20030005326A1 (en) * 2001-06-29 2003-01-02 Todd Flemming Method and system for implementing a security application services provider
WO2003007215A1 (en) * 2001-07-09 2003-01-23 Infonox On The Web Identity verification and enrollment system for self-service devices
US6758394B2 (en) * 2001-07-09 2004-07-06 Infonox On The Web Identity verification and enrollment system for self-service devices
US20180349899A1 (en) * 2001-07-10 2018-12-06 Liberty Peak Ventures, Llc Funding a radio frequency device transaction
US10839388B2 (en) * 2001-07-10 2020-11-17 Liberty Peak Ventures, Llc Funding a radio frequency device transaction
US20030073065A1 (en) * 2001-10-12 2003-04-17 Lee Riggs Methods and systems for providing training through an electronic network to remote electronic devices
US20030074559A1 (en) * 2001-10-12 2003-04-17 Lee Riggs Methods and systems for receiving training through electronic data networks using remote hand held devices
US8630403B2 (en) 2001-12-12 2014-01-14 International Business Machines Corporation Controlling hold queue position adjustment
US7839989B2 (en) 2001-12-12 2010-11-23 International Business Machines Corporation Intermediary device based callee identification
US8160235B2 (en) 2001-12-12 2012-04-17 International Business Machines Corporation Controlling hold queue position adjustment
US9088645B2 (en) 2001-12-12 2015-07-21 International Business Machines Corporation Intermediary device initiated caller identification
US20070237319A1 (en) * 2001-12-12 2007-10-11 Michael Wayne Brown Intermediary Device Based Callee Identification
US8873738B2 (en) 2001-12-12 2014-10-28 International Business Machines Corporation Controlling hold queue position adjustment
US8144850B2 (en) 2001-12-17 2012-03-27 International Business Machines Corporation Logging calls according to call context
US7849013B2 (en) 2002-02-22 2010-12-07 At&T Mobility Ii Llc Secure online purchasing
US20050182717A1 (en) * 2002-02-22 2005-08-18 Engelhart Robert L. Secure online purchasing
US6944768B2 (en) * 2002-04-19 2005-09-13 Cross Match Technologies, Inc. System and methods for access control utilizing two factors to control access
US20030200446A1 (en) * 2002-04-19 2003-10-23 Cross Match Technologies, Inc. System and methods for access control utilizing two factors to control access
US20100077224A1 (en) * 2002-04-23 2010-03-25 Michael Milgramm Multiplatform independent biometric identification system
US7263347B2 (en) * 2002-05-24 2007-08-28 Cingular Wireless Ii, Llc Biometric authentication of a wireless device user
US20030220095A1 (en) * 2002-05-24 2003-11-27 At&T Wireless Services, Inc. Biometric authentication of a wireless device user
US20080161753A1 (en) * 2002-06-14 2008-07-03 Baxter International Inc. Infusion pump
US7766863B2 (en) * 2002-06-14 2010-08-03 Baxter International Inc. Infusion pump
US20040059950A1 (en) * 2002-09-24 2004-03-25 Bender Steven S. Key sequence rhythm recognition system and method
US20080034218A1 (en) * 2002-09-24 2008-02-07 Bender Steven L Key sequence rhythm guidance recognition system and method
US7206938B2 (en) * 2002-09-24 2007-04-17 Imagic Software, Inc. Key sequence rhythm recognition system and method
US20080133933A1 (en) * 2002-09-24 2008-06-05 Bender Steven L Key sequence rhythm recognition system and method
US20040073432A1 (en) * 2002-10-15 2004-04-15 Stone Christopher J. Webpad for the disabled
US20040088587A1 (en) * 2002-10-30 2004-05-06 International Business Machines Corporation Methods and apparatus for dynamic user authentication using customizable context-dependent interaction across multiple verification objects
US8171298B2 (en) * 2002-10-30 2012-05-01 International Business Machines Corporation Methods and apparatus for dynamic user authentication using customizable context-dependent interaction across multiple verification objects
US7804982B2 (en) 2002-11-26 2010-09-28 L-1 Secure Credentialing, Inc. Systems and methods for managing and detecting fraud in image databases used with identification documents
US20060143469A1 (en) * 2002-11-27 2006-06-29 Endress + Hauser Wetzer Gmbh + Co. Kg Method for identification a user, especially for process automation engineering devices
US20050190589A1 (en) * 2002-12-10 2005-09-01 Fujitsu Limited Capacitor, semiconductor device, and method of manufacturing the semiconductor device
US20060192651A1 (en) * 2003-03-22 2006-08-31 You-Young Lee Data transmit system and transmit methods by using n-dimensional information
WO2004084482A1 (en) * 2003-03-22 2004-09-30 You-Young Lee Data transmit system and transmit methods by using n-dimensional information
US20060184801A1 (en) * 2003-04-08 2006-08-17 Wood Richard G Method for controlling fraud and enhancing security and privacy by using personal hybrid card
US9262876B2 (en) * 2003-04-08 2016-02-16 Richard Glee Wood Method for controlling fraud and enhancing security and privacy by using personal hybrid card
US7789311B2 (en) 2003-04-16 2010-09-07 L-1 Secure Credentialing, Inc. Three dimensional data storage
US8144941B2 (en) 2003-06-16 2012-03-27 Uru Technology Incorporated Method and system for creating and operating biometrically enabled multi-purpose credential management devices
US20100275259A1 (en) * 2003-06-16 2010-10-28 Uru Technology Incorporated Method and system for creating and operating biometrically enabled multi-purpose credential management devices
US7715593B1 (en) * 2003-06-16 2010-05-11 Uru Technology Incorporated Method and system for creating and operating biometrically enabled multi-purpose credential management devices
US20100117794A1 (en) * 2003-06-16 2010-05-13 William Mark Adams Method and system for creating and operating biometrically enabled multi-purpose credential management devices
US20050031173A1 (en) * 2003-06-20 2005-02-10 Kyungtae Hwang Systems and methods for detecting skin, eye region, and pupils
US20050018883A1 (en) * 2003-07-09 2005-01-27 Cross Match Technologies, Inc. Systems and methods for facilitating transactions
US7735125B1 (en) * 2003-10-17 2010-06-08 Nexxo Financial, Inc. Systems and methods for identifying and verifying a user of a kiosk using an external verification system
US8204829B2 (en) 2003-10-17 2012-06-19 Nexxo Financial Corporation Systems and methods for money sharing
US20070168283A1 (en) * 2003-10-17 2007-07-19 Nexxo Financial Corporation Self-service money remittance with an access card
US7641113B1 (en) 2003-10-17 2010-01-05 Nexxo Financial, Inc. Systems and methods for generating revenue from banking transactions using a stored-value card
US20050086168A1 (en) * 2003-10-17 2005-04-21 Alvarez David R. Systems and methods for money sharing
US8793187B2 (en) 2003-10-17 2014-07-29 Nexxo Financial Corporation Self-service money remittance with an access card
US20050082364A1 (en) * 2003-10-17 2005-04-21 Nexxo Financial Corporation Systems and methods for banking transactions using a stored-value card
US20060021003A1 (en) * 2004-06-23 2006-01-26 Janus Software, Inc Biometric authentication system
US20060239512A1 (en) * 2005-04-22 2006-10-26 Imme, Llc Anti-identity theft system and method
US11086978B2 (en) * 2005-05-19 2021-08-10 Western Digital Israel Ltd Transaction authentication by a token, contingent on personal presence
US20060265340A1 (en) * 2005-05-19 2006-11-23 M-System Flash Disk Pioneers Ltd. Transaction authentication by a token, contingent on personal presence
DE102005028160B4 (en) * 2005-06-17 2008-06-26 Giesecke & Devrient Gmbh Method for authenticating a user
DE102005028160A1 (en) * 2005-06-17 2006-12-28 Giesecke & Devrient Gmbh Authentication process for user involves storing of reference data for multiple biometric features of user by using portable data carrier
US20080168268A1 (en) * 2005-06-30 2008-07-10 Sagem Securite Method For Providing a Secured Communication Between a User and an Entity
US20070009139A1 (en) * 2005-07-11 2007-01-11 Agere Systems Inc. Facial recognition device for a handheld electronic device and a method of using the same
US20070177771A1 (en) * 2006-02-02 2007-08-02 Masahide Tanaka Biometrics System, Biologic Information Storage, and Portable Device
US8224034B2 (en) * 2006-02-02 2012-07-17 NL Giken Incorporated Biometrics system, biologic information storage, and portable device
US20080112597A1 (en) * 2006-11-10 2008-05-15 Tomoyuki Asano Registration Apparatus, Verification Apparatus, Registration Method, Verification Method and Program
US8103069B2 (en) * 2006-11-10 2012-01-24 Sony Corporation Registration apparatus, verification apparatus, registration method, verification method and program
US20080199053A1 (en) * 2007-02-15 2008-08-21 Tariq Zafar Method for consolidating various financial type cards into a single card and providing positive identification of an individual using such card
US20180129750A1 (en) * 2007-10-30 2018-05-10 Google Technology Holdings LLC Method and Apparatus for Context-Aware Delivery of Informational Content on Ambient Displays
US20090171836A1 (en) * 2007-12-28 2009-07-02 Ebay Inc. System and method for identification verification over a financial network
US8812701B2 (en) 2008-05-21 2014-08-19 Uniloc Luxembourg, S.A. Device and method for secured communication
US20090292816A1 (en) * 2008-05-21 2009-11-26 Uniloc Usa, Inc. Device and Method for Secured Communication
US20090309729A1 (en) * 2008-06-16 2009-12-17 Bank Of America Corporation Monetary package security during transport through cash supply chain
US8556167B1 (en) 2008-06-16 2013-10-15 Bank Of America Corporation Prediction of future cash supply chain status
US8094021B2 (en) 2008-06-16 2012-01-10 Bank Of America Corporation Monetary package security during transport through cash supply chain
US8164451B2 (en) 2008-06-16 2012-04-24 Bank Of America Corporation Cash handling facility management
US9024722B2 (en) * 2008-06-16 2015-05-05 Bank Of America Corporation Remote identification equipped self-service monetary item handling device
US8078534B1 (en) 2008-06-16 2011-12-13 Bank Of America Corporation Cash supply chain surveillance
US20110210826A1 (en) * 2008-06-16 2011-09-01 Bank Of America Corporation Cash handling facility management
US8550338B1 (en) 2008-06-16 2013-10-08 Bank Of America Corporation Cash supply chain notifications
US8571948B1 (en) 2008-06-16 2013-10-29 Bank Of America Corporation Extension of credit for monetary items still in transport
US20090309722A1 (en) * 2008-06-16 2009-12-17 Bank Of America Corporation Tamper-indicating monetary package
US8577802B1 (en) 2008-06-16 2013-11-05 Bank Of America Corporation On-demand cash transport
US8341077B1 (en) 2008-06-16 2012-12-25 Bank Of America Corporation Prediction of future funds positions
US20090309694A1 (en) * 2008-06-16 2009-12-17 Bank Of America Corporation Remote identification equipped self-service monetary item handling device
US8368510B2 (en) 2008-07-16 2013-02-05 George William Luckhardt Biometric authentication and verification
US8159328B2 (en) * 2008-07-16 2012-04-17 George William Luckhardt Biometric authentication and verification
US20100013593A1 (en) * 2008-07-16 2010-01-21 IP Filepoint, LLC A Delaware LLC Biometric authentication and verification
US20100040261A1 (en) * 2008-08-12 2010-02-18 International Business Machines Corporation Biometric identification assurance method and token retrieval
US8210429B1 (en) 2008-10-31 2012-07-03 Bank Of America Corporation On demand transportation for cash handling device
US8595804B2 (en) * 2008-11-06 2013-11-26 At&T Intellectual Property I, L.P. System and method for device security with a plurality of authentication modes
US20100115607A1 (en) * 2008-11-06 2010-05-06 At&T Intellectual Property I, L.P. System and method for device security with a plurality of authentication modes
US8222999B2 (en) * 2008-12-22 2012-07-17 Toshiba Tec Kabushiki Kaisha Commodity display position alert system and commodity display position alert method
US20100156602A1 (en) * 2008-12-22 2010-06-24 Toshiba Tec Kabushiki Kaisha Commodity display position alert system and commodity display position alert method
US9047458B2 (en) 2009-06-19 2015-06-02 Deviceauthority, Inc. Network access protection
US20100325704A1 (en) * 2009-06-19 2010-12-23 Craig Stephen Etchegoyen Identification of Embedded System Devices
US9047450B2 (en) 2009-06-19 2015-06-02 Deviceauthority, Inc. Identification of embedded system devices
US20100325710A1 (en) * 2009-06-19 2010-12-23 Etchegoyen Craig S Network Access Protection
US8213907B2 (en) 2009-07-08 2012-07-03 Uniloc Luxembourg S. A. System and method for secured mobile communication
EP2282474A1 (en) * 2009-07-08 2011-02-09 Uniloc Usa, Inc. System and method for secured mobile communication
US20110009092A1 (en) * 2009-07-08 2011-01-13 Craig Stephen Etchegoyen System and Method for Secured Mobile Communication
US20110087611A1 (en) * 2009-10-14 2011-04-14 Shyam Chetal Biometric identification and authentication system for financial accounts
US20110093703A1 (en) * 2009-10-16 2011-04-21 Etchegoyen Craig S Authentication of Computing and Communications Hardware
US8726407B2 (en) 2009-10-16 2014-05-13 Deviceauthority, Inc. Authentication of computing and communications hardware
US20130036309A1 (en) * 2009-12-15 2013-02-07 Thomas Andreas Maria Kevenaar System and method for verifying the identity of an individual by employing biometric data features associated with the individual
US9160522B2 (en) * 2009-12-15 2015-10-13 Genkey Netherlands B.V. System and method for verifying the identity of an individual by employing biometric data features associated with the individual
US8750581B2 (en) * 2010-06-08 2014-06-10 Theodosios Kountotsis System and method for fingerprint recognition and collection at points-of-sale and points-of-entry
US20130094723A1 (en) * 2010-06-08 2013-04-18 Theodosios Kountotsis System and method for fingerprint recognition and collection at points-of-sale and points-of-entry
US9754132B2 (en) * 2010-06-23 2017-09-05 The Western Union Company Multi-user device with information capture capabilities
US10146760B2 (en) 2010-06-23 2018-12-04 The Western Union Company Biometrically secured user input for forms
US9218510B2 (en) 2010-06-23 2015-12-22 The Western Union Company Personal writing device with user recognition capabilities and personal information storage
US20110320353A1 (en) * 2010-06-23 2011-12-29 The Western Union Company Multi-user device with information capture capabilities
US9141955B2 (en) 2010-06-23 2015-09-22 The Western Union Company Biometrically secured user input for forms
US9025023B2 (en) * 2010-11-11 2015-05-05 Lg Electronics Inc. Method for processing image data in television having multiple image sensors and the television for controlling the same
US20120120271A1 (en) * 2010-11-11 2012-05-17 Lg Electronics Inc. Multimedia device, multiple image sensors having different types and method for controlling the same
US10432609B2 (en) 2011-01-14 2019-10-01 Device Authority Ltd. Device-bound certificate authentication
US8438394B2 (en) 2011-01-14 2013-05-07 Netauthority, Inc. Device-bound certificate authentication
US8898450B2 (en) 2011-06-13 2014-11-25 Deviceauthority, Inc. Hardware identity in multi-factor authentication at the application layer
US9020208B2 (en) * 2011-07-13 2015-04-28 Honeywell International Inc. System and method for anonymous biometrics analysis
US20130016883A1 (en) * 2011-07-13 2013-01-17 Honeywell International Inc. System and method for anonymous biometrics analysis
US9756133B2 (en) 2011-08-15 2017-09-05 Uniloc Luxembourg S.A. Remote recognition of an association between remote devices
US9069997B2 (en) * 2011-10-18 2015-06-30 Accenture Global Services Limited Biometric matching system using input biometric sample
US9779400B2 (en) 2011-10-18 2017-10-03 Accenture Global Services Limited Biometric matching system using input biometric sample
US20130093565A1 (en) * 2011-10-18 2013-04-18 Accenture Global Services Limited Biometric matching system
US9100825B2 (en) * 2012-02-28 2015-08-04 Verizon Patent And Licensing Inc. Method and system for multi-factor biometric authentication based on different device capture modalities
US20130267204A1 (en) * 2012-02-28 2013-10-10 Verizon Patent And Licensing Inc. Method and system for multi-factor biometric authentication based on different device capture modalities
US9323912B2 (en) 2012-02-28 2016-04-26 Verizon Patent And Licensing Inc. Method and system for multi-factor biometric authentication
US9591481B1 (en) * 2012-03-15 2017-03-07 United Services Automobile Association (Usaa) Authentication and security features for a mobile application
US10728762B1 (en) * 2012-03-15 2020-07-28 United Services Automobile Association (Usaa) Authentication and security features for a mobile application
US10271212B1 (en) 2012-03-15 2019-04-23 United Services Automobile Association (Usaa) Authentication and security features for a mobile application
US11127078B1 (en) 2012-03-15 2021-09-21 United Services Automobile Association (Usaa) Personalized navigation control items for an application
US9906957B1 (en) * 2012-03-15 2018-02-27 United Services Automobile Association (Ussa) Authentication and security features for a mobile application
US11776057B1 (en) 2012-03-15 2023-10-03 United Services Automobile Association (Usaa) Personalized navigation control items for an application
US9779457B1 (en) 2012-03-15 2017-10-03 United Services Automobile Association (Usaa) Personalized navigation control items for an application
US20130275309A1 (en) * 2012-04-13 2013-10-17 Francis King Hei KWONG Electronic-payment authentication process with an eye-positioning method for unlocking a pattern lock
US20130336545A1 (en) * 2012-06-15 2013-12-19 Aoptix Technologies, Inc. User interface for combined biometric mobile device
US8842888B2 (en) * 2012-06-15 2014-09-23 Aoptix Technologies, Inc. User interface for combined biometric mobile device
WO2014092665A1 (en) * 2012-12-13 2014-06-19 Kuveyt Türk Katilim Bankasi Anoni̇m Şi̇rketi̇ Integrated user authentication system in self-service machines
US9143496B2 (en) 2013-03-13 2015-09-22 Uniloc Luxembourg S.A. Device authentication using device environment information
US9740849B2 (en) 2013-03-15 2017-08-22 Uniloc Luxembourg S.A. Registration and authentication of computing devices using a digital skeleton key
US9286466B2 (en) 2013-03-15 2016-03-15 Uniloc Luxembourg S.A. Registration and authentication of computing devices using a digital skeleton key
US9330513B2 (en) * 2013-05-31 2016-05-03 Microsoft Technology Licensing, Llc Resource management based on biometric data
US20140354401A1 (en) * 2013-05-31 2014-12-04 Microsoft Corporation Resource Management Based on Biometric Data
WO2015009430A3 (en) * 2013-07-15 2015-05-07 HGN Holdings, LLC System for embedded biometric authentication, identification and differentiation
US9680644B2 (en) * 2013-07-25 2017-06-13 Technion Research And Development Foundation Limited User authentication system and methods
US20150033310A1 (en) * 2013-07-25 2015-01-29 Technion Research & Development Foundation Ltd. User authentication system and methods
US9355234B1 (en) * 2013-09-27 2016-05-31 Emc Corporation Authentication involving selection among different biometric methods dynamically
US20150120557A1 (en) * 2013-10-25 2015-04-30 Tencent Technology (Shenzhen) Company Limited Fingerprint payment method and related device and system
US10360356B2 (en) * 2014-09-11 2019-07-23 Bank Of America Corporation Authenticating users requesting access to computing resources
US10846382B2 (en) 2014-09-11 2020-11-24 Bank Of America Corporation Authenticating users requesting access to computing resources
EP3198913A4 (en) * 2014-09-24 2018-05-23 Princeton Identity, Inc. Control of wireless communication device capability in a mobile device with a biometric key
JP2017530476A (en) * 2014-09-24 2017-10-12 プリンストン・アイデンティティー・インコーポレーテッド Control of wireless communication device functions in mobile devices using biometric keys
US9716593B2 (en) * 2015-02-11 2017-07-25 Sensory, Incorporated Leveraging multiple biometrics for enabling user access to security metadata
US9865267B2 (en) * 2015-06-30 2018-01-09 Baidu Online Network Technology (Beijing) Co., Ltd. Communication method, apparatus and system based on voiceprint
US9554273B1 (en) 2015-09-04 2017-01-24 International Business Machines Corporation User identification on a touchscreen device
US10082954B2 (en) 2015-09-04 2018-09-25 International Business Machines Corporation Challenge generation for verifying users of computing devices
US10599330B2 (en) 2015-09-04 2020-03-24 International Business Machines Corporation Challenge generation for verifying users of computing devices
US10275972B2 (en) 2017-05-18 2019-04-30 Bank Of America Corporation System for generating and providing sealed containers of traceable resources
US10922930B2 (en) 2017-05-18 2021-02-16 Bank Of America Corporation System for providing on-demand resource delivery to resource dispensers
US10515518B2 (en) 2017-05-18 2019-12-24 Bank Of America Corporation System for providing on-demand resource delivery to resource dispensers
US10217084B2 (en) 2017-05-18 2019-02-26 Bank Of America Corporation System for processing resource deposits
US11440503B2 (en) * 2018-01-30 2022-09-13 Lg Electronics Inc. Vehicle terminal and control method of transportation system including same
CN108900368A (en) * 2018-04-12 2018-11-27 广东电网有限责任公司佛山供电局 A kind of regulator control system and peace are from bi-directional data proofreading method between system
US10810451B2 (en) * 2018-07-09 2020-10-20 Capital One Services, Llc ATM with biometric security
US20200042811A1 (en) * 2018-07-09 2020-02-06 Capital One Services, Llc Atm with biometric security
US11444941B2 (en) * 2019-04-08 2022-09-13 Cisco Technology, Inc. Multifactor derived identification

Also Published As

Publication number Publication date
US20030120934A1 (en) 2003-06-26
US7793109B2 (en) 2010-09-07

Similar Documents

Publication Publication Date Title
US7793109B2 (en) Random biometric authentication apparatus
US8499164B2 (en) Biometric authentication utilizing unique biometric signatures and portable electronic devices
US20150172287A1 (en) Biometric security and authentication for a mobile device
Bolle et al. Guide to biometrics
Jain et al. An introduction to biometric recognition
US8433921B2 (en) Object authentication system
Jain et al. Biometric identification
JP5039103B2 (en) A method of biometric-based authentication in wireless communication for access control
US6549118B1 (en) Security apparatus and method
WO2006041919A1 (en) Security alarm notification using iris detection systems
US20080005578A1 (en) System and method for traceless biometric identification
US20100174914A1 (en) System and method for traceless biometric identification with user selection
Podio Personal authentication through biometric technologies
Braghin Biometric authentication
Armington et al. Biometric authentication in infrastructure security
Rila Denial of access in biometrics-based authentication systems
Tiwari et al. Biometrics based user authentication
Kaschte Biometric authentication systems today and in the future
Camp et al. Strengths and Weaknesses of Biometrics
Asani A review of trends of authentication mechanisms for access control
Makori Integration of biometrics with cryptographic techniques for secure authentication of networked data access
KR200212183Y1 (en) Fingerprint recognition security computer monitor
Sakhare et al. M-banking verification using OTP and biometrics
Phang et al. Hazards of Biometric Authentication in Practice
Sector Biometrics and Standards

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION

AS Assignment

Owner name: MESA DIGITAL LLC,NEW MEXICO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ORTIZ, LUIS M.;LOPEZ, KERMIT;REEL/FRAME:024071/0804

Effective date: 20100312

Owner name: MESA DIGITAL LLC, NEW MEXICO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ORTIZ, LUIS M.;LOPEZ, KERMIT;REEL/FRAME:024071/0804

Effective date: 20100312

AS Assignment

Owner name: RANDOM BIOMETRICS, LLC, TEXAS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MESA DIGITAL, L.L.C.;REEL/FRAME:026182/0517

Effective date: 20110425

AS Assignment

Owner name: MESA DIGITAL, LLC, NEW MEXICO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:RANDOM BIOMETRICS, LLC;REEL/FRAME:037763/0235

Effective date: 20160218

AS Assignment

Owner name: IP VENUE, LLC, NEW MEXICO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MESA DIGITAL, LLC;REEL/FRAME:048724/0596

Effective date: 20190227