EP0758776A2 - An authorization system - Google Patents

An authorization system Download PDF

Info

Publication number
EP0758776A2
EP0758776A2 EP96305458A EP96305458A EP0758776A2 EP 0758776 A2 EP0758776 A2 EP 0758776A2 EP 96305458 A EP96305458 A EP 96305458A EP 96305458 A EP96305458 A EP 96305458A EP 0758776 A2 EP0758776 A2 EP 0758776A2
Authority
EP
European Patent Office
Prior art keywords
card
image
host
user
authorisation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP96305458A
Other languages
German (de)
French (fr)
Other versions
EP0758776A3 (en
Inventor
Stephen Andrew Massie
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NCR International Inc
Original Assignee
NCR International Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NCR International Inc filed Critical NCR International Inc
Publication of EP0758776A2 publication Critical patent/EP0758776A2/en
Publication of EP0758776A3 publication Critical patent/EP0758776A3/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/25Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
    • G07C9/253Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition visually
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/27Individual registration on entry or exit involving the use of a pass with central registration

Definitions

  • the present invention relates to an authorisation system for authorising a person to carry out some predetermined action or procedure.
  • the invention has application, for example, as part of an access control system which in use controls the access of persons to a secure area or to a financial facility such as an automated teller machine (ATM).
  • ATM automated teller machine
  • biometric identification means include, for example, finger print or hand print recognition systems, incorporating a digitiser which a user touches with his finger or hand, thus producing data characteristic of the user's finger or hand print. This data is compared with stored data characteristic of the finger or hand prints of persons who are authorised to use the system, and a signal indicative of the result of the comparison is produced.
  • Such systems have a drawback that a finger or even a hand print can be duplicated.
  • an unauthorised person could replicate the hand or finger print of an authorised person and could falsely obtain access to an area or facility using a duplicate hand or finger print replicated, for example, on a synthetic glove.
  • an authorisation system characterized by an integrated circuit card which is arranged, when in use, to be removably mounted on a host means adapted to receive confirmation of the identity of a person using said card, and which incorporates: memory means arranged to have stored therein at least one reference image of the face of at least one person authorised to use said card, data processing means, and camera means arranged to produce an image of the face of a user of said card and to forward said image of said user to said data processing means for comparison with the or each reference image, said data processing means being arranged to produce a signal indicative of the result of said comparison; and communication means included in said card and said host means for providing communication therebetween, whereby said signal may be transmitted to said host means.
  • an integrated circuit card is meant a card in which is embodied one or more integrated circuits.
  • An advantage of the present invention is that it is more difficult for an unauthorised person to obtain fraudulent access to an area or a facility than it would be with known biometric systems, because an image of an authorised user's face is utilized, which is more difficult to duplicate than that of an authorised user's finger or hand print.
  • Another advantage of the invention is that the image capture, reference image storage and comparison therebetween are carried out in a single device, namely the integrated circuit card, thereby reducing the likelihood of an unauthorised user of the integrated circuit card being able to interfere with the communication between the elements which carry out these functions, in an attempt to tamper with the system.
  • FIG. 1 With reference to Fig. 1 there is illustrated an embodiment of an authorisation system 2 in accordance with the present invention.
  • the authorisation system 2 incorporates: an integrated circuit card 4, incorporating a camera means 14 (Fig. 3A) having a lens 15, and a host means 6 connected to a door actuation device 8 which is controlled to unlock a door 10 providing access to a secure area for a person 11.
  • the actuation device 8 unlocks the door 10 only when instructed to do so by the host means 6, on confirmation by the card 4 of the identity of the person 11.
  • the card 4 has main dimensions similar to those of a standard magnetic stripe card, the card 4 being approximately 85 millimetres x 55 millimetres in size with a thickness of 1.5 to 5 millimetres.
  • the card 4 is separable from the host means 6 and is normally carried by a user, when not in use.
  • the card 4 When a user wishes to operate the authorisation system 2 he or she inserts the card 4 into a grooved guide 5 in the host means 6. As illustrated in Fig. 1, the card 4 is inserted into the grooved guide 5 such that the camera lens 15 points outwards towards the user, in order to produce an image of the user.
  • the card 4 and the grooved guide 5 are dimensioned so that the card 4 is held firmly in the grooved guide 5, so as to prevent "camera shake".
  • the host means 6 incorporates a power supply 13.
  • the card 4 When the card 4 is inserted into the grooved guide 5 (Fig. 1), the card 4 is connected to the power supply 13 via a contactless integrated circuit card power terminal 7 (Fig. 2B) on the opposite side of the card 4 from the camera lens 15 and via a corresponding contactless integrated circuit power terminal 9 on the host means 6.
  • the card 4 also includes data communication terminals 19 (Fig. 2B), located adjacent the power terminal 7, which co-operate with correspondingly located communication terminals 21 on the host means 6, for the transmission of data between the card 4 and the host means 6.
  • Inductive contactless connection is used because inductive transfer mechanisms require less accurate location of the terminals 7, 19 on the card 4 with respect to the terminals 9, 21 in the host means 6 than would be the case with non-inductive transfer mechanisms.
  • the card 4 incorporates: a control processor 12, which controls the operation of the card 4; the camera means 14, which is in the form of a digital integrated circuit chip camera, used to produce a digital image of a user; and an image memory 16, comprising a first memory means 161 in which a digital image of the face of at least one person who is authorised to use the card 4 is stored, and a second memory means 162, in the form of a standard data buffer, in which the digital image produced by the camera means 14 is stored temporarily when the card 4 is in use.
  • a control processor 12 which controls the operation of the card 4
  • the camera means 14 which is in the form of a digital integrated circuit chip camera, used to produce a digital image of a user
  • an image memory 16 comprising a first memory means 161 in which a digital image of the face of at least one person who is authorised to use the card 4 is stored, and a second memory means 162, in the form of a standard data buffer, in which the digital image produced by the camera means 14 is stored temporarily when the card 4 is
  • the card 4 also incorporates an image processor 18 in which data from the first and second memory means 161, 162 can be compared, and an input/output (I/O) interface 20 incorporating the contactless communication terminals 19, the interface 20 enabling communication between the card 4 and the host means 6.
  • the card 4 further incorporates an encryptor/decryptor 22, arranged to encrypt signals from the card 4 prior to transmission to the host means 6 and to decrypt encrypted signals received from the host means 6.
  • the camera means 14 incorporates a charge coupled device (CCD) chip capable of storing an image of at least 200 by 200 pixels resolution.
  • CCD charge coupled device
  • a CCD camera operates by focusing light onto the surface of each CCD element in the device, a charge being built up on each element at a predetermined rate.
  • the image of a card user is "taken” by sampling the state of each CCD element by transferring the charge on the element to an associated charge measurement device, at a predetermined time. This sampling is analogous to the opening and closing of the shutter in a conventional camera.
  • a low charge corresponds to a dark area in the image and a high charge to a light area.
  • the sampling speed is too low then over exposure can result, just as in an ordinary camera when too long an exposure time is used.
  • a sampling rate is used there is not enough time for charges representative of an image to build up on the CCD elements and an under exposed image is produced.
  • a sampling rate of 50 samples per second is considered to be optimum.
  • the digital image of the head and shoulders of the user produced by a first sample is stored in a first "shadow” memory (not shown) in the camera means 14 and a second sample is taken, the image produced from this sample being stored in a second "shadow” memory (not shown).
  • the camera means 14 compares the first and second images, pixel by pixel, in an analog difference array. This process ensures that fluctuations produced by slight movements of the user during the imaging process are compensated for by the camera means 14. This process is continued until the difference between two images is less than a predetermined maximum, and the last image is taken to be stable.
  • This image is then converted into a digital bit stream by the camera means 14 and transmitted from the camera means 14 along a data bus 24 in the card 4 to the image memory 16 (Fig 3A).
  • the card 4 If the card 4 is in a so-called authorised image registration mode (in which an image of an authorised user is to be stored in the card 4) when the image is produced, then the image is transferred to the first memory means 161 in the image memory 16. If the card 4 is not in the authorised image registration mode at the time the image is produced, then the image is transmitted to the second memory means 162 in the image memory 16, where it is held temporarily until it can be transferred to the image processor 18 for comparison with the image of the authorised user from the first memory means 161.
  • a so-called authorised image registration mode in which an image of an authorised user is to be stored in the card 4
  • the control processor 12 included in the card 4 also incorporates a first memory means 121 in which is stored a secure "image registration" code which must be received by the card 4 before it will enter the authorised image registration mode.
  • the control processor 12 also incorporates a second memory means 122 in which is stored a secure "card authorisation” code which must be transmitted to a processor 38 (Fig. 3B) in the host means 6 to confirm that the card 4 is authorised for use with the host means 6 prior to operation of the card 4, as will also be discussed further below.
  • Data is transmitted between the control and image processors 12, 18, the I/O interface 20 and the encryptor/decryptor 22 in the card 4 via data buses 26.
  • the control processor 12 is also connected to the other components in the card 4 via control buses 28, through which the control processor 12 sends control signals to the other components of the card 4.
  • the procedure carried out by an authorised user to store his or her image in the first memory means 161 is as follows.
  • the card 4 is inserted into the grooved guide 5 in the host means 6 and is thus connected to the power supply 13, as discussed above.
  • the authorised user then uses a key pad 30 (Fig. 1) on the host means 6 to input the image registration code into the card 4, via the I/O interface 20.
  • the host means 6 includes a processor 38 (Fig. 3B), which in turn includes an encryptor/decryptor 40 which encrypts the image registration code entered by the authorised user prior to transmitting it to the card 4 via the I/O interface 20 (and encryptor/decryptor 22) and on to the control processor 12 via the data bus 26, thus reducing the likelihood of the code being detected by an unauthorised user.
  • a processor 38 FIG. 3B
  • encryptor/decryptor 40 which encrypts the image registration code entered by the authorised user prior to transmitting it to the card 4 via the I/O interface 20 (and encryptor/decryptor 22) and on to the control processor 12 via the data bus 26, thus reducing the likelihood of the code being detected by an unauthorised user.
  • the image registration code When the image registration code is transmitted to the control processor 12 in the card 4 it is compared with the code stored in the first memory means 121 in the control processor 12. If the code entered by the user corresponds to that stored in the first memory means 121 then, after a short delay as detailed below, the card 4 will enter the authorised image registration mode. This is indicated to the user by the illumination of a first light emitting diode (LED) 32 (Fig. 1) on the host means 6, which will remain illuminated until the image of the authorised user has been stored in the first memory means 161 in the memory 16. If the code entered by the user does not correspond to the code stored in the first memory means 121 in the control processor 12 the card 4 will not enter the authorised image registration mode, which will be indicated to the user by the failure of the first LED 32 to become illuminated.
  • LED light emitting diode
  • the control processor 12 will instruct the camera means 14 to enter the authorised image recognition mode approximately three seconds after the card 4 is entered into the grooved guide 5 in the host means 6. This delay is pre-set in the control software in the control processor 12, in order to give the user time to be positioned in front of the camera means 14. The actual delay may be altered by altering this parameter in the software.
  • the software in the control processor 12 also includes a pattern recognition algorithm which is configured to look for an outline which conforms to the head and shoulders of a prospective user. If the pattern recognition algorithm has not confirmed that a person is standing in front of the camera means 14 by the end of the three second delay, the control processor 12 will not cause the card 4 to enter the authorised image recognition mode. Only after the pattern recognition algorithm has determined that a person is standing in front of the camera means 14 will the control processor 12 instruct the camera means 14 to enter the image recognition mode.
  • the first memory means 121 in the control processor 12 contains a plurality of different codes, each corresponding to a different level of access within the system. The access provided to a particular user is therefore dependent on the code which is entered prior to the user's image being entered into the first memory means 161 in the image memory 16 as an authorised user.
  • the camera means 14 will produce an image of the authorised user and transfer it to the first memory means 161 in the image memory 16, in the manner detailed above.
  • the card 4 When in use to gain access to the secure area, the card 4 is inserted by a user into the grooved guide 5 in the host means 6 connected to the door actuation means 8, as discussed above. The user then again stands approximately 1 metre to 1.5 metres in front of the card 4, in the host means 6. As with the aforementioned authorised image registration mode, the insertion of the card 4 into the grooved guide 5 connects the card 4 to the power supply 13.
  • the control processor 12 retrieves the card authorisation code stored in the second memory means 122 in the control processor 12 and forwards the code to the encryptor/decryptor 22 for encryption prior to transmitting the code to the host means 6 via the I/O interface 20.
  • the card authorisation code is decrypted by the encryptor/decryptor 40 and compared in the processor 38 in the host means 6 with the code stored in the memory means 42 in the host means 6, before the host means 6 will accept the card 4 for operation. If the code transmitted by the card 4 corresponds to that required by the host means 6, the host means 6 will transmit an encrypted signal to the control processor 12, via the I/O interface 20, informing the control processor 12 that the card 4 is authorised for use in the host means 6.
  • this card acceptance process is also undertaken by the host means 6 prior to the image registration process, to ensure that the card 4 is one which was issued for use with the particular authorisation system to which the host means 6 belongs.
  • the control processor 12 will then activate the camera means 14 to produce an image of the user standing in front of the card 4, in the manner discussed above.
  • the camera means 14 will then forward the image to the image processor 18, via the second memory means 162 in the image memory 16.
  • the image of the authorised user is also forwarded from the first memory means 161 in the image memory 16 to the image processor 18, via the data bus 24, for comparison with the image produced by the camera means 14.
  • the image processor 18 will produce a first signal, indicative of this match, which is encrypted by the encryptor/decryptor 22 and transmitted, via the I/O interface 20, to the processor 38 in the host means 6, via the encryptor/decryptor 40.
  • the processor 38 On receipt of the decrypted signal the processor 38 will produce and encrypt a corresponding signal which it will transmit to the door actuation device 8.
  • the door actuation device 8 On receipt of this signal from the processor 38 the door actuation device 8 unlocks the door 10 and a second LED 34 (Fig. 1) on the host means 6 is illuminated by the processor 38 in the host means 6, to indicate to the user that the door 10 has been unlocked. The user can then remove the card 4 from the host means 6 and open the unlocked door 10, which will remain unlocked for a predetermined period of time or until the door has been opened and closed once.
  • the image processor 18 produces a second signal which is transmitted to the host means 6.
  • the processor 38 does not send a signal to the door actuation means 8, but instead causes a third LED 36 (Fig. 1) on the host means 6 to be illuminated, to indicate that the system has not recognised the user as an authorised user.
  • the user must then remove the card 4 from the host means 6.
  • the second LED 34 is green and the third LED 36 is red.
  • the first memory means 161 in the image memory 16 may include images of a plurality of authorised users, if the card 4 is intended for use by more than one person. For example, if the card 4 is to be used by a pool of authorised cleaning staff, the first memory means 161 will contain the images of each of these authorised users and the card 4 will be handed between them as required.
  • the image of the user is compared with the image of each authorised user in turn and the card 4 accepts the user as an authorised user if the user's image corresponds to that of any of the authorised user images stored in the first memory means 161.
  • the invention is not limited to use with door entry systems and can be utilized with other systems or apparatus where confirmation of a user's authorisation to use a card is required, including, for example, automated teller machines (ATMs).
  • ATMs automated teller machines

Abstract

The invention relates to an authorisation system (2), characterized by an integrated circuit card (4) which incorporates camera means (14), data processing means (12,18), and memory means (161) in which is stored at least one digital image of an authorised user of the system. The card (4) is separable from a host means (6), when not in use. Communication means (20,21) are arranged to ensure encrypted communications between the card (4) and the host means (6). The camera means (14) is arranged to produce an image of a user and to forward this image to the processing means (18) for comparison with the or each image of an authorised user stored in the memory means (161). The processing means (18) produces a signal indicative of the result of the comparison, which is communicated in an encrypted form to the host means (6).

Description

  • The present invention relates to an authorisation system for authorising a person to carry out some predetermined action or procedure.
  • The invention has application, for example, as part of an access control system which in use controls the access of persons to a secure area or to a financial facility such as an automated teller machine (ATM).
  • With a view to improving the security of authorisation systems, it is known to provide biometric identification means. Known biometric identification means include, for example, finger print or hand print recognition systems, incorporating a digitiser which a user touches with his finger or hand, thus producing data characteristic of the user's finger or hand print. This data is compared with stored data characteristic of the finger or hand prints of persons who are authorised to use the system, and a signal indicative of the result of the comparison is produced.
  • Such systems have a drawback that a finger or even a hand print can be duplicated. Thus, an unauthorised person could replicate the hand or finger print of an authorised person and could falsely obtain access to an area or facility using a duplicate hand or finger print replicated, for example, on a synthetic glove.
  • It is an object of the present invention to provide an authorisation system having a high degree of security.
  • According to the present invention there is provided an authorisation system, characterized by an integrated circuit card which is arranged, when in use, to be removably mounted on a host means adapted to receive confirmation of the identity of a person using said card, and which incorporates: memory means arranged to have stored therein at least one reference image of the face of at least one person authorised to use said card, data processing means, and camera means arranged to produce an image of the face of a user of said card and to forward said image of said user to said data processing means for comparison with the or each reference image, said data processing means being arranged to produce a signal indicative of the result of said comparison; and communication means included in said card and said host means for providing communication therebetween, whereby said signal may be transmitted to said host means.
  • It should be understood that by an integrated circuit card is meant a card in which is embodied one or more integrated circuits.
  • An advantage of the present invention is that it is more difficult for an unauthorised person to obtain fraudulent access to an area or a facility than it would be with known biometric systems, because an image of an authorised user's face is utilized, which is more difficult to duplicate than that of an authorised user's finger or hand print.
  • Another advantage of the invention is that the image capture, reference image storage and comparison therebetween are carried out in a single device, namely the integrated circuit card, thereby reducing the likelihood of an unauthorised user of the integrated circuit card being able to interfere with the communication between the elements which carry out these functions, in an attempt to tamper with the system.
  • An embodiment of the present invention will now be described, by way of example, with reference to the accompanying drawings, in which:-
    • Fig. 1 is a perspective view of an authorisation system in accordance with the present invention, in use;
    • Fig. 2A is a front view of an integrated circuit card for use in the authorisation system of Fig. 1;
    • Fig. 2B is a rear view of the integrated circuit card of Fig. 2A;
    • Fig. 3A is a block circuit diagram of the integrated circuit card of Figs. 2A and 2B; and
    • Fig. 3B is a block circuit diagram of a host means utilized in the system of Fig. 1.
  • With reference to Fig. 1 there is illustrated an embodiment of an authorisation system 2 in accordance with the present invention. The authorisation system 2 incorporates: an integrated circuit card 4, incorporating a camera means 14 (Fig. 3A) having a lens 15, and a host means 6 connected to a door actuation device 8 which is controlled to unlock a door 10 providing access to a secure area for a person 11. The actuation device 8 unlocks the door 10 only when instructed to do so by the host means 6, on confirmation by the card 4 of the identity of the person 11.
  • The card 4 has main dimensions similar to those of a standard magnetic stripe card, the card 4 being approximately 85 millimetres x 55 millimetres in size with a thickness of 1.5 to 5 millimetres. The card 4 is separable from the host means 6 and is normally carried by a user, when not in use.
  • When a user wishes to operate the authorisation system 2 he or she inserts the card 4 into a grooved guide 5 in the host means 6. As illustrated in Fig. 1, the card 4 is inserted into the grooved guide 5 such that the camera lens 15 points outwards towards the user, in order to produce an image of the user. The card 4 and the grooved guide 5 are dimensioned so that the card 4 is held firmly in the grooved guide 5, so as to prevent "camera shake".
  • Referring now additionally to Fig. 3B, the host means 6 incorporates a power supply 13. When the card 4 is inserted into the grooved guide 5 (Fig. 1), the card 4 is connected to the power supply 13 via a contactless integrated circuit card power terminal 7 (Fig. 2B) on the opposite side of the card 4 from the camera lens 15 and via a corresponding contactless integrated circuit power terminal 9 on the host means 6. The card 4 also includes data communication terminals 19 (Fig. 2B), located adjacent the power terminal 7, which co-operate with correspondingly located communication terminals 21 on the host means 6, for the transmission of data between the card 4 and the host means 6.
  • Inductive contactless connection is used because inductive transfer mechanisms require less accurate location of the terminals 7, 19 on the card 4 with respect to the terminals 9, 21 in the host means 6 than would be the case with non-inductive transfer mechanisms.
  • Referring particularly to Fig. 3A, the card 4 incorporates: a control processor 12, which controls the operation of the card 4; the camera means 14, which is in the form of a digital integrated circuit chip camera, used to produce a digital image of a user; and an image memory 16, comprising a first memory means 161 in which a digital image of the face of at least one person who is authorised to use the card 4 is stored, and a second memory means 162, in the form of a standard data buffer, in which the digital image produced by the camera means 14 is stored temporarily when the card 4 is in use. The card 4 also incorporates an image processor 18 in which data from the first and second memory means 161, 162 can be compared, and an input/output (I/O) interface 20 incorporating the contactless communication terminals 19, the interface 20 enabling communication between the card 4 and the host means 6. The card 4 further incorporates an encryptor/decryptor 22, arranged to encrypt signals from the card 4 prior to transmission to the host means 6 and to decrypt encrypted signals received from the host means 6.
  • The camera means 14 incorporates a charge coupled device (CCD) chip capable of storing an image of at least 200 by 200 pixels resolution. As will be known to a person skilled in the art, a CCD camera operates by focusing light onto the surface of each CCD element in the device, a charge being built up on each element at a predetermined rate. The image of a card user is "taken" by sampling the state of each CCD element by transferring the charge on the element to an associated charge measurement device, at a predetermined time. This sampling is analogous to the opening and closing of the shutter in a conventional camera.
  • Clearly, a low charge corresponds to a dark area in the image and a high charge to a light area. -If the sampling speed is too low then over exposure can result, just as in an ordinary camera when too long an exposure time is used. Conversely, if too high a sampling rate is used there is not enough time for charges representative of an image to build up on the CCD elements and an under exposed image is produced. A sampling rate of 50 samples per second is considered to be optimum.
  • In use, the digital image of the head and shoulders of the user produced by a first sample is stored in a first "shadow" memory (not shown) in the camera means 14 and a second sample is taken, the image produced from this sample being stored in a second "shadow" memory (not shown). The camera means 14 compares the first and second images, pixel by pixel, in an analog difference array. This process ensures that fluctuations produced by slight movements of the user during the imaging process are compensated for by the camera means 14. This process is continued until the difference between two images is less than a predetermined maximum, and the last image is taken to be stable. This image is then converted into a digital bit stream by the camera means 14 and transmitted from the camera means 14 along a data bus 24 in the card 4 to the image memory 16 (Fig 3A).
  • If the card 4 is in a so-called authorised image registration mode (in which an image of an authorised user is to be stored in the card 4) when the image is produced, then the image is transferred to the first memory means 161 in the image memory 16. If the card 4 is not in the authorised image registration mode at the time the image is produced, then the image is transmitted to the second memory means 162 in the image memory 16, where it is held temporarily until it can be transferred to the image processor 18 for comparison with the image of the authorised user from the first memory means 161.
  • The control processor 12 included in the card 4 also incorporates a first memory means 121 in which is stored a secure "image registration" code which must be received by the card 4 before it will enter the authorised image registration mode. The control processor 12 also incorporates a second memory means 122 in which is stored a secure "card authorisation" code which must be transmitted to a processor 38 (Fig. 3B) in the host means 6 to confirm that the card 4 is authorised for use with the host means 6 prior to operation of the card 4, as will also be discussed further below.
  • Data is transmitted between the control and image processors 12, 18, the I/O interface 20 and the encryptor/decryptor 22 in the card 4 via data buses 26. The control processor 12 is also connected to the other components in the card 4 via control buses 28, through which the control processor 12 sends control signals to the other components of the card 4.
  • The procedure carried out by an authorised user to store his or her image in the first memory means 161 is as follows. The card 4 is inserted into the grooved guide 5 in the host means 6 and is thus connected to the power supply 13, as discussed above. The authorised user then uses a key pad 30 (Fig. 1) on the host means 6 to input the image registration code into the card 4, via the I/O interface 20.
  • The host means 6 includes a processor 38 (Fig. 3B), which in turn includes an encryptor/decryptor 40 which encrypts the image registration code entered by the authorised user prior to transmitting it to the card 4 via the I/O interface 20 (and encryptor/decryptor 22) and on to the control processor 12 via the data bus 26, thus reducing the likelihood of the code being detected by an unauthorised user.
  • When the image registration code is transmitted to the control processor 12 in the card 4 it is compared with the code stored in the first memory means 121 in the control processor 12. If the code entered by the user corresponds to that stored in the first memory means 121 then, after a short delay as detailed below, the card 4 will enter the authorised image registration mode. This is indicated to the user by the illumination of a first light emitting diode (LED) 32 (Fig. 1) on the host means 6, which will remain illuminated until the image of the authorised user has been stored in the first memory means 161 in the memory 16. If the code entered by the user does not correspond to the code stored in the first memory means 121 in the control processor 12 the card 4 will not enter the authorised image registration mode, which will be indicated to the user by the failure of the first LED 32 to become illuminated.
  • After inserting the card 4 into the groove 5 the user then moves to a position approximately 1 metre to 1.5 metres in front of the card 4 and awaits the entry of the card 4 into the authorised image registration mode. The control processor 12 will instruct the camera means 14 to enter the authorised image recognition mode approximately three seconds after the card 4 is entered into the grooved guide 5 in the host means 6. This delay is pre-set in the control software in the control processor 12, in order to give the user time to be positioned in front of the camera means 14. The actual delay may be altered by altering this parameter in the software.
  • The software in the control processor 12 also includes a pattern recognition algorithm which is configured to look for an outline which conforms to the head and shoulders of a prospective user. If the pattern recognition algorithm has not confirmed that a person is standing in front of the camera means 14 by the end of the three second delay, the control processor 12 will not cause the card 4 to enter the authorised image recognition mode. Only after the pattern recognition algorithm has determined that a person is standing in front of the camera means 14 will the control processor 12 instruct the camera means 14 to enter the image recognition mode.
  • As the system is designed to allow different levels of access to different users, the first memory means 121 in the control processor 12 contains a plurality of different codes, each corresponding to a different level of access within the system. The access provided to a particular user is therefore dependent on the code which is entered prior to the user's image being entered into the first memory means 161 in the image memory 16 as an authorised user.
  • Once an appropriate authorisation code has been accepted by the card 4, the camera means 14 will produce an image of the authorised user and transfer it to the first memory means 161 in the image memory 16, in the manner detailed above.
  • When in use to gain access to the secure area, the card 4 is inserted by a user into the grooved guide 5 in the host means 6 connected to the door actuation means 8, as discussed above. The user then again stands approximately 1 metre to 1.5 metres in front of the card 4, in the host means 6. As with the aforementioned authorised image registration mode, the insertion of the card 4 into the grooved guide 5 connects the card 4 to the power supply 13. The control processor 12 then retrieves the card authorisation code stored in the second memory means 122 in the control processor 12 and forwards the code to the encryptor/decryptor 22 for encryption prior to transmitting the code to the host means 6 via the I/O interface 20. The card authorisation code is decrypted by the encryptor/decryptor 40 and compared in the processor 38 in the host means 6 with the code stored in the memory means 42 in the host means 6, before the host means 6 will accept the card 4 for operation. If the code transmitted by the card 4 corresponds to that required by the host means 6, the host means 6 will transmit an encrypted signal to the control processor 12, via the I/O interface 20, informing the control processor 12 that the card 4 is authorised for use in the host means 6.
  • If the system is configured such that the same host means 6 is utilised in the image registration mode, discussed above, as is used in user identification and authorisation then this card acceptance process is also undertaken by the host means 6 prior to the image registration process, to ensure that the card 4 is one which was issued for use with the particular authorisation system to which the host means 6 belongs.
  • The control processor 12 will then activate the camera means 14 to produce an image of the user standing in front of the card 4, in the manner discussed above. The camera means 14 will then forward the image to the image processor 18, via the second memory means 162 in the image memory 16. At this time the image of the authorised user is also forwarded from the first memory means 161 in the image memory 16 to the image processor 18, via the data bus 24, for comparison with the image produced by the camera means 14.
  • If the image of the user produced by the camera means 14 corresponds to that of the authorised user stored in the first memory means 161 then the image processor 18 will produce a first signal, indicative of this match, which is encrypted by the encryptor/decryptor 22 and transmitted, via the I/O interface 20, to the processor 38 in the host means 6, via the encryptor/decryptor 40. On receipt of the decrypted signal the processor 38 will produce and encrypt a corresponding signal which it will transmit to the door actuation device 8. On receipt of this signal from the processor 38 the door actuation device 8 unlocks the door 10 and a second LED 34 (Fig. 1) on the host means 6 is illuminated by the processor 38 in the host means 6, to indicate to the user that the door 10 has been unlocked. The user can then remove the card 4 from the host means 6 and open the unlocked door 10, which will remain unlocked for a predetermined period of time or until the door has been opened and closed once.
  • However, if the image of the user produced by the camera means 14 does not correspond to that of an authorised user read from the first memory means 161 in the image memory 16 then the image processor 18 produces a second signal which is transmitted to the host means 6. On receipt of the second signal from the card 4 the processor 38 does not send a signal to the door actuation means 8, but instead causes a third LED 36 (Fig. 1) on the host means 6 to be illuminated, to indicate that the system has not recognised the user as an authorised user. The user must then remove the card 4 from the host means 6. Ideally the second LED 34 is green and the third LED 36 is red.
  • It should be understood that the first memory means 161 in the image memory 16 may include images of a plurality of authorised users, if the card 4 is intended for use by more than one person. For example, if the card 4 is to be used by a pool of authorised cleaning staff, the first memory means 161 will contain the images of each of these authorised users and the card 4 will be handed between them as required.
  • In this case, when the card 4 is in use, the image of the user is compared with the image of each authorised user in turn and the card 4 accepts the user as an authorised user if the user's image corresponds to that of any of the authorised user images stored in the first memory means 161.
  • The invention is not limited to use with door entry systems and can be utilized with other systems or apparatus where confirmation of a user's authorisation to use a card is required, including, for example, automated teller machines (ATMs).

Claims (11)

  1. An authorisation system (2), characterized by an integrated circuit card (4) which is arranged, when in use, to be removably mounted on a host means (6) adapted to receive confirmation of the identity of a person using said card, and which incorporates: memory means (161) arranged to have stored therein at least one reference image of the face of at least one person authorised to use said card, data processing means (12,18), and camera means (14) arranged to produce an image of the face of a user of said card and to forward said image of said user to said data processing means (12,18) for comparison with the or each reference image, said data processing means (12,18) being arranged to produce a signal indicative of the result of said comparison; and communication means (20,21) included in said card (4) and said host means (6) for providing communication therebetween, whereby said signal may be transmitted to said host means (6).
  2. An authorisation system according to claim 1, characterized by memory means (122) in said card (4) in which is stored a first card authorisation code, which in use is transmitted to data processing means (38) in said host means (6) for comparison with a second card authorisation code stored in memory means (42) in said host means (6), the acceptance of said card (4) for use with said host means (6) being dependent on the result of said comparison of said first and second card authorisation codes.
  3. An authorisation system according to claim 1 or claim 2, characterized by memory means (121) in said card (4) in which is stored a first image registration code, said first image registration code being compared, in use, in said data processing means (12,18) in said card (4) with a second image registration code input by a user of the system (2) via input means (30) in said host means (6), whereby, depending on the result of the comparison of said first and second image registration codes, said card (4) enters an image registration mode in which an image of the face of the user is stored in said memory means (161) as an image of an authorised user.
  4. An authorisation system (2) according to any one of the preceding claims, characterized by first encryptor/decryptor means (22) located in said card (4) and second encryptor/decryptor means (40) located in said host means (6,8), said encryptor/decryptor means (22,40) being arranged to ensure encrypted communication between said card (4) and said host means (6).
  5. An authorisation system according to any one of the preceding claims, characterized in that said host means (6) includes a power supply (13) to which said card (4) is connected when said card (4) is mounted on said host means (6).
  6. An authorisation system according to claim 5, characterized in that said power supply (13) is arranged to supply power to said card (4) via contactless inductive terminals (7) provided on said card (4) and corresponding contactless inductive terminals (9) provided on said host means (6).
  7. An authorisation system according to any one of the preceding claims, characterized in that said communications means (20) includes contactless inductive terminals (19) on said card (4), which co-operate with corresponding contactless inductive terminals (21) on said host means (6) when said card (4) is mounted on said host means (6).
  8. An authorisation system according to any one of the preceding claims, characterized in that said camera means (14) incorporates a digital camera comprising a charge coupled device (CCD) integrated circuit chip.
  9. An authorisation system according to any one of the preceding claims, characterized in that said host means (6) is connected to an automated door entry device (8), said host means (6) being arranged to cause said device (8) to unlock a door (10), when said image of the user corresponds to an image of an authorised user stored in said memory means (161).
  10. An integrated circuit card (4) adapted for use in an authorisation system according to any one of the preceding claims.
  11. A host means (6) adapted for use in an authorisation system according to any one of claims 1 to 9.
EP96305458A 1995-08-14 1996-07-25 An authorization system Withdrawn EP0758776A3 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB9516611 1995-08-14
GBGB9516611.2A GB9516611D0 (en) 1995-08-14 1995-08-14 An authorisation system

Publications (2)

Publication Number Publication Date
EP0758776A2 true EP0758776A2 (en) 1997-02-19
EP0758776A3 EP0758776A3 (en) 1998-09-09

Family

ID=10779200

Family Applications (1)

Application Number Title Priority Date Filing Date
EP96305458A Withdrawn EP0758776A3 (en) 1995-08-14 1996-07-25 An authorization system

Country Status (4)

Country Link
EP (1) EP0758776A3 (en)
JP (1) JPH09147116A (en)
GB (1) GB9516611D0 (en)
ZA (1) ZA966346B (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999030277A1 (en) * 1997-12-09 1999-06-17 Delaval Holding Ab An apparatus and a method for monitoring an animal related space
WO2000043960A1 (en) * 1999-01-19 2000-07-27 Bioid Ag Method and system for preventing fraud in the biometric detection of persons
GB2348309A (en) * 1999-03-23 2000-09-27 Nec Corp Authentication using biometrics identification
FR2819327A1 (en) * 2001-01-10 2002-07-12 Sagem OPTICAL IDENTIFICATION DEVICE
EP1241633A2 (en) * 2001-03-15 2002-09-18 Kabushiki Kaisha Toshiba Entrance management apparatus and entrance management method
WO2002080088A1 (en) * 2000-09-25 2002-10-10 Wang, Qin Method for biometric identification
EP1398737A2 (en) * 2002-09-12 2004-03-17 Integrated Engineering B.V. Identification system
EP1647918A1 (en) * 2004-10-13 2006-04-19 SkiData AG Access control system
US7039221B1 (en) * 1999-04-09 2006-05-02 Tumey David M Facial image verification utilizing smart-card with integrated video camera
ITBO20080669A1 (en) * 2008-11-05 2010-05-06 Nuova Quasco S C R L METHOD AND SYSTEM FOR THE CONTROL OF ACCESS TO A SITE
CN105604402A (en) * 2016-03-11 2016-05-25 张春生 Fingerprint recognition mechanical electronic lock
CN108615280A (en) * 2018-03-06 2018-10-02 安徽电科恒钛智能科技有限公司 A kind of intersection identification monitoring access control system for becoming distribution place

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1985004035A1 (en) * 1984-03-07 1985-09-12 Corpra Research, Inc. Portable electronic transaction device and system
US4582985A (en) * 1981-03-18 1986-04-15 Loefberg Bo Data carrier
JPH0235874A (en) * 1988-07-26 1990-02-06 Kenichi Igari Card with built-in high density solid state image pickup element
US5386103A (en) * 1993-07-06 1995-01-31 Neurnetics Ltd. Identification and verification system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4582985A (en) * 1981-03-18 1986-04-15 Loefberg Bo Data carrier
WO1985004035A1 (en) * 1984-03-07 1985-09-12 Corpra Research, Inc. Portable electronic transaction device and system
JPH0235874A (en) * 1988-07-26 1990-02-06 Kenichi Igari Card with built-in high density solid state image pickup element
US5386103A (en) * 1993-07-06 1995-01-31 Neurnetics Ltd. Identification and verification system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
PATENT ABSTRACTS OF JAPAN vol. 014, no. 187 (E-0917), 16 April 1990 -& JP 02 035874 A (KENICHI IGARI), 6 February 1990, *

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6864914B1 (en) 1997-12-09 2005-03-08 Delaval Holding Ab Apparatus and a method for monitoring an animal related space
WO1999030277A1 (en) * 1997-12-09 1999-06-17 Delaval Holding Ab An apparatus and a method for monitoring an animal related space
WO2000043960A1 (en) * 1999-01-19 2000-07-27 Bioid Ag Method and system for preventing fraud in the biometric detection of persons
US7027617B1 (en) 1999-01-19 2006-04-11 Humanscan Gmbh Method and system for preventing fraud in the biometric detection of persons
GB2348309A (en) * 1999-03-23 2000-09-27 Nec Corp Authentication using biometrics identification
GB2348309B (en) * 1999-03-23 2002-10-09 Nec Corp Authentication executing,device portable authentication device and authentication method using biometrics identification
US6751734B1 (en) 1999-03-23 2004-06-15 Nec Corporation Authentication executing device, portable authentication device, and authentication method using biometrics identification
US7039221B1 (en) * 1999-04-09 2006-05-02 Tumey David M Facial image verification utilizing smart-card with integrated video camera
WO2002080088A1 (en) * 2000-09-25 2002-10-10 Wang, Qin Method for biometric identification
FR2819327A1 (en) * 2001-01-10 2002-07-12 Sagem OPTICAL IDENTIFICATION DEVICE
WO2002056261A1 (en) * 2001-01-10 2002-07-18 Sagem Sa Optical identification device
US7719566B2 (en) 2001-01-10 2010-05-18 Sagem Securite Optical identification device
EP1241633A2 (en) * 2001-03-15 2002-09-18 Kabushiki Kaisha Toshiba Entrance management apparatus and entrance management method
US7006672B2 (en) 2001-03-15 2006-02-28 Kabushiki Kaisha Toshiba Entrance management apparatus and entrance management method
EP1241633A3 (en) * 2001-03-15 2003-12-03 Kabushiki Kaisha Toshiba Entrance management apparatus and entrance management method
EP1398737A3 (en) * 2002-09-12 2004-06-30 Integrated Engineering B.V. Identification system
EP1398737A2 (en) * 2002-09-12 2004-03-17 Integrated Engineering B.V. Identification system
EP1647918A1 (en) * 2004-10-13 2006-04-19 SkiData AG Access control system
US7735728B2 (en) 2004-10-13 2010-06-15 Skidata Ag Access control system
ITBO20080669A1 (en) * 2008-11-05 2010-05-06 Nuova Quasco S C R L METHOD AND SYSTEM FOR THE CONTROL OF ACCESS TO A SITE
CN105604402A (en) * 2016-03-11 2016-05-25 张春生 Fingerprint recognition mechanical electronic lock
CN108615280A (en) * 2018-03-06 2018-10-02 安徽电科恒钛智能科技有限公司 A kind of intersection identification monitoring access control system for becoming distribution place

Also Published As

Publication number Publication date
JPH09147116A (en) 1997-06-06
ZA966346B (en) 1997-01-31
GB9516611D0 (en) 1995-10-18
EP0758776A3 (en) 1998-09-09

Similar Documents

Publication Publication Date Title
US7725733B2 (en) Biometrics authentication method and biometrics authentication device
EP0758776A2 (en) An authorization system
US7191936B2 (en) Automated teller machine
US5351303A (en) Infra-red imaging and pattern recognition system
AU744065B2 (en) Security check provision
EP0379333B1 (en) Secure data interchange system
EP0159037B1 (en) Identification system employing verification of fingerprints
USRE36580E (en) System for verifying use of credit/identification card including recording physical attributes of unauthorized users
AU782832C (en) Method and apparatus for authenticating financial transactions
US6360953B1 (en) Secure print sensing smart card with on-the-fly-operation
US5280527A (en) Biometric token for authorizing access to a host system
US7379114B2 (en) Image determination apparatus and individual authentication apparatus
EP1326196B1 (en) Fingerprint sensing smart card with on-card fingerprint comparison
EP0878780A2 (en) User verification system
US7636854B2 (en) Security device for online transaction
EP1210695B1 (en) Checking of right to access
WO2018016189A1 (en) Image sensor and image processing system
EP0863491A1 (en) Security check provision
EP1612714B1 (en) Biometric authentication with transmission of scrambled data
EP0833281B1 (en) Access control equipment and access badge for this equipment
JP2000048194A (en) Device for recognizing fingerprint and palmprint
WO2002071225A1 (en) Identity verification using biometrics in analog format
KR20050005334A (en) System and method for automatically taking a human face front-view photograph
JPS63118472A (en) Releasing and locking device for car
KR200223756Y1 (en) An identifying system using aremoval terminal

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): DE ES FR GB IT

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): DE ES FR GB IT

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 19990202