The present application relates to a system for identification and authorisation of a person. In preferred embodiments the system utilises finger print scanning by means of capacitive, optical, optoelectronic, thermic, or other physical principles of measurement. The present application further relates to the use of the system in bank cards, proximity cards, identification terminals, admission control systems, smart cards, transaction cards, mobile phones, PDA's, and other types of equipment utilized for determining and confirming the identity of a person. The present application further relates to a method for using the system. It is known that finger print scanning is used for identification and authorisation of a person, for example in entrance terminals for buildings. For finger print scanning, different types of sensors can be used. Examples are pressure sensors, temperature sensors, or light sensors. These sensors have in common that the sensor/scanner should have a resolution high enough to capture an image detailed and clear enough for fingerprint analysis and recognition. The scanned finger print is analysed and compared to finger prints stored in a finger print database, containing finger prints of persons which have access to the system, or in the contrary, which do not have access to the system. If the finger print is identified positive, the finger print scanning system provides access to, for example, a building. Use of finger prints alone has the inherent weakness that it is possible to prepare replicas of (or even cut off) fingers belonging to individuals subject to impersonation, e.g. in connection with fraud. Such replicas may be provided with the same or similar properties as genuine fingers and may thus be used to deposit a finger print that will be accepted by the sensor system. For this reason, finger print registrations are often not sufficient and will have to be combined with input of a user specific code, assuming that this code is secret and only known to authorised users. Some known systems combine finger print systems with a personal access code, which should be typed in by means of an additional numeric or alpha numeric keypad. If an additional code is required, the system can use the
finger print analysis in combination with the personal code, for more secure authorisation of a person. In some instances it is inconvenient to use a separate numerical keypad for input of a user specific code, both because this requires extra equipment and also because this often implies a separation of the steps in the routine for identification and authentication on two different modules. A separate, often permanently installed, module may allow application of utilities that permit illegitimate "reading" of the code during input. Many people also find it difficult to memorise a numerical or alphanumerical code, particularly if the user is required to remember a whole series of such codes. US 6373967 B2 discloses an entry device recognizes user's fingerprints which are entered as a sequence, where the fingerprints of different fingers must be entered in the proper sequence in order to be recognized by the system. US 6509847 B1 discloses a method for inputting an access code via temporal variations in the amount of pressure applied to a touch interface. SE 515238 discloses a phone having a microphone which picks up different noises created as e.g. a finger or pen is moved over different patterns and/or texturing on a phone surface in order to write down information, to move a cursor on the screen, or similar functions. US 6325285 B1 discloses a smart card with a fingerprint reader including a sensing surface. When an individual inserts the smart card into a write/read unit, the smart card creates an electrical representation of the individual's fingerprint and compares the acquired representation to a stored fingerprint representation in the card's memory. If the acquired representation matches the stored representation, the user is given access to information and/or services. CA 2340501 discloses finger print or hand palm scanning, where finger- or palm prints are consecutive print images where the subject exerts force, torque and/or rolling over an interval of time. JP 2001067180A discloses fingerprint recognition by extracting the movement direction and amount of the contact surface of a fingertip or the like on a sensor surface, for providing a reduced space finger scan sensor.
CA 2340501 and JP 2001067180A disclose use of form for determination of the direction of movement of a finger tip or hand palm. The purpose of this is described to be obtaining an improved image, rather than that this movement is connected to a more secure identification and authorisation system. The present invention is characterised by that the system comprises a finger print sensor comprising a sensor surface divided into one or more sections, which is able to register a user specific code which is input with the finger to be scanned, onto the sensor surface of the finger print sensor. The concept of the invention is to combine electronic, finger print based identification with an active, code based authentication of users by means of one and the same sensor system. This is achieved by having the user, in addition to his/her finger print, also enter or draw a user specific pattern on the sensor surface. The pattern may comprise individual pushes or touches in one or several points on the surface, one or several lines drawn in a specific pattern, or a combination of individual pushes or touches and lines. The finger may be lifted from the surface between each touch and/or line drawing, or the input may be entered as a non-interrupted pattern with the finger in continuous contact with the sensor surface. One preferred embodiment of the system according to the invention comprises a finger print sensor comprising a sensor surface divided into one or more sections, which finger print sensor is adapted to register a user specific code which is input with the finger to be scanned, onto the sensor surface of the finger print sensor In another preferred embodiment of the system according to the invention, the system utilises finger print scanning by means of capacitive, optical, optoelectronic, thermic, or other physical principles of measurement. In another preferred embodiment of the system according to the invention, the user specific code to be registered is a personal geometrical pattern or a personal pressure sequence. In another preferred embodiment of the system according to the invention, the finger print sensor is based on flexible, polymer based sensor components.
In another preferred embodiment of the system according to the invention, input of the user specific code is performed by that the user moves a finger one or more times across the sensor surface, either horizontally, vertically, or diagonally, thereby inputting a certain geometrical pattern. In another preferred embodiment of the system according to the invention, input of the user specific code is performed or completed or confirmed by that the user taps on the sensor surface, or varies the pressure exerted on the sensor surface, thereby inputting a certain pressure or tapping sequence. In another preferred embodiment of the system according to the invention, input of the user specific code is performed or completed or confirmed by a combination of that the user moves or rolls a finger one or more times across the sensor surface, either horizontally, vertically, or diagonally, and that the user taps, or varies the pressure exerted on the sensor surface, thereby inputting a combination of a certain geometrical pattern and a certain pressure sequence. In another preferred embodiment of the system according to the invention, the identity of the user is determined by the user specific code input by means of the sensor surface of the finger print sensor, in combination with any type of additional personal information used in combination with the system. In another preferred embodiment of the system according to the invention, the additional personal information used in combination with the system is stored by means of any type of data memory applicable for the specific use, where there is a connection between the electronic identification and authorisation system and the additional personal information stored in the data memory. In another preferred embodiment of the system according to the invention, the additional data memory is ROM memory programmed on a hard disk, a micro chip, an optical disk, or the like. In another preferred embodiment of the system according to the invention, the sensor surface is physically, or by definition in a program, divided into one or more sections, which sections can be used for input of a pattern or sequence distributed over said number of sections.
In another preferred embodiment of the system according to the invention, the sensor surface is divided into four sections, divided symmetrically by an x-axis and a y-axis. In another preferred embodiment of the system according to the 5 invention, the sensor surface is divided into four sections, where X+ = 45° - 135°, Y- = 135° - 225°, X- = 225° - 315°, and Y+ = 315° - 45°. In another preferred embodiment of the system according to the invention, the system is equipped with a device which is able to detect that a code specific to the user is entered, which code is expressed by that the usero moves a finger one or more times along the sensor's X or Y axis, and therewith draws one or more lines, where the direction is defined by the movement direction of the finger; or by that the user by moving a finger back and forth along the X or Y axis draws combined lines, constituting a code like +X-X, or - X+X-X, or +X-X+X-X, and so on; or by a combination thereof.s In another preferred embodiment of the system according to the invention, a movement of a finger back and forth is considered continuous when the finger is in constant contact with the sensor surface under the movement. In another preferred embodiment of the system according to the invention, a movement of a finger back and forth is considered continuous wheno the finger is in constant contact with the sensor surface under the movement, or when the time interval between two contacts is shorter than a time interval programmed in the system. In another preferred embodiment of the system according to the invention, the preset time interval for which two contacts are considered5 continuous is 1/3 of a second. In another preferred embodiment of the system according to the invention, a geometrical centre point of the finger surface touching the sensor surface should cross the centre line dividing the sensor surface into two before changing direction, in order to register the movement as back and forth.o In another preferred embodiment of the system according to the invention, the sensor has a stand by mode for saving energy, where the sensor changes to an active mode when touched by a finger.
In another preferred embodiment of the system according to the invention, the system has a solar cell, battery, kinetic energy provider, or other energy supply. In another preferred embodiment of the system according to the invention the system is incorporated in a wristband, a wrist watch, a necklace, a mobile phone, or other device carried on the body. One preferred method for use of the system according to the invention comprises the steps of coming within the range of a sender/transmitter of radio signals; placing the finger to be scanned onto the sensor surface of the finger print sensor on the proximity card to indicate that the user is ready to input his or her code; carry out the input of the personal code by tapping, moving, or rolling the pattern or frequency constituting the personal code; removing the finger from the sensor surface of the finger print sensor to indicate that the input of the code is completed. Another preferred method for use of the system according to the invention comprises the steps of inserting the authorisation card partially into the card terminal, therewith indicating that input of the code is to start; carrying out the input of the personal code by tapping, moving, or rolling the pattern or frequency constituting the personal code; removing the card from the card terminal to indicate that the input of the code is completed. Another preferred method for use of the system according to the invention comprises the steps of inserting the authorisation card partially into a cash dispenser, therewith indicating that automated bank services are required; choosing the planned service using the buttons on the cash dispenser; carrying out the input of the personal code by tapping, moving, or rolling the pattern or frequency constituting the personal code, when prompted to do so; removing the card from the card terminal when prompted to do so; make the choices necessary to complete the planned service, or abort the action. Another preferred method for use of the system according to the invention comprises the step of moving a finger one or more times across the sensor surface, in either direction, therewith drawing one or more lines that are characterised by their direction, where the direction is determined by the
movement direction of the finger, where the movement pattern defines a personal pattern constituting a personal code for the user of the system. Use of the system according to the invention can preferably be made in bank cards, proximity cards, identification terminals, admission control systems, smart cards, transaction cards, mobile phones, PDA's, and other types of equipment utilized for determining and confirming the identity of a person. Figure 1 shows an example of the sensor surface of a finger print sensor registering differences in heat transmission from the finger of a person to the sensor surface. Figure 2 shows schematically a bank card comprising a finger print sensor registering both a finger print and a code. Figure 3 shows the creating of codes of variable complexity by sequentially increasing and decreasing pressure, and varying the duration (L, S) of increased pressure in long (dash) and short (dot) pressure applications. Figure 4 shows the potential for an unlimited number of codes by increasing the number of pressure applications and by organising applications into sequences separated by intervals. Figure 5 shows how the codes may be used for input of unintelligible symbol codes, e.g. 25A4, or easily remembered names and expressions, e.g. "Joe", "kid", etc. Figure 6 shows that a particular code may be created for a specific purpose. Figure 7 shows how a code is entered by moving a finger once across the sensor surface, either along the X-axis or Y-axis, or by moving a finger back and forth across the sensor surface, either along the X-axis or the Y-axis. Figure 8 shows examples of code versatility by use of sequential arrow symbols or sequential arrow symbols in combination with dash/dot symbols. Figure 9 shows that arrow and dash/dot symbols may be assigned a numerical value and/or a function as mathematical operators. Figure 10 shows a sensor surface divided into four sections, where for example the movement of a fingertip from B to D represents a simple, single- segment pattern, encoded BD.
Figure 11 shows that drawing pattern codes are rapid to enter, easy to memorize, and that an unlimited number of codes are available. Figure 12 shows that combined drawing pattern and dot/dash codes are easy to enter and memorise, and that an unlimited number of code patterns are available, from very simple to very complex. Figure 13 shows an example for how numeric or alphanumeric symbols can be drawn on the sensor surface. The sensor surface of a finger print sensor should have high enough a resolution for obtaining a clear finger print image. The code to be entered can be a drawing, for example a word, a character, a number, a shape, or anything else. The sensor surface can further be divided into a small number of segments, e.g. into four segments (fig. 10). The segments and their delimitation are in one embodiment defined by allocating addresses to points that are defined to constitute borderlines between the segments, in addition to points on the surface that are defined to lie within specific segments. The subdivision into segments can be virtual and logically based, and has no bearing on the efficiency of the various parts of the sensor. For some purposes it may, however, be appropriate to visualise the division, e.g. in the form of coloured border lines or different colouring of the segments. In an embodiment where the sensor surface is divided into four equally sized, orthogonal quadrants with the origin in the centre of the surface, the quadrants may be referred to as A, B, C, and D, and they may have the following relative positions:
A B C D
During input of a user specific pattern, the user may, as an example, initially touch segment B, thereafter segment C and finally draw the line C-A-B. According to a proposed codification rule, this pattern input may be expressed as B, C, C-A-B, where comma (",") between letters signifies that the finger is lifted from the surface of the sensor, while a dash ("-") between letters indicates
continuous movement of the finger. The user may not necessarily memorise this letter code, but rather the graphical picture of the drawing process itself, which for most people is far easier than remembering number and letter sequences. User specific patterns, e.g. as in fig. 10-13, that are constructed and utilised based on these principles provide a considerable and sufficient degree of variation, without the patterns becoming too complex. A few examples, together with fig. 3-9, may illustrate this: - A single push against one of the four quadrants provides four different "patterns": A, B, C, or D. - Two subsequent pushes against same or different quadrants provide sixteen (4x4) different patterns. - Three subsequent pushes against the same or different quadrants provide sixty-four (4x4x4) different patterns. - Drawing of a straight line (horizontal or vertical) between two quadrants provides eight different patterns: A-B; A-C; B-A; B-D; C-A; C-D; D-B; and D-C. - If diagonal line drawing is enabled, the number of patterns allowed with a straight line is expanded to twelve: A-B; A-D; A-C; B-A; B-C; B-D; C- A; C-B; C-D; D-B; D-A; and D-C. - Drawing of a broken line comprising two straight, horizontal or vertical segments provides sixteen different patterns: A-B-A; A-B-D; A-C-A; A- C-D, etc. If a diagonal segment is also allowed, the number of patterns based on a broken line is expanded to thirty-six; A-B-A; A-B- C; A-B-D; A-D-A; A-D-B; A-D-C: A-C-A; A-C-B; A-C-D; etc. - Drawing of a broken line consisting of three or more straight segments, e.g. A-B-A-B; B-C-A-D-C; etc., in addition to combinations of simple pushes and straight and broken lines gives an unlimited number of different patterns, thereby providing opportunities for a sufficient number of user specific codes for each thinkable situation without the pattern becoming too complex to memorise. The sensor surface may alternatively be divided or sub-divided into fewer or more segments, with the additional opportunity for fewer or more pattern
codes. As an example, the surface may be subdivided into two or six segments as follows:
A A B B C D E F
Two segments may in many instances be sufficient, while use of six or more segments implies need for more precision during the drawing procedure. The use of a segmented sensor surface permits the drawing to be rather crude and imprecise, as long as the centre of gravity of the finger/surface interface is located within the intended segment. The processing power needed for this kind of pattern recognition is also very modest. The use of diagonal lines may require addition of some more software logic and processing power, but this is relatively insignificant. According to a preferred embodiment of the invention, lines or line segments should either be horizontal or vertical. If the sensor surface furthermore has an outer frame that can be sensed, this allows the user to move his/her finger along the frame during the input of a pattern. This consequently permits the user to enter a fingerprint and code pattern without having to see the sensor surface, e.g. for use in the dark or with the sensor, e.g. incorporated in a transaction card or mobile phone, hidden in the pocket. This implementation may thus provide some security advantages. Although a segmented sensor surface provides many advantages, user specific patterns may also be drawn on a non-segmented surface, e.g. in the form of alphanumeric symbols. This requires the use of a pattern recognition program, which again puts a more heavy demand on the processing power of the device. Many existing sensor systems are subject to wear and dirt, gradually impairing their efficiency (optoelectronic and capacitive sensors), in addition to static electricity problems (capacitive sensors). For this reason, a preferred embodiment of the invention employs a thermally based finger print sensor, e.g. as in fig 1 , most notably a sensor based on active heat transfer as described by
Dinh (US Pat. No. 6,091 ,837, and PCT/NO96/00082). This latter sensor is considerably more robust than said optoelectronic and capacitive sensors. Due to the fact that it is extremely compact it is also very suitable for incorporation in credit-, transaction-, and access cards, fig 2. For the latter applications, the use of flexible, polymer based sensor components are particularly useful, where conventional components based on aluminium, silica, gallium, and other metals or transition metals and their chemical derivatives are substituted wholly or partially with polymers. Such sensors are resistant to bending and can very well stand mechanical wear. To summarize, the invention concern an electronic, finger print based identification and authorisation system for use with identification terminals, access control systems, smart cards, transaction cards, and other kinds of equipment that are used to establish and confirm the identity of one or more individuals. The system comprises a sensor surface with an associated electronic sensor that is used to identify a user when he/she pushes a finger against the sensor surface, whereby an image or other characteristics of the finger surface is registered. The system furthermore comprises a utility for detecting a user specific pattern that is drawn on the sensor surface, where the pattern together with the image of the finger surface confirms the identity and authenticates the user. The electronic sensor can comprise a matrix of individual sensor elements that may utilise capacitive, optoelectronic, thermal, or other physical detection principles. A large number of sensor elements are brought into contact with a large part of the finger surface when the latter is pushed against the sensor surface. A preferred embodiment of the invention utilises a thermal sensor, where the sensor elements are heated. The temperature or change of temperature of each sensor element is measured once or several times, or continuously. The measured temperature/change of each sensor element is used as indication of heat loss from each element to the finger surface and a collective registration of heat losses provides a segmented image of the finger surface that is based on registration of differences in heat loss from the various sensor elements.
The thermal sensor may, for certain applications, be based on the use of flexible polymer components as substitutes from conducting, semi-conducting, and isolating components of aluminium, silica, gallium, other metals or transition metals and their oxides and other chemical modifications. The identification process utilises biometric principles where stored information about the finger surface's unique ridge and branching pattern (minutia) of one or several individuals are compared with the minutia pattern on the finger of the user in question, and where a minimum number of coinciding minutia (minutia hits) is used to establish identity. The user draws his/her user specific pattern by touching or pushing the fingertip against the sensor surface, alone or in combination with movement of the fingertip along and in touch with the sensor surface (surface movement). The user specific pattern is established either by a single push or a sequence of separate pushes against one or different areas of the sensor surface, a sequence of separate surface movements of the fingertip between various areas of the sensor surface, or a combination of two or more of the alternatives described above. The fingertip is lifted from the sensor surface between each separate push and each separate surface movement. The position of the finger during a push or surface movement is established in the form of a calculated, geometrical centre or centre of gravity of the current finger/sensor interface. Identification/authentication by use of traditional transaction cards and proximity cards has certain disadvantages and limitations: - usually kept in wallet; not readily accessible; may be lost or stolen - proximity cards are powered by radio waves; limitations on energy consumption - flexible card implies mandatory use of polymer sensor; exposed to wear and tear The above disadvantages may be eliminated by use of other formats, e.g. a bracelet worn on the wrist, offering several advantages: - readily accessible; optimal when speed is demanded, e.g. in queue situations - easy to deposit finger print and any kind of user specific code on sensor
- powered by battery, solar power, or kinetic power supply; flexible with regards to energy demand - may use either silicon or polymer based sensor - may incorporate other physiological sensors demanding contact with skin; extended possibilities for user identification - may double as wrist watch, phone, radio, etc. - allows visual contact and frequent inspection; not easily lost or stolen The present invention is defined by the patent claims accompanying this application.