Search Images Maps Play YouTube News Gmail Drive More »
Sign in
Screen reader users: click this link for accessible mode. Accessible mode has the same essential features but works better with your reader.

Patents

  1. Advanced Patent Search
Publication numberUS20030115490 A1
Publication typeApplication
Application numberUS 10/194,949
Publication dateJun 19, 2003
Filing dateJul 12, 2002
Priority dateJul 12, 2001
Also published asEP1573426A2, EP1573426A4, US7197168, US7751595, US20030101348, US20030115475, US20030126448, US20070274575, WO2003007121A2, WO2003007121A3, WO2003007121B1, WO2003007125A2, WO2003007125A3, WO2003007125A9, WO2003007127A2, WO2003007127A3, WO2003007127A9
Publication number10194949, 194949, US 2003/0115490 A1, US 2003/115490 A1, US 20030115490 A1, US 20030115490A1, US 2003115490 A1, US 2003115490A1, US-A1-20030115490, US-A1-2003115490, US2003/0115490A1, US2003/115490A1, US20030115490 A1, US20030115490A1, US2003115490 A1, US2003115490A1
InventorsAnthony Russo, Peter McCoy, Thorsten Roske
Original AssigneeRusso Anthony P., Mccoy Peter A., Thorsten Roske
Export CitationBiBTeX, EndNote, RefMan
External Links: USPTO, USPTO Assignment, Espacenet
Secure network and networked devices using biometrics
US 20030115490 A1
Abstract
A biometric data sample is taken and compared with stored biometric data. If the biometric data sample matches stored data, access to a secure data storage module is enabled. The secure data storage module contains data necessary for successful communication with a server, as detailed further below. Accordingly, a biometric data match enables sensitive data retrieval, and ultimately secure communication with another device. In a preferred embodiment, the Subscriber Identity Module (SIM) in a GSM phone provides stored biometric data and processing capabilities for the matching function within a cellular phone. By storing biometric data on the SIM (a type of smart card) and performing the biometric matching process on the SIM, the need to transmit or store biometric data in a way that leaves it available for retrieval or tampering is minimized.
Images(7)
Previous page
Next page
Claims(23)
We claim:
1. A method for secure communication with a server, wherein said secure communication requires encryption information, said method comprising:
obtaining a biometric data sample;
comparing said biometric data sample to stored biometric data;
enabling access to said sensitive data if said biometric data sample matches said stored biometric data; and
communicating with said server using said sensitive data.
2. A method according to claim 1, wherein said secure communication comprises communicating message information, said communicating step further comprising encrypting said message information using said sensitive data.
3. A method according to claim 1, wherein said obtaining comprises processing a fingerprint scan.
4. A method according to claim 1, wherein said obtaining comprises processing an image.
5. A method according to claim 4, wherein said image is a facial image.
6. A method according to claim 1, wherein said obtaining comprises processing a speech sample.
7. A method according to claim 1, wherein said sensitive data includes a private encryption key.
8. A method according to claim 1, further comprising processing said biometric data sample.
9. A method for secure communication between a server and mobile device comprising:
obtaining a biometric data sample;
comparing said biometric data sample to stored biometric data;
transmitting acceptance result to said server if said biometric data sample matches said stored biometric data.
10. A device for securely communicating with a server, said device comprising:
a biometric sensor;
a secure data storage module containing stored biometric data and sensitive data required for communication with said server, in electronic communication with said biometric sensor;
matching logic in electronic communication with said sensor and said biometric data memory; and
a verification processor in electronic communication with said matching logic and said secure data storage module.
11. The device of claim 10, wherein said matching logic is provided on a SIM card.
12. The device of claim 10, wherein said matching logic is provided on a smart card.
13. The device of claim 10, wherein said verification processor is provided within a cellular phone.
14. The device of claim 13, wherein said biometric sensor is on a front surface of said cellular phone.
15. The device of claim 13, wherein said biometric sensor is on a rear surface of said cellular phone.
16. The device of claim 13, wherein said biometric sensor is below a keypad on a surface of said cellular phone.
17. The device of claim 13, wherein said biometric sensor is on a side surface of said cellular phone.
18. The device of claim 13, wherein said biometric sensor is embedded in a key on said cellular phone.
19. The device of claim 18, wherein said key is an ON key.
20. A device according to claim 10, further comprising an input device associated with said verification processor and wherein said biometric sensor is located on said input device.
21. A device according to claim 10, further comprising a display device associated with said verification processor and wherein said biometric sensor is located on said display device.
22. A device according to claim 10, wherein said verification processor is provided within a personal digital assistant.
23. A computer program product comprising a computer-readable memory encoded with an instruction set that when executed:
processes a biometric data sample;
compares said biometric data sample with stored biometric data;
enables access to sensitive data if said biometric data sample matches said stored biometric data; and
transmits an acceptance result.
Description
RELATED APPLICATIONS

[0001] This application claims the benefit under 35 U.S.C. §119 and/or 35 U.S.C. §120 of the filing date of: U.S. Provisional Application Serial No. 60/305,120, filed Jul. 12, 2001, which is hereby incorporated by reference. and entitled SYSTEM, METHOD, DEVICE AND COMPUTER PROGRAM FOR NON-REPUDIATED WIRELESS TRANSACTIONS; U.S. patent application Ser. No. 10/099,554 filed Mar. 13, 2002 and entitled SYSTEM, METHOD, AND OPERATING MODEL FOR MOBILE WIRELESS NETWORK-BASED TRANSACTION AUTHENTICATION AND NON-REPUDIATION; and U.S. patent application Ser. No. 10/099,558 filed Mar. 13, 2002 and entitled FINGERPRINT BIOMETRIC CAPTURE DEVICE AND METHOD WITH INTEGRATED ON-CHIP DATA BUFFERING; each of which applications are incorporated by reference herein.

[0002] This application further relates to the following co-pending applications:

[0003] U.S. application Ser. No. 10/______, filed ______, entitled “METHOD AND SYSTEM FOR DETERMINING CONFIDENCE IN A DIGITAL TRANSACTION” (Attorney Docket No. A-70779/RMA/JML);

[0004] U.S. application Ser. No. 10/______, filed ______, entitled “BIOMETRICALLY ENHANCED DIGITAL CERTIFICATES AND SYSTEM AND METHOD FOR MAKING AND USING” (Attorney Docket No. A-70596/RMA/JML); and

[0005] U.S. application Ser. No. 10/______, filed ______, entitled “METHOD AND SYSTEM FOR BIOMETRIC IMAGE ASSEMBLY FROM MULTIPLE PARTIAL BIOMETRIC FRAME SCANS” (Attorney Docket No. A-70591/RMA/JML); all of which are hereby incorporated by reference.

FIELD OF THE INVENTION

[0006] This invention pertains generally to device, user, and transaction verification and authentication devices, systems, and methods; and more particularly to devices employing device, user, and transaction verification, authentication, and non-repudiation systems and methods for mobile wireless applications that capture and utilize biometric data for transaction verification and authentication.

BACKGROUND OF THE INVENTION

[0007] The security and integrity of information systems depends in part on authentication of individual users, that is accurately and reliably determining the identity of a user attempting to use the system. Once a user is authenticated, a system is then able to authorize the user to retrieve certain information or perform certain actions appropriate to the system's understanding of the user's identity. Examples of such actions include downloading a document, completing a financial transaction, or digitally signing a purchase.

[0008] A number of methods have been developed for authenticating users. Generally, as will be understood by those skilled in the art, authentication methods are grouped into three categories, also called authentication factors: 1) something you know—a secret such as a password or a PIN or other information; 2) something you have—such as a smartcard, the key to a mechanical lock, an ID badge, or other physical object; and 3) something you are—a measure of a person such as a fingerprint or voiceprint. Each method has advantages and disadvantages including those relating to ways that a system may be fooled into accepting a normally unauthorized user in cases where, for example, a password has been guessed or a key has been stolen.

[0009] The third category above—referred to herein as ‘something you are’ authentication methods—are the subject of the biometrics field. Biometric identification is used to verify the identity of a person by measuring selected features of some physical characteristic and comparing those measurements with those filed for the person in a reference database or stored in a token (such as a smartcard) carried by the person. Physical characteristics that are used today include fingerprints, voiceprints, hand geometry, the pattern of blood vessels on the wrist or on the retina of the eye, the topography of the iris of the eye, facial patterns, and the dynamics of writing a signature or typing on a keyboard. Biometric identification methods are widely used today for securing physical access to buildings and securing data networks and personal computers.

[0010] Many present biometric systems store a user's biometric data in a file on a workstation or a server where they could be retrieved or tampered with by unauthorized parties—or transmit biometric data over a medium that could be eavesdropped. This could compromise the user's privacy or the security and integrity of the information systems dependent on biometric authentication.

[0011] At present, systems requiring user authentication from mobile devices—such as PDAs or mobile phones—usually use passwords or PIN codes, i.e., “something you know” authentication. However, mobile devices typically have small keypads, few buttons or rely on handwriting recognition for user input. These limited user-input options make entering long passwords difficult, although longer alphanumeric passwords are generally known to be “stronger” (less likely to be guessed and compromised) than, for example a 4 digit numeric PIN—allowing only ten thousand combinations.

[0012] Some mobile devices provide facilities for the secure, tamper resistant processing and storage of data separate from the main processing and storage facility of the device. Mobile phones adhering to the Global System for Mobile Communications (GSM) body of standards use a Subscriber Identity Module, or SIM, which is a “smart card” that provides secure storage and processing facilities for the phone. SIMs are generally known in the art, see for example, “Digital cellular telecommunications system (Phase 2); Specification of the Subscriber Identity Module—Mobile Equipment (SIM—ME) interface (GSM 11.11 version 4.21.1) published by European Telecommunications Standards Institute (ETSI) of Valbonne, France, document ETS 300 608, ninth edition, December 1999, hereby incorporated by reference. The SIM contains and protects sensitive information that the phone uses to identify itself on and participate in a GSM network.

[0013] Accordingly, there is a need for a biometric authentication system that provides accurate, reliable identification of a user or transaction where the biometric data is stored and transmitted securely—that is, where the privacy of users as well as integrity of transactions is maintained.

[0014] Therefore, it is an object of the present invention to provide a secure biometric authentication system that leverages the strengths of ‘what you have’ authentication systems as well as biometric—‘what you are’ authentication systems. It is a further object of the present invention to provide a mobile device capable of using a secure biometric authentication system.

SUMMARY

[0015] In a first embodiment, the present invention provides a method for secure communication with a server, wherein said secure communication requires encryption information, said method comprising obtaining a biometric data sample, comparing said biometric data sample to stored biometric data, enabling access to said sensitive data if said biometric data sample matches said stored biometric data, and communicating with said server using said sensitive data.

[0016] In some embodiments of the method, secure communication comprises communicating message information, said communicating further comprises encrypting the message information using said sensitive data.

[0017] In some embodiments, obtaining a biometric data sample comprises processing a fingerprint scan. In other embodiments, obtaining a biometric data sample comprises processing an image, which may be, for example, a facial image. In still other embodiments, obtaining a biometric data sample comprises processing a speech sample.

[0018] In some embodiments, the sensitive data includes a private encryption key.

[0019] Some embodiments of a method according to the present invention further comprise processing said biometric data sample.

[0020] Other embodiments of the present invention provide methods for secure communication between a server and mobile device comprising obtaining a biometric data sample, comparing said biometric data sample to stored biometric data, and transmitting acceptance result to said server if said biometric data sample matches said stored biometric data.

[0021] Still other embodiments of the present invention provide devices for securely communicating with a server, said device comprising a biometric sensor, a secure data storage module containing stored biometric data and sensitive data required for communication with said server, in electronic communication with said biometric sensor, matching logic in electronic communication with said sensor and said biometric data memory, and a verification processor in electronic communication with said matching logic and said secure data storage module.

[0022] In some embodiments, the matching logic is provided on a smart card. In some preferred embodiments, the matching logic is provided on a SIM card.

[0023] In some embodiments, the verification processor is provided within a cellular phone. The biometric sensor may be on a front surface, on a rear surface, below a keypad on a surface, on a side surface, or embedded in a key, such as an ON key, of said cellular phone.

[0024] In some embodiments, the device further comprises an input device associated with said verification processor and the biometric sensor is located on said input device. In other embodiments, the device further comprises a display device associated with said verification processor and said biometric sensor is located on said display device.

[0025] In still other embodiments, the verification processor is provided within a personal digital assistant.

[0026] In another aspect of the present invention, a computer program product comprising a computer-readable memory is provided, where the computer-readable memory is encoded with an instruction set that, when executed, processes a biometric data sample, compares said biometric data sample with stored biometric data, enables access to sensitive data if said biometric data sample matches said stored biometric data, and transmits an acceptance result.

BRIEF DESCRIPTION OF THE DRAWINGS

[0027] The present invention may be better understood, and its features and advantages made apparent to those skilled in the art by referencing the accompanying drawings.

[0028]FIG. 1 is a diagrammatic illustration of a secure networked device using biometrics according to an embodiment of the present invention.

[0029]FIG. 2 is a diagram of the initiation of an authentication process.

[0030]FIG. 3 is a diagram of the authentication process after a matching procedure has been performed.

[0031]FIG. 4 is a diagram of the matching procedure.

[0032]FIG. 5 is a schematic diagrams showing one exemplary biometric sensor placement location on a mobile phone.

[0033]FIG. 6 is a schematic diagram showing a second exemplary biometric sensor placement location on a mobile phone.

[0034]FIG. 7 is a schematic diagram showing a third exemplary biometric sensor placement location on a mobile phone.

[0035]FIG. 8 is a schematic diagram showing a fourth exemplary biometric sensor placement location on a mobile phone.

[0036]FIG. 9 is a schematic diagram showing a fifth exemplary biometric sensor placement location on a mobile phone.

[0037]FIG. 10 is a schematic diagram showing a sixth exemplary biometric sensor placement location on a mobile phone.

[0038]FIG. 11 is a schematic diagram showing a seventh exemplary biometric sensor placement location on a mobile phone.

DETAILED DESCRIPTION OF THE EMBODIMENTS

[0039] The invention generally provides improved privacy and security in biometric systems. Briefly, private and secure communication between a user device and a server (or another user or administrator or service provider device) proceeds as follows. A biometric data sample is taken and compared with stored biometric data. If the biometric data sample matches stored data, access to a secure data storage module is enabled. The secure data storage module contains data necessary for successful communication with a server, as detailed further below. Accordingly, a biometric data match enables sensitive data retrieval, and ultimately secure communication with another device.

[0040] In preferred embodiments of the present invention, the stored biometric data and advantageously, but optionally, the matching procedure is performed within a smart card or other smart “what you have” token. In a preferred embodiment, the Subscriber Identity Module (SIM) in a GSM phone provides stored biometric data and processing capabilities for the matching function within the phone. By storing biometric data on the SIM (a type of smart card) and performing the biometric matching process on the SIM, the need to transmit or store biometric data in a way that leaves it available for retrieval or tampering is minimized.

[0041] Accordingly, devices suitable for use with the present invention include substantially any device suited for electronic communication with a network server (or any other device). Generally, any device for which user authentication is desired may utilize the systems and methods of the present invention, with mobile devices being particularly preferred. FIG. 1 schematically illustrates device 101 according to an embodiment of the present invention. In a preferred embodiment, device 101 comprises a mobile phone. Mobile phones utilizing the global system for mobile communications (GSM) protocol are particularly preferred, such as the Handspring™ Treo™ 270 (Handspring, Inc.; Mountain View, Calif.). In other embodiments, other protocols may be used, including code division multiple access (CDMA), time division multiple access (TDMA) protocol, and PCS protocols. Other devices suitable for use with the present invention include personal digital assistants (PDA), laptop computers, personal computers, televisions, telephones, and other terminals such as payment stations, point-of-sale stations, cash registers, Automated Teller Machines (ATMs), and related devices.

[0042] Generally, device 101 interacts with network server 102. The network server, as used herein, may generally be any device with which device 101 carries out a communication. In a preferred embodiment, network server 102 is an Internet web server with which the device communicates for the manipulation and display of private information as in the case of stock purchases or banking. Any number of transactions, including transfer and analysis of medical data, any other purchases, insurance information, data transfer, or the like. Network server 102 may alternatively represent a cellular base station, another user device (such as another cellular phone, laptop, PDA, etc), or a server machine. Suitable web servers are known in the art and include Apache and Jakarta Tomcat from the Apache Software Foundation (The Apache Software Foundation; Forest Hill, Md.), Websphere® from IBM (IBM Corporation; White Plains, N.Y.), Sun™ ONE from Sun Microsystems (Sun Microsystems, Inc; Santa Clara, Calif.), and Internet Information Server from Microsoft™ (Microsoft Corporation; Redmond, Wash.).

[0043] In a preferred embodiment, a plurality of devices, including device 101, communicate with network server 102. Generally, anywhere from one to millions of devices may advantageously communicate with server 102. The number of devices in communication with server 102 at any time will vary according to user traffic and server capacity.

[0044] Networking capability component 103 is integral to device 101 and provides device 101 with its means of connecting to a network, which may be wired or wireless. Component 103 may be, for example, an antenna and associated transmitter and receiver in a cellular phone, or an Ethernet connection for a personal computer. In a preferred embodiment, component 103 represents the antenna, transmitter and receiver of a GSM mobile phone, which allows the phone to communicate with server 102.

[0045] Device 101 contains verification processor 104, which is in electronic communication with networking capability component 103, and integral to device 101. Verification processor 104 here generally comprises a CPU and RAM component and provides the device with a general purpose computing capability adequate for the execution of necessary software to support functions described herein, including network communications and the local processing of biometric data. In some embodiments, processor 104 also performs the processing necessary-for the transmission of data. In one embodiment, a 33 MHz Motorola Dragonball CPU with 16 MB RAM in a Handspring Treo 270 GSM cellular phone is sufficient to perform functions described herein, although the particular processor and RAM utilized will vary according to the device and server used, the desired functionality, and the efficiency of the software.

[0046] Secure storage module 105 provides device 101 with secure non-volatile data storage. Secure storage module 105 is at least in electronic communication with verification processor 104. In some embodiments, secure storage module 105 is integral to device 101. In other embodiments, secure storage—module 105 is integral to smart card or SIM 106, described further below, and brought into electronic communication with verification processor 104 during operation. In still other embodiments, another form a secure storage, such as a separate memory card, may be used.

[0047] Data for which protection and security is desired—‘sensitive data’, ‘sensitive information’, or ‘secure data’ as used herein—is stored in secure storage module 105. Further as used herein, for secure communication between device 101 and network server 102, secure storage module 105 is encoded with data required for communication with network server 102—such as a private key, in one embodiment. Sensitive information in storage module 105 may only be accessed when unlocked after a biometric data match. That is, secure storage module 105 is in electronic communication with verification processor 104, but verification processor 104 may only access sensitive data within module 105 when the secure data module receives an unlocking signal from an object owned by the authentic user—‘what you have’ authentication, as used herein. In a preferred embodiment, that unlocking object is smart card or SIM 106.

[0048] In some embodiments, verification processor 104 cannot read or write data to or from secure storage module 105 unless the storage module is unlocked. In other embodiments, verification processor 104 can write data to storage module 105, but cannot read data from storage module 105 without it being unlocked. In still other embodiments, verification processor 104 can read data from storage module 105, but cannot write data to storage module 105 without it being unlocked.

[0049] Sensitive information, that is data stored by module 105 generally may include two types of data—(1) data required for communication with network server 102 including encryption keys (for example, private keys used in asymmetric ciphers, other passwords, codes, and the like; and (2) stored biometric data—that is, reference biometric data which will be compared to a biometric data sample. In another embodiment, data required for communication, such as encryption keys are stored by module 105 while reference biometric data is stored in a separate stored biometric data module. Stored, or ‘reference’ biometric data may include one or more of the following—biometric templates or other stored biometric data including fingerprint data, voice information, facial feature data, retinal scan information, and the like.

[0050] In other embodiments of the invention, secure storage module may contain other personal information including, but not limited to, biographical data including, for example, name, address, age, business data including credit card numbers, credit ratings, insurance policy numbers, medical data—including, for example, genetic data, medical history, blood type, prescription information, etc., bank account numbers and balances, purchasing history, financial portfolio information, stock information, and the like.

[0051] Smart Card or SIM 106 provides the device with a “smart card” computing facility such as that of a SIM card used in GSM phones. In one embodiment, smart card 106 contains matching logic 110, capable of performing biometric matching of fingerprint, voice, facial features, and/or other biometric authentication methods. In another embodiment, matching logic 110 is integral to device 101, and secure data storage module 105 resides on smart card 106. Smart card 106 is in electronic communication with, or capable of being brought into electronic communication with, verification processor 104. Further, smart card 106 is capable of being brought into electronic communication with matching logic 110 in embodiments where logic 110 is not resident within smart card 106.

[0052] Biometric sensor component 107 provides the device with a means of collecting biometric information from the user of the device 101, such as a fingerprint sensor for fingerprint matching, microphone for voiceprint matching, or camera for facial geometry, retina, or iris matching. A wide variety of sensors are known in the art, such as the Veridicom FPS 200 (Veridicom, Inc.; Sunnyvale, Calif.) or Atmel Fingerchip™ fingerprint sensors (Atmel Corporation; San Jose, Calif.), and substantially any sensor capable of recording information about an individual may be employed—those that record blood type, genetic information, and the like. In a preferred embodiment, the biometric sensor is a fingerprint sensor. In a preferred embodiment, biometric sensor 107 is integrated with or adhered to a surface of device 101. In other embodiments, biometric sensor 107 is electronically coupled to device 101. In some embodiments, a plurality of biometric sensors are provided.

[0053] The present invention further provides methods for accessing sensitive information and securely authenticating a user. FIG. 2 illustrates the initiation of a method according to a preferred embodiment of securely authenticating a device's user. Those skilled in the art will readily appreciate that the method can generally be extending to providing secure communications between devices and providing secured access to sensitive data. The authentication procedure generally begins when access to sensitive information is requested, or when secure communication with another device is initiated. A biometric data sample is obtained in step 203—which may also represent the step of prompting a user to initiate a biometric data sampling activity. Generally, the biometric data sample will be obtained through use of a biometric sensor, described above—including, for example a fingerprint sensor.

[0054] For example, a user may be prompted to place or swipe his/her finger over a fingerprint sensor, speak a passphrase into a microphone for voice recognition systems, look into a camera for face recognition, or perform some other data-generating action, thereby generating a raw biometric data sample. A variety of biometrics are known in the art—see for example “A Practical Guide to Biometric Security Technology”, Simon Liu and Mark Silverman, IEEE Computer Society, IT Pro—Security, January-February, 2001, hereby incorporated by reference. In some embodiments, only one such action is required. In other embodiments, two or more such biometric data samples are required—either multiple instances of the same action (two or more fingerprint scans, for example), or a combination of actions (a fingerprint scan and speaking a passphrase, for example).

[0055] The device then processes the raw biometric data sample (or samples), such as fingerprint images or audio waveforms, in step 204, to put the samples in a form suitable for submission to match logic 110 for matching. In some embodiments, match logic 110 performs a searching function, where a stored collection of biometric data is searched for a match to the biometric data sample. Processing 204 may include the reduction of the raw biometric data to a biometric template as is well known for various biometric methods. See, for example, A. K. Jain, L. Hong, S. Pankanti and R. Bolle; “An Identity Authentication System Using Fingerprints”, Proc. IEEE Vol. 85, No. 9, pp. 1365-1388, 1997; D. Maio, D. Maltoni: “Direct Gray-scale Minutiae Detection in Fingerprints”, IEEE Trans. On Pattern Analysis and Machine Intelligence, Vol. 19, No. 1, pp. 27-40, 1997; and W. M. Campbell and C. C. Broun, Text-Prompted Speaker Recognition with Polynomial Classifiers, Motorola Human Interface Laboratory, 2001, all of which are hereby incorporated by reference. Device 101 submits the biometric data for secure biometric match (or search) by match logic 110 in step 205. Procedures performed by match logic 110 are described further below.

[0056] In FIG. 3, match logic 110 returns a match result in step 208 indicating acceptance or rejection of the sampled biometric data against the stored biometric reference template (or set of templates). General methods to establish an acceptable match are well known in the art and include, for example, statistical methods, piecewise linear classifiers, and rule-based methods. See for example, R. O. Duda, P. E. Hart and D. G. Stork, Pattern Classification (2nd Edition), Wiley-Interscience, 2000, incorporated herein by reference. See also A. K. Jain, A. Ross and S. Prabhakar, “Fingerprint Matching Using Minutiae and Texture Features”, Proc. ICIP, Thessaloniki, pp. 282-285, October 2001, for an example of a fingerprint match algorithm. If the match is accepted, then verification processor 104 requests and retrieves sensitive data from storage module 105 in step 209. In a preferred embodiment, the user's private encryption key and/or other secure local data necessary to complete, sign, and submit information to server 102 is retrieved. The acceptance result is signed, (or a message is signed) using the retrieved sensitive information, and is sent to network server 102 in step 210 notifying the server that the match was accepted. If the match is rejected, then verification processor 104 submits a notification to network server 102 that the match was rejected in step 211. The network server can then use the acceptance or rejection notification to provide or restrict the user's access to information stored on the server, or allow or reject communication with the user as appropriate.

[0057] In embodiments where a plurality of biometric data samples are taken, a predetermined number of samples must receive a match before secure data may be accessed.

[0058]FIG. 4 is a schematic outline of a biometric matching process according to an embodiment of the present invention—this process will generally be performed by matching logic 110. In a preferred embodiment, the process outlined in FIG. 3 is performed within smart card 106. In other embodiments, the process activity is shared between smart card 106 and components integral to device 101. A biometric data sample (either raw or a processed template) is submitted in step 301. Matching logic 110 then matches, step 302, the submitted data to a reference template stored in secure data storage component 105—or elsewhere within device 101 or smart card 106. As discussed above, matching procedures are well known for various biometric methods and generally involve determining if the template data of the previously enrolled biometric matches the template data of the recently scanned biometric to within a predetermined tolerance level. If the match is accepted, step 303. then matching logic 110 unlocks secure data storage component 105 in step 304 by issuing an unlocking command, enabling verification processor 104 (or another module of device 101) temporary access to contents of storage component 105 and returns, step 305, an accept result to verification processor 104. Suitable interfaces for communicating with, and unlocking, secure data storage component 105 will vary according to the embodiment of the component and associated processors and are known in the art, for example, JavaCard™ API (Sun Microsystems, Inc; Santa Clara, Calif.). If the match is rejected, step 303, then matching logic 110 does not unlock the secure data storage component 105, but rather returns, step 306, a reject result to verification processor 104.

[0059] In some embodiments, a user is given another opportunity to provide a biometric sample—such as to take another image of facial features, speak the passphrase again, or take another fingerprint scan if a first match is rejected. In other embodiments, the secure data storage component remains locked for a predetermined period or permanently after a rejected scan, or after a predetermined number of rejected scans.

[0060] FIGS. 5-11 depict a variety of physical locations at which a biometric sensor, such as fingerprint sensor 500, may be placed on a mobile phone. These exemplary locations are identified respective of a mobile phone but it will be appreciated that the biometric sensor may be placed on a great variety of physical locations on any device with which the biometric sensor will be used. FIG. 5 displays sensor 500 on front surface 510 of phone 520 along top surface 525. FIG. 6 displays sensor 500 on front surface 510 below keypad 505. FIGS. 7 and 8 depict sensor 500 on the right side 403 and left side 406 of phone 520. FIGS. 9 and 10 depict two locations of sensor 500 on back surface 550 of mobile phone 520. Sensor 500 may also be located on a battery pack. In some embodiments, as shown in FIG. 11, fingerprint sensor 500 may be embedded within one or more keys—including the ON key or power key—on the keypad 505 itself. Embedding it in the on key may provide for optional and user friendly identity verification at the time of device power-up or wake from a sleep mode. Biometric sensors may generally be placed on or embedded in any input device including mice, pens and wands, for example a Touchpad™ mouse (Synaptics, Inc.; San Jose, Calif.). Further, a biometric sensor may be placed on or embedded in part of an integrated display or an associated display device. Optionally providing an automatic turn off or deactivation of the biometric sample after some predetermined time may add additional security. In another embodiment, a biometric sensor is embedded in a display screen of a device. In other embodiments, a biometric sensor is not permanently attached to the device, but rather is capable of being brought into electronic communication with the device. That is, an external sensor, such as a camera or other sensor, could plug into the device or communicate with the device through a wireless interface. For example, an add-on keyboard comprising a biometric sensor may plug into the device, in one embodiment. In another embodiment, a network card or memory card for use in the device comprises a biometric sensor. In another embodiment, a biometric sensor is in wireless communication with the device through known protocols such as, for example, BlueTooth.

[0061] The invention may advantageously implement the methods and procedures described herein on a general purpose or special purpose computing device, such as a device having a processor for executing computer program code instructions and a memory coupled to the processor for storing data and/or commands. It will be appreciated that the computing device may be a single computer or a plurality of networked computers and that the several procedures associated with implementing the methods and procedures described herein may be implemented on one or a plurality of computing devices. In some embodiments the inventive procedures and methods are implemented on standard server-client network infrastructures with the inventive features added on top of such infrastructure or compatible therewith.

[0062] Those skilled in the art will readily appreciate that the inventive concepts described herein are readily applicable and operable in a variety of communications devices to secure transactions and sensitive data. The examples provided above are intended to be instructive and illustrative and are not intended to limit the invention to a specific embodiment, device, or data type described. Further, a variety of implementations are possible placing certain functions or groups of functions on the ‘what you have’ authentication object—such as a smart card. Generally, the methods and devices described herein require some function or data to be performed within or stored on a ‘what you have’ authentication object. Examples of those functions and data are given, but are not intended to be limiting.

Referenced by
Citing PatentFiling datePublication dateApplicantTitle
US7197168Jul 12, 2002Mar 27, 2007Atrua Technologies, Inc.Method and system for biometric image assembly from multiple partial biometric frame scans
US7228011 *Feb 28, 2003Jun 5, 2007L-I Identity Solutions, Inc.System and method for issuing a security unit after determining eligibility by image recognition
US7242277 *Mar 11, 2003Jul 10, 2007Matsushita Electric Industrial Co., Ltd.Individual authentication device and cellular terminal apparatus
US7448087 *Jul 17, 2003Nov 4, 2008Matsushita Electric Industrial Co., Ltd.System for preventing unauthorized use of recording media
US7481364Mar 24, 2006Jan 27, 2009Privaris, Inc.Biometric identification device with smartcard capabilities
US7505613Jul 10, 2006Mar 17, 2009Atrua Technologies, Inc.System for and method of securing fingerprint biometric systems against fake-finger spoofing
US7525411Oct 11, 2005Apr 28, 2009Newfrey LlcDoor lock with protected biometric sensor
US7548981 *Mar 3, 2004Jun 16, 2009Sprint Spectrum L.P.Biometric authentication over wireless wide-area networks
US7590861 *Aug 6, 2003Sep 15, 2009Privaris, Inc.Methods for secure enrollment and backup of personal identity credentials into electronic devices
US7715593Jun 15, 2004May 11, 2010Uru Technology IncorporatedMethod and system for creating and operating biometrically enabled multi-purpose credential management devices
US7751595Feb 16, 2007Jul 6, 2010Authentec, Inc.Method and system for biometric image assembly from multiple partial biometric frame scans
US7757096 *Dec 30, 2005Jul 13, 2010Fujitsu LimitedMobile unit with fingerprint sensor and attachment structure
US7787697 *Jun 9, 2006Aug 31, 2010Sony Ericsson Mobile Communications AbIdentification of an object in media and of related media objects
US7805372Jun 8, 2007Sep 28, 2010Weiss Kenneth PUniversal secure registry
US7809651 *Jun 8, 2007Oct 5, 2010Weiss Kenneth PUniversal secure registry
US7849312Nov 30, 2006Dec 7, 2010Atmel CorporationMethod and system for secure external TPM password generation and use
US7885436Jul 5, 2007Feb 8, 2011Authentec, Inc.System for and method of assigning confidence values to fingerprint minutiae points
US7940249Oct 31, 2006May 10, 2011Authentec, Inc.Devices using a metal layer with an array of vias to reduce degradation
US8001055Feb 21, 2007Aug 16, 2011Weiss Kenneth PMethod, system and apparatus for secure access, payment and identification
US8006099 *May 19, 2005Aug 23, 2011Fujitsu LimitedSecurity management method, program, and information device
US8144941May 7, 2010Mar 27, 2012Uru Technology IncorporatedMethod and system for creating and operating biometrically enabled multi-purpose credential management devices
US8149089 *Nov 21, 2008Apr 3, 2012Htc CorporationMethod for unlocking a locked computing device and computing device thereof
US8156548 *Nov 20, 2006Apr 10, 2012Future Internet Security Ip Pty Ltd.Identification and authentication system and method
US8165409Jul 22, 2010Apr 24, 2012Sony Mobile Communications AbMobile device identification of media objects using audio and image recognition
US8181031Aug 1, 2007May 15, 2012International Business Machines CorporationBiometric authentication device and system
US8190908 *Dec 20, 2006May 29, 2012Spansion LlcSecure data verification via biometric input
US8231056Apr 3, 2006Jul 31, 2012Authentec, Inc.System for and method of protecting an integrated circuit from over currents
US8232967 *Feb 9, 2006Jul 31, 2012Bloomberg Finance L.P.Computer keyboard with processor for audio and telephony functions
US8234220Feb 26, 2009Jul 31, 2012Weiss Kenneth PUniversal secure registry
US8242892Feb 12, 2009Aug 14, 2012International Business Machines CorporationSystem, method and program product for communicating a privacy policy associated with a radio frequency identification tag and associated object
US8261072Nov 30, 2006Sep 4, 2012Atmel CorporationMethod and system for secure external TPM password generation and use
US8271397Jun 24, 2011Sep 18, 2012Universal Secure Registry, LlcMethod and apparatus for secure access, payment and identification
US8289135Feb 12, 2009Oct 16, 2012International Business Machines CorporationSystem, method and program product for associating a biometric reference template with a radio frequency identification tag
US8301902Feb 12, 2009Oct 30, 2012International Business Machines CorporationSystem, method and program product for communicating a privacy policy associated with a biometric reference template
US8327134Feb 12, 2009Dec 4, 2012International Business Machines CorporationSystem, method and program product for checking revocation status of a biometric reference template
US8359475Feb 12, 2009Jan 22, 2013International Business Machines CorporationSystem, method and program product for generating a cancelable biometric reference template on demand
US8380125 *Sep 1, 2004Feb 19, 2013Kyocera CorporationSystems and methods for bluetooth resource conservation
US8508339Aug 14, 2012Aug 13, 2013International Business Machines CorporationAssociating a biometric reference template with an identification tag
US8538881Sep 17, 2012Sep 17, 2013Universal Secure Registry, LlcMethod and apparatus for secure access payment and identification
US8577813Sep 20, 2011Nov 5, 2013Universal Secure Registry, LlcUniversal secure registry
US8613052Sep 16, 2011Dec 17, 2013Universal Secure Registry, LlcApparatus, system and method employing a wireless user-device
US8665062 *Jun 30, 2008Mar 4, 2014Telecom Italia S.P.A.Method and system for communicating access authorization requests based on user personal identification as well as method and system for determining access authorizations
US8706634Aug 15, 2013Apr 22, 2014Mastercard International IncorporatedMethods and systems for biometric verification
US20060209028 *Feb 9, 2006Sep 21, 2006Ozolins Helmars EComputer keyboard with processor for audio and telephony functions
US20080155268 *Dec 20, 2006Jun 26, 2008Spansion LlcSecure data verification via biometric input
US20090083847 *Sep 9, 2008Mar 26, 2009Apple Inc.Embedded authentication systems in an electronic device
US20090154085 *Dec 17, 2008Jun 18, 2009Fujitsu LimitedElectronic apparatus
US20090160609 *Nov 21, 2008Jun 25, 2009Jian-Liang LinMethod for unlocking a locked computing device and computing device thereof
US20100157034 *Nov 24, 2009Jun 24, 2010Moon Min WooCommunication apparatus and control device to generate control data
US20100329568 *Jun 24, 2009Dec 30, 2010C-True Ltd.Networked Face Recognition System
US20110021182 *Mar 18, 2008Jan 27, 2011Hengxi HuanMethod and apparatus for automatically handling missed calls in a communication terminal
US20110032206 *Apr 15, 2009Feb 10, 2011Kyocera CorporationMobile electronic device
US20110109431 *Jun 30, 2008May 12, 2011Andrea BragagniniMethod and system for communicating access authorization requests based on user personal identification as well as method and system for determining access authorizations
US20120105200 *Jul 22, 2011May 3, 2012Electronics And Telecommunications Research InstitutePortable sensor apparatus and biometric recognition-based service system having the same
US20120167188 *Dec 23, 2010Jun 28, 2012Rajesh PoornachandranUser identity attestation in mobile commerce
US20120210126 *Feb 10, 2012Aug 16, 2012SecurenCrypt, LLCDocument encryption and decryption
US20130216108 *Nov 26, 2012Aug 22, 2013Pantech Co., Ltd.Electronic device and method for user identification
WO2008127235A2 *Apr 13, 2007Oct 23, 2008Avisere IncMachine vision system for enterprise management
WO2010075623A1 *Jun 15, 2009Jul 8, 2010Bce Inc.System and method for unlocking a device
Classifications
U.S. Classification726/5, 713/186, 382/115, 340/5.82
International ClassificationG06Q30/00, G06Q10/00, H04N1/387, G06K9/00, G06Q20/00
Cooperative ClassificationH04L2209/08, H04L9/3231, H04L2209/805, G06Q10/02, G06K9/00026, G06Q20/04, G06Q20/4016, G06Q30/06
European ClassificationG06Q20/04, G06Q30/06, G06Q10/02, G06Q20/4016, G06K9/00A1C, H04L9/32T
Legal Events
DateCodeEventDescription
May 13, 2004ASAssignment
Owner name: ATRUA TECHNOLOGIES, INC., CALIFORNIA
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:I-CONTROL SECURITY, INC.;REEL/FRAME:015327/0587
Effective date: 20030908
Mar 3, 2003ASAssignment
Owner name: I-CONTROL SECURITY, INC., CALIFORNIA
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:RUSSO, ANTHONY P.;MCCOY, PETER A.;ROSKE, THORSTEN;REEL/FRAME:013796/0856;SIGNING DATES FROM 20021205 TO 20030207