WO2003036861A1 - Security access system - Google Patents

Security access system Download PDF

Info

Publication number
WO2003036861A1
WO2003036861A1 PCT/US2002/016879 US0216879W WO03036861A1 WO 2003036861 A1 WO2003036861 A1 WO 2003036861A1 US 0216879 W US0216879 W US 0216879W WO 03036861 A1 WO03036861 A1 WO 03036861A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
data
wireless device
stylus
processor
Prior art date
Application number
PCT/US2002/016879
Other languages
French (fr)
Inventor
Gerald R. Black
Original Assignee
Black Gerald R
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US09/865,638 external-priority patent/US6925565B2/en
Application filed by Black Gerald R filed Critical Black Gerald R
Priority to EP02741749A priority Critical patent/EP1391075A4/en
Priority to CA002448707A priority patent/CA2448707C/en
Priority to MXPA03010837A priority patent/MXPA03010837A/en
Priority to KR1020037015419A priority patent/KR100591743B1/en
Priority to JP2003539227A priority patent/JP2005507127A/en
Priority to IL15902802A priority patent/IL159028A0/en
Publication of WO2003036861A1 publication Critical patent/WO2003036861A1/en
Priority to ZA2003/08701A priority patent/ZA200308701B/en
Priority to IL159028A priority patent/IL159028A/en
Priority to HK05101680.8A priority patent/HK1069266A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/03Arrangements for converting the position or the displacement of a member into a coded form
    • G06F3/033Pointing devices displaced or positioned by the user, e.g. mice, trackballs, pens or joysticks; Accessories therefor
    • G06F3/0354Pointing devices displaced or positioned by the user, e.g. mice, trackballs, pens or joysticks; Accessories therefor with detection of 2D relative movements between the device, or an operating part thereof, and a plane or surface, e.g. 2D mice, trackballs, pens or pucks
    • G06F3/03545Pens or stylus
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/202Interconnection or interaction of plural electronic cash registers [ECR] or to host computer, e.g. network details, transfer of information from host to ECR or from ECR to ECR
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/25Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
    • G07C9/257Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition electronically
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/27Individual registration on entry or exit involving the use of a pass with central registration
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/207Surveillance aspects at ATMs
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C11/00Arrangements, systems or apparatus for checking, e.g. the occurrence of a condition, not provided for elsewhere
    • G07C2011/02Arrangements, systems or apparatus for checking, e.g. the occurrence of a condition, not provided for elsewhere related to amusement parks

Definitions

  • the invention relates generally to various systems for verifying the identification of a person, and more particularly, where the person carries a wireless device for use at point-of-sale terminals, the wireless device having a memory in for example, an ID card, a credit card, a smart card, a transponder, a barcode, or a combination of these memories.
  • U.S. Patent No. 6,175,922 discloses an electronic transaction system for completing a transaction request at a point-of-sale terminal using a portable electronic authorization device carried by a user.
  • the device first receives digital data representing the transaction request.
  • the electronic authorization device provides information regarding an ability to approve the transaction request.
  • the electronic authorization device receives additional data representing the electronic service authorization token.
  • U.S. Patent No. 6, 140,939 discloses a biometric security system for automobiles.
  • the control system includes a controller for learning a unique biometric characteristic of an individual to define a learned individual capable of causing performance of a function associated with the vehicle.
  • the vehicle function control system includes a biometric characteristic sensor, and a controller at the vehicle for controlling a vehicle function responsive to the biometric characteristic sensor.
  • U.S. Patent No. 5,857,152 discloses an electronic system for toll payment.
  • the system identifies an electronic purse and effects value transfer over a communication system without the need for the vehicle to stop.
  • the system provides for toll payment by use of a communication device and an electronic purse coupled to the device.
  • the remote communication system communicates with mobile devices to effect toll payments by exchanging cryptographically secure messages.
  • U.S. Patent No. 5,706,349 discloses a system for authenticating remote users in a distributed environment. A token is initially issued to a remote user once a security mechanism determines that the remote user is who he claims to be. Prior to access to the a connection between a remote user and an application server, the system verifies that a token associated with a connection request was issued by the security mechanism.
  • U.S. Patent No. 6,202,055 discloses a system for processing a financial instrument.
  • a customer at a identification terminal initially submits the instrument - perhaps a check.
  • the checking account number is communicated to a remote database containing digital photographic images of authorized users of checking accounts.
  • the remote database is searched and any photographic images associated with the checking account number are transmitted to the identification terminal.
  • the images are displayed and compared to the physical appearance of the customer.
  • the on-site employee determines if at least one of the displayed digital matches the appearance of the person initiating the transaction.
  • U.S. Patent No. 5,903,225 discloses an access control system with fingerprint sensor enrollment.
  • the system includes a station for enrolling a person as authorized based upon the sensed fingerprint.
  • the system also includes a wireless device that is carried by the authorized person, and an access controller for granting access to an authorized person.
  • the wireless device cooperates with the enrolling station to store data for an authorized person based upon the sensed fingerprint.
  • the authorized person bearing the wireless device is unobtrusively granted access by approaching the access location.
  • U.S. Patent No. 5,973,731 discloses an identification system that provides interactive communication of text and image information between a central server and multiple remote terminals.
  • the central server maintains a separate, centralized database of data-compressed images of the subject individuals, and subsequently transmits the data-compressed images to local terminals, on demand, during the transactions.
  • the image may include a copy of the authorized signature, which then is used by the transaction terminal to compare to a scanned image of the signature on the authorization slip.
  • TRANSPONDER is a wireless device that is a receiver-transmitter.
  • the transponder is part of a transponder system - the system also including an interrogator.
  • the transponder is capable of accepting the challenge of the interrogator by transmitting an appropriate reply.
  • the transponder receives and transmits data in a wireless manner, generally through low frequency radio waves.
  • the transponder is generally an ID card, a keytag, a wireless phone, a pda, or some other device that can be carried by a customer in a purse, wallet, keychain, or pocket.
  • the transponder may be active or passive. This definition expressly excludes any data transmission by means of swiping a card through or injecting a card into a conventional cardreader.
  • STYLUS refers to any device that is compatible with either the hand or finger of the user for purposes of making a marking on an essentially flat surface.
  • the flat surface may be a digital surface or a piece of paper. While the drawings depict a conventional shape of a stylus, other shapes and designs are also included within the scope of the present invention such as any attachment or thimble-like device for a finger or any implement that can be held with a hand for such purpose.
  • the stylus may or may not include an ink cartridge.
  • DYNAMIC REGISTRATION refers to a process where an existing customer can register for identity into a new system by participating in a conventional transaction. For example, if an electronic signature or digital signature is to be used for reference purposes, such signature is captured when the customer grasps the stylus and signs her name. The registration is seamless and essential invisible to the customer.
  • the authenticated payment system of the present invention comprises a wireless device carried by the customer, a device reader for accessing customer data through the wireless device, a device for generating an electronic signature, a sensor for capturing a digital signature during the course of the commercial transaction, a point-of-sale processor for processing electronic signature data and digital signature data from the device reader, and a host computer in digital communication with the point-of-sale processor.
  • the method for authenticating a payment of the present invention comprises a customer approaching a point-of-sale terminal with goods to be purchased, the customer generating an electronic signature as an expression of intent to commit to the commercial transaction, capturing a digital signature of the customer when the electronic signature is being generated, comparing the captured digital signature of the customer against a reference digital signature, and approving the transaction whenever a predetermined threshold for the authentication has been met and the customer has sufficient funds to cover the transaction.
  • a first preferred embodiment of the identity verification system of the present invention is for use in commercial transactions.
  • the system comprises a host computer, an interrogation device, a transponder device, and a stylus.
  • the host computer has access to data that links the customer with the customer's payment account.
  • the interrogator is linked to the host computer disposed at the point- of-sale terminal.
  • the transponder is wireless and is carried by the customer, and transmits data to the interrogator upon request.
  • the data transmitted pertains to the identity of the customer.
  • the stylus is attached to the point-of-sale terminal and includes a sensor disposed in the stylus grip. The sensor captures a digital signature of the customer while the customer signs her name. Access to the customer's payment account is only enabled when the sensed digital signature matches a reference digital signature.
  • a customer For use in commercial transactions at a point-of-sale terminal, a customer registers selecting a customer account that is to be used for payment. The customer also submits a digital signature for reference purposes - preferably, a fingerprint. The customer is then issued a transponder that links the customer to the customer account and to the reference digital signature.
  • an interrogator disposed at the point-of-sale terminal transmits a radio signal requesting identity verification.
  • the wireless transponder submits data to the interrogator.
  • a stylus to submit written data (such as a signature)
  • a sensor in the stylus makes incidental capture of biometric data that enables the interrogator to confirm customer identity.
  • the system can be used to verify identity when the customer wants to cash a personal check.
  • a stylus Positioned at the center of the process is a stylus with any of a number of biometric or with one or more metric sensors, that enable an incidental capture of data relative to identity verification while the stylus is being used.
  • the identity verification processes of the present invention can be used at point-of-sale terminals, in various controlled environments, to access a computer network, in applications involving pen-based computers and smart-pens, for e-commerce, conventional writing implements, and multipurpose writing implements.
  • U.S. Patent No. 6,064,751 discloses a method of generating a digital signature by the use of various metric and biometric sensors disposed in the barrel of the stylus.
  • a computer-based system captures and verifies an electronic handwritten signature.
  • the system includes a stylus with a plurality of sensors that capture biometric properties of the user, and a database of signature templates storing verified signature information.
  • a digital signature is generated comprising certain features of the writer during the act of signing, such as the size, shape and relative positioning of the curves, loops, lines, dots, crosses and other features of the signature being inscribed, as well as the relative speed at which feature is being imparted.
  • a captured composite digital signature of signature measurements are compared with a reference set of measurements stored to obtain a similarity score.
  • the interrogator is in digital communication with a host computer - the interrogator being disposed at a point-of-sale terminal.
  • the wireless device is preferably a transponder.
  • the stylus can be attached to a point-of-sale terminal, via a pen-based computer or a signature pad.
  • a digital signature such as a fingerprint, is captured during a registration process and stored in a file associated with the registrant or in the wireless device.
  • the customer registers advising the system of a customer account that is to be used for payment.
  • the customer also submits an electronic signature (written script of name) and a digital signature for reference purposes - a fingerprint.
  • the customer is then issued a wireless device, the wireless device having memory.
  • the memory may be an ID card, a credit card, a smart card, a transponder, a barcode, or a combination of these memories.
  • a identifying device reader (such as a card reader, an interrogator, a scanner) is located at the point-of-sale terminal that is compatible with the wireless device.
  • a sensor in the stylus captures data that is used to generate a digital signature.
  • a reference print is then accessed through the memory in the wireless device carried by the customer. The digital and electronic signatures are then compared against the reference data to authentic identity.
  • the stylus includes one or more fingerprint sensor that captures an image of a finger of the customer when the stylus is grasped. While fingerprint sensors are used herein for purposes of illustration it is expressly understood that the principles of this invention are also applicable to sensing of DNA and other biotech properties - that involve cell capture or cell analysis sensors. During routine usage of the stylus, the sensor captures the data necessary to compare with the digital signature to determine identity verification.
  • the preferred embodiment of the authenticated commercial transaction system of the present invention is compatible with the following systems:
  • Fingerprint sensor in something other than stylus card reader, point-of-sale counter, card
  • FIGURE 1A discloses a preferred embodiment of a payment processing RFID system of the present invention comprising a wireless device (RFID memory that includes a unique customer record number), a stylus for capturing a biometric property during the signing process, a local processor- interrogator (for authenticating identity based upon comparison of the captured customer data with the reference customer data), and a host computer (for storing customer records and transaction records, and for generating monthly statements);
  • RFID memory that includes a unique customer record number
  • stylus for capturing a biometric property during the signing process
  • a local processor- interrogator for authenticating identity based upon comparison of the captured customer data with the reference customer data
  • a host computer for storing customer records and transaction records, and for generating monthly statements
  • FIGURE IB discloses a second preferred embodiment of a payment processing RFID system of the present invention comprising a wireless device (RFID memory that reference biometric data, metric data, and signature data), a stylus for capturing a biometric property during the signing process, a local processor-interrogator (for authenticating identity based upon comparison of the captured customer data with the reference customer data), and a host computer (for storing transaction records, and for generating monthly statements);
  • RFID memory RFID memory that reference biometric data, metric data, and signature data
  • stylus for capturing a biometric property during the signing process
  • a local processor-interrogator for authenticating identity based upon comparison of the captured customer data with the reference customer data
  • a host computer for storing transaction records, and for generating monthly statements
  • FIGURE 1C discloses a third preferred embodiment of a payment processing system of the present invention comprising a stylus for capturing a biometric property during the signing process, a smart card reader, a smart card, the smart card memory including reference biometric data, metric data, and signature data), identity authentication based upon comparison of the captured customer data with the reference customer data occurring in the smart card memory), and a host computer (for storing transaction records);
  • FIGURE ID discloses a fourth preferred embodiment of a payment processing RFID system of the present invention comprising a wireless device (RFID memory that includes a unique customer record number), a stylus for capturing a biometric property during the signing process, a local processor-interrogator (for collecting data from the wireless device and the stylus), and a host computer (for authenticating identity based upon comparison of the captured customer data with the reference customer data, for storing customer records and transaction records, and for generating monthly statements);
  • RFID memory that includes a unique customer record number
  • a stylus for capturing a biometric property during the signing process
  • a local processor-interrogator for collecting data from the wireless device and the stylus
  • a host computer for authenticating identity based upon comparison of the captured customer data with the reference customer data, for storing customer records and transaction records, and for generating monthly statements
  • FIGURE 2A discloses a preferred embodiment of a security RFID processing system of the present invention comprising a wireless device (RFID memory that includes a unique user record number), a stylus for capturing a biometric property during the signing process, a local processor-interrogator (for authenticating user identity based upon comparison of the captured customer data with the reference customer data), and a host computer (for storing security access codes and access requests);
  • RFID memory that includes a unique user record number
  • stylus for capturing a biometric property during the signing process
  • a local processor-interrogator for authenticating user identity based upon comparison of the captured customer data with the reference customer data
  • a host computer for storing security access codes and access requests
  • FIGURE 2B discloses a second preferred embodiment of a security RFID processing system of the present invention comprising a wireless device (RFID memory that includes a user biometric data, user metric data, and user signature data, and a unique user record number), a stylus for capturing a biometric property during the signing process, a local processor- interrogator (for authenticating user identity based upon comparison of the captured customer data with the reference customer data), and a host computer (for storing security access codes and access requests);
  • RFID memory RFID memory that includes a user biometric data, user metric data, and user signature data, and a unique user record number
  • a stylus for capturing a biometric property during the signing process
  • a local processor- interrogator for authenticating user identity based upon comparison of the captured customer data with the reference customer data
  • a host computer for storing security access codes and access requests
  • FIGURE 3 discloses a preferred embodiment of a payment processing barcode system of the present invention comprising a wireless device (barcode memory that includes a unique customer record number), a stylus for capturing a biometric property during the signing process, a local processor-barcode reader (for authenticating identity based upon comparison of the captured customer data with the reference customer data), and a host computer (for storing customer records and transaction records, and for generating monthly statements);
  • a wireless device barcode memory that includes a unique customer record number
  • a stylus for capturing a biometric property during the signing process
  • a local processor-barcode reader for authenticating identity based upon comparison of the captured customer data with the reference customer data
  • a host computer for storing customer records and transaction records, and for generating monthly statements
  • FIGURE 4 discloses a preferred embodiment of a system for processing a conventional payment for goods and service at a point-of-sale terminal, comprising a customer ID card (RFID memory that includes a unique customer record number), a user credit or debit card from which value is drawn to pay for goods or services, a stylus for capturing a biometric property during the signing process, a local processor-interrogator (for authenticating identity based upon comparison of the captured customer data with the reference customer data), and a host computer (for storing customer records and transaction records, and for generating monthly statements), the transaction being blocked if the ID card reference data does not match the biometric, metric, or signature data captured from the stylus;
  • RFID memory RFID memory that includes a unique customer record number
  • a stylus for capturing a biometric property during the signing process
  • a local processor-interrogator for authenticating identity based upon comparison of the captured customer data with the reference customer data
  • FIGURE 5A discloses a simplified logic diagram for a preferred method for registering new users into the access (account, network data, physical) security system of the present invention
  • FIGURE 5B discloses a simplified logic diagram for a preferred method for registering existing users into the access (account, network data, physical) security system of the present invention, the registration occurring dynamically as an on-site access request is being processed;
  • FIGURE 6A discloses a simplified logic diagram for a preferred method for enabling account, network data, or physical access involving lower security identity authentication, two streams of sensed data being compared to two streams of reference data, access being enabled if either stream of sensed data matches a corresponding stream of reference data;
  • FIGURE 6B discloses a simplified logic diagram for a preferred method for enabling account, network data, or physical access involving medium security identity authentication, one stream of sensed data being compared to a stream of reference data, access being enabled if the sensed data matches the reference data;
  • FIGURE 6C discloses a simplified logic diagram for a preferred method for enabling account, network data, or physical access involving higher security identity authentication, two streams of sensed data being compared against two streams of reference data, access being enabled if and only if each stream of sensed data matches its corresponding stream of reference data;
  • FIGURES 7A and 7C disclose a simplified logic diagram for a preferred method for the security system of the present invention, enabling access to network data to a remote user involving higher security identity authentication a network high security request, where an acceptance threshold is adjusted (see FIGURE 18A and 18B), two streams of data being captured and processed, access being enabled if and only if each stream of sensed data matches its corresponding stream of reference data;
  • FIGURES 7B and 7C disclose a simplified logic diagram for a preferred method for the security system of the present invention, enabling access to network data to a remote user involving higher security identity authentication a network high security request, where an acceptance threshold is adjusted (see FIGURE 18A and 18B), two streams of data being captured and processed, access being enabled if and only if each stream of sensed data matches its corresponding stream of reference data, data misinformation being provided to the user if identity authentication is not confirmed;
  • FIGURE 8 discloses a simplified logic diagram for another embodiment of the security system of the present invention, wherein the reference data is used for purposes of authenticating user identity for cashing a check;
  • FIGURE 9 discloses a simplified logic diagram for a preferred method for enabling access to a secure area, the user carrying a wireless device having RFID memory, one stream of sensed data being compared to a stream of reference data, access being enabled if the sensed data matches the reference data;
  • FIGURES 10A and 11A disclose a preferred embodiment of simplified RFID memory and simplified customer record of the host computer for the payment processing system of FIGURE 1A;
  • FIGURES 10BA and 11B disclose a preferred embodiment of simplified RFID memory and simplified customer record of the host computer for the payment processing system of FIGURE I B;
  • FIGURE 12A discloses a preferred embodiment for the stylus of the security system of the present invention for providing images of any finger image that touches the grip area of the stylus, an ultrasonic sensor being positioned along the axis of the stylus, the sensor rotating to capture finger images (like sonar), providing a wrap-around sensor configuration for capturing fingerprint images;
  • FIGURE 12B discloses another preferred embodiment for the stylus of the security system of the present invention for providing images of any finger image that touches the grip area of the stylus, six elongated silicon chip sensors being mounted about the surface of the grip, providing a wrap-around sensor configuration for capturing fingerprint images;
  • FIGURES 13A and 13B disclose exploded views of other preferred embodiments of wraparound fingerprint sensor configurations, providing a wrap-around sensor configuration for capturing fingerprint images;
  • FIGURES 14A and 14B disclose a simplified user record data and a list of security access sites for use in a financial institution
  • FIGURES 15A and 15 B disclose a variation of a wireless stylus for use with the security access system of the present invention, the wireless stylus including a fingerprint sensor, a magnetic stripe, and a living hinge for opening and closing a pivotal flap where the magnetic stripe is positioned;
  • FIGURE 16A discloses a customer identification device for the security access system of the present invention, the customer identification device being a card, wherein the card includes is an active transponder;
  • FIGURE 16B discloses a customer identification device for the security access system of the present invention, the customer identification device being a card, wherein the card includes a magnetic stripe credit card;
  • FIGURE 16C discloses a customer identification device for the security access system of the present invention, the customer identification device being a card, wherein the card includes a barcode;
  • FIGURE 16D discloses a customer identification device for the security access system of the present invention, the customer identification device being a card with two memories, wherein one memory is the passive transponder and the second memory is the barcode;
  • FIGURE 16E discloses a customer identification device for the security access system of the present invention, the customer identification device being a card with three memories, wherein one memory is the magnetic stripe, the second memory is a passive transponder, and the third memory is the barcode;
  • FIGURE 16F discloses a customer identification device for the security access system of the present invention, the customer identification device being a card with two memories, wherein one memory is the magnetic stripe and the second memory is the barcode;
  • FIGURE 17 discloses still another preferred embodiment of the wireless device of the present invention, the wireless device being commercial paper with RFID memory disposed therewithin, the memory enabling tracking of the commercial paper, and enabling identity authentication at transfer sites.
  • RFID devices there are two types of RFID devices (1) a token that is issued to a party for use by that party; and (2) a token that is issued and can be readily and freely exchanged between parties (like currency).
  • the latter may take the form of a plastic card, a paper note, or a coin.
  • FIGURE 18A discloses a simplified threshold graph for authenticating lower-risk commercial transactions
  • FIGURE 18B discloses a simplified threshold graph for authenticating higher-risk commercial transactions.
  • FIGURE 1A, IB, and 1C disclose generally the security access system of the present invention.
  • the authenticated commercial transaction system comprises a wireless device carried by the customer, a device reader for accessing customer data through the wireless device, a device for generating an electronic signature, a sensor for capturing a digital signature during the course of the commercial transaction, a point-of-sale processor for processing electronic signature data and digital signature data from the device reader, and a host computer in digital communication with the point-of-sale processor.
  • the preferred embodiment of the identity verification system of the present invention is for accessing account data, for accessing network data, and for physical access.
  • the host computer has access to data that links the customer with the customer's payment account.
  • the interrogator is linked to the host computer disposed at the point-of-sale terminal.
  • the transponder is wireless and is carried by the customer, and transmits data to the interrogator upon request. The data transmitted from the transponder enables the system to make an initial customer identification.
  • the stylus is attached to the point-of- sale terminal and includes a sensor disposed in the stylus grip. The sensor captures and generates a digital signature of the customer while the customer signs his name. Access to the customer's payment account is only enabled after identity has been verified - by matching the digital and/or electronic signatures with the reference data previously submitted by the customer.
  • customer identity is initially made by data transmitted from the transponder to the interrogator.
  • the second step involves the capture of data used to generate digital and electronic signatures. Only after the captured data is compared against the reference data, will the transaction be allowed to proceed.
  • the method for authenticating a commercial transaction of the present invention comprises a customer approaching a point-of-sale terminal with goods to be purchased, the customer generating an electronic signature as an expression of intent to commit to the commercial transaction, capturing a digital signature of the customer when the electronic signature is being generated, comparing the captured digital signature of the customer against a reference digital signature, and approving the transaction whenever a predetermined threshold for the authentication has been met and the customer has sufficient funds to cover the transaction.
  • This identity authentication system is used in commercial transactions at a point-of-sale terminal.
  • the customer registers advising the system of a customer account that is to be used for payment.
  • the customer also submits an electronic signature (written script of name) and a digital signature for reference purposes - a fingerprint.
  • the customer is then issued a wireless device, the wireless device having memory.
  • the memory may be an ID card, a credit card, a smart card, a transponder, a barcode, or a combination of these memories.
  • a identifying device reader (such as a card reader, an interrogator, a scanner) is located at the point-of-sale terminal that is compatible with the wireless device.
  • a sensor in the stylus captures data that is used to generate a digital signature.
  • a reference print is then accessed through the memory in the wireless device carried by the customer. The digital and electronic signatures are then compared against the reference data to authentic identity.
  • FIGURES 2A and 2B disclose simplified methods for registration for new and existing customers, respectively.
  • the customer record For a new customer, the customer record must be created.
  • the customer record already exists.
  • One primary advantage of having the reference data in the customer record is that the amount of memory available reference signature store is not a primary concern. When the reference signature data is to be stored within the transponder, the amount of memory within the transponder may not be sufficient to store such data.
  • the customer record is already in existence but a confirmation check is needed to confirm that the customer has authorized access to the account.
  • the method overcomes the inconvenience of having to re-register all existing customers, Existing customers can use a "dynamic registration" during a routine transaction.
  • Digital and electronic signatures are captured during a routine commercial transaction, using the stylus. Thereafter, during a commercial transaction, the sensed print is compared to the reference print as part of the identity verification process whenever the card is submitted through a cardreader. Similarly, if a transponder is used, perhaps to buy gasoline and other items in a convenience store affiliated with the gas station, the stylus captures the digital signature and uses it as a reference print.
  • the styluses of the present invention are placed at all tellers' windows, all ATMs, and all officers' desks. New customers are given a debit/check/ATM card upon filling out an application.
  • the customer uses a stylus similar to the styluses at the tellers' windows.
  • the customer's reference print is captured during registration, preferably within a branch office of the bank and digital and electronic signature data is encrypted is stored in the customer's bank record.
  • Such cards can actually be issued and distributed to customers once registration is completed, much the same as hotels use to issue room keys upon registration - the cards are preprinted and certain data is loaded onto the card prior to issuance.
  • the stylus can be attached to a point-of-sale terminal, attached to a pen-based computer, or a signature pad.
  • the stylus can be wireless, whereby the transponder is incorporated into the wireless stylus (see FIGURES IB and 1C).
  • Each stylus also includes one or more fingerprint sensors that capture an image of a finger of the customer when the stylus is grasped.
  • the transponder responds to a radio signal by emitting its own radio signal.
  • Each transponder is tagged with a unique serial number. That serial number can be linked with a credit or debit account.
  • a typical sale may require a matching of digital signatures; require a matching of electronic signatures, and require a matching of both digital signatures and electronic signatures.
  • the customer selects goods and proceeds to a point-of-sale terminal.
  • the point-of-sale terminal indicates that the transaction will be paid through a transponder.
  • An interrogator disposed at the point-of-sale terminal collects data from the transponder. A light advises the customer that the payment has been accepted. Payment is made instantly from the customer's registered account.
  • the interrogator emits a low-frequency transmission, generally via its antenna.
  • the transponder is inactive until it's activated by the interrogator.
  • the transponder passes within range, the transponder is excited, causing the transponder to transmit its data in response to the inquiry.
  • the interrogator submits the inquiry to the transponder and receives back data from the transponder.
  • the transponder has enhanced memory (akin to a smart card), in which case the encrypted reference fingerprint is stored within the transponder memory.
  • the memory may contain account number, balance - and customer data to be stored in the transponder memory.
  • FIGURE 6A discloses the corresponding customer bank record. The comparison of the sensed print with the reference print for purposes of identity authentication preferably occurs in the transponder.
  • the transponder has limited memory (akin to a magnetic stripe).
  • the writing device is a tethered stylus attached to the point-of-sale terminal and the digital and electronic signatures are stored in the customer record.
  • the customer bank and account number are in the transponder.
  • the reference signatures are in the customer record at the customer bank. The comparison of the sensed signatures with the reference signatures for purposes of identity authentication preferably occurs either in the driver (where the sensed print is transmitted) or in the point-of-sale terminal (where the reference print is transmitted).
  • the transponder has an index reference to the customer bank and account number. For increased security the index reference number in the account index and on the transponder change with each transaction.
  • the reference print is in the customer record at the customer bank.
  • One significant advantage is that since there is minimal information on the transponder device, if the transponder is lost or stolen it is of little use to thieves and hacks. While they can locate the customer's bank and account number (which they can learn from a personal check), they cannot gain access to such funds since the digital and/or electronic signatures don't match.
  • Another advantage is that the transmission of data is through wired connections (more secure).
  • a passive transponder (does not include a power supply) carried by the customer on his/her person is disposed in a card carried in a wallet or on a keychain - it may need to be removed and swiped through a cardreader or a near an interrogator.
  • An active transponder (includes a power supply) can also be pda, jewelry, glasses, clothing, or the like.
  • a transponder of choice is commercially available from AMSKAN of Mulgrave, Victoria in Australia - the InfraRed Datalink allows serial "through the windscreen' data transfer between a vehicle and the roadside in daylight with high reliability and is presently used for capturing information from vehicles as they re-fuel, re-load, or at highway speeds.
  • the IRD is comprised of two main components, the interrogator and the wireless transponder.
  • the interrogator is mounted either at the point-of-sale terminal.
  • the size of the transponder is 130 x 80 x 50 mm.
  • Another transponder of choice is Miotec's mPollux - that is developed on a SIM card and its integrated security solutions offer a flexible and secure platform with a sufficient capacity for a wireless PKI system.
  • the SIM platform is a FLASH microcontroller, which has a separate RISC processor for RSA operations.
  • MioCOS operating system is compliant with both GSM and PKI standards.
  • the integrated biometric functions enable, among other things, replacing the PIN code in an electronic ID card with fingerprint matching.
  • a transponder is used in a smart card.
  • the smart is compatible with both contactless and contact transactions.
  • Such a card is presently commercially available and known as a "Digital Pusan Card.”
  • the Digital Pusan Card is one of the first to combine contact and contactless smart card functionality on a single chip. Supporting a wide array of services, it combines credit, debit and prepaid card functions.
  • the card is used within the existing Hanaro Transportation scheme.
  • Cardholders can recharge their e-purses at reloading machines and at ATMs.
  • proven and secure dual interface technology operating in both contact and contactless mode.
  • the card is loaded by either its contact or contactless interface. This allows many recharging possibilities including at bank terminals, bus stations or, with a PC and card reader, over the Internet - and this also permits electronic purchasing via the Internet.
  • this transponder as a component of the pen-based verification system of the present invention enables the transponder to be compatible with both card-based and cardless systems.
  • the device is swiped through a cardreader at the point-of-sale terminal - and the customer signs her name using the fingerprint stylus.
  • the reference fingerprint image is stored in the smart card/transponder device, which is also where the matching of the sensed print (from the pen) is compared with the reference fingerprint image.
  • This embodiment enabling compatibility with both cardreaders and transponders also is key in enabling a transition to a cardless system.
  • Fingerprint sensor in something other than stylus card reader, point-of-sale counter, card
  • the transponder When wireless devices are used, system security becomes even more of a concern, since an integral part of the system, in this instance the transponder, is not attached to the system, but rather is wireless and carried by a customer.
  • the reference digital and electronic signature data is stored in both the transponder and the customer record.
  • a comparison of the reference data on the transponder is compared with the reference data in the customer record to determine if the transponder has been altered or replaced with a counterfeit transponder. This check need not be done each time but either randomly or in the event that the transaction involves a large value amount.
  • the reference print When the reference print is stored inside a transponder that is carried by the customer, either of the following technologies may also be employed:
  • U.S. Patent No. 5,619,025 discloses a method for tamper-proof identification using photo refractive crystals.
  • the method for document authentication exploits a temporally variable physical process to generate a reproducible effect that cannot be copied.
  • a document such as a credit card is provided with a spot or stripe that incorporates at least one, and preferably a large plurality of photo refractive crystals arrayed in a random manner.
  • the document authenticating apparatus includes a coherent light source such as a diode laser to illuminate the photo refractive crystals, and a photosensor to receive light scattered from the photo refractive crystals.
  • the random distribution and orientation of photo refractive crystals comprises a unique characteristic for each card or document, and this characteristic is not based on any assigned number or code.
  • the response of photo refractive crystals to the coherent illumination comprises a time-varying characteristic that is dependent upon the intensity and temporal nature of the illumination itself. Input to the laser illuminator may be varied to elicit differing responses from the photo refractive crystals, and this factor may be very difficult for a counterfeiter to ascertain. Also, for any given illumination intensity or temporal pattern, the image received by the photosensor varies with time. The time at which the photosensor signal is sampled to obtain an identifying image may also be varied, thereby further compounding the difficulty for a counterfeiter to overcome.
  • a large number of "snapshots" of the time-varying image of the document is electronically captured, digitized, and stored in an electronic media.
  • the photosensor signal is compared to the stored data; a match indicates a valid document, and no match indicates an invalid or unauthorized document.
  • the image recognition process can be enhanced by comparing the rate of change in a sequence of images elicited by the laser illuminator.
  • U.S. Patent No. 5,834,748 discloses a card that includes magnetic particles and is difficult to counterfeit.
  • the signal strength, period, amplitude and/or alignment of the magnetic field may be read as coded information by a magnetic reading head.
  • the encoding of this information can be made increasingly difficult to imitate or forge by varying parameters within these (and other) mechanically readable inscriptions.
  • the security of the pens is enhanced by the implementation of a mechanically readable security system, which includes a mechanically readable magnetic marking embedded in the transactional item.
  • the marking also may be visually notable or readable, but it at least must be readable by a reading head capable of reading the passage of a magnetic material by the head.
  • the marking is preferably in the form of at least two magnetic filaments or strips and preferably includes a multiple number of filaments of differing coerciveness, magnetic field strength, magnetic field alignment, size or spacing so that when the stylus is passed at a defined and preferably constant speed through the reading device, approval will be given only when the proper signal is provided by the ordered array of appropriate magnetic elements in the pen.
  • FIGURES 15A and 15B disclose a first preferred embodiment of a stylus grip for use with the identity authentication system of the present invention, the grip having a rotatable flap that includes a magnetic stripe that can be read by a conventional card reader.
  • the fingerprint sensors of choice are either of the following:
  • the FingerTIPiM sensor from Infineon enables the integration of a miniature fingerprint sensor into a wide variety of end-products including PCs, notebook computers, handheld devices, set-top boxes, ATM's, point of sale terminals, ticketing kiosks, building access systems, or any other application that would benefit from replacing PIN and password identification with biometric-based verification.
  • the chip is compact, reliable and robust enough to convert a previously exotic technology-biometric user ID into an everyday reality.
  • the FingerTIP chip is a small (18mm x 21mm x 1.5mm) IC embedding a 288 x 224 pixel contact sensor array that images the lines and ridges of a human fingerprint when a user touches the device.
  • Each pixel has an 8-bit data depth, enabling evaluation of subtle gradations (256 shades of gray) of a fingertip and their translation into a set of indices - the key identifying features of an individual fingerprint. Imaging and data transfer of an impression takes only 100 milliseconds.
  • STMicroelectronics has developed a fingerprint sensor of substantially the same size as the Infineon sensor and that use capacitive-sensor-array technology; building silicon IC's containing an array of sensor plates.
  • ST's TouchChip technology uses a capacitive sensing technique to capture, in less than one tenth of a second, a high- resolution image of a fingerprint when the finger is applied directly to the chip surface.
  • the output of the chip is a digital representation of the fingerprint, which can be processed by the algorithms developed by 5AGEM, which immediately confirm or invalidate the recognition of pre-identified persons and then be further processed by application-dependent software.
  • a transponder of choice is commercially available from AMSKAN of Mulgrave, Victoria in Australia - the InfraRed Datalink allows serial "through the windscreen' data transfer between a vehicle and the roadside in daylight with high reliability and is presently used for capturing information from vehicles as they re-fuel, re-load, or at highway speeds.
  • the IRD is comprised of two main components, the interrogator and the wireless transponder.
  • the interrogator is mounted either at the point-of-sale terminal.
  • the size of the transponder is 130 x 80 x 50 mm.
  • Another transponder of choice is Miotec's mPollux - that is developed on a SIM card and its integrated security solutions offer a flexible and secure platform with a sufficient capacity for a wireless PKI system.
  • the SIM platform is a FLASH microcontroller, which has a separate RISC processor for RSA operations.
  • MioCOS operating system is compliant with both GSM and PKI standards.
  • the integrated biometric functions enable, among other things, replacing the PIN code in an electronic ID card with fingerprint matching.
  • the identity verification process of the present invention requires that the remote party have access to a signature pad - the signature pad having means to generate a digital and an electronic signature.
  • the digital and/or electronic signatures compared against reference data before allowing the transaction to go forward, and the digital and electronic signatures are captured and preserved in a transaction record.

Abstract

This identity authentication system is used in commercial transactions at a point-of-sale terminal. The system comprises a device for capturing a customer signature (signature pad or a smart pen), a sensor for capturing a biometric property of the customer during the transaction, a local processor, a wireless device carried by the customer, a device reader positioned at the point-of-sale terminal, and a host computer. The customer registers advising the system of a customer account that is to be used for payment. The customer also submits an electronic signature (written script of name) and a digital signature for reference purposes - a fingerprint. The customer is then issued a wireless device, the wireless device having memory. The memory may be an ID card, a credit card, a smart card, a transponder, a barcode, or a combination of these memories. An identifying device reader (such as a card reader, an interrogator, a scanner) is located at the point-of-sale terminal that is compatible with the wireless device. Thereafter, when the customer uses a stylus to submit written data - an electronic signature is generated. Similarly, a sensor in the stylus captures data that is used to generate a digital signature. A reference print is then accessed through the memory in the wireless device carried by the customer. The digital and electronic signatures are then compared against the reference data to authentic identity.

Description

SECURITY ACCESS SYSTEM
FIELD OF THE INVENTION
The invention relates generally to various systems for verifying the identification of a person, and more particularly, where the person carries a wireless device for use at point-of-sale terminals, the wireless device having a memory in for example, an ID card, a credit card, a smart card, a transponder, a barcode, or a combination of these memories.
BACKGROUND OF THE INVENTION
Many identification systems are known in the art. In some cases, a photograph of a subject or his fingerprint pattern is affixed to an identification card. In other approaches, various methods are employed for storing image or password information in a magnetic stripe or in an optically encoded image or pattern, which is physically part of the identification card. Still other approaches utilize a "smart card" having its own semiconductor memory capability for information storage.
U.S. Patent No. 6,175,922 (Wang) discloses an electronic transaction system for completing a transaction request at a point-of-sale terminal using a portable electronic authorization device carried by a user. The device first receives digital data representing the transaction request. The electronic authorization device provides information regarding an ability to approve the transaction request. When the transaction is approved, the electronic authorization device receives additional data representing the electronic service authorization token.
U.S. Patent No. 6, 140,939 (Flick) discloses a biometric security system for automobiles. The control system includes a controller for learning a unique biometric characteristic of an individual to define a learned individual capable of causing performance of a function associated with the vehicle. The vehicle function control system includes a biometric characteristic sensor, and a controller at the vehicle for controlling a vehicle function responsive to the biometric characteristic sensor.
U.S. Patent No. 5,857,152 (Everett) discloses an electronic system for toll payment. The system identifies an electronic purse and effects value transfer over a communication system without the need for the vehicle to stop. The system provides for toll payment by use of a communication device and an electronic purse coupled to the device. The remote communication system communicates with mobile devices to effect toll payments by exchanging cryptographically secure messages.
U.S. Patent No. 5,706,349 (Aditham et al.) discloses a system for authenticating remote users in a distributed environment. A token is initially issued to a remote user once a security mechanism determines that the remote user is who he claims to be. Prior to access to the a connection between a remote user and an application server, the system verifies that a token associated with a connection request was issued by the security mechanism.
U.S. Patent No. 6,202,055 (Houvener, et al.) discloses a system for processing a financial instrument. A customer at a identification terminal initially submits the instrument - perhaps a check. The checking account number is communicated to a remote database containing digital photographic images of authorized users of checking accounts. The remote database is searched and any photographic images associated with the checking account number are transmitted to the identification terminal. The images are displayed and compared to the physical appearance of the customer. The on-site employee then determines if at least one of the displayed digital matches the appearance of the person initiating the transaction.
U.S. Patent No. 5,903,225 (Schmitt, et al.) discloses an access control system with fingerprint sensor enrollment. The system includes a station for enrolling a person as authorized based upon the sensed fingerprint. The system also includes a wireless device that is carried by the authorized person, and an access controller for granting access to an authorized person. The wireless device cooperates with the enrolling station to store data for an authorized person based upon the sensed fingerprint. The authorized person bearing the wireless device is unobtrusively granted access by approaching the access location.
U.S. Patent No. 5,973,731 (Schwab) discloses an identification system that provides interactive communication of text and image information between a central server and multiple remote terminals. The central server maintains a separate, centralized database of data-compressed images of the subject individuals, and subsequently transmits the data-compressed images to local terminals, on demand, during the transactions. The image may include a copy of the authorized signature, which then is used by the transaction terminal to compare to a scanned image of the signature on the authorization slip.
While a written signature is still regarded as the preferred way for a person to convey approval and a legal commitment, there still remains a need to confirm absolutely that can assure that the customer is the person authorized to make a commitment.
What is needed is a system that will utilize wireless technology (primarily) in commercial transactions of any value that is acceptable to all parties - that captures a digital signature (which is the international standard of identification) at the same time that the electronic signature (the written text) is captured, the combined signature being irrefutable; a pen-based system that is both compatible with card-based systems and independent of such systems.
SUMMARY OF THE INVENTION
The system of the present invention addresses these needs. For purposes herein, a list of key terms are hereafter set forth to clarify the scope of the authenticated payment system of the present invention. TRANSPONDER is a wireless device that is a receiver-transmitter. The transponder is part of a transponder system - the system also including an interrogator. The transponder is capable of accepting the challenge of the interrogator by transmitting an appropriate reply. The transponder receives and transmits data in a wireless manner, generally through low frequency radio waves. The transponder is generally an ID card, a keytag, a wireless phone, a pda, or some other device that can be carried by a customer in a purse, wallet, keychain, or pocket. The transponder may be active or passive. This definition expressly excludes any data transmission by means of swiping a card through or injecting a card into a conventional cardreader.
STYLUS refers to any device that is compatible with either the hand or finger of the user for purposes of making a marking on an essentially flat surface. The flat surface may be a digital surface or a piece of paper. While the drawings depict a conventional shape of a stylus, other shapes and designs are also included within the scope of the present invention such as any attachment or thimble-like device for a finger or any implement that can be held with a hand for such purpose. The stylus may or may not include an ink cartridge.
DYNAMIC REGISTRATION refers to a process where an existing customer can register for identity into a new system by participating in a conventional transaction. For example, if an electronic signature or digital signature is to be used for reference purposes, such signature is captured when the customer grasps the stylus and signs her name. The registration is seamless and essential invisible to the customer.
The authenticated payment system of the present invention comprises a wireless device carried by the customer, a device reader for accessing customer data through the wireless device, a device for generating an electronic signature, a sensor for capturing a digital signature during the course of the commercial transaction, a point-of-sale processor for processing electronic signature data and digital signature data from the device reader, and a host computer in digital communication with the point-of-sale processor. The method for authenticating a payment of the present invention comprises a customer approaching a point-of-sale terminal with goods to be purchased, the customer generating an electronic signature as an expression of intent to commit to the commercial transaction, capturing a digital signature of the customer when the electronic signature is being generated, comparing the captured digital signature of the customer against a reference digital signature, and approving the transaction whenever a predetermined threshold for the authentication has been met and the customer has sufficient funds to cover the transaction.
A first preferred embodiment of the identity verification system of the present invention is for use in commercial transactions. The system comprises a host computer, an interrogation device, a transponder device, and a stylus.
The host computer has access to data that links the customer with the customer's payment account. The interrogator is linked to the host computer disposed at the point- of-sale terminal. The transponder is wireless and is carried by the customer, and transmits data to the interrogator upon request. The data transmitted pertains to the identity of the customer. The stylus is attached to the point-of-sale terminal and includes a sensor disposed in the stylus grip. The sensor captures a digital signature of the customer while the customer signs her name. Access to the customer's payment account is only enabled when the sensed digital signature matches a reference digital signature.
For use in commercial transactions at a point-of-sale terminal, a customer registers selecting a customer account that is to be used for payment. The customer also submits a digital signature for reference purposes - preferably, a fingerprint. The customer is then issued a transponder that links the customer to the customer account and to the reference digital signature. When the customer is at the point-of-sale terminal for making payment, an interrogator disposed at the point-of-sale terminal transmits a radio signal requesting identity verification. The wireless transponder submits data to the interrogator. Thereafter, when the customer uses a stylus to submit written data (such as a signature), a sensor in the stylus makes incidental capture of biometric data that enables the interrogator to confirm customer identity. Similarly, the system can be used to verify identity when the customer wants to cash a personal check.
Positioned at the center of the process is a stylus with any of a number of biometric or with one or more metric sensors, that enable an incidental capture of data relative to identity verification while the stylus is being used. The identity verification processes of the present invention can be used at point-of-sale terminals, in various controlled environments, to access a computer network, in applications involving pen-based computers and smart-pens, for e-commerce, conventional writing implements, and multipurpose writing implements.
While the systems set forth herein are described in conjunction with point-of-sale terminals for purposes of illustration, it is understood that the principles set forth herein are all applicable to a broad range of other activities where a writing or signature are required or preferred, such as Internet and Intranet commerce, access control, government activities (voting, drivers' registration, receipt of government benefits) and for use in controlled environments (such as hospitals, and banks).
Various methods of generating a digital signature may be employed:
PCT Application No. PCT/US99/ 17900 entitled "Identification Confirmation System" filed on April 7, 1999; U.S. Patent Application 09/490,687, entitled "Writing Implement and Identity Verification Systems" filed on January 24, 2000;U.S. Patent Application 09/535,411, entitled "Method for Identity Verification" filed on March 20, 2000; and PCT Application No. PCT/US00/19652 entitled "Identity Authentication System and Method" filed July 18, 2000 by the applicant disclose the use of fingerprint sensors disposed in the barrel of a stylus used to generate an electronic signature as the preferred digital signature.
U.S. Patent No. 6,064,751 (Smithies) discloses a method of generating a digital signature by the use of various metric and biometric sensors disposed in the barrel of the stylus. A computer-based system captures and verifies an electronic handwritten signature. The system includes a stylus with a plurality of sensors that capture biometric properties of the user, and a database of signature templates storing verified signature information. At the time of signing, a digital signature is generated comprising certain features of the writer during the act of signing, such as the size, shape and relative positioning of the curves, loops, lines, dots, crosses and other features of the signature being inscribed, as well as the relative speed at which feature is being imparted. A captured composite digital signature of signature measurements are compared with a reference set of measurements stored to obtain a similarity score.
The interrogator is in digital communication with a host computer - the interrogator being disposed at a point-of-sale terminal. The wireless device is preferably a transponder. The stylus can be attached to a point-of-sale terminal, via a pen-based computer or a signature pad. A digital signature, such as a fingerprint, is captured during a registration process and stored in a file associated with the registrant or in the wireless device.
The customer registers advising the system of a customer account that is to be used for payment. The customer also submits an electronic signature (written script of name) and a digital signature for reference purposes - a fingerprint. The customer is then issued a wireless device, the wireless device having memory. The memory may be an ID card, a credit card, a smart card, a transponder, a barcode, or a combination of these memories. A identifying device reader (such as a card reader, an interrogator, a scanner) is located at the point-of-sale terminal that is compatible with the wireless device. Thereafter, when the customer uses a stylus to submit written data - an electronic signature is generated. Similarly, a sensor in the stylus captures data that is used to generate a digital signature. A reference print is then accessed through the memory in the wireless device carried by the customer. The digital and electronic signatures are then compared against the reference data to authentic identity.
The stylus includes one or more fingerprint sensor that captures an image of a finger of the customer when the stylus is grasped. While fingerprint sensors are used herein for purposes of illustration it is expressly understood that the principles of this invention are also applicable to sensing of DNA and other biotech properties - that involve cell capture or cell analysis sensors. During routine usage of the stylus, the sensor captures the data necessary to compare with the digital signature to determine identity verification. The preferred embodiment of the authenticated commercial transaction system of the present invention is compatible with the following systems:
Fingerprint sensor in something other than stylus (card reader, point-of-sale counter, card)
Stylus w/ fingerprint sensors attached to point-of-sale
Credit cards
Stored value, ATM, check cards
Reference print, Bank, and Account number in card, keytag, or wallet
Bank and Account number in card, keytag or wallet
Personal identifier in card, keytag, or wallet Smart-Pen w/ fingerprint sensors attached to point-of-sale
Credit cards
Stored value, ATM, check cards
Reference print, Bank, and Account number in card, keytag, or wallet
Bank and Account number in card, keytag or wallet
Personal identifier in card, keytag, or wallet Wireless Smart-Pen w/ fingerprint sensors carried by customer
Reference print, Bank, and Account number in smart-pen
Bank and Account number in smart-pen
Personal identifier in smart-pen
For a more complete understanding of the authenticated payment system of the present invention, reference is made to the following detailed description and accompanying drawings in which the presently preferred embodiments of the invention are shown by way of example. As the invention may be embodied in many forms without departing from spirit of essential characteristics thereof, it is expressly understood that the drawings are for purposes of illustration and description only, and are not intended as a definition of the limits of the invention. Throughout the description, like reference numbers refer to the same component throughout the several views. DETAILED DESCRIPTION OF THE DRAWINGS
FIGURE 1A discloses a preferred embodiment of a payment processing RFID system of the present invention comprising a wireless device (RFID memory that includes a unique customer record number), a stylus for capturing a biometric property during the signing process, a local processor- interrogator (for authenticating identity based upon comparison of the captured customer data with the reference customer data), and a host computer (for storing customer records and transaction records, and for generating monthly statements);
FIGURE IB discloses a second preferred embodiment of a payment processing RFID system of the present invention comprising a wireless device (RFID memory that reference biometric data, metric data, and signature data), a stylus for capturing a biometric property during the signing process, a local processor-interrogator (for authenticating identity based upon comparison of the captured customer data with the reference customer data), and a host computer (for storing transaction records, and for generating monthly statements);
FIGURE 1C discloses a third preferred embodiment of a payment processing system of the present invention comprising a stylus for capturing a biometric property during the signing process, a smart card reader, a smart card, the smart card memory including reference biometric data, metric data, and signature data), identity authentication based upon comparison of the captured customer data with the reference customer data occurring in the smart card memory), and a host computer (for storing transaction records);
FIGURE ID discloses a fourth preferred embodiment of a payment processing RFID system of the present invention comprising a wireless device (RFID memory that includes a unique customer record number), a stylus for capturing a biometric property during the signing process, a local processor-interrogator (for collecting data from the wireless device and the stylus), and a host computer (for authenticating identity based upon comparison of the captured customer data with the reference customer data, for storing customer records and transaction records, and for generating monthly statements);
FIGURE 2A discloses a preferred embodiment of a security RFID processing system of the present invention comprising a wireless device (RFID memory that includes a unique user record number), a stylus for capturing a biometric property during the signing process, a local processor-interrogator (for authenticating user identity based upon comparison of the captured customer data with the reference customer data), and a host computer (for storing security access codes and access requests);
FIGURE 2B discloses a second preferred embodiment of a security RFID processing system of the present invention comprising a wireless device (RFID memory that includes a user biometric data, user metric data, and user signature data, and a unique user record number), a stylus for capturing a biometric property during the signing process, a local processor- interrogator (for authenticating user identity based upon comparison of the captured customer data with the reference customer data), and a host computer (for storing security access codes and access requests);
FIGURE 3 discloses a preferred embodiment of a payment processing barcode system of the present invention comprising a wireless device (barcode memory that includes a unique customer record number), a stylus for capturing a biometric property during the signing process, a local processor-barcode reader (for authenticating identity based upon comparison of the captured customer data with the reference customer data), and a host computer (for storing customer records and transaction records, and for generating monthly statements);
FIGURE 4 discloses a preferred embodiment of a system for processing a conventional payment for goods and service at a point-of-sale terminal, comprising a customer ID card (RFID memory that includes a unique customer record number), a user credit or debit card from which value is drawn to pay for goods or services, a stylus for capturing a biometric property during the signing process, a local processor-interrogator (for authenticating identity based upon comparison of the captured customer data with the reference customer data), and a host computer (for storing customer records and transaction records, and for generating monthly statements), the transaction being blocked if the ID card reference data does not match the biometric, metric, or signature data captured from the stylus;
FIGURE 5A discloses a simplified logic diagram for a preferred method for registering new users into the access (account, network data, physical) security system of the present invention;
FIGURE 5B discloses a simplified logic diagram for a preferred method for registering existing users into the access (account, network data, physical) security system of the present invention, the registration occurring dynamically as an on-site access request is being processed;
FIGURE 6A discloses a simplified logic diagram for a preferred method for enabling account, network data, or physical access involving lower security identity authentication, two streams of sensed data being compared to two streams of reference data, access being enabled if either stream of sensed data matches a corresponding stream of reference data;
FIGURE 6B discloses a simplified logic diagram for a preferred method for enabling account, network data, or physical access involving medium security identity authentication, one stream of sensed data being compared to a stream of reference data, access being enabled if the sensed data matches the reference data;
FIGURE 6C discloses a simplified logic diagram for a preferred method for enabling account, network data, or physical access involving higher security identity authentication, two streams of sensed data being compared against two streams of reference data, access being enabled if and only if each stream of sensed data matches its corresponding stream of reference data;
FIGURES 7A and 7C disclose a simplified logic diagram for a preferred method for the security system of the present invention, enabling access to network data to a remote user involving higher security identity authentication a network high security request, where an acceptance threshold is adjusted (see FIGURE 18A and 18B), two streams of data being captured and processed, access being enabled if and only if each stream of sensed data matches its corresponding stream of reference data;
FIGURES 7B and 7C disclose a simplified logic diagram for a preferred method for the security system of the present invention, enabling access to network data to a remote user involving higher security identity authentication a network high security request, where an acceptance threshold is adjusted (see FIGURE 18A and 18B), two streams of data being captured and processed, access being enabled if and only if each stream of sensed data matches its corresponding stream of reference data, data misinformation being provided to the user if identity authentication is not confirmed;
FIGURE 8 discloses a simplified logic diagram for another embodiment of the security system of the present invention, wherein the reference data is used for purposes of authenticating user identity for cashing a check;
FIGURE 9 discloses a simplified logic diagram for a preferred method for enabling access to a secure area, the user carrying a wireless device having RFID memory, one stream of sensed data being compared to a stream of reference data, access being enabled if the sensed data matches the reference data;
FIGURES 10A and 11A disclose a preferred embodiment of simplified RFID memory and simplified customer record of the host computer for the payment processing system of FIGURE 1A;
FIGURES 10BA and 11B disclose a preferred embodiment of simplified RFID memory and simplified customer record of the host computer for the payment processing system of FIGURE I B;
FIGURE 12A discloses a preferred embodiment for the stylus of the security system of the present invention for providing images of any finger image that touches the grip area of the stylus, an ultrasonic sensor being positioned along the axis of the stylus, the sensor rotating to capture finger images (like sonar), providing a wrap-around sensor configuration for capturing fingerprint images;
FIGURE 12B discloses another preferred embodiment for the stylus of the security system of the present invention for providing images of any finger image that touches the grip area of the stylus, six elongated silicon chip sensors being mounted about the surface of the grip, providing a wrap-around sensor configuration for capturing fingerprint images;
FIGURES 13A and 13B disclose exploded views of other preferred embodiments of wraparound fingerprint sensor configurations, providing a wrap-around sensor configuration for capturing fingerprint images;
FIGURES 14A and 14B disclose a simplified user record data and a list of security access sites for use in a financial institution;
FIGURES 15A and 15 B disclose a variation of a wireless stylus for use with the security access system of the present invention, the wireless stylus including a fingerprint sensor, a magnetic stripe, and a living hinge for opening and closing a pivotal flap where the magnetic stripe is positioned;
FIGURE 16A discloses a customer identification device for the security access system of the present invention, the customer identification device being a card, wherein the card includes is an active transponder;
FIGURE 16B discloses a customer identification device for the security access system of the present invention, the customer identification device being a card, wherein the card includes a magnetic stripe credit card;
FIGURE 16C discloses a customer identification device for the security access system of the present invention, the customer identification device being a card, wherein the card includes a barcode;
FIGURE 16D discloses a customer identification device for the security access system of the present invention, the customer identification device being a card with two memories, wherein one memory is the passive transponder and the second memory is the barcode;
FIGURE 16E discloses a customer identification device for the security access system of the present invention, the customer identification device being a card with three memories, wherein one memory is the magnetic stripe, the second memory is a passive transponder, and the third memory is the barcode;
FIGURE 16F discloses a customer identification device for the security access system of the present invention, the customer identification device being a card with two memories, wherein one memory is the magnetic stripe and the second memory is the barcode;
FIGURE 17 discloses still another preferred embodiment of the wireless device of the present invention, the wireless device being commercial paper with RFID memory disposed therewithin, the memory enabling tracking of the commercial paper, and enabling identity authentication at transfer sites. For purposes of discussions herein, there are two types of RFID devices (1) a token that is issued to a party for use by that party; and (2) a token that is issued and can be readily and freely exchanged between parties (like currency). The latter may take the form of a plastic card, a paper note, or a coin.
FIGURE 18A discloses a simplified threshold graph for authenticating lower-risk commercial transactions; and FIGURE 18B discloses a simplified threshold graph for authenticating higher-risk commercial transactions. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
Referring now to the drawings, FIGURE 1A, IB, and 1C disclose generally the security access system of the present invention. The authenticated commercial transaction system comprises a wireless device carried by the customer, a device reader for accessing customer data through the wireless device, a device for generating an electronic signature, a sensor for capturing a digital signature during the course of the commercial transaction, a point-of-sale processor for processing electronic signature data and digital signature data from the device reader, and a host computer in digital communication with the point-of-sale processor.
The preferred embodiment of the identity verification system of the present invention is for accessing account data, for accessing network data, and for physical access. The host computer has access to data that links the customer with the customer's payment account. The interrogator is linked to the host computer disposed at the point-of-sale terminal. The transponder is wireless and is carried by the customer, and transmits data to the interrogator upon request. The data transmitted from the transponder enables the system to make an initial customer identification. The stylus is attached to the point-of- sale terminal and includes a sensor disposed in the stylus grip. The sensor captures and generates a digital signature of the customer while the customer signs his name. Access to the customer's payment account is only enabled after identity has been verified - by matching the digital and/or electronic signatures with the reference data previously submitted by the customer.
In the two-step process of the identity verification process of the present invention, customer identity is initially made by data transmitted from the transponder to the interrogator. The second step involves the capture of data used to generate digital and electronic signatures. Only after the captured data is compared against the reference data, will the transaction be allowed to proceed.
The method for authenticating a commercial transaction of the present invention comprises a customer approaching a point-of-sale terminal with goods to be purchased, the customer generating an electronic signature as an expression of intent to commit to the commercial transaction, capturing a digital signature of the customer when the electronic signature is being generated, comparing the captured digital signature of the customer against a reference digital signature, and approving the transaction whenever a predetermined threshold for the authentication has been met and the customer has sufficient funds to cover the transaction.
This identity authentication system is used in commercial transactions at a point-of-sale terminal. The customer registers advising the system of a customer account that is to be used for payment. The customer also submits an electronic signature (written script of name) and a digital signature for reference purposes - a fingerprint. The customer is then issued a wireless device, the wireless device having memory. The memory may be an ID card, a credit card, a smart card, a transponder, a barcode, or a combination of these memories. A identifying device reader (such as a card reader, an interrogator, a scanner) is located at the point-of-sale terminal that is compatible with the wireless device. Thereafter, when the customer uses a stylus to submit written data - an electronic signature is generated. Similarly, a sensor in the stylus captures data that is used to generate a digital signature. A reference print is then accessed through the memory in the wireless device carried by the customer. The digital and electronic signatures are then compared against the reference data to authentic identity.
FIGURES 2A and 2B disclose simplified methods for registration for new and existing customers, respectively. For a new customer, the customer record must be created. For an existing customer, the customer record already exists. One primary advantage of having the reference data in the customer record (rather than the transponder) is that the amount of memory available reference signature store is not a primary concern. When the reference signature data is to be stored within the transponder, the amount of memory within the transponder may not be sufficient to store such data. For the existing customer, the customer record is already in existence but a confirmation check is needed to confirm that the customer has authorized access to the account. The method overcomes the inconvenience of having to re-register all existing customers, Existing customers can use a "dynamic registration" during a routine transaction. Digital and electronic signatures are captured during a routine commercial transaction, using the stylus. Thereafter, during a commercial transaction, the sensed print is compared to the reference print as part of the identity verification process whenever the card is submitted through a cardreader. Similarly, if a transponder is used, perhaps to buy gasoline and other items in a convenience store affiliated with the gas station, the stylus captures the digital signature and uses it as a reference print.
For example in a branch office of a bank, the styluses of the present invention are placed at all tellers' windows, all ATMs, and all officers' desks. New customers are given a debit/check/ATM card upon filling out an application. The customer uses a stylus similar to the styluses at the tellers' windows. The customer's reference print is captured during registration, preferably within a branch office of the bank and digital and electronic signature data is encrypted is stored in the customer's bank record. Such cards can actually be issued and distributed to customers once registration is completed, much the same as hotels use to issue room keys upon registration - the cards are preprinted and certain data is loaded onto the card prior to issuance.
The stylus can be attached to a point-of-sale terminal, attached to a pen-based computer, or a signature pad. In addition, the stylus can be wireless, whereby the transponder is incorporated into the wireless stylus (see FIGURES IB and 1C). Each stylus also includes one or more fingerprint sensors that capture an image of a finger of the customer when the stylus is grasped.
The transponder responds to a radio signal by emitting its own radio signal. Each transponder is tagged with a unique serial number. That serial number can be linked with a credit or debit account. A typical sale may require a matching of digital signatures; require a matching of electronic signatures, and require a matching of both digital signatures and electronic signatures. The customer selects goods and proceeds to a point-of-sale terminal. The point-of-sale terminal indicates that the transaction will be paid through a transponder. An interrogator disposed at the point-of-sale terminal collects data from the transponder. A light advises the customer that the payment has been accepted. Payment is made instantly from the customer's registered account. The interrogator emits a low-frequency transmission, generally via its antenna. The transponder is inactive until it's activated by the interrogator. When a transponder passes within range, the transponder is excited, causing the transponder to transmit its data in response to the inquiry. The interrogator submits the inquiry to the transponder and receives back data from the transponder.
In one preferred embodiment, the transponder has enhanced memory (akin to a smart card), in which case the encrypted reference fingerprint is stored within the transponder memory. Also, the memory may contain account number, balance - and customer data to be stored in the transponder memory. FIGURE 6A discloses the corresponding customer bank record. The comparison of the sensed print with the reference print for purposes of identity authentication preferably occurs in the transponder. One significant advantage to this system is that the transaction can be completed at the point-of-sale terminal with minimal access/input from the driver. Another advantage is that the driver and account data are updated after the transaction is completed
In another preferred embodiment, the transponder has limited memory (akin to a magnetic stripe). The writing device is a tethered stylus attached to the point-of-sale terminal and the digital and electronic signatures are stored in the customer record. The customer bank and account number are in the transponder. The reference signatures are in the customer record at the customer bank. The comparison of the sensed signatures with the reference signatures for purposes of identity authentication preferably occurs either in the driver (where the sensed print is transmitted) or in the point-of-sale terminal (where the reference print is transmitted). In a variation of this embodiment, the transponder has an index reference to the customer bank and account number. For increased security the index reference number in the account index and on the transponder change with each transaction. The reference print is in the customer record at the customer bank. One significant advantage is that since there is minimal information on the transponder device, if the transponder is lost or stolen it is of little use to thieves and hacks. While they can locate the customer's bank and account number (which they can learn from a personal check), they cannot gain access to such funds since the digital and/or electronic signatures don't match. Another advantage is that the transmission of data is through wired connections (more secure).
A passive transponder (does not include a power supply) carried by the customer on his/her person is disposed in a card carried in a wallet or on a keychain - it may need to be removed and swiped through a cardreader or a near an interrogator. An active transponder (includes a power supply) can also be pda, jewelry, glasses, clothing, or the like.
A transponder of choice is commercially available from AMSKAN of Mulgrave, Victoria in Australia - the InfraRed Datalink allows serial "through the windscreen' data transfer between a vehicle and the roadside in daylight with high reliability and is presently used for capturing information from vehicles as they re-fuel, re-load, or at highway speeds. The IRD is comprised of two main components, the interrogator and the wireless transponder. The interrogator is mounted either at the point-of-sale terminal. The size of the transponder is 130 x 80 x 50 mm.
Another transponder of choice is Miotec's mPollux - that is developed on a SIM card and its integrated security solutions offer a flexible and secure platform with a sufficient capacity for a wireless PKI system. The SIM platform is a FLASH microcontroller, which has a separate RISC processor for RSA operations. MioCOS operating system is compliant with both GSM and PKI standards. Furthermore, the integrated biometric functions enable, among other things, replacing the PIN code in an electronic ID card with fingerprint matching.
In still yet another preferred embodiment of the pen-based verification systems of the present invention, a transponder is used in a smart card. The smart is compatible with both contactless and contact transactions. Such a card is presently commercially available and known as a "Digital Pusan Card." The Digital Pusan Card is one of the first to combine contact and contactless smart card functionality on a single chip. Supporting a wide array of services, it combines credit, debit and prepaid card functions. Compatible with smart pagers the card is used within the existing Hanaro Transportation scheme. Cardholders can recharge their e-purses at reloading machines and at ATMs. As well as proven and secure dual interface technology, operating in both contact and contactless mode. The card is loaded by either its contact or contactless interface. This allows many recharging possibilities including at bank terminals, bus stations or, with a PC and card reader, over the Internet - and this also permits electronic purchasing via the Internet.
The use of this transponder as a component of the pen-based verification system of the present invention enables the transponder to be compatible with both card-based and cardless systems. In the card-based system, the device is swiped through a cardreader at the point-of-sale terminal - and the customer signs her name using the fingerprint stylus. The reference fingerprint image is stored in the smart card/transponder device, which is also where the matching of the sensed print (from the pen) is compared with the reference fingerprint image. This embodiment enabling compatibility with both cardreaders and transponders also is key in enabling a transition to a cardless system.
The preferred embodiment of the security access system of the present invention is compatible with the following systems:
Fingerprint sensor in something other than stylus (card reader, point-of-sale counter, card)
Stylus w/ fingerprint sensors attached to point-of-sale
Credit cards
Stored value, ATM, check cards
Reference print, Bank, and Account number in card, keytag, or wallet
Bank and Account number in card, keytag or wallet
Personal identifier in card, keytag, or wallet Smart-Pen w/ fingerprint sensors attached to point-of-sale
Credit cards
Stored value, ATM, check cards
Reference print, Bank, and Account number in card, keytag, or wallet
Bank and Account number in card, keytag or wallet
Personal identifier in card, keytag, or wallet Wireless Smart-Pen w/ fingerprint sensors carried by customer
Reference print, Bank, and Account number in smart-pen Bank and Account number in smart-pen Personal identifier in smart-pen
When wireless devices are used, system security becomes even more of a concern, since an integral part of the system, in this instance the transponder, is not attached to the system, but rather is wireless and carried by a customer. The reference digital and electronic signature data is stored in both the transponder and the customer record. During a request for a point-of-sale transaction, a comparison of the reference data on the transponder is compared with the reference data in the customer record to determine if the transponder has been altered or replaced with a counterfeit transponder. This check need not be done each time but either randomly or in the event that the transaction involves a large value amount. There are other ways. When the reference print is stored inside a transponder that is carried by the customer, either of the following technologies may also be employed:
U.S. Patent No. 5,619,025 (Hickman, et al.) discloses a method for tamper-proof identification using photo refractive crystals. The method for document authentication exploits a temporally variable physical process to generate a reproducible effect that cannot be copied. A document such as a credit card is provided with a spot or stripe that incorporates at least one, and preferably a large plurality of photo refractive crystals arrayed in a random manner. The document authenticating apparatus includes a coherent light source such as a diode laser to illuminate the photo refractive crystals, and a photosensor to receive light scattered from the photo refractive crystals. The random distribution and orientation of photo refractive crystals comprises a unique characteristic for each card or document, and this characteristic is not based on any assigned number or code. The response of photo refractive crystals to the coherent illumination comprises a time-varying characteristic that is dependent upon the intensity and temporal nature of the illumination itself. Input to the laser illuminator may be varied to elicit differing responses from the photo refractive crystals, and this factor may be very difficult for a counterfeiter to ascertain. Also, for any given illumination intensity or temporal pattern, the image received by the photosensor varies with time. The time at which the photosensor signal is sampled to obtain an identifying image may also be varied, thereby further compounding the difficulty for a counterfeiter to overcome. A large number of "snapshots" of the time-varying image of the document is electronically captured, digitized, and stored in an electronic media. The photosensor signal is compared to the stored data; a match indicates a valid document, and no match indicates an invalid or unauthorized document. The image recognition process can be enhanced by comparing the rate of change in a sequence of images elicited by the laser illuminator.
U.S. Patent No. 5,834,748 (Litman) discloses a card that includes magnetic particles and is difficult to counterfeit. The signal strength, period, amplitude and/or alignment of the magnetic field may be read as coded information by a magnetic reading head. The encoding of this information can be made increasingly difficult to imitate or forge by varying parameters within these (and other) mechanically readable inscriptions. The apparatus readable (mechanically readable) security means to prevent forgery of identification cards, (including the new smart cards with readable chips therein) and pens. The security of the pens is enhanced by the implementation of a mechanically readable security system, which includes a mechanically readable magnetic marking embedded in the transactional item. The marking also may be visually notable or readable, but it at least must be readable by a reading head capable of reading the passage of a magnetic material by the head. The marking is preferably in the form of at least two magnetic filaments or strips and preferably includes a multiple number of filaments of differing coerciveness, magnetic field strength, magnetic field alignment, size or spacing so that when the stylus is passed at a defined and preferably constant speed through the reading device, approval will be given only when the proper signal is provided by the ordered array of appropriate magnetic elements in the pen.
When the digital signature is generated through fingerprint data, registration can also occur without the pen, but rather with a fingerprint sensor that captures essentially a complete fingerprint of the finger for references purposes. Subsequently, when the stylus is used, the partial print is compared to the complete fingerprint for matching purposes.
Just as a transponder that is compatible with existing cardreaders enables the system of the present invention to be compatible with card-based systems and pen-based (cardless) systems as shown above, utilization of a stylus that is compatible with existing cardreaders offers many similar advantages for a wireless stylus, that is compatible with card-based systems and pen-based systems. FIGURES 15A and 15B disclose a first preferred embodiment of a stylus grip for use with the identity authentication system of the present invention, the grip having a rotatable flap that includes a magnetic stripe that can be read by a conventional card reader.
The fingerprint sensors of choice are either of the following:
The FingerTIPiM sensor from Infineon enables the integration of a miniature fingerprint sensor into a wide variety of end-products including PCs, notebook computers, handheld devices, set-top boxes, ATM's, point of sale terminals, ticketing kiosks, building access systems, or any other application that would benefit from replacing PIN and password identification with biometric-based verification. The chip is compact, reliable and robust enough to convert a previously exotic technology-biometric user ID into an everyday reality. The FingerTIP chip is a small (18mm x 21mm x 1.5mm) IC embedding a 288 x 224 pixel contact sensor array that images the lines and ridges of a human fingerprint when a user touches the device. Each pixel has an 8-bit data depth, enabling evaluation of subtle gradations (256 shades of gray) of a fingertip and their translation into a set of indices - the key identifying features of an individual fingerprint. Imaging and data transfer of an impression takes only 100 milliseconds.
STMicroelectronics has developed a fingerprint sensor of substantially the same size as the Infineon sensor and that use capacitive-sensor-array technology; building silicon IC's containing an array of sensor plates. ST's TouchChip technology uses a capacitive sensing technique to capture, in less than one tenth of a second, a high- resolution image of a fingerprint when the finger is applied directly to the chip surface. The output of the chip is a digital representation of the fingerprint, which can be processed by the algorithms developed by 5AGEM, which immediately confirm or invalidate the recognition of pre-identified persons and then be further processed by application-dependent software.
A transponder of choice is commercially available from AMSKAN of Mulgrave, Victoria in Australia - the InfraRed Datalink allows serial "through the windscreen' data transfer between a vehicle and the roadside in daylight with high reliability and is presently used for capturing information from vehicles as they re-fuel, re-load, or at highway speeds. The IRD is comprised of two main components, the interrogator and the wireless transponder. The interrogator is mounted either at the point-of-sale terminal. The size of the transponder is 130 x 80 x 50 mm.
Another transponder of choice is Miotec's mPollux - that is developed on a SIM card and its integrated security solutions offer a flexible and secure platform with a sufficient capacity for a wireless PKI system. The SIM platform is a FLASH microcontroller, which has a separate RISC processor for RSA operations. MioCOS operating system is compliant with both GSM and PKI standards. Furthermore, the integrated biometric functions enable, among other things, replacing the PIN code in an electronic ID card with fingerprint matching.
One skilled in the art will also recognize the application of the principles of the identity verification system of the present invention to electronic commerce, where the party seeking to enter or access data, or simple to correspond with another. When the party seeking to make the transaction is remote from the host computer terminal (or second party), the remote party can generally not be seen, and so the race, ethnicity, gender, or even species cannot be ascertained. In such instances, the need for identity verification takes on increased importance. Accordingly, the identity verification process of the present invention requires that the remote party have access to a signature pad - the signature pad having means to generate a digital and an electronic signature. The digital and/or electronic signatures compared against reference data before allowing the transaction to go forward, and the digital and electronic signatures are captured and preserved in a transaction record.
Throughout this application, various U.S. Patents, Patent Applications, and PCT Applications are referenced by number and inventor. The disclosures of these Patents and Applications in their entireties are hereby incorporated by reference into this specification in order to more fully describe the state of the art to which this technology pertains.
Throughout this application, various U.S. Patents, Patent Applications, and PCT Applications are referenced by number and inventor. The disclosures of these Patents and Applications in their entireties are hereby incorporated by reference into this specification in order to more fully describe the state of the art to which this technology pertains. It is evident that many alternatives, modifications, and variations of the authenticated commercial transaction system of the present invention will be apparent to those skilled in the art in light of the disclosure herein. It is intended that the metes and bounds of the present invention be determined by the appended claims rather than by the language of the above specification, and that all such alternatives, modifications, and variations which form a conjointly cooperative equivalent are intended to be included within the spirit and scope of these claims.

Claims

1. A method for processing an access request, the method comprising:
a. capturing user reference data (involving user biometric data or user metric data) from a wireless device carried by a user, the user reference data having been submitted in a registration process;
b. capturing user sensed data (involving user biometric data or user metric data) as the user writes a name, the name being written with a stylus;
c. transmitting the user sensed data and the user captured data to a processor system, the user reference data being transmitted to the processor by means of radio-frequency transmission;
d. comparing the user sensed data against the user reference data in the processor;
e. authenticating the identity of the user based upon the results of the comparison; and
f. enabling user access (account, network data, or physical) if the processor confirms user identity and other system criteria (fund availability, clearance) confirms the access request should be approved.
2. A method for processing an access request, the method comprising:
a. capturing a user record number from a wireless device carried by a user, the user record number having been submitted in a registration process; b. capturing user sensed data (involving user biometric data or user metric data) as the user writes a name, the name being written with a stylus;
c. transmitting the user sensed data and the user record number to a processor system, the user record number being transmitted to the processor by means of radio-frequency transmission;
d. using the user record number to retrieve user reference data (involving user biometric data, user metric data, or user signature data);
e. comparing the user sensed data with the user reference data in the processor;
f. authenticating the identity of the user based upon the results of the comparison; and
g. enabling user access (account, network data, or physical) if the processor confirms user identity and other system criteria (fund availability, clearance) confirms the access request should be approved.
3. A method for processing an access request, the method comprising:
a. capturing user reference data (involving user biometric data or user metric data) from a wireless device carried by a user, the user reference data being embedded in a barcode, the user reference data having been submitted in a registration process;
b. capturing user sensed data (involving user biometric data or user metric data) as the user writes a name, the name being written with a stylus;
c. transmitting the user sensed data and the user captured data to a processor system, the user reference data being transmitted to the processor by means of a barcode reader; d. comparing the user sensed data against the user reference data in the processor;
e. authenticating the identity of the user based upon the results of the comparison; and
f. enabling user access (account, network data, or physical) if the processor confirms user identity and other system criteria (fund availability, clearance) confirms the access request should be approved.
4. A method for processing an access request, the method comprising:
a. capturing a user record number from a wireless device carried by a user, the user record number, the user record number being embedded in a barcode having been submitted in a registration process;
b. capturing user sensed data (involving user biometric data or user metric data) as the user writes a name, the name being written with a stylus;
c. transmitting the user sensed data and the user record number to a processor system, the user record number being transmitted to the processor by means of a barcode scanner;
d. using the user record number to retrieve user reference data (involving user biometric data, user metric data, or user signature data);
e. comparing the user sensed data with the user reference data in the processor;
f. authenticating the identity of the user based upon the results of the comparison; and g. enabling user access (account, network data, or physical) if the processor confirms user identity and other system criteria (fund availability, clearance) confirms the access request should be approved.
5. A system comprising:
a. a stylus for capturing user biometric, metric, or signature data of a user as the stylus is being used to submit user data;
b. a wireless device carried by the user, the wireless device having memory, the memory including user data, the user data including a user data record number;
c. a processing system that captures the user data record number from the wireless device by means of radio frequency transmission, the radio frequency transmission occurring from the wireless device to the processor, the processing system accessing user reference data by use of the user record number, the user data record including reference data involving user biometric data, user metric data, or user signature data, the processing system using the captured data processed from the stylus for comparison against the user reference data processed from the wireless device, user authentication being based upon the comparison, user access (account, network data, or physical) being permitted if the processor confirms the user identity and other system criteria (fund availability, clearance) confirms the access request should be approved.
6. A system comprising:
a. a stylus for capturing user biometric data, metric data, or signature data as the stylus is being used to submit user data; b. a wireless device carried by the user, the wireless device having memory, the memory including user reference data (involving user biometric data, user metric data, or user signature data); and
c. a processing system that captures the user reference data from the wireless device by means of radio frequency transmission, the radio frequency transmission occurring from the wireless device to the processor, the processing system using the captured data processed from the stylus for comparison against the user reference data processed from the wireless device, user authentication being based upon the comparison, user access (account, system, or physical) being permitted if the processor confirms the user identity and other system criteria (fund availability, clearance) confirms that the access request should be approved.
7. A system comprising:
a. a stylus for capturing user biometric, metric, or signature data of a user as the stylus is being used to submit user data;
b. a wireless device carried by the user, the wireless device having memory, the memory including user data, the user data including a user data record number, the user data being embedded in a barcode; and
c. the processing system capturing the user data record number from the wireless device by means of a barcode reader, the processing system accessing user reference data by use of the user record number, the user data record including reference data involving user biometric data, user metric data, or user signature data, the processing system using the captured data processed from the stylus for comparison against the user reference data processed from the wireless device, user authentication being based upon the comparison, user access (account, network data, or physical) being permitted if the processor confirms the user identity and other system criteria (fund availability, clearance) confirms the access request should be approved.
8. A system comprising:
a. a stylus for capturing user biometric data, metric data, or signature data as the stylus is being used to submit user data;
b. a wireless device carried by the user, the wireless device having memory, the memory including user reference data (involving user biometric data, user metric data, or user signature data); and
c. a processing system that captures the user data record number from the wireless device by means of a barcode reader, the processing system using the captured data processed from the stylus for comparison against the user reference data processed from the wireless device, user authentication being based upon the comparison, user access (account, system, or physical) being permitted if the processor confirms the user identity and other system criteria (fund availability, clearance) confirms that the access request should be approved.
9. A method for enabling a user to process a payment for goods or services from a provider, the method comprising:
a. tendering funds sufficient to pay for the goods or services, fund tendering being by a payment card and through a cardreader
b. capturing user reference data (involving user biometric data or user metric data) from a wireless device carried by the user, the wireless device being separate and apart from the payment card, the user reference data having been submitted in a registration process; c. capturing user sensed data (involving user biometric data or user metric data);
d. transmitting the user sensed data and the user reference data to a processor system, the user reference data being transmitted to the processor by means of radio-frequency transmission;
e. comparing the user sensed data against the user reference data; and
f. advising the provider of the goods or services when user identity is denied resulting from the comparison of the user sensed data with the user reference data.
10. A method for processing an access request, the method comprising:
, a. capturing user sensed data (involving user biometric data or user metric data) as the user writes a name, the name being written with a stylus;
b. transmitting the user sensed data to a smart card, the smart card including a smart-card processor, the smart-card processor including memory, the memory including user reference data (involving user biometric data or user metric data);
c. comparing the user sensed data against the user reference data in the smart- card processor;
d. authenticating the identity of the user based upon the results of the comparison; and
e. enabling user access (account, network data, or physical) if the processor confirms user identity and other system criteria (fund availability, clearance) confirms the access request should be approved.
PCT/US2002/016879 2001-05-25 2002-05-28 Security access system WO2003036861A1 (en)

Priority Applications (9)

Application Number Priority Date Filing Date Title
EP02741749A EP1391075A4 (en) 2001-05-25 2002-05-28 Security access system
CA002448707A CA2448707C (en) 2001-05-25 2002-05-28 Security access system
MXPA03010837A MXPA03010837A (en) 2001-05-25 2002-05-28 Security access system.
KR1020037015419A KR100591743B1 (en) 2001-05-25 2002-05-28 Secure access system
JP2003539227A JP2005507127A (en) 2001-05-25 2002-05-28 Security access system
IL15902802A IL159028A0 (en) 2001-05-25 2002-05-28 Security access system
ZA2003/08701A ZA200308701B (en) 2001-05-25 2003-11-07 Security access system
IL159028A IL159028A (en) 2001-05-25 2003-11-24 Security access system
HK05101680.8A HK1069266A1 (en) 2001-05-25 2005-02-28 Security access system

Applications Claiming Priority (12)

Application Number Priority Date Filing Date Title
US09/865,638 2001-05-25
US09/865,638 US6925565B2 (en) 2001-05-25 2001-05-25 Pen-based transponder identity verification system
US29922601P 2001-06-19 2001-06-19
US60/299,226 2001-06-19
US30801001P 2001-07-26 2001-07-26
US60/308,010 2001-07-26
US31786601P 2001-09-10 2001-09-10
US60/317,866 2001-09-10
US32660701P 2001-10-01 2001-10-01
US60/326,607 2001-10-01
US34001001P 2001-12-06 2001-12-06
US60/340,010 2001-12-06

Publications (1)

Publication Number Publication Date
WO2003036861A1 true WO2003036861A1 (en) 2003-05-01

Family

ID=27559637

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2002/016879 WO2003036861A1 (en) 2001-05-25 2002-05-28 Security access system

Country Status (10)

Country Link
EP (1) EP1391075A4 (en)
JP (1) JP2005507127A (en)
KR (1) KR100591743B1 (en)
CN (1) CN100583748C (en)
CA (1) CA2448707C (en)
HK (1) HK1069266A1 (en)
IL (2) IL159028A0 (en)
MX (1) MXPA03010837A (en)
WO (1) WO2003036861A1 (en)
ZA (1) ZA200308701B (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007019605A1 (en) * 2005-08-12 2007-02-22 Securicom (Nsw) Pty Ltd Improving card device security using biometrics
US7343299B2 (en) 2000-11-06 2008-03-11 Symbol Technologies, Inc. System and methods for mail security
US7363505B2 (en) 2003-12-03 2008-04-22 Pen-One Inc Security authentication method and system
US7386456B2 (en) * 2000-11-06 2008-06-10 Symbol Technologies, Inc. System and methods for transportation and delivery using bar codes
US7609862B2 (en) 2000-01-24 2009-10-27 Pen-One Inc. Method for identity verification
US7609863B2 (en) 2001-05-25 2009-10-27 Pen-One Inc. Identify authentication device
US7822232B2 (en) 1999-09-17 2010-10-26 Pen-One, Inc. Data security system
US7961917B2 (en) 1999-02-10 2011-06-14 Pen-One, Inc. Method for identity verification
US20110184861A1 (en) * 2002-12-31 2011-07-28 American Express Travel Related Services Company, Inc. Method and system for implementing and managing an enterprise identity management for distributed security in a computer system
AU2006281965B2 (en) * 2005-08-12 2013-03-21 Securicom (Nsw) Pty Ltd Improving card device security using biometrics
CN103959830A (en) * 2011-08-24 2014-07-30 混合支付科技世界股份有限公司 Method and system to capture and validate a signature using a mobile device
WO2017007590A1 (en) * 2015-07-09 2017-01-12 Mastercard International Incorporated Simultaneous multi-factor authentication systems and methods for payment transactions
CN109584412A (en) * 2018-10-26 2019-04-05 杭州云时智创科技有限公司 A kind of intelligent lock system and method for unlocking unlocked using eID
US20220085992A1 (en) * 2020-09-17 2022-03-17 P-Chip Ip Holdings Inc. Devices, systems, and methods using microtransponders
US11943330B2 (en) 2020-02-14 2024-03-26 P-Chip Ip Holdings Inc. Light-triggered transponder

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050044387A1 (en) * 2003-08-18 2005-02-24 Ozolins Helmars E. Portable access device
EP1751908B1 (en) * 2004-05-10 2016-07-13 Koninklijke Philips N.V. Personal communication apparatus capable of recording transactions secured with biometric data
SE0402710D0 (en) * 2004-11-05 2004-11-05 Anoto Ab Management of internal logic for electronic pens
KR20060099064A (en) * 2005-03-10 2006-09-19 엘지전자 주식회사 Mobile phone having function of authentification, user authentification system and user authentification method using rfid technology
KR100675697B1 (en) * 2005-03-23 2007-01-29 여호룡 User authentification method and apparatus by RFID chip and Smart card
KR100709273B1 (en) * 2005-05-24 2007-04-20 김영제 On-Board Unit with smart card interface and RFID tag and Road Side Unit communicationable with that
US20070006298A1 (en) * 2005-06-30 2007-01-04 Malone Christopher G Controlling access to a workstation system via wireless communication
US10055735B2 (en) 2007-01-30 2018-08-21 Visa U.S.A., Inc. Delayed transit fare assessment
CN101277185B (en) * 2007-03-28 2011-04-27 联想(北京)有限公司 Authentication method, system based on wireless identification as well as wireless identification, server
JP5147426B2 (en) * 2008-01-25 2013-02-20 日立オムロンターミナルソリューションズ株式会社 Cash transaction system
GB2496790B (en) * 2010-07-06 2019-01-16 T Data Systems S Pte Ltd Data storage device with data input function
US8373540B2 (en) * 2011-02-04 2013-02-12 Worthwhile Products Anti-identity theft and information security system process
KR101835960B1 (en) * 2016-03-22 2018-04-19 이태규 System and method for inputting digital stamp
CN108667768B (en) * 2017-03-29 2022-04-29 腾讯科技(深圳)有限公司 Network application fingerprint identification method and device
IL286410B2 (en) * 2021-09-14 2023-06-01 Cohen Yaniv Pen with biometric signature verification

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5892824A (en) * 1996-01-12 1999-04-06 International Verifact Inc. Signature capture/verification systems and methods
US6064751A (en) * 1994-08-31 2000-05-16 Penop Limited Document and signature data capture system and method
US6175922B1 (en) * 1996-12-04 2001-01-16 Esign, Inc. Electronic transaction systems and methods therefor
US20020026419A1 (en) * 2000-08-24 2002-02-28 Sony Electronics, Inc. Apparatus and method for populating a portable smart device

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6095418A (en) * 1994-01-27 2000-08-01 Symbol Technologies, Inc. Apparatus for processing symbol-encoded document information
AUPO084896A0 (en) * 1996-07-05 1996-07-25 Dynamic Data Systems Pty Ltd Identification storage medium and system and method for providing access to authorised users
JP2950307B2 (en) * 1997-11-28 1999-09-20 日本電気株式会社 Personal authentication device and personal authentication method
WO1999052060A2 (en) * 1998-04-07 1999-10-14 Black Gerald R Identification confirmation system
AU3761099A (en) * 1998-04-24 1999-11-16 Identix Incorporated Personal identification system and method
IL140360A0 (en) * 1998-06-27 2002-02-10 Lci Smartpen Nv Apparatus and methods for imaging written information with a mobile telephone set
EP1039769B1 (en) * 1999-03-24 2012-05-09 Hewlett-Packard Development Company, L.P. A method and apparatus for getting acccess to a digital mobile phone

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6064751A (en) * 1994-08-31 2000-05-16 Penop Limited Document and signature data capture system and method
US5892824A (en) * 1996-01-12 1999-04-06 International Verifact Inc. Signature capture/verification systems and methods
US6175922B1 (en) * 1996-12-04 2001-01-16 Esign, Inc. Electronic transaction systems and methods therefor
US20020026419A1 (en) * 2000-08-24 2002-02-28 Sony Electronics, Inc. Apparatus and method for populating a portable smart device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP1391075A4 *

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7961917B2 (en) 1999-02-10 2011-06-14 Pen-One, Inc. Method for identity verification
US8520905B2 (en) 1999-09-17 2013-08-27 Pen-One, Inc. Data security system
US7822232B2 (en) 1999-09-17 2010-10-26 Pen-One, Inc. Data security system
US8374402B2 (en) 1999-09-17 2013-02-12 Pen-One, Inc. Data security system
US7609862B2 (en) 2000-01-24 2009-10-27 Pen-One Inc. Method for identity verification
US7343299B2 (en) 2000-11-06 2008-03-11 Symbol Technologies, Inc. System and methods for mail security
US7386456B2 (en) * 2000-11-06 2008-06-10 Symbol Technologies, Inc. System and methods for transportation and delivery using bar codes
US7609863B2 (en) 2001-05-25 2009-10-27 Pen-One Inc. Identify authentication device
US20110184861A1 (en) * 2002-12-31 2011-07-28 American Express Travel Related Services Company, Inc. Method and system for implementing and managing an enterprise identity management for distributed security in a computer system
US7363505B2 (en) 2003-12-03 2008-04-22 Pen-One Inc Security authentication method and system
AU2006281965B2 (en) * 2005-08-12 2013-03-21 Securicom (Nsw) Pty Ltd Improving card device security using biometrics
WO2007019605A1 (en) * 2005-08-12 2007-02-22 Securicom (Nsw) Pty Ltd Improving card device security using biometrics
US8620039B2 (en) 2005-08-12 2013-12-31 Securicom (Nsw) Pty Ltd Card device security using biometrics
CN103959830A (en) * 2011-08-24 2014-07-30 混合支付科技世界股份有限公司 Method and system to capture and validate a signature using a mobile device
EP2749053A4 (en) * 2011-08-24 2015-07-29 Hybrid Paytech World Inc Method and system to capture and validate a signature using a mobile device
WO2017007590A1 (en) * 2015-07-09 2017-01-12 Mastercard International Incorporated Simultaneous multi-factor authentication systems and methods for payment transactions
CN109584412A (en) * 2018-10-26 2019-04-05 杭州云时智创科技有限公司 A kind of intelligent lock system and method for unlocking unlocked using eID
US11943330B2 (en) 2020-02-14 2024-03-26 P-Chip Ip Holdings Inc. Light-triggered transponder
US11949768B2 (en) 2020-02-14 2024-04-02 P-Chip Ip Holdings Inc. Light-triggered transponder
US20220085992A1 (en) * 2020-09-17 2022-03-17 P-Chip Ip Holdings Inc. Devices, systems, and methods using microtransponders

Also Published As

Publication number Publication date
CA2448707C (en) 2007-12-04
MXPA03010837A (en) 2004-11-22
CA2448707A1 (en) 2003-05-01
IL159028A (en) 2011-10-31
KR100591743B1 (en) 2006-06-22
CN100583748C (en) 2010-01-20
KR20040005989A (en) 2004-01-16
EP1391075A4 (en) 2006-05-31
ZA200308701B (en) 2005-01-26
HK1069266A1 (en) 2005-05-13
JP2005507127A (en) 2005-03-10
EP1391075A1 (en) 2004-02-25
IL159028A0 (en) 2004-05-12
CN1526218A (en) 2004-09-01

Similar Documents

Publication Publication Date Title
US7363505B2 (en) Security authentication method and system
CA2448707C (en) Security access system
US6925565B2 (en) Pen-based transponder identity verification system
US6970583B2 (en) Identity authentication device
US7609863B2 (en) Identify authentication device
US8103881B2 (en) System, method and apparatus for electronic ticketing
US8499334B2 (en) System, method and apparatus for enabling transactions using a user enabled programmable magnetic stripe
US9016584B2 (en) System, method and apparatus for enabling transactions using a biometrically enabled programmable magnetic stripe
US6307956B1 (en) Writing implement for identity verification system
US6539101B1 (en) Method for identity verification
US20090322477A1 (en) Self-Activated Secure Identification Document
US20060215886A1 (en) Method for identity verification
WO2001022351A1 (en) Identity authentication system and method
AU2007202764B2 (en) Security access system
AU2002314826A1 (en) Security access system
AU2004250655B2 (en) Method and system for creating and operating biometrically enabled multi-purpose credential management devices

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2002741749

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2003/08701

Country of ref document: ZA

Ref document number: 200308701

Country of ref document: ZA

WWE Wipo information: entry into national phase

Ref document number: 2003539227

Country of ref document: JP

Ref document number: 1-2003-501195

Country of ref document: PH

WWE Wipo information: entry into national phase

Ref document number: 159028

Country of ref document: IL

WWE Wipo information: entry into national phase

Ref document number: 028106083

Country of ref document: CN

Ref document number: 2448707

Country of ref document: CA

Ref document number: PA/a/2003/010837

Country of ref document: MX

Ref document number: 2003/DELNP/2003

Country of ref document: IN

Ref document number: 1020037015419

Country of ref document: KR

WWE Wipo information: entry into national phase

Ref document number: 2002314826

Country of ref document: AU

WWP Wipo information: published in national office

Ref document number: 2002741749

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642