WO1999039310A1 - Biometric authentication system and method - Google Patents

Biometric authentication system and method Download PDF

Info

Publication number
WO1999039310A1
WO1999039310A1 PCT/US1999/001727 US9901727W WO9939310A1 WO 1999039310 A1 WO1999039310 A1 WO 1999039310A1 US 9901727 W US9901727 W US 9901727W WO 9939310 A1 WO9939310 A1 WO 9939310A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
site
feature set
access
service provider
Prior art date
Application number
PCT/US1999/001727
Other languages
French (fr)
Inventor
Barry C. Phelps
Seenu S. Reddi
Original Assignee
Phelps Barry C
Reddi Seenu S
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Phelps Barry C, Reddi Seenu S filed Critical Phelps Barry C
Priority to AU23454/99A priority Critical patent/AU2345499A/en
Publication of WO1999039310A1 publication Critical patent/WO1999039310A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/37Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition

Definitions

  • the invention relates to a method for authenticating the identity of users, and in particular to the authentication of users across networks, more particularly across the Internet.
  • Biometric authentication involves two processes: an initial enrollment or registration process, and a verification process conducted each time the user seeks access to the service provider.
  • a reference biometric is acquired from the user, whose identity has been reliably established by other, conventional techniques (such as personal comparison of facial features to photo identity cards by a service provider's personnel).
  • the reference biometric is acquired by converting a biological feature or attribute (voice sample, finger print, signature, etc.) with an appropriate converter (microphone, scanner, etc.) into a set of numerical data, or biometric acquisition.
  • Characteristic features are then extracted from the biometric acquisition to produce a feature set.
  • a feature set is a parametric representation of the biometric voice sample, such as filter coefficients in a linear predictive coding approach.
  • biometric acquisitions are taken and their feature sets combined into a composite, reference feature set.
  • the reference feature set is then stored for future use.
  • another biometric is acquired from the user for extraction of a feature set for comparison to the reference feature set.
  • the newly acquired biometric is referred to herein as a "bid” biometric.
  • a bid feature set extracted from the bid biometric is then compared to the reference feature set, and a quality of comparison, or "score,” indicative of the closeness of the match between the two feature sets is established.
  • the quality of comparison is a measure of the differences between the bid and reference feature sets, and therefore a low value for the quality of comparison is more indicative of close match than a high value. Therefore, a user's identification is authenticated (i.e. the user from whom the bid biometric was acquired is presumed to be the same user who provided the reference biometric, and is granted access to the service provider) when the quality of comparison has a value lower than a predetermined, threshold value.
  • biometrics such as fingerprints
  • higher values are more indicative of a match, and authentication would be based on the value of the quality of comparison exceeding a threshold value.
  • higher values of quality of comparison are considered to be indicative of a better match, and authentication is based on the value of the quality of comparison exceeding a threshold value.
  • Known biometric authentication systems can be usefully classified and discussed according to the relative locations of the user, the service provider, the point of access to the service provider, the point at which the bid biometric is acquired, the point at which the bid feature set is extracted, the point at which the reference feature set is stored, the point at which the bid and reference feature sets are compared, and the point at which the verification is made (by evaluating the quality of comparison of the bid and reference feature sets).
  • the points of bid biometric acquisition, bid feature set extraction, reference feature set storage, and bid to reference feature set comparison are the same, there must be some transmission between points of one or more of the bid biometric, bid feature set, or reference feature set.
  • the assignee of the present application developed a secure door entry system with voice authentication.
  • the point of access to the service provider is the doorway.
  • the user is at the same location as the doorway when seeking admittance.
  • the service provider is at the same location (on the other side of the doorway).
  • the reference feature set is stored at a location remote from the doorway, the biometric is acquired at the doorway (by a telephone handset), the bid feature set is extracted and compared to the reference feature set, at the remote site.
  • the bid biometric acquisition is therefore transmitted (via a telephone line) in analog form from the doorway to the remote site.
  • U.S. Pat. Nos. 5,647,017 and 5,544,255 to Smithies disclose signature verification systems in which the bid biometric (signature) is acquired at a remote site (where the user is located) and transmitted to a host site (the point of access to the service provider) for verification.
  • the bid feature set is extracted at the user's site, and stored in a signature envelope along with the claimed identity of the user.
  • the signature envelope is encrypted and sent to the host site (a second computer) for decryption and for subsequent comparison of the bid and reference feature sets.
  • the bid feature set is transmitted from the user site to the host site.
  • U.S. Pat. No. 5,280,527 to Gullman discloses a remote authorization system in which a security apparatus includes a biometric sensor for capturing biometrics such as voice print, fingerprint, or signature, PROM for storing a reference feature set generated from a biometric acquired in an enroll mode and a fixed code (e.g. PIN or account number).
  • the security apparatus also includes a code generator that generates a time-varying code, a processor and a display.
  • the security apparatus is disclosed as preferably being embodied in a self-contained, portable form, such as a smart card.
  • the system compares the bid biometric to the locally stored reference feature set, and generates a "correlation factor," or quality of comparison
  • the correlation factor is compared to a threshold and if it exceeds the threshold, a security token is generated.
  • the token combines the correlation factor, the fixed code, and the time varying code.
  • the token is then displayed to the user, who can input it into an access device (e.g. ATM keypad).
  • the access device transmits the security token to the host system, which decodes the token, determines from the fixed code whether the user is an authorized user, and whether the correlation factor exceeds the threshold. If so, access is granted.
  • the bid biometric is acquired, the bid feature set extracted, the reference feature set stored, the bid and reference feature sets compared, and the verification evaluation performed, at the same site as the user (in the smart card).
  • the user is at the point of access (an ATM), while the service provider is remote.
  • U.S. Pat. Nos. 5,613,012 and 5,615,277 to Hoffman are directed to an authentication system in which a bid biometric (e.g. a fingerprint) is acquired, and the bid feature set extracted, at a biometric input device associated with a terminal at which the user is located.
  • the terminal transmits the bid feature set to a remote data processing center (DPC), where it is compared to the reference feature set.
  • DPC remote data processing center
  • U.S. Pat. No. 5,706,427 to Tabuki discloses an authentication system for use in computer networks, in which the user (at a user host computer) seeks services from a remote application server.
  • the application server directs the user host to transmit a bid biometric (acquired at the host computer) to a verification server (at a third site different from that of the user or the application server), where the bid feature set is extracted and compared to the reference feature set and where the verification evaluation is performed.
  • biometric authentication systems described above can be applied in the context of network, and Internet, service access, they suffer from shortcomings that can be particularly problematic in such contexts.
  • voice biometrics vary for a given user by time of day, mood, state of health, etc. It is therefore not uncommon to produce false negatives, in which a valid user's bid feature set is rejected as being unacceptably different from the reference feature set. It is therefore common to allow a user to submit another bid biometric following a rejection. This can be repeated some predetermined number of times before the user is refused further bids and must resort to other avenues for access to the service provider.
  • the need to permit repeated bid biometric acquisition, bid feature set extraction, and feature set comparison operations in a single service provider access transaction makes network biometric authentication, especially on the Internet, unattractive because these operations are relatively likely to be interrupted. This would require the user to attempt (often unsuccessfully) to reestablish communication first with the Internet, then with the service provider's point of access and then to reinitiate the bid process.
  • the bid biometric or bid feature set is transmitted to a site remote from the user for bid feature set extraction and/or bid-to-reference feature set comparison. If the verification evaluation produces a negative result, that information must be communicated back to the user's site so that another bid biometric can be acquired.
  • Such systems are therefore susceptible to the interruption problem described above.
  • Gullman avoids the interruption problem by storing the reference feature set with the user (in the same smart card that contains the biometric sensor).
  • the user must have a physical token (the smart card).
  • the service provider does not have control over the reference feature set, since it is in the user's possession. Many, if not most, service providers would consider this to be unacceptable.
  • a user seeking access to a service provider's service contacts an access point, such as a Internet site or page on the World Wide Web (WWW) and requests access.
  • Identifying information (such as a name, account number, personal identification number (PIN), etc.) Is requested from the user.
  • a reference biometric feature set maintained by the service provider (or a third party) remote from the user's site is transmitted (such as via the Internet) to the user's site.
  • a bid biometric is acquired from the user and a bid feature set extracted from the bid biometric, at the user's site.
  • the bid and reference feature sets are compared at the user's site, and a quality of comparison is determined and compared to a predetermined threshold value to determine, to a desired degree of certainty, whether the user's identity matches that of the user associated with the reference feature set. If the identities match, appropriate information indicative of the match is transmitted from the user site to the access point, which then grants the user access to the service provider. If the identities do not match, another bid feature set can be obtained from the user, compared to the reference feature set, and the resulting quality of comparison compared to the quality threshold. After a predetermined number of unsuccessfully attempted matches, the bid process can be terminated. This authentication process requires only a single transmission of a biometric feature set between the user site and access point.
  • the bid feature set acquisition and comparison to the reference feature set, the quality of comparison calculation, and if necessary, subsequent bid feature set acquisition are ail performed at the user's location. This renders the authentication process less vulnerable to interruption of communication between the user and the access point.
  • the biometric used for authentication is the user's voice. This permits the use of simple, inexpensive, and commonly and readily available biometric conversion hardware, such as a microphone.
  • FIG. 1 is a schematic illustration of a biometric authentication system.
  • Fig. 2 is a schematic illustration of a user site.
  • Fig. 3 is a schematic illustration of a service provider site.
  • Fig. 4 is a schematic illustration of the user and service provider sites.
  • Figs. 5A-C are flow diagrams of the service provider access procedure.
  • Figs. 6A-B are schematic illustrations of the flow and contents of data exchanged by the user and service provider sites during the enrollment process.
  • Figs. 7A-B are schematic illustrations of the flow and contents of data exchanged by the user and service provider sites during the verification process.
  • a biometric authentication system embodying the principles of the invention is illustrated in schematic form in Fig. 1.
  • the system includes a user site 100, which can communicate via a network, for example the Internet 10, with a service provider site 200.
  • Service provider site 200 conceptually includes a service provider access site 210, a service provider service site 220, and a verification / storage site 230.
  • the user seeks access to services available from service site 220 by contacting access site 210, which initiates communication between user site 100 and verification / storage site 230, either directly or via access site 210.
  • User site 100 generally consists of a personal computer equipped with appropriate hardware and software to enable acquisition and manipulation of biometrics, communication with access site 210, and execution of biometric verification processes through interaction with access site 210 and/or verification site 230.
  • user site 100 can include user input device(s) 110, biometric sensor or converter 120 for acquiring biometrics from the user, output device(s) 130, processor (with RAM) 180, communications device 150, software and data storage 145, all of which can communicate with each other via, for example, communication bus 170.
  • User input device(s) 110 can include a keyboard and a pointing device (mouse, joystick, track pad, etc.).
  • Biometric converter 120 can include any suitable device for acquiring a selected biometric. In the illustrated embodiment,
  • biometric converter 120 is therefore a microphone.
  • Any suitable apparatus and process can be used for acquiring voice prints, extracting reference and bid feature sets, comparing feature sets, evaluating the quality of the comparison, setting threshold values, and comparing quality of comparison to thresholds.
  • Such suitable apparatuses are available for selection by the artisan, and neither their selection nor the details of their operation form a part of the invention.
  • Other devices can be used for other biometrics, such as a digitizing pad or scanner to acquire signatures, a camera to acquire facial features, a scanner to acquire fingerprints, etc.
  • Output device(s) 130 can include a visual display, auditory output device such as a speaker, and physical output device such as a printer.
  • Communications device 150 can include any suitable device for communication with the network on which the service provider access site is resident, such as a modem for communication via analog data lines with an ISP, a network interface to the network containing the access site or a local area network having capabilities for communication with the Internet.
  • Storage 145 can include any suitable mass storage device, such as magnetic or optical disk drive, etc., on which can be stored software and data associated with the biometric authentication process and from which the software and data can be retrieved and loaded into RAM or other location suitable for execution and processing by processor 180.
  • service provider site 200 can include communications device 240, processor 250, services 280, reference feature sets storage 260 and software for downloading storage 270.
  • the communications device 240 provides the ability to communicate with the network, preferably the Internet 10, communicating requests for access to the services 280 as well as downloading software and reference feature sets.
  • the processor 250 processes requests for access, requests for software to be downloaded and requests for reference feature sets for be downloaded.
  • Services 280 can consist of any services the service provider is offering to the user, such as banking services, once access to the service provider has been authenticated.
  • Fig. 4 illustrates schematically user site 100 and service provider site 200.
  • each user site has a computer including CPU 185, user interface 190, primary memory (RAM) 140, user communications interface 151 for communication with the service provider 200 via the communication network 10, and additional memory 160 for loading software for execution by CPU 180.
  • the software components include software that is already resident at user site 100 before accessing the service provider site 200, such as an operating system 162, and network navigation / interface software, such as WWW browser program 164.
  • service provider site 200 has a computer including CPU 290, primary memory (RAM) 292, communications interface 294 for communicating with the user sites 100 via the communications network 10, and additional memory 295 for loading software for execution by CPU 290.
  • the software components include server interface software and/or data 296, such as hypertext documents encoded in Hypertext Markup Language (HTML), which present the Web page to the user.
  • server interface software and/or data 296, such as hypertext documents encoded in Hypertext Markup Language (HTML), which present the Web page to the user.
  • HTTP Hypertext Markup Language
  • user site 100 and service provider site 200 communicate via interaction between browser program 164 and the server interface 296, i.e. by the browser program reading the HTML encoded Web page.
  • the authentication process is implemented in software which has components at both the service provider site 200 and the user site 100, which components operate as a layer or interface between the browser and the HTML.
  • the user site software component 165 is downloaded from the service provider site 200 during the enrollment process, as described below.
  • the downloaded software includes native code 168, which contains the functions Verify() and Enroll(), 168a and 168b, respectively, and browser interface 166.
  • Browser interface 166 provides an interface between the native code and the browser.
  • the service provider site software component 298 is an applet that can be invoked through the Web page via the browser. This applet in turn communicates with the browser interface software to initiate execution of the native code.
  • browser interface 166 is implemented as a Netscape plug-in and the service provider site software
  • 10 component 298 is correspondingly implemented as an applet coded in the Java programming language.
  • browser interface 166 is implemented as a Microsoft ActiveX program (OCX)
  • OCX Microsoft ActiveX program
  • the service provider site software component 298 is correspondingly implemented as ActiveX control.
  • the service provider access procedure 500 of the illustrated embodiment is illustrated in Fig. 5A.
  • the process begins when the user initiates access to the service provider's access site on the WWW at step 502.
  • the service provider determines at step 504 if the user is a new user to the service. If the user is new, then the enrollment process is initiated at step 508 with a New User Request to the service provider 200.
  • the service provider 200 assigns a User ID for this user at step 509, then transmits a New User Download at step 510, which provides the user site software component 165.
  • the service provider then generates a request for enrollment at step 580.
  • the user in turn initiates the enrollment procedure at step 590.
  • Enrollment procedure 590 is shown in more detail in Fig. 5B.
  • Enrollment process 590 begins with initiation of the Enroll() function 168a at step 592.
  • the Enroll() function acquires from the user at step 594 several biometric samples, from each of which is extracted a feature set.
  • the feature sets are combined to generate a composite, reference feature set at step 596.
  • the reference feature set is then uploaded at step 598 to the service provider for storage in the reference feature set repository.
  • control of the process is returned to the access procedure at step 599.
  • the flow and content of data exchanged by user site 100 and service provider site 200 relating to the enrollment process 590 is illustrated schematically in Figs. 6A and 6B.
  • New User Request 650 includes a block of identifying information 652 about the user (such as the user's name, address, account number with the service provider, etc.).
  • the service provider assigns a User ID
  • Download 660 includes User ID 664, the user site software component 165, and information relating to the verification process, such as a default maximum number of verification attempts allowed 662, and default quality of comparison threshold 663.
  • the reference feature set 672 is generated, and an enrollment upload 670 is sent to the service provider.
  • Enrollment upload 670 includes User ID 664 and reference feature set 672.
  • the service provider then stores reference feature set 672. After enrolling, the user can access the service provider's service site, subject to the verification process. As shown in Fig.
  • the verification process is initiated at step 530 with an Access Request transmitted from user site 100 to service provider 200.
  • the service provider requests verification at step 540 by transmitting Verification Request 720. This in turn initiates the verification process at step 550.
  • Verification procedure 550 is shown in more detail in Fig. 5C.
  • Verification procedure 550 begins with initiation of the Verify() function 168b at step 551.
  • the VerifyO function generates a request to the service provider for this User ID's reference feature set.
  • the reference feature set is downloaded to the user site in step 552.
  • the VerifyO function acquires from the user a bid biometric sample in step 553, from which a bid feature set is extracted.
  • the bid feature set is compared to the reference feature set at step 554, and a quality of comparison, or score, is calculated at step 555.
  • the quality of comparison represents a goodness of fit, or match, between the bid and reference features sets, and correlates with the likelihood that the user is the person from whom the reference feature set was generated.
  • the quality of comparison is then compared at step 556 to a threshold value to determine if the user should be authenticated.
  • the threshold is set at a predetermined value, which value is selected to strike the balance preferred by the service provider between having a high degree of confidence that the user is authentic and having authentic users incorrectly rejected. If the quality of
  • the verification process returns that the user should be authenticated at step 557. If the quality of comparison does not exceed the threshold, then the VerifyO function checks to see how many times the user has thus far attempted verification at step 558. If the number of bids does not exceed the maximum number of allowed attempts, the user can generate a new bid by acquiring and extracting a new bid biometric, as shown by loop 501 in Fig. 5C. If the quality of comparison of the bid biometrics never exceeds the threshold and the user exceeds the maximum allowed attempts, then "user not authenticated" is returned at step 559, and the user is not allowed access to service provider site 200.
  • Figs. 7A and 7B The flow and content of data exchanged by user site 100 and service provider site 200 relating to the verification process 550 is illustrated in Figs. 7A and 7B.
  • the user site 100 sends an Access Request 710 to service provider site 200.
  • Access Request 710 includes User ID 664.
  • Service provider site 200 then transmits a Verification Request 720 to user site 100.
  • Verification Request 720 can include a call to VerifyO 722, the maximum allowable number of bids for this access attempt 724, and the minimum quality of comparison threshold required for this access attempt 726.
  • Maximum allowable number of bids 724 and minimum quality of comparison threshold 726 are optional data, to be used if the service provider wishes to override the default maximum allowable number of bids 662 and default minimum quality of comparison threshold 663 downloaded in the New User Download 660.
  • Request 725 for the bid user's reference feature set is then transmitted to service provider site 200, and reference feature set 730 is downloaded.
  • verification result 740 (User Authenticated 742 or User Not Authenticated 743) is returned to service provider 200, and the user is granted or denied access accordingly.
  • any other biometric can be used. All of the functional elements of the service provider's site (access site, service site, storage site, verification site) can be located at the same physical location or network site, or can be dispersed across a network (including a LAN, WAN, or the Internet). Although it is assumed that the service site is under the direct control of the service provider, the other elements or functions (access, storage, verification) can be under control of third parties or the service provider. Although it is preferred to store, and transmit to the user site, a reference feature set, it is contemplated that reference biometrics could be stored and transmitted instead.
  • some of these steps could be performed at the service provider site, albeit at the cost of additional transmissions and attendant risk of interruption.
  • the quality of comparison could be transmitted to the service provider site, where it could be compared to the threshold, and if the threshold is not met, an instruction transmitted back to the user site to acquire another bid biometric, extract another bid feature set, perform another comparison, and transmit to the service provider site another quality of comparison.

Abstract

A method for biometric authentication of the identity of a user located at a user site (100) seeking access to services provided by a service provider (200) at a location different from the user site includes the steps of acquiring from the user a bid biometric feature set, transmitting to the user site a reference biometric feature set associated with the user and stored at a location remote from the user site, and comparing at the user site the bid feature set and the reference feature set.

Description

BIOMETRIC AUTHENTICATION SYSTEM AND METHOD
Background of the Invention
The invention relates to a method for authenticating the identity of users, and in particular to the authentication of users across networks, more particularly across the Internet.
In banking and other service industries, it is important to authenticate the identities of users of services. Authentication of identity historically involved comparison of a user's facial features to a reference photographic identification, such as a driver's license, by personnel of the service provider. With the advent of systems such as automated teller machines, remote door entry systems, and other access control devices unattended by personnel of the service provider, alternative methods were developed. These most commonly employ a physical access device, such as a security card or key, ATM card, etc. that incorporate machine readable identifying information. The authority of the bearer of the physical access device to use the device is verified by requiring entry of a code, such as a Personal Identification Number (PIN) that is presumed to be known only to the authorized bearer. The service provider grants access to a bearer of the access device who provides the code that correlates with the identifying information on the access device.
Such methods have the drawback that an unauthorized user may gain improper access to both the access device and the code. Systems were therefore developed to authenticate the identity of the user by means of uniquely-identifying biometric physical attributes of the user. These biometric attributes can include the user's voice, fingerprint, signature, iris, retina, and facial features. Biometric authentication involves two processes: an initial enrollment or registration process, and a verification process conducted each time the user seeks access to the service provider.
In the enrollment process, a reference biometric is acquired from the user, whose identity has been reliably established by other, conventional techniques (such as personal comparison of facial features to photo identity cards by a service provider's personnel). The reference biometric is acquired by converting a biological feature or attribute (voice sample, finger print, signature, etc.) with an appropriate converter (microphone, scanner, etc.) into a set of numerical data, or biometric acquisition. Characteristic features are then extracted from the biometric acquisition to produce a feature set. In the context of, for example, voice print biometrics, a feature set is a parametric representation of the biometric voice sample, such as filter coefficients in a linear predictive coding approach. See, for example, Davis and Mermelstein, "Comparison of Parametric Representations for Monosyllabic Word Recognition in Continuously Spoken Sentences" (IEEE 1980), the disclosure of which is hereby incorporated by reference herein. Typically, multiple biometric acquisitions are taken and their feature sets combined into a composite, reference feature set. The reference feature set is then stored for future use. To authenticate the user, another biometric is acquired from the user for extraction of a feature set for comparison to the reference feature set. The newly acquired biometric is referred to herein as a "bid" biometric. A bid feature set extracted from the bid biometric is then compared to the reference feature set, and a quality of comparison, or "score," indicative of the closeness of the match between the two feature sets is established. In the context of voice biometrics, the quality of comparison is a measure of the differences between the bid and reference feature sets, and therefore a low value for the quality of comparison is more indicative of close match than a high value. Therefore, a user's identification is authenticated (i.e. the user from whom the bid biometric was acquired is presumed to be the same user who provided the reference biometric, and is granted access to the service provider) when the quality of comparison has a value lower than a predetermined, threshold value. For other biometrics, such as fingerprints, higher values are more indicative of a match, and authentication would be based on the value of the quality of comparison exceeding a threshold value. For consistency and ease of reference in the present application, higher values of quality of comparison are considered to be indicative of a better match, and authentication is based on the value of the quality of comparison exceeding a threshold value.
Known biometric authentication systems can be usefully classified and discussed according to the relative locations of the user, the service provider, the point of access to the service provider, the point at which the bid biometric is acquired, the point at which the bid feature set is extracted, the point at which the reference feature set is stored, the point at which the bid and reference feature sets are compared, and the point at which the verification is made (by evaluating the quality of comparison of the bid and reference feature sets). Unless the points of bid biometric acquisition, bid feature set extraction, reference feature set storage, and bid to reference feature set comparison are the same, there must be some transmission between points of one or more of the bid biometric, bid feature set, or reference feature set.
The assignee of the present application developed a secure door entry system with voice authentication. In this system, the point of access to the service provider is the doorway. The user is at the same location as the doorway when seeking admittance. Similarly, the service provider is at the same location (on the other side of the doorway). The reference feature set is stored at a location remote from the doorway, the biometric is acquired at the doorway (by a telephone handset), the bid feature set is extracted and compared to the reference feature set, at the remote site. The bid biometric acquisition is therefore transmitted (via a telephone line) in analog form from the doorway to the remote site.
U.S. Pat. Nos. 5,647,017 and 5,544,255 to Smithies disclose signature verification systems in which the bid biometric (signature) is acquired at a remote site (where the user is located) and transmitted to a host site (the point of access to the service provider) for verification. In these systems, the bid feature set is extracted at the user's site, and stored in a signature envelope along with the claimed identity of the user. The signature envelope is encrypted and sent to the host site (a second computer) for decryption and for subsequent comparison of the bid and reference feature sets. Thus, the bid feature set is transmitted from the user site to the host site.
U.S. Pat. No. 5,280,527 to Gullman discloses a remote authorization system in which a security apparatus includes a biometric sensor for capturing biometrics such as voice print, fingerprint, or signature, PROM for storing a reference feature set generated from a biometric acquired in an enroll mode and a fixed code (e.g. PIN or account number). The security apparatus also includes a code generator that generates a time-varying code, a processor and a display. The security apparatus is disclosed as preferably being embodied in a self-contained, portable form, such as a smart card. The system compares the bid biometric to the locally stored reference feature set, and generates a "correlation factor," or quality of comparison The correlation factor is compared to a threshold and if it exceeds the threshold, a security token is generated. The token combines the correlation factor, the fixed code, and the time varying code. The token is then displayed to the user, who can input it into an access device (e.g. ATM keypad). The access device transmits the security token to the host system, which decodes the token, determines from the fixed code whether the user is an authorized user, and whether the correlation factor exceeds the threshold. If so, access is granted. Thus, in Gullman's system the bid biometric is acquired, the bid feature set extracted, the reference feature set stored, the bid and reference feature sets compared, and the verification evaluation performed, at the same site as the user (in the smart card). The user is at the point of access (an ATM), while the service provider is remote.
U.S. Pat. Nos. 5,613,012 and 5,615,277 to Hoffman are directed to an authentication system in which a bid biometric (e.g. a fingerprint) is acquired, and the bid feature set extracted, at a biometric input device associated with a terminal at which the user is located. The terminal transmits the bid feature set to a remote data processing center (DPC), where it is compared to the reference feature set. U.S. Pat. No. 5,706,427 to Tabuki discloses an authentication system for use in computer networks, in which the user (at a user host computer) seeks services from a remote application server. The application server directs the user host to transmit a bid biometric (acquired at the host computer) to a verification server (at a third site different from that of the user or the application server), where the bid feature set is extracted and compared to the reference feature set and where the verification evaluation is performed.
It has become increasingly common for services to be accessed via computer networks, and with the explosive growth of the Internet has come a corresponding growth in the range of services that can be provided to users via the Internet. There is an attendant need for authentication by service providers of users who access their services via networks, particularly the Internet.
Although some of the biometric authentication systems described above can be applied in the context of network, and Internet, service access, they suffer from shortcomings that can be particularly problematic in such contexts.
One of the well-recognized problems with the internet is that data communication is often unreliable, in that data transmission speeds can vary widely, access by users to the Internet (via Internet Service Providers, or ISPs) can be difficult to establish and is often interrupted, requiring the user to reaccess the Internet. Similar problems can be encountered on other networks. This poses particular difficulties for biometric authentication systems. Biometric authentication is typically chosen because there is a high degree of concern with accurate identification of a user. Accordingly, in the operation of biometric systems a high degree of accuracy of identification verification is usually desired, necessitating that a bid feature set closely match the reference feature set. All biometrics suffer from a degree of variation between bid feature sets generated by a valid user. For example, voice biometrics vary for a given user by time of day, mood, state of health, etc. It is therefore not uncommon to produce false negatives, in which a valid user's bid feature set is rejected as being unacceptably different from the reference feature set. It is therefore common to allow a user to submit another bid biometric following a rejection. This can be repeated some predetermined number of times before the user is refused further bids and must resort to other avenues for access to the service provider. The need to permit repeated bid biometric acquisition, bid feature set extraction, and feature set comparison operations in a single service provider access transaction makes network biometric authentication, especially on the Internet, unattractive because these operations are relatively likely to be interrupted. This would require the user to attempt (often unsuccessfully) to reestablish communication first with the Internet, then with the service provider's point of access and then to reinitiate the bid process.
In each of the references described above in which the reference feature set is stored at a site other than the user's site (i.e., all but Gullman), the bid biometric or bid feature set is transmitted to a site remote from the user for bid feature set extraction and/or bid-to-reference feature set comparison. If the verification evaluation produces a negative result, that information must be communicated back to the user's site so that another bid biometric can be acquired. Such systems are therefore susceptible to the interruption problem described above.
Gullman avoids the interruption problem by storing the reference feature set with the user (in the same smart card that contains the biometric sensor). However, Gullman's system suffers from two shortcomings. First, the user must have a physical token (the smart card). Second, the service provider does not have control over the reference feature set, since it is in the user's possession. Many, if not most, service providers would consider this to be unacceptable.
There is therefore a need for a biometric authentication system and process usable in the context of computer networks, particularly the Internet, that allows the service provider to maintain the reference feature set and that does not require transmission of the bid biometric or feature set to a site remote from the user for comparison to the reference feature set.
Summary of the Invention
The shortcomings of the prior art are overcome, and the need identified above is met, by the system and method of the invention. In the disclosed biometric authentication system and method, a user seeking access to a service provider's service contacts an access point, such as a Internet site or page on the World Wide Web (WWW) and requests access. Identifying information (such as a name, account number, personal identification number (PIN), etc.) Is requested from the user. A reference biometric feature set maintained by the service provider (or a third party) remote from the user's site is transmitted (such as via the Internet) to the user's site. A bid biometric is acquired from the user and a bid feature set extracted from the bid biometric, at the user's site. The bid and reference feature sets are compared at the user's site, and a quality of comparison is determined and compared to a predetermined threshold value to determine, to a desired degree of certainty, whether the user's identity matches that of the user associated with the reference feature set. If the identities match, appropriate information indicative of the match is transmitted from the user site to the access point, which then grants the user access to the service provider. If the identities do not match, another bid feature set can be obtained from the user, compared to the reference feature set, and the resulting quality of comparison compared to the quality threshold. After a predetermined number of unsuccessfully attempted matches, the bid process can be terminated. This authentication process requires only a single transmission of a biometric feature set between the user site and access point. The bid feature set acquisition and comparison to the reference feature set, the quality of comparison calculation, and if necessary, subsequent bid feature set acquisition are ail performed at the user's location. This renders the authentication process less vulnerable to interruption of communication between the user and the access point. In the presently preferred embodiment, the biometric used for authentication is the user's voice. This permits the use of simple, inexpensive, and commonly and readily available biometric conversion hardware, such as a microphone.
Brief Description of the Drawings Fig. 1 is a schematic illustration of a biometric authentication system.
Fig. 2 is a schematic illustration of a user site. Fig. 3 is a schematic illustration of a service provider site.
Fig. 4 is a schematic illustration of the user and service provider sites.
Figs. 5A-C are flow diagrams of the service provider access procedure.
Figs. 6A-B are schematic illustrations of the flow and contents of data exchanged by the user and service provider sites during the enrollment process.
Figs. 7A-B are schematic illustrations of the flow and contents of data exchanged by the user and service provider sites during the verification process.
Detailed Description of Presently Preferred Embodiments
A biometric authentication system embodying the principles of the invention is illustrated in schematic form in Fig. 1. The system includes a user site 100, which can communicate via a network, for example the Internet 10, with a service provider site 200. Service provider site 200 conceptually includes a service provider access site 210, a service provider service site 220, and a verification / storage site 230. In broad terms, the user seeks access to services available from service site 220 by contacting access site 210, which initiates communication between user site 100 and verification / storage site 230, either directly or via access site 210. User site 100 generally consists of a personal computer equipped with appropriate hardware and software to enable acquisition and manipulation of biometrics, communication with access site 210, and execution of biometric verification processes through interaction with access site 210 and/or verification site 230. As shown in Fig. 2, user site 100 can include user input device(s) 110, biometric sensor or converter 120 for acquiring biometrics from the user, output device(s) 130, processor (with RAM) 180, communications device 150, software and data storage 145, all of which can communicate with each other via, for example, communication bus 170.
User input device(s) 110 can include a keyboard and a pointing device (mouse, joystick, track pad, etc.). Biometric converter 120 can include any suitable device for acquiring a selected biometric. In the illustrated embodiment,
8 the selected biometric is a voice print, and biometric converter 120 is therefore a microphone. Any suitable apparatus and process can be used for acquiring voice prints, extracting reference and bid feature sets, comparing feature sets, evaluating the quality of the comparison, setting threshold values, and comparing quality of comparison to thresholds. Such suitable apparatuses are available for selection by the artisan, and neither their selection nor the details of their operation form a part of the invention. Other devices can be used for other biometrics, such as a digitizing pad or scanner to acquire signatures, a camera to acquire facial features, a scanner to acquire fingerprints, etc. Output device(s) 130 can include a visual display, auditory output device such as a speaker, and physical output device such as a printer. Communications device 150 can include any suitable device for communication with the network on which the service provider access site is resident, such as a modem for communication via analog data lines with an ISP, a network interface to the network containing the access site or a local area network having capabilities for communication with the Internet. Storage 145 can include any suitable mass storage device, such as magnetic or optical disk drive, etc., on which can be stored software and data associated with the biometric authentication process and from which the software and data can be retrieved and loaded into RAM or other location suitable for execution and processing by processor 180.
As illustrated in Fig. 3, service provider site 200 can include communications device 240, processor 250, services 280, reference feature sets storage 260 and software for downloading storage 270. The communications device 240 provides the ability to communicate with the network, preferably the Internet 10, communicating requests for access to the services 280 as well as downloading software and reference feature sets. The processor 250 processes requests for access, requests for software to be downloaded and requests for reference feature sets for be downloaded. Services 280 can consist of any services the service provider is offering to the user, such as banking services, once access to the service provider has been authenticated. Fig. 4 illustrates schematically user site 100 and service provider site 200. In the illustrated embodiment, each user site has a computer including CPU 185, user interface 190, primary memory (RAM) 140, user communications interface 151 for communication with the service provider 200 via the communication network 10, and additional memory 160 for loading software for execution by CPU 180. The software components include software that is already resident at user site 100 before accessing the service provider site 200, such as an operating system 162, and network navigation / interface software, such as WWW browser program 164. In the illustrated embodiment, service provider site 200 has a computer including CPU 290, primary memory (RAM) 292, communications interface 294 for communicating with the user sites 100 via the communications network 10, and additional memory 295 for loading software for execution by CPU 290. The software components include server interface software and/or data 296, such as hypertext documents encoded in Hypertext Markup Language (HTML), which present the Web page to the user. Thus, user site 100 and service provider site 200 communicate via interaction between browser program 164 and the server interface 296, i.e. by the browser program reading the HTML encoded Web page. The authentication process is implemented in software which has components at both the service provider site 200 and the user site 100, which components operate as a layer or interface between the browser and the HTML.
The user site software component 165 is downloaded from the service provider site 200 during the enrollment process, as described below. In the illustrated embodiment, the downloaded software includes native code 168, which contains the functions Verify() and Enroll(), 168a and 168b, respectively, and browser interface 166. Browser interface 166 provides an interface between the native code and the browser. The service provider site software component 298 is an applet that can be invoked through the Web page via the browser. This applet in turn communicates with the browser interface software to initiate execution of the native code. In one embodiment, browser interface 166 is implemented as a Netscape plug-in and the service provider site software
10 component 298 is correspondingly implemented as an applet coded in the Java programming language. In a second, presently preferred embodiment, browser interface 166 is implemented as a Microsoft ActiveX program (OCX), and the service provider site software component 298 is correspondingly implemented as ActiveX control.
The operation of the disclosed authentication system will now be described. The service provider access procedure 500 of the illustrated embodiment is illustrated in Fig. 5A. The process begins when the user initiates access to the service provider's access site on the WWW at step 502. The service provider determines at step 504 if the user is a new user to the service. If the user is new, then the enrollment process is initiated at step 508 with a New User Request to the service provider 200. The service provider 200 assigns a User ID for this user at step 509, then transmits a New User Download at step 510, which provides the user site software component 165. The service provider then generates a request for enrollment at step 580. The user in turn initiates the enrollment procedure at step 590.
Enrollment procedure 590 is shown in more detail in Fig. 5B. Enrollment process 590 begins with initiation of the Enroll() function 168a at step 592. The Enroll() function acquires from the user at step 594 several biometric samples, from each of which is extracted a feature set. The feature sets are combined to generate a composite, reference feature set at step 596. The reference feature set is then uploaded at step 598 to the service provider for storage in the reference feature set repository. Upon successful completion of the enrollment process, control of the process is returned to the access procedure at step 599. The flow and content of data exchanged by user site 100 and service provider site 200 relating to the enrollment process 590 is illustrated schematically in Figs. 6A and 6B. When a user new to the service provider requests access, the user is prompted to issue a New User Request 650. As shown in Fig. 6B, New User Request 650 includes a block of identifying information 652 about the user (such as the user's name, address, account number with the service provider, etc.). The service provider assigns a User ID
11 664 for the user, and then downloads to the user a New User Download 660. Download 660 includes User ID 664, the user site software component 165, and information relating to the verification process, such as a default maximum number of verification attempts allowed 662, and default quality of comparison threshold 663. After the downloaded software is installed and executed, the reference feature set 672 is generated, and an enrollment upload 670 is sent to the service provider. Enrollment upload 670 includes User ID 664 and reference feature set 672. The service provider then stores reference feature set 672. After enrolling, the user can access the service provider's service site, subject to the verification process. As shown in Fig. 5A, after determining that the user is not a new user at step 504, the verification process is initiated at step 530 with an Access Request transmitted from user site 100 to service provider 200. In response, the service provider requests verification at step 540 by transmitting Verification Request 720. This in turn initiates the verification process at step 550.
Verification procedure 550 is shown in more detail in Fig. 5C. Verification procedure 550 begins with initiation of the Verify() function 168b at step 551. The VerifyO function generates a request to the service provider for this User ID's reference feature set. The reference feature set is downloaded to the user site in step 552. The VerifyO function then acquires from the user a bid biometric sample in step 553, from which a bid feature set is extracted. The bid feature set is compared to the reference feature set at step 554, and a quality of comparison, or score, is calculated at step 555. The quality of comparison represents a goodness of fit, or match, between the bid and reference features sets, and correlates with the likelihood that the user is the person from whom the reference feature set was generated.
The quality of comparison is then compared at step 556 to a threshold value to determine if the user should be authenticated. The threshold is set at a predetermined value, which value is selected to strike the balance preferred by the service provider between having a high degree of confidence that the user is authentic and having authentic users incorrectly rejected. If the quality of
12 comparison exceeds the threshold, the verification process returns that the user should be authenticated at step 557. If the quality of comparison does not exceed the threshold, then the VerifyO function checks to see how many times the user has thus far attempted verification at step 558. If the number of bids does not exceed the maximum number of allowed attempts, the user can generate a new bid by acquiring and extracting a new bid biometric, as shown by loop 501 in Fig. 5C. If the quality of comparison of the bid biometrics never exceeds the threshold and the user exceeds the maximum allowed attempts, then "user not authenticated" is returned at step 559, and the user is not allowed access to service provider site 200.
The flow and content of data exchanged by user site 100 and service provider site 200 relating to the verification process 550 is illustrated in Figs. 7A and 7B. When a user known to the service provider requests access, the user site 100 sends an Access Request 710 to service provider site 200. As shown in Fig. 7B, Access Request 710 includes User ID 664. Service provider site 200 then transmits a Verification Request 720 to user site 100. Verification Request 720 can include a call to VerifyO 722, the maximum allowable number of bids for this access attempt 724, and the minimum quality of comparison threshold required for this access attempt 726. Maximum allowable number of bids 724 and minimum quality of comparison threshold 726 are optional data, to be used if the service provider wishes to override the default maximum allowable number of bids 662 and default minimum quality of comparison threshold 663 downloaded in the New User Download 660. Request 725 for the bid user's reference feature set is then transmitted to service provider site 200, and reference feature set 730 is downloaded. Once verification process 550 is complete at user site 100, verification result 740 (User Authenticated 742 or User Not Authenticated 743) is returned to service provider 200, and the user is granted or denied access accordingly.
The disclosed, presently preferred embodiment is merely illustrative of the principles of the present invention, and many variations on the disclosed features and processes are contemplated and will be apparent to the artisan. For
13 example, although the use of voice biometrics is disclosed, any other biometric can be used. All of the functional elements of the service provider's site (access site, service site, storage site, verification site) can be located at the same physical location or network site, or can be dispersed across a network (including a LAN, WAN, or the Internet). Although it is assumed that the service site is under the direct control of the service provider, the other elements or functions (access, storage, verification) can be under control of third parties or the service provider. Although it is preferred to store, and transmit to the user site, a reference feature set, it is contemplated that reference biometrics could be stored and transmitted instead.
It is also preferred to conduct at the user site the steps of comparing the bid and reference feature sets, determining whether the quality of comparison exceeds the desired threshold, and acquiring additional bid biometrics, extracting additional bid feature sets, and conducting additional comparisons, so that the only transmissions required between the user and service provider sites is that of the reference feature set to the user site and that of the authentication determination to the service provider site. However, it is also contemplated that some of these steps could be performed at the service provider site, albeit at the cost of additional transmissions and attendant risk of interruption. For example, the quality of comparison could be transmitted to the service provider site, where it could be compared to the threshold, and if the threshold is not met, an instruction transmitted back to the user site to acquire another bid biometric, extract another bid feature set, perform another comparison, and transmit to the service provider site another quality of comparison.
14

Claims

What Is Claimed is:
1. A method for biometric authentication of the identity of a user located at a user site seeking access to services provided by a service provider at a location different from the user site, the user having associated therewith a reference biometric feature set stored at a location remote from the user site, comprising the steps of: acquiring from the user a bid feature set; transmitting the reference feature set to the user site; and comparing at the user site the bid feature set and the reference feature set.
2. The method of claim 1 , further comprising the steps of: determining a quality of comparison of the bid and reference feature sets; comparing the quality of comparison to a predetermined threshold; and granting the user access to the service provider's services if the quality of comparison exceeds the threshold.
3. The method of claim 2 wherein said steps of determining a quality of comparison and comparing the quality of comparison to the threshold are conducted at the user site.
4. The method of claim 1 further comprising the steps of: transmitting from the user site to a point of access to the service provider a request for access to the service provider; and transmitting to the user a request to supply the bid feature set.
5. The method of ciaim 4 wherein said point of access and said user site are sites on a computer network and said step of transmitting said request for access includes transmitting said request via said network.
15
6. The method of claim 1 wherein said reference feature set is transmitted to the user site via a network.
7. The method of claim 5 wherein said network is the Internet.
8. The method of claim 6 wherein said network is the Internet.
9. A method for biometric authentication of the identity of a user purporting to be an authorized user of the services of a service provider, the service provider having a point of access located at an access site, the user being located at a user site remote from the access site, the authorized user having associated therewith a reference feature set stored at a location remote from the user site, comprising the steps of: transmitting from the access site to the user site a request to acquire from the user a bid feature set; transmitting from the access site to the user site the reference feature set; accepting from the user site a value indicative of the quality of a comparison of the reference feature set to the requested bid feature set; and granting access to the user if said value exceeds a predetermined threshold.
10. The method of claim 9 wherein the access site and the user site are sites on a computer network and said reference feature set is transmitted via the network.
11. The method of claim 10 wherein the network is the Internet.
12. A method for biometric authentication of the identity of a user located at a user site and seeking access to the services of a service provider, the service provider having a point of access located at an access site remote from the user site, the user having associated therewith a reference feature set stored at a
16 location remote from the user site, comprising the steps of: transmitting from the user site to the access site a request for access to the service provider; receiving at the user site from the access site a request to acquire from the user a bid feature set; acquiring from the user a bid feature set; receiving at the user site from the access site the reference feature set; comparing the bid feature set to the reference feature set and determining a quality of comparison; and transmitting from the user site to the access site an indication of the quality of the comparison.
13. The method of claim 12 further comprising the steps of: comparing the quality of comparison to a predetermined threshold, and, if the quality of comparison does not exceed the threshold, acquiring from the user a second bid feature set.
14. The method of claim 12 wherein the access site and the user site are sites on a computer network and said reference feature set is transmitted via the network.
15. The method of claim 14 wherein the network is the Internet.
17
PCT/US1999/001727 1998-01-30 1999-01-28 Biometric authentication system and method WO1999039310A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU23454/99A AU2345499A (en) 1998-01-30 1999-01-28 Biometric authentication system and method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US7316698P 1998-01-30 1998-01-30
US60/073,166 1998-01-30

Publications (1)

Publication Number Publication Date
WO1999039310A1 true WO1999039310A1 (en) 1999-08-05

Family

ID=22112122

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1999/001727 WO1999039310A1 (en) 1998-01-30 1999-01-28 Biometric authentication system and method

Country Status (2)

Country Link
AU (1) AU2345499A (en)
WO (1) WO1999039310A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001020463A1 (en) * 1999-09-17 2001-03-22 Fingloq Ab Security arrangement
WO2001084507A1 (en) * 2000-05-04 2001-11-08 Marco Iori User recognition system for automatically controlling accesses, apparatuses and the like equipment
WO2003009113A1 (en) * 2001-07-18 2003-01-30 Safe Connect Sweden Aktiebolag A method for safe and fast connection of a first computer to a second computer having limited access ability
EP1139301A3 (en) * 2000-03-24 2004-05-06 Matsushita Electric Industrial Co., Ltd. An apparatus for identity verification, a system for identity verification, a card for identity verification and a method for identity verification based on identification by biometrics

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1986006527A1 (en) * 1985-04-22 1986-11-06 The Quantum Fund Ltd. Skin-pattern recognition method and device
US5229764A (en) * 1991-06-20 1993-07-20 Matchett Noel D Continuous biometric authentication matrix
US5280527A (en) 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
US5386104A (en) * 1993-11-08 1995-01-31 Ncr Corporation System and method for detecting user fraud in automated teller machine transactions
WO1996018169A1 (en) * 1994-12-06 1996-06-13 Loren Kretzschmar Transaction verification apparatus & method
US5544255A (en) 1994-08-31 1996-08-06 Peripheral Vision Limited Method and system for the capture, storage, transport and authentication of handwritten signatures
US5613012A (en) 1994-11-28 1997-03-18 Smarttouch, Llc. Tokenless identification system for authorization of electronic transactions and electronic transmissions
US5615277A (en) 1994-11-28 1997-03-25 Hoffman; Ned Tokenless security system for authorizing access to a secured computer system
US5706427A (en) 1995-09-08 1998-01-06 Cadix Inc. Authentication method for networks

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1986006527A1 (en) * 1985-04-22 1986-11-06 The Quantum Fund Ltd. Skin-pattern recognition method and device
US5229764A (en) * 1991-06-20 1993-07-20 Matchett Noel D Continuous biometric authentication matrix
US5280527A (en) 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
US5386104A (en) * 1993-11-08 1995-01-31 Ncr Corporation System and method for detecting user fraud in automated teller machine transactions
US5544255A (en) 1994-08-31 1996-08-06 Peripheral Vision Limited Method and system for the capture, storage, transport and authentication of handwritten signatures
US5647017A (en) 1994-08-31 1997-07-08 Peripheral Vision Ltd. Method and system for the verification of handwritten signatures
US5613012A (en) 1994-11-28 1997-03-18 Smarttouch, Llc. Tokenless identification system for authorization of electronic transactions and electronic transmissions
US5615277A (en) 1994-11-28 1997-03-25 Hoffman; Ned Tokenless security system for authorizing access to a secured computer system
WO1996018169A1 (en) * 1994-12-06 1996-06-13 Loren Kretzschmar Transaction verification apparatus & method
US5706427A (en) 1995-09-08 1998-01-06 Cadix Inc. Authentication method for networks

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
STOCKEL A: "SECURING DATA AND FINANCIAL TRANSACTIONS", 18 October 1995, PROCEEDINGS OF THE 29TH. ANNUAL INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY, SANDERSTEAD, GB, OCT. 18 - 20, 1995, NR. CONF. 29, PAGE(S) 397 - 401, SANSON L D (ED ), XP000575565 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001020463A1 (en) * 1999-09-17 2001-03-22 Fingloq Ab Security arrangement
EP1139301A3 (en) * 2000-03-24 2004-05-06 Matsushita Electric Industrial Co., Ltd. An apparatus for identity verification, a system for identity verification, a card for identity verification and a method for identity verification based on identification by biometrics
WO2001084507A1 (en) * 2000-05-04 2001-11-08 Marco Iori User recognition system for automatically controlling accesses, apparatuses and the like equipment
WO2003009113A1 (en) * 2001-07-18 2003-01-30 Safe Connect Sweden Aktiebolag A method for safe and fast connection of a first computer to a second computer having limited access ability

Also Published As

Publication number Publication date
AU2345499A (en) 1999-08-16

Similar Documents

Publication Publication Date Title
CA2636825C (en) Multi-mode credential authentication
US7447910B2 (en) Method, arrangement and secure medium for authentication of a user
US8220063B2 (en) Biometric authentication for remote initiation of actions and services
JP3668175B2 (en) Personal authentication method, personal authentication device, and personal authentication system
US6970853B2 (en) Method and system for strong, convenient authentication of a web user
RU2320009C2 (en) Systems and methods for protected biometric authentication
US7091826B2 (en) User authentication system using biometric information
US7086085B1 (en) Variable trust levels for authentication
US6636975B1 (en) Accessing a secure resource using certificates bound with authentication information
US8161291B2 (en) Process and arrangement for authenticating a user of facilities, a service, a database or a data network
US20070061590A1 (en) Secure biometric authentication system
US8438620B2 (en) Portable device for clearing access
JP4799496B2 (en) Personal authentication method
US20030046237A1 (en) Method and system for enabling the issuance of biometrically secured online credit or other online payment transactions without tokens
US20060242691A1 (en) Method for carrying out a secure electronic transaction using a portable data support
US20030051173A1 (en) Computer security system
JP2003534589A (en) Authentication system and method
EP1410149A2 (en) A system and method for multi-modal authentication using speaker verification
WO1999039310A1 (en) Biometric authentication system and method
JP2011118561A (en) Personal identification device and personal identification method
JP2002366527A (en) Personal identification method
WO2004077208A2 (en) Authentication system and method
JP2005107668A (en) Biometrics method and program and apparatus
AU2011204915B2 (en) Multi-mode credential authentication

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
NENP Non-entry into the national phase

Ref country code: KR

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase