Search Images Maps Play YouTube News Gmail Drive More »
Sign in
Screen reader users: click this link for accessible mode. Accessible mode has the same essential features but works better with your reader.

Patents

  1. Advanced Patent Search
Publication numberUS20030115490 A1
Publication typeApplication
Application numberUS 10/194,949
Publication dateJun 19, 2003
Filing dateJul 12, 2002
Priority dateJul 12, 2001
Also published asEP1573426A2, EP1573426A4, US7197168, US7751595, US20030101348, US20030115475, US20030126448, US20070274575, WO2003007121A2, WO2003007121A3, WO2003007121B1, WO2003007125A2, WO2003007125A3, WO2003007125A9, WO2003007127A2, WO2003007127A3, WO2003007127A9
Publication number10194949, 194949, US 2003/0115490 A1, US 2003/115490 A1, US 20030115490 A1, US 20030115490A1, US 2003115490 A1, US 2003115490A1, US-A1-20030115490, US-A1-2003115490, US2003/0115490A1, US2003/115490A1, US20030115490 A1, US20030115490A1, US2003115490 A1, US2003115490A1
InventorsAnthony Russo, Peter McCoy, Thorsten Roske
Original AssigneeRusso Anthony P., Mccoy Peter A., Thorsten Roske
Export CitationBiBTeX, EndNote, RefMan
External Links: USPTO, USPTO Assignment, Espacenet
Secure network and networked devices using biometrics
US 20030115490 A1
Abstract
A biometric data sample is taken and compared with stored biometric data. If the biometric data sample matches stored data, access to a secure data storage module is enabled. The secure data storage module contains data necessary for successful communication with a server, as detailed further below. Accordingly, a biometric data match enables sensitive data retrieval, and ultimately secure communication with another device. In a preferred embodiment, the Subscriber Identity Module (SIM) in a GSM phone provides stored biometric data and processing capabilities for the matching function within a cellular phone. By storing biometric data on the SIM (a type of smart card) and performing the biometric matching process on the SIM, the need to transmit or store biometric data in a way that leaves it available for retrieval or tampering is minimized.
Images(7)
Previous page
Next page
Claims(23)
We claim:
1. A method for secure communication with a server, wherein said secure communication requires encryption information, said method comprising:
obtaining a biometric data sample;
comparing said biometric data sample to stored biometric data;
enabling access to said sensitive data if said biometric data sample matches said stored biometric data; and
communicating with said server using said sensitive data.
2. A method according to claim 1, wherein said secure communication comprises communicating message information, said communicating step further comprising encrypting said message information using said sensitive data.
3. A method according to claim 1, wherein said obtaining comprises processing a fingerprint scan.
4. A method according to claim 1, wherein said obtaining comprises processing an image.
5. A method according to claim 4, wherein said image is a facial image.
6. A method according to claim 1, wherein said obtaining comprises processing a speech sample.
7. A method according to claim 1, wherein said sensitive data includes a private encryption key.
8. A method according to claim 1, further comprising processing said biometric data sample.
9. A method for secure communication between a server and mobile device comprising:
obtaining a biometric data sample;
comparing said biometric data sample to stored biometric data;
transmitting acceptance result to said server if said biometric data sample matches said stored biometric data.
10. A device for securely communicating with a server, said device comprising:
a biometric sensor;
a secure data storage module containing stored biometric data and sensitive data required for communication with said server, in electronic communication with said biometric sensor;
matching logic in electronic communication with said sensor and said biometric data memory; and
a verification processor in electronic communication with said matching logic and said secure data storage module.
11. The device of claim 10, wherein said matching logic is provided on a SIM card.
12. The device of claim 10, wherein said matching logic is provided on a smart card.
13. The device of claim 10, wherein said verification processor is provided within a cellular phone.
14. The device of claim 13, wherein said biometric sensor is on a front surface of said cellular phone.
15. The device of claim 13, wherein said biometric sensor is on a rear surface of said cellular phone.
16. The device of claim 13, wherein said biometric sensor is below a keypad on a surface of said cellular phone.
17. The device of claim 13, wherein said biometric sensor is on a side surface of said cellular phone.
18. The device of claim 13, wherein said biometric sensor is embedded in a key on said cellular phone.
19. The device of claim 18, wherein said key is an ON key.
20. A device according to claim 10, further comprising an input device associated with said verification processor and wherein said biometric sensor is located on said input device.
21. A device according to claim 10, further comprising a display device associated with said verification processor and wherein said biometric sensor is located on said display device.
22. A device according to claim 10, wherein said verification processor is provided within a personal digital assistant.
23. A computer program product comprising a computer-readable memory encoded with an instruction set that when executed:
processes a biometric data sample;
compares said biometric data sample with stored biometric data;
enables access to sensitive data if said biometric data sample matches said stored biometric data; and
transmits an acceptance result.
Description
    RELATED APPLICATIONS
  • [0001]
    This application claims the benefit under 35 U.S.C. §119 and/or 35 U.S.C. §120 of the filing date of: U.S. Provisional Application Serial No. 60/305,120, filed Jul. 12, 2001, which is hereby incorporated by reference. and entitled SYSTEM, METHOD, DEVICE AND COMPUTER PROGRAM FOR NON-REPUDIATED WIRELESS TRANSACTIONS; U.S. patent application Ser. No. 10/099,554 filed Mar. 13, 2002 and entitled SYSTEM, METHOD, AND OPERATING MODEL FOR MOBILE WIRELESS NETWORK-BASED TRANSACTION AUTHENTICATION AND NON-REPUDIATION; and U.S. patent application Ser. No. 10/099,558 filed Mar. 13, 2002 and entitled FINGERPRINT BIOMETRIC CAPTURE DEVICE AND METHOD WITH INTEGRATED ON-CHIP DATA BUFFERING; each of which applications are incorporated by reference herein.
  • [0002]
    This application further relates to the following co-pending applications:
  • [0003]
    U.S. application Ser. No. 10/______, filed ______, entitled “METHOD AND SYSTEM FOR DETERMINING CONFIDENCE IN A DIGITAL TRANSACTION” (Attorney Docket No. A-70779/RMA/JML);
  • [0004]
    U.S. application Ser. No. 10/______, filed ______, entitled “BIOMETRICALLY ENHANCED DIGITAL CERTIFICATES AND SYSTEM AND METHOD FOR MAKING AND USING” (Attorney Docket No. A-70596/RMA/JML); and
  • [0005]
    U.S. application Ser. No. 10/______, filed ______, entitled “METHOD AND SYSTEM FOR BIOMETRIC IMAGE ASSEMBLY FROM MULTIPLE PARTIAL BIOMETRIC FRAME SCANS” (Attorney Docket No. A-70591/RMA/JML); all of which are hereby incorporated by reference.
  • FIELD OF THE INVENTION
  • [0006]
    This invention pertains generally to device, user, and transaction verification and authentication devices, systems, and methods; and more particularly to devices employing device, user, and transaction verification, authentication, and non-repudiation systems and methods for mobile wireless applications that capture and utilize biometric data for transaction verification and authentication.
  • BACKGROUND OF THE INVENTION
  • [0007]
    The security and integrity of information systems depends in part on authentication of individual users, that is accurately and reliably determining the identity of a user attempting to use the system. Once a user is authenticated, a system is then able to authorize the user to retrieve certain information or perform certain actions appropriate to the system's understanding of the user's identity. Examples of such actions include downloading a document, completing a financial transaction, or digitally signing a purchase.
  • [0008]
    A number of methods have been developed for authenticating users. Generally, as will be understood by those skilled in the art, authentication methods are grouped into three categories, also called authentication factors: 1) something you know—a secret such as a password or a PIN or other information; 2) something you have—such as a smartcard, the key to a mechanical lock, an ID badge, or other physical object; and 3) something you are—a measure of a person such as a fingerprint or voiceprint. Each method has advantages and disadvantages including those relating to ways that a system may be fooled into accepting a normally unauthorized user in cases where, for example, a password has been guessed or a key has been stolen.
  • [0009]
    The third category above—referred to herein as ‘something you are’ authentication methods—are the subject of the biometrics field. Biometric identification is used to verify the identity of a person by measuring selected features of some physical characteristic and comparing those measurements with those filed for the person in a reference database or stored in a token (such as a smartcard) carried by the person. Physical characteristics that are used today include fingerprints, voiceprints, hand geometry, the pattern of blood vessels on the wrist or on the retina of the eye, the topography of the iris of the eye, facial patterns, and the dynamics of writing a signature or typing on a keyboard. Biometric identification methods are widely used today for securing physical access to buildings and securing data networks and personal computers.
  • [0010]
    Many present biometric systems store a user's biometric data in a file on a workstation or a server where they could be retrieved or tampered with by unauthorized parties—or transmit biometric data over a medium that could be eavesdropped. This could compromise the user's privacy or the security and integrity of the information systems dependent on biometric authentication.
  • [0011]
    At present, systems requiring user authentication from mobile devices—such as PDAs or mobile phones—usually use passwords or PIN codes, i.e., “something you know” authentication. However, mobile devices typically have small keypads, few buttons or rely on handwriting recognition for user input. These limited user-input options make entering long passwords difficult, although longer alphanumeric passwords are generally known to be “stronger” (less likely to be guessed and compromised) than, for example a 4 digit numeric PIN—allowing only ten thousand combinations.
  • [0012]
    Some mobile devices provide facilities for the secure, tamper resistant processing and storage of data separate from the main processing and storage facility of the device. Mobile phones adhering to the Global System for Mobile Communications (GSM) body of standards use a Subscriber Identity Module, or SIM, which is a “smart card” that provides secure storage and processing facilities for the phone. SIMs are generally known in the art, see for example, “Digital cellular telecommunications system (Phase 2); Specification of the Subscriber Identity Module—Mobile Equipment (SIM—ME) interface (GSM 11.11 version 4.21.1) published by European Telecommunications Standards Institute (ETSI) of Valbonne, France, document ETS 300 608, ninth edition, December 1999, hereby incorporated by reference. The SIM contains and protects sensitive information that the phone uses to identify itself on and participate in a GSM network.
  • [0013]
    Accordingly, there is a need for a biometric authentication system that provides accurate, reliable identification of a user or transaction where the biometric data is stored and transmitted securely—that is, where the privacy of users as well as integrity of transactions is maintained.
  • [0014]
    Therefore, it is an object of the present invention to provide a secure biometric authentication system that leverages the strengths of ‘what you have’ authentication systems as well as biometric—‘what you are’ authentication systems. It is a further object of the present invention to provide a mobile device capable of using a secure biometric authentication system.
  • SUMMARY
  • [0015]
    In a first embodiment, the present invention provides a method for secure communication with a server, wherein said secure communication requires encryption information, said method comprising obtaining a biometric data sample, comparing said biometric data sample to stored biometric data, enabling access to said sensitive data if said biometric data sample matches said stored biometric data, and communicating with said server using said sensitive data.
  • [0016]
    In some embodiments of the method, secure communication comprises communicating message information, said communicating further comprises encrypting the message information using said sensitive data.
  • [0017]
    In some embodiments, obtaining a biometric data sample comprises processing a fingerprint scan. In other embodiments, obtaining a biometric data sample comprises processing an image, which may be, for example, a facial image. In still other embodiments, obtaining a biometric data sample comprises processing a speech sample.
  • [0018]
    In some embodiments, the sensitive data includes a private encryption key.
  • [0019]
    Some embodiments of a method according to the present invention further comprise processing said biometric data sample.
  • [0020]
    Other embodiments of the present invention provide methods for secure communication between a server and mobile device comprising obtaining a biometric data sample, comparing said biometric data sample to stored biometric data, and transmitting acceptance result to said server if said biometric data sample matches said stored biometric data.
  • [0021]
    Still other embodiments of the present invention provide devices for securely communicating with a server, said device comprising a biometric sensor, a secure data storage module containing stored biometric data and sensitive data required for communication with said server, in electronic communication with said biometric sensor, matching logic in electronic communication with said sensor and said biometric data memory, and a verification processor in electronic communication with said matching logic and said secure data storage module.
  • [0022]
    In some embodiments, the matching logic is provided on a smart card. In some preferred embodiments, the matching logic is provided on a SIM card.
  • [0023]
    In some embodiments, the verification processor is provided within a cellular phone. The biometric sensor may be on a front surface, on a rear surface, below a keypad on a surface, on a side surface, or embedded in a key, such as an ON key, of said cellular phone.
  • [0024]
    In some embodiments, the device further comprises an input device associated with said verification processor and the biometric sensor is located on said input device. In other embodiments, the device further comprises a display device associated with said verification processor and said biometric sensor is located on said display device.
  • [0025]
    In still other embodiments, the verification processor is provided within a personal digital assistant.
  • [0026]
    In another aspect of the present invention, a computer program product comprising a computer-readable memory is provided, where the computer-readable memory is encoded with an instruction set that, when executed, processes a biometric data sample, compares said biometric data sample with stored biometric data, enables access to sensitive data if said biometric data sample matches said stored biometric data, and transmits an acceptance result.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • [0027]
    The present invention may be better understood, and its features and advantages made apparent to those skilled in the art by referencing the accompanying drawings.
  • [0028]
    [0028]FIG. 1 is a diagrammatic illustration of a secure networked device using biometrics according to an embodiment of the present invention.
  • [0029]
    [0029]FIG. 2 is a diagram of the initiation of an authentication process.
  • [0030]
    [0030]FIG. 3 is a diagram of the authentication process after a matching procedure has been performed.
  • [0031]
    [0031]FIG. 4 is a diagram of the matching procedure.
  • [0032]
    [0032]FIG. 5 is a schematic diagrams showing one exemplary biometric sensor placement location on a mobile phone.
  • [0033]
    [0033]FIG. 6 is a schematic diagram showing a second exemplary biometric sensor placement location on a mobile phone.
  • [0034]
    [0034]FIG. 7 is a schematic diagram showing a third exemplary biometric sensor placement location on a mobile phone.
  • [0035]
    [0035]FIG. 8 is a schematic diagram showing a fourth exemplary biometric sensor placement location on a mobile phone.
  • [0036]
    [0036]FIG. 9 is a schematic diagram showing a fifth exemplary biometric sensor placement location on a mobile phone.
  • [0037]
    [0037]FIG. 10 is a schematic diagram showing a sixth exemplary biometric sensor placement location on a mobile phone.
  • [0038]
    [0038]FIG. 11 is a schematic diagram showing a seventh exemplary biometric sensor placement location on a mobile phone.
  • DETAILED DESCRIPTION OF THE EMBODIMENTS
  • [0039]
    The invention generally provides improved privacy and security in biometric systems. Briefly, private and secure communication between a user device and a server (or another user or administrator or service provider device) proceeds as follows. A biometric data sample is taken and compared with stored biometric data. If the biometric data sample matches stored data, access to a secure data storage module is enabled. The secure data storage module contains data necessary for successful communication with a server, as detailed further below. Accordingly, a biometric data match enables sensitive data retrieval, and ultimately secure communication with another device.
  • [0040]
    In preferred embodiments of the present invention, the stored biometric data and advantageously, but optionally, the matching procedure is performed within a smart card or other smart “what you have” token. In a preferred embodiment, the Subscriber Identity Module (SIM) in a GSM phone provides stored biometric data and processing capabilities for the matching function within the phone. By storing biometric data on the SIM (a type of smart card) and performing the biometric matching process on the SIM, the need to transmit or store biometric data in a way that leaves it available for retrieval or tampering is minimized.
  • [0041]
    Accordingly, devices suitable for use with the present invention include substantially any device suited for electronic communication with a network server (or any other device). Generally, any device for which user authentication is desired may utilize the systems and methods of the present invention, with mobile devices being particularly preferred. FIG. 1 schematically illustrates device 101 according to an embodiment of the present invention. In a preferred embodiment, device 101 comprises a mobile phone. Mobile phones utilizing the global system for mobile communications (GSM) protocol are particularly preferred, such as the Handspring™ Treo™ 270 (Handspring, Inc.; Mountain View, Calif.). In other embodiments, other protocols may be used, including code division multiple access (CDMA), time division multiple access (TDMA) protocol, and PCS protocols. Other devices suitable for use with the present invention include personal digital assistants (PDA), laptop computers, personal computers, televisions, telephones, and other terminals such as payment stations, point-of-sale stations, cash registers, Automated Teller Machines (ATMs), and related devices.
  • [0042]
    Generally, device 101 interacts with network server 102. The network server, as used herein, may generally be any device with which device 101 carries out a communication. In a preferred embodiment, network server 102 is an Internet web server with which the device communicates for the manipulation and display of private information as in the case of stock purchases or banking. Any number of transactions, including transfer and analysis of medical data, any other purchases, insurance information, data transfer, or the like. Network server 102 may alternatively represent a cellular base station, another user device (such as another cellular phone, laptop, PDA, etc), or a server machine. Suitable web servers are known in the art and include Apache and Jakarta Tomcat from the Apache Software Foundation (The Apache Software Foundation; Forest Hill, Md.), WebsphereŽ from IBM (IBM Corporation; White Plains, N.Y.), Sun™ ONE from Sun Microsystems (Sun Microsystems, Inc; Santa Clara, Calif.), and Internet Information Server from Microsoft™ (Microsoft Corporation; Redmond, Wash.).
  • [0043]
    In a preferred embodiment, a plurality of devices, including device 101, communicate with network server 102. Generally, anywhere from one to millions of devices may advantageously communicate with server 102. The number of devices in communication with server 102 at any time will vary according to user traffic and server capacity.
  • [0044]
    Networking capability component 103 is integral to device 101 and provides device 101 with its means of connecting to a network, which may be wired or wireless. Component 103 may be, for example, an antenna and associated transmitter and receiver in a cellular phone, or an Ethernet connection for a personal computer. In a preferred embodiment, component 103 represents the antenna, transmitter and receiver of a GSM mobile phone, which allows the phone to communicate with server 102.
  • [0045]
    Device 101 contains verification processor 104, which is in electronic communication with networking capability component 103, and integral to device 101. Verification processor 104 here generally comprises a CPU and RAM component and provides the device with a general purpose computing capability adequate for the execution of necessary software to support functions described herein, including network communications and the local processing of biometric data. In some embodiments, processor 104 also performs the processing necessary-for the transmission of data. In one embodiment, a 33 MHz Motorola Dragonball CPU with 16 MB RAM in a Handspring Treo 270 GSM cellular phone is sufficient to perform functions described herein, although the particular processor and RAM utilized will vary according to the device and server used, the desired functionality, and the efficiency of the software.
  • [0046]
    Secure storage module 105 provides device 101 with secure non-volatile data storage. Secure storage module 105 is at least in electronic communication with verification processor 104. In some embodiments, secure storage module 105 is integral to device 101. In other embodiments, secure storage—module 105 is integral to smart card or SIM 106, described further below, and brought into electronic communication with verification processor 104 during operation. In still other embodiments, another form a secure storage, such as a separate memory card, may be used.
  • [0047]
    Data for which protection and security is desired—‘sensitive data’, ‘sensitive information’, or ‘secure data’ as used herein—is stored in secure storage module 105. Further as used herein, for secure communication between device 101 and network server 102, secure storage module 105 is encoded with data required for communication with network server 102—such as a private key, in one embodiment. Sensitive information in storage module 105 may only be accessed when unlocked after a biometric data match. That is, secure storage module 105 is in electronic communication with verification processor 104, but verification processor 104 may only access sensitive data within module 105 when the secure data module receives an unlocking signal from an object owned by the authentic user—‘what you have’ authentication, as used herein. In a preferred embodiment, that unlocking object is smart card or SIM 106.
  • [0048]
    In some embodiments, verification processor 104 cannot read or write data to or from secure storage module 105 unless the storage module is unlocked. In other embodiments, verification processor 104 can write data to storage module 105, but cannot read data from storage module 105 without it being unlocked. In still other embodiments, verification processor 104 can read data from storage module 105, but cannot write data to storage module 105 without it being unlocked.
  • [0049]
    Sensitive information, that is data stored by module 105 generally may include two types of data—(1) data required for communication with network server 102 including encryption keys (for example, private keys used in asymmetric ciphers, other passwords, codes, and the like; and (2) stored biometric data—that is, reference biometric data which will be compared to a biometric data sample. In another embodiment, data required for communication, such as encryption keys are stored by module 105 while reference biometric data is stored in a separate stored biometric data module. Stored, or ‘reference’ biometric data may include one or more of the following—biometric templates or other stored biometric data including fingerprint data, voice information, facial feature data, retinal scan information, and the like.
  • [0050]
    In other embodiments of the invention, secure storage module may contain other personal information including, but not limited to, biographical data including, for example, name, address, age, business data including credit card numbers, credit ratings, insurance policy numbers, medical data—including, for example, genetic data, medical history, blood type, prescription information, etc., bank account numbers and balances, purchasing history, financial portfolio information, stock information, and the like.
  • [0051]
    Smart Card or SIM 106 provides the device with a “smart card” computing facility such as that of a SIM card used in GSM phones. In one embodiment, smart card 106 contains matching logic 110, capable of performing biometric matching of fingerprint, voice, facial features, and/or other biometric authentication methods. In another embodiment, matching logic 110 is integral to device 101, and secure data storage module 105 resides on smart card 106. Smart card 106 is in electronic communication with, or capable of being brought into electronic communication with, verification processor 104. Further, smart card 106 is capable of being brought into electronic communication with matching logic 110 in embodiments where logic 110 is not resident within smart card 106.
  • [0052]
    Biometric sensor component 107 provides the device with a means of collecting biometric information from the user of the device 101, such as a fingerprint sensor for fingerprint matching, microphone for voiceprint matching, or camera for facial geometry, retina, or iris matching. A wide variety of sensors are known in the art, such as the Veridicom FPS 200 (Veridicom, Inc.; Sunnyvale, Calif.) or Atmel Fingerchip™ fingerprint sensors (Atmel Corporation; San Jose, Calif.), and substantially any sensor capable of recording information about an individual may be employed—those that record blood type, genetic information, and the like. In a preferred embodiment, the biometric sensor is a fingerprint sensor. In a preferred embodiment, biometric sensor 107 is integrated with or adhered to a surface of device 101. In other embodiments, biometric sensor 107 is electronically coupled to device 101. In some embodiments, a plurality of biometric sensors are provided.
  • [0053]
    The present invention further provides methods for accessing sensitive information and securely authenticating a user. FIG. 2 illustrates the initiation of a method according to a preferred embodiment of securely authenticating a device's user. Those skilled in the art will readily appreciate that the method can generally be extending to providing secure communications between devices and providing secured access to sensitive data. The authentication procedure generally begins when access to sensitive information is requested, or when secure communication with another device is initiated. A biometric data sample is obtained in step 203—which may also represent the step of prompting a user to initiate a biometric data sampling activity. Generally, the biometric data sample will be obtained through use of a biometric sensor, described above—including, for example a fingerprint sensor.
  • [0054]
    For example, a user may be prompted to place or swipe his/her finger over a fingerprint sensor, speak a passphrase into a microphone for voice recognition systems, look into a camera for face recognition, or perform some other data-generating action, thereby generating a raw biometric data sample. A variety of biometrics are known in the art—see for example “A Practical Guide to Biometric Security Technology”, Simon Liu and Mark Silverman, IEEE Computer Society, IT Pro—Security, January-February, 2001, hereby incorporated by reference. In some embodiments, only one such action is required. In other embodiments, two or more such biometric data samples are required—either multiple instances of the same action (two or more fingerprint scans, for example), or a combination of actions (a fingerprint scan and speaking a passphrase, for example).
  • [0055]
    The device then processes the raw biometric data sample (or samples), such as fingerprint images or audio waveforms, in step 204, to put the samples in a form suitable for submission to match logic 110 for matching. In some embodiments, match logic 110 performs a searching function, where a stored collection of biometric data is searched for a match to the biometric data sample. Processing 204 may include the reduction of the raw biometric data to a biometric template as is well known for various biometric methods. See, for example, A. K. Jain, L. Hong, S. Pankanti and R. Bolle; “An Identity Authentication System Using Fingerprints”, Proc. IEEE Vol. 85, No. 9, pp. 1365-1388, 1997; D. Maio, D. Maltoni: “Direct Gray-scale Minutiae Detection in Fingerprints”, IEEE Trans. On Pattern Analysis and Machine Intelligence, Vol. 19, No. 1, pp. 27-40, 1997; and W. M. Campbell and C. C. Broun, Text-Prompted Speaker Recognition with Polynomial Classifiers, Motorola Human Interface Laboratory, 2001, all of which are hereby incorporated by reference. Device 101 submits the biometric data for secure biometric match (or search) by match logic 110 in step 205. Procedures performed by match logic 110 are described further below.
  • [0056]
    In FIG. 3, match logic 110 returns a match result in step 208 indicating acceptance or rejection of the sampled biometric data against the stored biometric reference template (or set of templates). General methods to establish an acceptable match are well known in the art and include, for example, statistical methods, piecewise linear classifiers, and rule-based methods. See for example, R. O. Duda, P. E. Hart and D. G. Stork, Pattern Classification (2nd Edition), Wiley-Interscience, 2000, incorporated herein by reference. See also A. K. Jain, A. Ross and S. Prabhakar, “Fingerprint Matching Using Minutiae and Texture Features”, Proc. ICIP, Thessaloniki, pp. 282-285, October 2001, for an example of a fingerprint match algorithm. If the match is accepted, then verification processor 104 requests and retrieves sensitive data from storage module 105 in step 209. In a preferred embodiment, the user's private encryption key and/or other secure local data necessary to complete, sign, and submit information to server 102 is retrieved. The acceptance result is signed, (or a message is signed) using the retrieved sensitive information, and is sent to network server 102 in step 210 notifying the server that the match was accepted. If the match is rejected, then verification processor 104 submits a notification to network server 102 that the match was rejected in step 211. The network server can then use the acceptance or rejection notification to provide or restrict the user's access to information stored on the server, or allow or reject communication with the user as appropriate.
  • [0057]
    In embodiments where a plurality of biometric data samples are taken, a predetermined number of samples must receive a match before secure data may be accessed.
  • [0058]
    [0058]FIG. 4 is a schematic outline of a biometric matching process according to an embodiment of the present invention—this process will generally be performed by matching logic 110. In a preferred embodiment, the process outlined in FIG. 3 is performed within smart card 106. In other embodiments, the process activity is shared between smart card 106 and components integral to device 101. A biometric data sample (either raw or a processed template) is submitted in step 301. Matching logic 110 then matches, step 302, the submitted data to a reference template stored in secure data storage component 105—or elsewhere within device 101 or smart card 106. As discussed above, matching procedures are well known for various biometric methods and generally involve determining if the template data of the previously enrolled biometric matches the template data of the recently scanned biometric to within a predetermined tolerance level. If the match is accepted, step 303. then matching logic 110 unlocks secure data storage component 105 in step 304 by issuing an unlocking command, enabling verification processor 104 (or another module of device 101) temporary access to contents of storage component 105 and returns, step 305, an accept result to verification processor 104. Suitable interfaces for communicating with, and unlocking, secure data storage component 105 will vary according to the embodiment of the component and associated processors and are known in the art, for example, JavaCard™ API (Sun Microsystems, Inc; Santa Clara, Calif.). If the match is rejected, step 303, then matching logic 110 does not unlock the secure data storage component 105, but rather returns, step 306, a reject result to verification processor 104.
  • [0059]
    In some embodiments, a user is given another opportunity to provide a biometric sample—such as to take another image of facial features, speak the passphrase again, or take another fingerprint scan if a first match is rejected. In other embodiments, the secure data storage component remains locked for a predetermined period or permanently after a rejected scan, or after a predetermined number of rejected scans.
  • [0060]
    FIGS. 5-11 depict a variety of physical locations at which a biometric sensor, such as fingerprint sensor 500, may be placed on a mobile phone. These exemplary locations are identified respective of a mobile phone but it will be appreciated that the biometric sensor may be placed on a great variety of physical locations on any device with which the biometric sensor will be used. FIG. 5 displays sensor 500 on front surface 510 of phone 520 along top surface 525. FIG. 6 displays sensor 500 on front surface 510 below keypad 505. FIGS. 7 and 8 depict sensor 500 on the right side 403 and left side 406 of phone 520. FIGS. 9 and 10 depict two locations of sensor 500 on back surface 550 of mobile phone 520. Sensor 500 may also be located on a battery pack. In some embodiments, as shown in FIG. 11, fingerprint sensor 500 may be embedded within one or more keys—including the ON key or power key—on the keypad 505 itself. Embedding it in the on key may provide for optional and user friendly identity verification at the time of device power-up or wake from a sleep mode. Biometric sensors may generally be placed on or embedded in any input device including mice, pens and wands, for example a Touchpad™ mouse (Synaptics, Inc.; San Jose, Calif.). Further, a biometric sensor may be placed on or embedded in part of an integrated display or an associated display device. Optionally providing an automatic turn off or deactivation of the biometric sample after some predetermined time may add additional security. In another embodiment, a biometric sensor is embedded in a display screen of a device. In other embodiments, a biometric sensor is not permanently attached to the device, but rather is capable of being brought into electronic communication with the device. That is, an external sensor, such as a camera or other sensor, could plug into the device or communicate with the device through a wireless interface. For example, an add-on keyboard comprising a biometric sensor may plug into the device, in one embodiment. In another embodiment, a network card or memory card for use in the device comprises a biometric sensor. In another embodiment, a biometric sensor is in wireless communication with the device through known protocols such as, for example, BlueTooth.
  • [0061]
    The invention may advantageously implement the methods and procedures described herein on a general purpose or special purpose computing device, such as a device having a processor for executing computer program code instructions and a memory coupled to the processor for storing data and/or commands. It will be appreciated that the computing device may be a single computer or a plurality of networked computers and that the several procedures associated with implementing the methods and procedures described herein may be implemented on one or a plurality of computing devices. In some embodiments the inventive procedures and methods are implemented on standard server-client network infrastructures with the inventive features added on top of such infrastructure or compatible therewith.
  • [0062]
    Those skilled in the art will readily appreciate that the inventive concepts described herein are readily applicable and operable in a variety of communications devices to secure transactions and sensitive data. The examples provided above are intended to be instructive and illustrative and are not intended to limit the invention to a specific embodiment, device, or data type described. Further, a variety of implementations are possible placing certain functions or groups of functions on the ‘what you have’ authentication object—such as a smart card. Generally, the methods and devices described herein require some function or data to be performed within or stored on a ‘what you have’ authentication object. Examples of those functions and data are given, but are not intended to be limiting.
Patent Citations
Cited PatentFiling datePublication dateApplicantTitle
US4222076 *Sep 15, 1978Sep 9, 1980Bell Telephone Laboratories, IncorporatedProgressive image transmission
US4405829 *Dec 14, 1977Sep 20, 1983Massachusetts Institute Of TechnologyCryptographic communications system and method
US4558372 *Jan 19, 1984Dec 10, 1985Tektronix, Inc.Scanning method and apparatus
US4654876 *Dec 19, 1984Mar 31, 1987Itek CorporationDigital image motion correction method
US4993068 *Nov 27, 1989Feb 12, 1991Motorola, Inc.Unforgeable personal identification system
US5144448 *Jul 31, 1990Sep 1, 1992Vidar Systems CorporationScanning apparatus using multiple CCD arrays and related method
US5155597 *Nov 28, 1990Oct 13, 1992Recon/Optical, Inc.Electro-optical imaging array with motion compensation
US5227839 *Jun 24, 1991Jul 13, 1993Etec Systems, Inc.Small field scanner
US5230148 *Apr 19, 1991Jul 27, 1993Metal Leve S/A Industria E ComercioMethod for the manufacture of a cooled engine piston head
US5293323 *Oct 24, 1991Mar 8, 1994General Electric CompanyMethod for fault diagnosis by assessment of confidence measure
US5444478 *Dec 28, 1993Aug 22, 1995U.S. Philips CorporationImage processing method and device for constructing an image from adjacent images
US5453777 *Apr 12, 1993Sep 26, 1995Presstek, Inc.Method and apparatus for correcting and adjusting digital image output
US5458256 *Apr 19, 1994Oct 17, 1995May-Wes Manufacturing, Inc.Slide lid
US5559961 *Aug 30, 1995Sep 24, 1996Lucent Technologies Inc.Graphical password
US5576763 *Nov 22, 1994Nov 19, 1996Lucent Technologies Inc.Single-polysilicon CMOS active pixel
US5576769 *Jun 3, 1994Nov 19, 1996Thomson Consumer Electronics, Inc.Automatic synchronization switch for side-by-side displays
US5577120 *May 1, 1995Nov 19, 1996Lucent Technologies Inc.Method and apparatus for restrospectively identifying an individual who had engaged in a commercial or retail transaction or the like
US5602585 *Dec 22, 1994Feb 11, 1997Lucent Technologies Inc.Method and system for camera with motion detection
US5623552 *Aug 15, 1995Apr 22, 1997Cardguard International, Inc.Self-authenticating identification card with fingerprint identification
US5625304 *Apr 21, 1995Apr 29, 1997Lucent Technologies Inc.Voltage comparator requiring no compensating offset voltage
US5631704 *Oct 14, 1994May 20, 1997Lucent Technologies, Inc.Active pixel sensor and imaging system having differential mode
US5668874 *Feb 28, 1995Sep 16, 1997Lucent Technologies Inc.Identification card verification system and method
US5671279 *Nov 13, 1995Sep 23, 1997Netscape Communications CorporationElectronic commerce using a secure courier system
US5673123 *Jun 30, 1994Sep 30, 1997Lucent Technologies Inc.Methods and means for processing images
US5739562 *Aug 1, 1995Apr 14, 1998Lucent Technologies Inc.Combined photogate and photodiode active pixel image sensor
US5764789 *Sep 27, 1996Jun 9, 1998Smarttouch, LlcTokenless biometric ATM access system
US5768439 *Mar 22, 1995Jun 16, 1998Hitachi Software Engineering Co., Ltd.Image compounding method and device for connecting a plurality of adjacent images on a map without performing positional displacement at their connections boundaries
US5774525 *Aug 14, 1997Jun 30, 1998International Business Machines CorporationMethod and apparatus utilizing dynamic questioning to provide secure access control
US5812704 *Nov 29, 1994Sep 22, 1998Focus Automation Systems Inc.Method and apparatus for image overlap processing
US5825907 *Jul 11, 1997Oct 20, 1998Lucent Technologies Inc.Neural network system for classifying fingerprints
US5835141 *Jul 3, 1996Nov 10, 1998Lucent Technologies Inc.Single-polysilicon CMOS active pixel image sensor
US5864296 *May 19, 1997Jan 26, 1999Trw Inc.Fingerprint detector using ridge resistance sensor
US5903225 *May 16, 1997May 11, 1999Harris CorporationAccess control system including fingerprint sensor enrollment and associated methods
US5920640 *May 16, 1997Jul 6, 1999Harris CorporationFingerprint sensor and token reader and associated methods
US5963679 *Jan 26, 1996Oct 5, 1999Harris CorporationElectric field fingerprint sensor apparatus and related methods
US5987156 *Nov 25, 1996Nov 16, 1999Lucent TechnologiesApparatus for correcting fixed column noise in images acquired by a fingerprint sensor
US5991408 *May 16, 1997Nov 23, 1999Veridicom, Inc.Identification and security using biometric measurements
US6003135 *Jun 4, 1997Dec 14, 1999Spyrus, Inc.Modular security device
US6016355 *Dec 15, 1995Jan 18, 2000Veridicom, Inc.Capacitive fingerprint acquisition sensor
US6016476 *Jan 16, 1998Jan 18, 2000International Business Machines CorporationPortable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US6038666 *Dec 22, 1997Mar 14, 2000Trw Inc.Remote identity verification technique using a personal identification device
US6047268 *Nov 4, 1997Apr 4, 2000A.T.&T. CorporationMethod and apparatus for billing for transactions conducted over the internet
US6049620 *May 13, 1997Apr 11, 2000Veridicom, Inc.Capacitive fingerprint sensor with adjustable gain
US6069970 *Apr 27, 1999May 30, 2000Authentec, Inc.Fingerprint sensor and token reader and associated methods
US6097418 *Mar 24, 1998Aug 1, 2000Agfa CorporationMethod and apparatus for combining a plurality of images without incurring a visible seam
US6175922 *Mar 13, 2000Jan 16, 2001Esign, Inc.Electronic transaction systems and methods therefor
US6177950 *Jan 17, 1997Jan 23, 2001Avt Audio VisualMultifunctional portable telephone
US6192142 *Feb 2, 1999Feb 20, 2001Smarttouch, Inc.Tokenless biometric electronic stored value transactions
US6195447 *Jan 16, 1998Feb 27, 2001Lucent Technologies Inc.System and method for fingerprint data verification
US6195471 *Mar 24, 1998Feb 27, 2001Agfa CorporationMethod and apparatus for combining a plurality of images at random stitch points without incurring a visible seam
US6202151 *Dec 31, 1997Mar 13, 2001Gte Service CorporationSystem and method for authenticating electronic transactions using biometric certificates
US6208264 *May 21, 1998Mar 27, 2001Automated Identification Service, Inc.Personal verification in a commercial transaction system
US6219793 *Sep 8, 1997Apr 17, 2001Hush, Inc.Method of using fingerprints to authenticate wireless communications
US6230235 *Sep 29, 1998May 8, 2001Apache Systems, Inc.Address lookup DRAM aging
US6256737 *Mar 9, 1999Jul 3, 2001Bionetrix Systems CorporationSystem, method and computer program product for allowing access to enterprise resources using biometric devices
US6260300 *Apr 21, 1999Jul 17, 2001Smith & Wesson Corp.Biometrically activated lock and enablement system
US6289114 *Jun 5, 1997Sep 11, 2001Thomson-CsfFingerprint-reading system
US6298230 *Dec 16, 1998Oct 2, 2001Siemens AktiengesellschaftRadio-operated communications terminal with navigation key
US6310966 *May 8, 1998Oct 30, 2001Gte Service CorporationBiometric certificates
US6330345 *Nov 17, 1997Dec 11, 2001Veridicom, Inc.Automatic adjustment processing for sensor devices
US6333989 *Mar 29, 1999Dec 25, 2001Dew Engineering And Development LimitedContact imaging device
US6366682 *Oct 30, 1998Apr 2, 2002Indivos CorporationTokenless electronic transaction system
US6459804 *Jun 13, 2001Oct 1, 2002Thomson-CsfFingerprint-reading system
US6501846 *Apr 24, 1998Dec 31, 2002Ethentica, Inc.Method and system for computer access and cursor control using a relief object image generator
US6518560 *Apr 27, 2000Feb 11, 2003Veridicom, Inc.Automatic gain amplifier for biometric sensor device
US6535622 *Apr 26, 1999Mar 18, 2003Veridicom, Inc.Method for imaging fingerprints and concealing latent fingerprints
US6538456 *Jan 11, 2000Mar 25, 2003Veridicom, Inc.Capacitive fingerprint sensor with adjustable gain
US6542740 *Oct 24, 2000Apr 1, 2003Litepoint, Corp.System, method and article of manufacture for utilizing a wireless link in an interface roaming network framework
US6546122 *Jul 29, 1999Apr 8, 2003Veridicom, Inc.Method for combining fingerprint templates representing various sensed areas of a fingerprint to derive one fingerprint template representing the fingerprint
US20020060243 *Nov 13, 2001May 23, 2002Janiak Martin J.Biometric authentication device for use in mobile telecommunications
US20030021495 *Mar 13, 2002Jan 30, 2003Ericson ChengFingerprint biometric capture device and method with integrated on-chip data buffering
US20030101348 *Jul 12, 2002May 29, 2003Russo Anthony P.Method and system for determining confidence in a digital transaction
US20030115475 *Jul 12, 2002Jun 19, 2003Russo Anthony P.Biometrically enhanced digital certificates and system and method for making and using
US20030126448 *Jul 12, 2002Jul 3, 2003Russo Anthony P.Method and system for biometric image assembly from multiple partial biometric frame scans
Referenced by
Citing PatentFiling datePublication dateApplicantTitle
US7197168Jul 12, 2002Mar 27, 2007Atrua Technologies, Inc.Method and system for biometric image assembly from multiple partial biometric frame scans
US7228011 *Feb 28, 2003Jun 5, 2007L-I Identity Solutions, Inc.System and method for issuing a security unit after determining eligibility by image recognition
US7242277 *Mar 11, 2003Jul 10, 2007Matsushita Electric Industrial Co., Ltd.Individual authentication device and cellular terminal apparatus
US7448087 *Jul 17, 2003Nov 4, 2008Matsushita Electric Industrial Co., Ltd.System for preventing unauthorized use of recording media
US7481364Mar 24, 2006Jan 27, 2009Privaris, Inc.Biometric identification device with smartcard capabilities
US7505613Jul 10, 2006Mar 17, 2009Atrua Technologies, Inc.System for and method of securing fingerprint biometric systems against fake-finger spoofing
US7525411Oct 11, 2005Apr 28, 2009Newfrey LlcDoor lock with protected biometric sensor
US7548981 *Mar 3, 2004Jun 16, 2009Sprint Spectrum L.P.Biometric authentication over wireless wide-area networks
US7590861 *Aug 6, 2003Sep 15, 2009Privaris, Inc.Methods for secure enrollment and backup of personal identity credentials into electronic devices
US7697729Jun 30, 2004Apr 13, 2010Authentec, Inc.System for and method of finger initiated actions
US7715593Jun 15, 2004May 11, 2010Uru Technology IncorporatedMethod and system for creating and operating biometrically enabled multi-purpose credential management devices
US7751595Feb 16, 2007Jul 6, 2010Authentec, Inc.Method and system for biometric image assembly from multiple partial biometric frame scans
US7757096 *Dec 30, 2005Jul 13, 2010Fujitsu LimitedMobile unit with fingerprint sensor and attachment structure
US7787697 *Jun 9, 2006Aug 31, 2010Sony Ericsson Mobile Communications AbIdentification of an object in media and of related media objects
US7788501Aug 12, 2008Aug 31, 2010Privaris, Inc.Methods for secure backup of personal identity credentials into electronic devices
US7805372Jun 8, 2007Sep 28, 2010Weiss Kenneth PUniversal secure registry
US7809651 *Jun 8, 2007Oct 5, 2010Weiss Kenneth PUniversal secure registry
US7831070Feb 18, 2005Nov 9, 2010Authentec, Inc.Dynamic finger detection mechanism for a fingerprint sensor
US7849312Nov 30, 2006Dec 7, 2010Atmel CorporationMethod and system for secure external TPM password generation and use
US7885436Jul 5, 2007Feb 8, 2011Authentec, Inc.System for and method of assigning confidence values to fingerprint minutiae points
US7940249Oct 31, 2006May 10, 2011Authentec, Inc.Devices using a metal layer with an array of vias to reduce degradation
US8001055Feb 21, 2007Aug 16, 2011Weiss Kenneth PMethod, system and apparatus for secure access, payment and identification
US8001372Sep 15, 2009Aug 16, 2011Privaris, Inc.Methods for secure enrollment and backup of personal identity credentials into electronic devices
US8006099 *May 19, 2005Aug 23, 2011Fujitsu LimitedSecurity management method, program, and information device
US8055906Aug 12, 2008Nov 8, 2011Privaris, Inc.Methods for secure restoration of personal identity credentials into electronic devices
US8127143Aug 12, 2008Feb 28, 2012Privaris, Inc.Methods for secure enrollment of personal identity credentials into electronic devices
US8144941May 7, 2010Mar 27, 2012Uru Technology IncorporatedMethod and system for creating and operating biometrically enabled multi-purpose credential management devices
US8149089 *Nov 21, 2008Apr 3, 2012Htc CorporationMethod for unlocking a locked computing device and computing device thereof
US8156548 *Nov 20, 2006Apr 10, 2012Future Internet Security Ip Pty Ltd.Identification and authentication system and method
US8165409Jul 22, 2010Apr 24, 2012Sony Mobile Communications AbMobile device identification of media objects using audio and image recognition
US8181031Aug 1, 2007May 15, 2012International Business Machines CorporationBiometric authentication device and system
US8186580Oct 14, 2008May 29, 2012Privaris, Inc.Biometric identification device with smartcard capabilities
US8190908 *Dec 20, 2006May 29, 2012Spansion LlcSecure data verification via biometric input
US8231056Apr 3, 2006Jul 31, 2012Authentec, Inc.System for and method of protecting an integrated circuit from over currents
US8232967 *Feb 9, 2006Jul 31, 2012Bloomberg Finance L.P.Computer keyboard with processor for audio and telephony functions
US8234220Feb 26, 2009Jul 31, 2012Weiss Kenneth PUniversal secure registry
US8242892Feb 12, 2009Aug 14, 2012International Business Machines CorporationSystem, method and program product for communicating a privacy policy associated with a radio frequency identification tag and associated object
US8261072Nov 30, 2006Sep 4, 2012Atmel CorporationMethod and system for secure external TPM password generation and use
US8271397Jun 24, 2011Sep 18, 2012Universal Secure Registry, LlcMethod and apparatus for secure access, payment and identification
US8289135Feb 12, 2009Oct 16, 2012International Business Machines CorporationSystem, method and program product for associating a biometric reference template with a radio frequency identification tag
US8301902Oct 30, 2012International Business Machines CorporationSystem, method and program product for communicating a privacy policy associated with a biometric reference template
US8327134Feb 12, 2009Dec 4, 2012International Business Machines CorporationSystem, method and program product for checking revocation status of a biometric reference template
US8359475Feb 12, 2009Jan 22, 2013International Business Machines CorporationSystem, method and program product for generating a cancelable biometric reference template on demand
US8380125 *Sep 1, 2004Feb 19, 2013Kyocera CorporationSystems and methods for bluetooth resource conservation
US8407480Mar 26, 2013Privaris, Inc.Methods for secure enrollment and backup of personal identity credentials into electronic devices
US8421890Jan 15, 2010Apr 16, 2013Picofield Technologies, Inc.Electronic imager using an impedance sensor grid array and method of making
US8478992Nov 2, 2011Jul 2, 2013Privaris, Inc.Methods for secure restoration of personal identity credentials into electronic devices
US8508339Aug 14, 2012Aug 13, 2013International Business Machines CorporationAssociating a biometric reference template with an identification tag
US8538881Sep 17, 2012Sep 17, 2013Universal Secure Registry, LlcMethod and apparatus for secure access payment and identification
US8577813Sep 20, 2011Nov 5, 2013Universal Secure Registry, LlcUniversal secure registry
US8613052Sep 16, 2011Dec 17, 2013Universal Secure Registry, LlcApparatus, system and method employing a wireless user-device
US8665062 *Jun 30, 2008Mar 4, 2014Telecom Italia S.P.A.Method and system for communicating access authorization requests based on user personal identification as well as method and system for determining access authorizations
US8706634Aug 15, 2013Apr 22, 2014Mastercard International IncorporatedMethods and systems for biometric verification
US8708230May 29, 2012Apr 29, 2014Charles CannonBiometric identification device with smartcard capabilities
US8756416Sep 12, 2012Jun 17, 2014International Business Machines CorporationChecking revocation status of a biometric reference template
US8782775 *Sep 9, 2008Jul 15, 2014Apple Inc.Embedded authentication systems in an electronic device
US8791792Jun 21, 2010Jul 29, 2014Idex AsaElectronic imager using an impedance sensor grid array mounted on or about a switch and method of making
US8826031Mar 25, 2013Sep 2, 2014Privaris, Inc.Methods for secure enrollment and backup of personal identity credentials into electronic devices
US8856539Jun 26, 2007Oct 7, 2014Universal Secure Registry, LlcUniversal secure registry
US8866347May 27, 2011Oct 21, 2014Idex AsaBiometric image sensing
US8943580 *Sep 9, 2008Jan 27, 2015Apple Inc.Embedded authentication systems in an electronic device
US8996879 *Dec 23, 2010Mar 31, 2015Intel CorporationUser identity attestation in mobile commerce
US9038167Dec 27, 2013May 19, 2015Apple Inc.Embedded authentication systems in an electronic device
US9059991Jun 15, 2009Jun 16, 2015Bce Inc.System and method for unlocking a device
US9100826Sep 16, 2013Aug 4, 2015Universal Secure Registry, LlcMethod and apparatus for secure access payment and identification
US9128601Mar 18, 2015Sep 8, 2015Apple Inc.Embedded authentication systems in an electronic device
US9129107 *Feb 10, 2012Sep 8, 2015SecurenCrypt, LLCDocument encryption and decryption
US9134896Dec 27, 2013Sep 15, 2015Apple Inc.Embedded authentication systems in an electronic device
US9160537Jul 1, 2013Oct 13, 2015Apple Inc.Methods for secure restoration of personal identity credentials into electronic devices
US9189612 *May 13, 2014Nov 17, 2015Ira KonvalinkaBiometric verification with improved privacy and network performance in client-server networks
US9230149Sep 14, 2012Jan 5, 2016Idex AsaBiometric image sensing
US9250795Dec 27, 2013Feb 2, 2016Apple Inc.Embedded authentication systems in an electronic device
US20030048173 *Sep 5, 2002Mar 13, 2003Satoshi ShigematsuAuthentication method, authentication system, and authentication token
US20030065957 *Sep 27, 2002Apr 3, 2003Nobuhisa TsujiIC card that can have user restricted, authorized person determination method, authorized person determination program, descrambler, authorized person registration method, authorized person registration program, server device administering usage admitted count of IC card, count administration method, and physical description reader
US20030101348 *Jul 12, 2002May 29, 2003Russo Anthony P.Method and system for determining confidence in a digital transaction
US20040034784 *Aug 15, 2002Feb 19, 2004Fedronic Dominique Louis JosephSystem and method to facilitate separate cardholder and system access to resources controlled by a smart card
US20040039930 *Jul 17, 2003Feb 26, 2004Motoji OhmoriSystem for preventing unauthorized use of recording media
US20040085188 *Mar 11, 2003May 6, 2004Atsushi MinemuraIndividual authentication device and cellular terminal apparatus
US20040104807 *Oct 12, 2003Jun 3, 2004Frank KoNetworked fingerprint authentication system and method
US20040139329 *Aug 6, 2003Jul 15, 2004Abdallah David S.Methods for secure enrollment and backup of personal identity credentials into electronic devices
US20050008148 *Apr 1, 2004Jan 13, 2005Dov JacobsonMouse performance identification
US20050012714 *Jun 21, 2004Jan 20, 2005Russo Anthony P.System and method for a miniature user input device
US20050041885 *Aug 4, 2004Feb 24, 2005Russo Anthony P.System for and method of generating rotational inputs
US20050138394 *Dec 16, 2004Jun 23, 2005Ian PoinsenetBiometric access control using a mobile telephone terminal
US20050169503 *Jun 30, 2004Aug 4, 2005Howell Mark J.System for and method of finger initiated actions
US20050179657 *Feb 10, 2005Aug 18, 2005Atrua Technologies, Inc.System and method of emulating mouse operations using finger image sensors
US20050255840 *Aug 13, 2004Nov 17, 2005Markham Thomas RAuthenticating wireless phone system
US20060046653 *Sep 1, 2004Mar 2, 2006Bilhan KirbasSystems and methods for bluetooth resource conservation
US20060156028 *May 19, 2005Jul 13, 2006Fujitsu LimitedSecurity management method, program, and information device
US20060209028 *Feb 9, 2006Sep 21, 2006Ozolins Helmars EComputer keyboard with processor for audio and telephony functions
US20060213982 *Mar 24, 2006Sep 28, 2006Privaris, Inc.Biometric identification device with smartcard capabilities
US20070014443 *Jul 10, 2006Jan 18, 2007Anthony RussoSystem for and method of securing fingerprint biometric systems against fake-finger spoofing
US20070061126 *Sep 1, 2005Mar 15, 2007Anthony RussoSystem for and method of emulating electronic input devices
US20070067640 *Dec 30, 2005Mar 22, 2007Fujitsu LimitedMobile unit with fingerprint sensor and attachment structure
US20070080778 *Oct 11, 2005Apr 12, 2007Newfrey LlcDoor lock with protected biometric sensor
US20070098228 *Oct 31, 2006May 3, 2007Atrua Technologies, IncDevices using a metal layer with an array of vias to reduce degradation
US20070136589 *Nov 20, 2006Jun 14, 2007Future Internet Security Ip Pty LtdIdentification and authentication system and method
US20070198436 *Feb 21, 2007Aug 23, 2007Weiss Kenneth PMethod and apparatus for secure access payment and identification
US20070207681 *Apr 3, 2006Sep 6, 2007Atrua Technologies, Inc.System for and method of protecting an integrated circuit from over currents
US20070226496 *Nov 30, 2006Sep 27, 2007Atmel CorporationMethod and system for secure external TPM password generation and use
US20070226787 *Nov 30, 2006Sep 27, 2007Atmel CorporationMethod and system for secure external TPM password generation and use
US20070237366 *Nov 22, 2006Oct 11, 2007Atmel CorporationSecure biometric processing system and method of use
US20070274575 *Feb 16, 2007Nov 29, 2007Russo Anthony PMethod and system for biometric image assembly from multiple partial biometric frame scans
US20070286463 *Jun 9, 2006Dec 13, 2007Sony Ericsson Mobile Communications AbMedia identification
US20070288758 *Jun 8, 2007Dec 13, 2007Weiss Kenneth PUniversal secure registry
US20070289000 *Jun 8, 2007Dec 13, 2007Weiss Kenneth PUniversal secure registry
US20080005576 *Jun 26, 2007Jan 3, 2008Weiss Kenneth PUniversal secure registry
US20080013808 *Jul 5, 2007Jan 17, 2008Russo Anthony PSystem for and method of assigning confidence values to fingerprint minutiae points
US20080155268 *Dec 20, 2006Jun 26, 2008Spansion LlcSecure data verification via biometric input
US20080201299 *Nov 29, 2004Aug 21, 2008Nokia CorporationMethod and System for Managing Metadata
US20080267397 *Jul 31, 2007Oct 30, 2008Roberto BoccacciData survey device, integrated with a communication system, and related method
US20090031140 *Aug 12, 2008Jan 29, 2009Abdallah David SMethods for secure enrollment of personal identity credentials into electronic devices
US20090037742 *Jul 31, 2007Feb 5, 2009International Business Machines CorporationBiometric authentication device, system and method of biometric authentication
US20090037743 *Aug 1, 2007Feb 5, 2009International Business Machines CorporationBiometric authentication device, system and method of biometric authentication
US20090037745 *Aug 12, 2008Feb 5, 2009Abdallah David SMethods for secure backup of personal identity credentials into electronic devices
US20090037746 *Aug 12, 2008Feb 5, 2009Abdallah David SMethods for secure restoration of personal identity credentials into electronic devices
US20090083847 *Sep 9, 2008Mar 26, 2009Apple Inc.Embedded authentication systems in an electronic device
US20090083850 *Sep 9, 2008Mar 26, 2009Apple Inc.Embedded authentication systems in an electronic device
US20090095810 *Oct 14, 2008Apr 16, 2009Charles CannonBiometric identification device with smartcard capabilities
US20090154085 *Dec 17, 2008Jun 18, 2009Fujitsu LimitedElectronic apparatus
US20090160609 *Nov 21, 2008Jun 25, 2009Jian-Liang LinMethod for unlocking a locked computing device and computing device thereof
US20090292641 *Nov 26, 2009Weiss Kenneth PUniversal secure registry
US20100005315 *Jan 7, 2010Abdallah David SMethods for secure enrollment and backup of personal identity credentials into electronic devices
US20100117794 *Jun 15, 2004May 13, 2010William Mark AdamsMethod and system for creating and operating biometrically enabled multi-purpose credential management devices
US20100157034 *Nov 24, 2009Jun 24, 2010Moon Min WooCommunication apparatus and control device to generate control data
US20100161488 *Dec 22, 2008Jun 24, 2010Paul Michael EvansMethods and systems for biometric verification
US20100201489 *Aug 12, 2010International Business Machines CorporationSystem, method and program product for communicating a privacy policy associated with a radio frequency identification tag and associated object
US20100201498 *Aug 12, 2010International Business Machines CorporationSystem, method and program product for associating a biometric reference template with a radio frequency identification tag
US20100205431 *Aug 12, 2010International Business Machines CorporationSystem, method and program product for checking revocation status of a biometric reference template
US20100205452 *Feb 12, 2009Aug 12, 2010International Business Machines CorporationSystem, method and program product for communicating a privacy policy associated with a biometric reference template
US20100205658 *Feb 12, 2009Aug 12, 2010International Business Machines CorporationSystem, method and program product for generating a cancelable biometric reference template on demand
US20100205660 *Feb 12, 2009Aug 12, 2010International Business Machines CorporationSystem, method and program product for recording creation of a cancelable biometric reference template in a biometric event journal record
US20100275259 *Oct 28, 2010Uru Technology IncorporatedMethod and system for creating and operating biometrically enabled multi-purpose credential management devices
US20100284617 *Jul 22, 2010Nov 11, 2010Sony Ericsson Mobile Communications AbIdentification of an object in media and of related media objects
US20100329568 *Jun 24, 2009Dec 30, 2010C-True Ltd.Networked Face Recognition System
US20110021182 *Mar 18, 2008Jan 27, 2011Hengxi HuanMethod and apparatus for automatically handling missed calls in a communication terminal
US20110032206 *Apr 15, 2009Feb 10, 2011Kyocera CorporationMobile electronic device
US20110109431 *Jun 30, 2008May 12, 2011Andrea BragagniniMethod and system for communicating access authorization requests based on user personal identification as well as method and system for determining access authorizations
US20120105200 *May 3, 2012Electronics And Telecommunications Research InstitutePortable sensor apparatus and biometric recognition-based service system having the same
US20120167188 *Dec 23, 2010Jun 28, 2012Rajesh PoornachandranUser identity attestation in mobile commerce
US20120210126 *Aug 16, 2012SecurenCrypt, LLCDocument encryption and decryption
US20130216108 *Nov 26, 2012Aug 22, 2013Pantech Co., Ltd.Electronic device and method for user identification
US20140089672 *Mar 13, 2013Mar 27, 2014AliphcomWearable device and method to generate biometric identifier for authentication using near-field communications
US20140337635 *May 13, 2014Nov 13, 2014Ira KonvalinkaBiometric verification with improved privacy and network performance in client-server networks
CN103270529A *Dec 14, 2011Aug 28, 2013英特尔公司User identity attestation in mobile commerce
WO2008127235A2 *Apr 13, 2007Oct 23, 2008Avisere IncMachine vision system for enterprise management
WO2008127235A3 *Apr 13, 2007Feb 19, 2009Tinku AcharyaMachine vision system for enterprise management
WO2010075623A1 *Jun 15, 2009Jul 8, 2010Bce Inc.System and method for unlocking a device
Classifications
U.S. Classification726/5, 713/186, 382/115, 340/5.82
International ClassificationG06Q20/04, G06Q30/06, G06Q10/02, G06Q20/40, H04N1/387, G06K9/00
Cooperative ClassificationH04L2209/08, H04L9/3231, H04L2209/805, G06Q10/02, G06K9/00026, G06Q20/04, G06Q20/4016, G06Q30/06
European ClassificationG06Q20/04, G06Q30/06, G06Q10/02, G06Q20/4016, G06K9/00A1C, H04L9/32T
Legal Events
DateCodeEventDescription
Mar 3, 2003ASAssignment
Owner name: I-CONTROL SECURITY, INC., CALIFORNIA
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:RUSSO, ANTHONY P.;MCCOY, PETER A.;ROSKE, THORSTEN;REEL/FRAME:013796/0856;SIGNING DATES FROM 20021205 TO 20030207
May 13, 2004ASAssignment
Owner name: ATRUA TECHNOLOGIES, INC., CALIFORNIA
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:I-CONTROL SECURITY, INC.;REEL/FRAME:015327/0587
Effective date: 20030908