WO2010096628A2

WO2010096628A2 - System and method for authentication and identification

Info

Publication number: WO2010096628A2
Application number: PCT/US2010/024686
Authority: WO
Inventors: Gustavo Reyes-Zumeta
Original assignee: Universal Identification Solutions Llc
Priority date: 2009-02-19
Filing date: 2010-02-19
Publication date: 2010-08-26
Also published as: WO2010096628A3

Abstract

A computer-implemented method, system, apparatus, or media for electronic identification and/or authentication of a user based on a plurality of inputs, including biometric data and imaged data. The apparatus can have a plurality of components for receiving different types of data from a plurality of data sources, including biometric data, imaged data, electronic identification cards, or the like. The plurality of data can be used to confirm, verify, or otherwise authenticate the identity of the user based on various comparisons of the data. The authenticated user can use or have access to a service, device, or the like. The method, system, apparatus, or media can be used to authenticate voters based on voting data such as eligibility, appropriate polling places for a voter, party affiliation, or the like.

Description

SYSTEM AND METHOD FOR AUTHENTICATION AND IDENTIFICATION

TECHNICAL FIELD

The present invention relates to identification of a user and related data and more particularly but not exclusively to associating data with an identified user and/or confirming the data.

BACKGROUND

Users of electronic systems are often required to be identified (e.g., confirmed, verified, or authenticated), and their articles for identification are often required to be identified. Mechanisms for such identification include using passwords, generated keys, security token, personal identification numbers (PINs), etc. However, users may forget such information or such information may be discovered and compromised by others. Also, the use of such mechanisms can be cumbersome or unusable for some users. For example, a visually impaired person or handicapped person may not be able to use keypads to type in PINs.

The use of proper electronic identification is especially important in fields of use sensitive to security, such as voting, hospital record keeping, military record keeping, cargo tracking, etc. For such security sensitive fields of use, improper or unauthorized users can compromise the integrity of data. For example, an improper or unauthorized user can comprise the integrity of an election by creating false voter registration records.

Recently, biometrics have become important for uniquely recognizing biological beings. By analyzing one or more intrinsic physical or behavioral traits of a biological being, biometric technology can be used for identity access management and access control. Biometric identification can include physiological identification (e.g., related to the shape of the body, fingerprint, face recognition, hand and palm geometry and iris recognition, or DNA recognition), and/or behavioral identification (e.g., related to the behavior of a person, signature verification, keystroke dynamics, or voice). However, biometric information may not be easily associated with proper data and/or applications. Also, users may be incapable of being identified by certain biometric technology because of their handicaps, deficiencies in biometric technologies, social or religious mores, etc. It is with respect to these problems and others that improvement is desired. SUMMARY OF THE INVENTION

One aspect of the invention is directed to a computer-implemented method, system, apparatus, or media for electronic identification and/or authentication of a user based on a plurality of inputs, including biometric data and imaged data. The apparatus can have a plurality of components for receiving different types of data from a plurality of data sources, including biometric data, imaged data, electronic identification cards, or the like. The plurality of data can be used to confirm, verify, or otherwise authenticate the identity of the user based on various comparisons of the data. The authenticated user can use or have access to a service, device, or the like. The method, system, apparatus, or media can be used to authenticate voters based on voting data such as eligibility, appropriate polling places for a voter, party affiliation, or the like.

BRIEF DESCRIPTION OF THE DRAWINGS

Further features of the invention, its nature and various advantages will be more apparent from the following detailed description, taken in conjunction with the accompanying drawings in which like reference characters refer to like parts throughout, and in which:

FIGS. 1A-1B are functional block diagrams of illustrative systems for confirming the identity of a user when computing an association of data with the user in accordance with one embodiment of the invention;

FIGS. 2A-2G are examples of computing devices operable to execute various aspects of the invention;

FIG. 3 A is an example of a electronic identification and/or data association device in accordance with one embodiment of the invention; FIG. 3B is a perspective view of an electronic identification and/or data association device, according to a further embodiment of the present invention;

FIG. 3 C is a perspective view of an electronic identification and/or data association device with side device, according to a further embodiment of the present invention;

FIG. 3D is a front view thereof; FIGS. 4A-4C show block diagrams that illustrates a system and apparatuses in accordance with one embodiment of the present invention;

FIG. 5 is flow chart for a process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention; FIG. 6 A is a flow chart for a process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention;

FIG. 6B is a flow chart for another process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention;

FIG. 7 A is a flow chart for another process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention;

FIG. 7B is a flow chart for another process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention;

FIG. 7C is a flow chart for another process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention; FIG. 7D is a flow chart for another process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention;

FIG. 8 A is a flow chart for a process for managing user data in accordance with one embodiment of the invention; FIG. 8B is a flow chart for a process for managing user data in accordance with one embodiment of the invention;

FIG. 8C is a flow chart for a process for managing user data in accordance with one embodiment of the invention;

FIG. 8D is a flow chart for a process for managing user data in accordance with one embodiment of the invention;

FIG. 9 A is a flow chart for a process for monitoring identification of users and data usage in accordance with one embodiment of the invention;

FIG. 9B is a flow chart for a process for monitoring identification of users and data usage in accordance with one embodiment of the invention; FIG. 10A- 1OE shows embodiments of data schemas for identification of users and association of data in accordance with one embodiment of the invention;

FIG. 11 shows a user interface for monitoring identification of users and data usage (of identified uses) in accordance with one embodiment of the invention; and FIG. 12 shows an embodiment of a data schema for identification of users and association of data in accordance with one embodiment of the invention.

DETAILED DESCRIPTION OF EMBODIMENTS The following description is presented to enable any person of ordinary skill in the art to practice the present invention. Various modifications to the preferred embodiment will be readily apparent to those of ordinary skill in the art, and the principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the invention. Thus, the invention is not intended to be limited to the specific embodiments shown, but the claims are to be accorded an appropriate scope consistent with the principles and features disclosed herein as understood by skilled artisans.

As used in this application, the term "component" is intended to refer to a computer- related entity, either hardware, a combination of hardware and software, software, or software in execution. For example, a component can be, but is not limited to being, a process running on a processor, a processor, a hard disk drive, multiple storage drives (of optical and/or magnetic storage medium), an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on a server and the server can be a component. One or more components can reside within a process and/or thread of execution, and a component can be localized on one computer and/or distributed between two or more computers.

Generally, aspects of the invention are directed to a method, system, apparatus and media for associating data with a user. Biometric information representative of the user is parsed to generate a first identifier. The first identifier is matched to a database entry about the user. A second identifier representative of a first code, wherein the first code identifies the user, is received. A confirmation of the user's identity is provided when the first identifier, database entry, and second identifier satisfy a matching criteria. Data (e.g., votes) can be associated with the confirmed user. A plurality of votes of confirmed users is printed. A marked up version of the printed votes is scanned to generate imaged data. The imaged data can be parsed for a signature and the tally. A verification of the votes can be provided when the signature matches signature data associated with the vote. The apparatus comprises a portable device that can include a card reader, biometric reader, and an optical scanner. As used in this application, the terms "biometric information" and "biometric data" are intended to refer to any information or data related to physical or biological attributes of an organic entity or individual (e.g., user). For example, biometric information or biometric data can be, but is not limited to being, individual or combined measurements of fingerprints, palm prints, footprints, retinas, irises, voice patterns, facial patterns, hand and palm geometries, foot geometries, head geometries, odors, veins, DNA, ear canals, internal or external body temperatures, dental geometries and cavities, hair colors, bodily fluids or samples, bodily weights, scars, marks, and/or tattoos. Biometric information and biometric data may be read, individually or in combination, by a biometric reader or biometric input device such as a fingerprint scanner, iris scanner, odor analyzer, vein scanner, thermographic camera, iris scanner, retina scanner, or the like. Any biometric reader or biometric input device can be used to obtain biometric information and biometric data.

At least some aspects of the invention can be used in various fields of uses including civil registration, national ID cards, voter registration, law enforcement, access control, network security, tally results, governmental benefits, financial services, health care, defense, test taking, building entry, and/or transportation. At least some aspects of the invention can be configured to operate in multiple geographic, regional, language- independent configurations globally.

Benefits of at least some aspects of the method, system, apparatus and media described herein includes application independent user identification and data association, ease of use, and all-in-one device, and the like. Other benefits of certain aspects can include a tool for voter registration drives (pre-election); access to voter registration data anywhere, anytime; printing of receipts to redirect voters to correct polling sites (day of election); election officials sponsored outreach & education tools (pre-election); allowing voters to address any issues pertaining to a special voting status such as change of address, Help America Vote Act (HAVA), absentee or temporary overseas voters; enabling access to places such as hospitals, nursing homes or schools making voter information accessible to absolutely every person regardless of their physical condition; effectively managing election resources & personnel; posting election analysis of voting system performance; independent monitoring of any type of voting machine; providing a communication tool from Head

Quarters (HQ) call centers to handheld units; reducing response time to problems at polling sites, or the like. Other benefits can include significant cost savings to governments; fewer officials will be needed at each polling site; no or less printing costs for poll books; voter history update from precinct level up to state level data base will be automated; greater security/audit tool for a county; instant and reliable data about total voter transactions (e.g., identifies "LOST" votes); and/or long-term possibility of a statewide voter registration and voting system in which any properly registered voter could vote at any poll.

At least some aspects of the invention can be distinguished from other voter registration tools, because, among other things, the apparatus is light, simple to use, a mobile computer, all-in-one and/or fully integrates all the phases of the voter registration life cycle, from initial registration, early voting, day of election all the way to voter history updates. Further benefits include eliminating a single point of failure for data entry, e.g., with multiple power sources in addition to battery operation, more secure encryption of data on a smartcard. Further benefits include added value through use of immediate voter history update, improved professional training and logistics support because of the ease of use of the apparatus, minimized selection of an incorrect ballot type, and/or automated poll worker friendly pop-up screens.

Illustrative Overview

Generally, at least one aspect of the invention is directed to identification and/or authentication of a user based on a plurality of inputs, including biometric data and imaged data. At least one embodiment is directed to an apparatus, system, device, media, and/or method for confirming the identification of a user when associating data with the user. The apparatus can include a biometric reader configured to receive biometric information representative of the user; a scanner configured to receive information for determining a first code; a data source reader configured to receive a second identifier representative of a first code, wherein the first code identifies the user; and a processor configured to perform certain actions. The actions can include parsing the biometric information to generate a first identifier; matching the first identifier to a database entry about the user; receiving a second identifier representative of the first code, wherein the first code identifies the user; and providing confirmation of the user's identity when the first identifier, database entry, and second identifier satisfy a matching criteria. In at least one embodiment, parsing the biometric information to generate the first identifier can include determining a parsing algorithm based on an application associated with the apparatus; and applying the parsing algorithm to the biometric information.

In at least one embodiment, receiving the second identifier representative of a first code, wherein the first code identifies the user, can include determining a parsing algorithm based on an application associated with the apparatus; receiving a data source from the data source reader; and applying the parsing algorithm to the data source to generate the second identifier.

The processor's actions can further include determining a parsing algorithm based on an application associated with the apparatus; and applying the parsing algorithm to a data source to generate a multimedia object. The processor's actions can also further include determining a parsing algorithm based on an application associated with the apparatus; and applying the parsing algorithm to a data source to generate a parsed data. The processor's actions can yet further include determining an application summary algorithm based on an application associated with the apparatus; and applying the application summary algorithm to a plurality of parsed data including the parsed data to generate a summary and certification of the plurality of parsed data. The application summary algorithm can be a method configured to determine and confirm a tally of votes based on imaged data received by scanning a printout of the votes on the scanner. At least in some instances, the application summary algorithm can be or include a method configured to determine and confirm a tally of votes.

The actions can further include providing pre-election data before an election begins, wherein the pre-election data includes data configured to determine the matching criteria; providing real-time election day data including the confirmation of the user's identity; electronically processing post-election data after the election ends, wherein the post-election data includes the tally of votes based in part on the real-time election day data; and generating a validation of the election day data based on the post-election data. Post-election data can include a confirmation of a tally of votes on a single tally including the vote cast by the voter. Providing confirmation of the user's identity can include setting information on an smart card indicating an activation for the user, wherein the smart card can be configured to be readable by the data source reader; storing information in an Electronic Registration Book (ERB) to indicate that card can be activated; and indicating a special need of the user so that the special need of the user can be attended to when a vote can be cast using the smart card.

At least some aspects of the invention is directed to a system for confirming the identification of a user when associating data with the user over a network. The system can include a client device configured to perform actions. The actions can include receiving biometric information representative of the user; processing the biometric information to generate a first identifier; matching the first identifier to a database entry about the user; imaging a document to automatically retrieve a second identifier, wherein the second identifier can be representative of a first code, and wherein the first code identifies the user; providing confirmation of the user's identity when the first identifier, database entry, and second identifier satisfy the matching criteria; and sending the confirmation and at least a portion of data from the database entry to a server device. The server device can be configured to perform actions that include storing the confirmation and the at least the portion of the data in another database entry associated with the user. In at least one embodiment, the imaging the document to retrieve the second identifier can include providing a user identification article that includes the second identifier; and applying an application specific parsing algorithm to the user identification article to retrieve the second identifier. The identification article can include a user identification card, driver's license, a social security card, a credit card, or a birth certificate. The identification article can include a user identification card.

Imaging can further include imaging the user identification card; selecting a parsing algorithm based on a geo-location of the scanning; applying the parsing algorithm to generate the second identifier; and determining a security token based on the second identifier. Imaging the document to retrieve the second identifier can also include providing a user identification article that has the first identifier and an access code associated with the article; scanning the user identification article to obtain the first identifier and access code; transmitting over the network the first identifier and access code to an authority for confirmation of the user identification card; and when so confirmed, receiving the second identifier from the authority. Imaging the document to retrieve the second identifier can also include providing a user identification article that has personal information of the user associated therewith, wherein the personal information includes the user's name, social security number, or data of birth; scanning the user identification article to obtain the user's personal information; and generating the second identifier based on the user's personal information.

The server device can be further configured to perform actions that include determining an operating status of an identification device based on the plurality of attempted authentication, wherein the plurality of attempted authentication includes the provided confirmation; and rendering a map encompassing a plurality of geo-locations based on a plurality of statuses for the plurality of geo-locations. The statuses can include the determined operating status.

At least one embodiment is directed to a processor readable medium for confirming the identification of a user when associating data with the user. The medium can include instructions that when executed by a processor causes the processor to perform actions. The actions can include receiving biometric information representative of the user; applying a parsing algorithm to the biometric information to encode a first identifier; matching the first identifier to a database entry about the user; imaging a document to automatically retrieve a second identifier of the plurality of identifies, wherein the second identifier can be representative of a first code, and wherein the first code identifies the user; and providing confirmation of the user's identity when the first identifier, database entry, and second identifier satisfy the matching criteria.

At least one embodiment is directed to a device for confirming the identification of a user when associating data with the user. The device can include a device housing; a biometric input device that receives biometric information from a user and can be associated with the housing; at least one second input device that receives additional information from the user and can be associated with the housing, wherein the at least one second input device includes an imaging device configured to retrieve an identifier that identifies the user; and a processor located within the device housing. The processor can be operatively associated with the biometric and second input devices and can be configured for associating data obtained from the information received therefrom with a database entry to confirm the identity of the user. The biometric input device can include a fingerprint scanner configured for obtaining an image of the fingerprint from the user. The biometric input device can also include a retinal scanner configured for obtaining an image of the retina of the user.

In one embodiment, the second input device can include a magnetic stripe reader configured for obtaining information stored on a magnetic stripe printed on a card. The housing of the device can include a slot formed therein defining a wall and configured to slidingly receive the card. The magnetic stripe reader can be disposed within the wall so as to contact the magnetic stripe when the card can be passed through the slot.

In one embodiment, the second input device can include a smart card reader configured for obtaining information stored within a computer chip embedded within a card. The housing of the device can include a slot formed therein defining a compartment for receiving the card. The smart card reader can be disposed within the compartment so as to be in electrical communication with the computer chip when the card can be received within the cavity.

The second input device can include an optical scanner. The optical scanner can be configured for reading coded information from a printed source. The printed source can be selected from the group consisting of a barcode and a matrix code. The optical scanner can be positioned within the device housing. The device housing can include a window through which the optical scanner emits a light from a source and through which the optical scanner receives reflected light from the printed source. The optical scanner can be configured for obtaining an image of a document. The optical scanner can be contained within a scanner housing external to the device housing. The scanner housing can have a length, a width, and a height, the length being approximately equal to a dimension of the document, and the width and height being dimensioned to allow the scanner housing to be held by the user. The device housing can include, among other things, a scanner cradle portion configured to receive at least a portion of the scanner housing. The device can include an output device associated with the device housing and configured for providing information to the user. The output device can be a printer configured for retaining a supply of paper within the device housing and printing an image onto the paper. The device housing can include an opening configured to permit the paper to pass to the outside of the device housing after printing.

At least one embodiment, the second input device can be an optical scanner configured for obtaining an image of a document, and wherein the processor can be configured to cause a printer to output a document requesting a user input thereon. The optical scanner can be configured to obtain an image of the document including the user input. The processor can be configured to process the user input from the document.

The output device can also be a computer screen secured within an opening formed in the device housing. The computer screen can be configured to display information related to a data association carried out by the processor. The computer screen can be a touchscreen that can be configured to simultaneously act as the output device and the second input device. The computer screen can be configured to display information in a graphical and textual manner. At least one embodiment, the device can include computer memory in the form of a hard disk drive contained within the housing and operatively associated with the processor. The database entry can be contained within the computer memory. The computer memory can be in the form of a flash memory device contained within the housing.

Yet another aspect of the invention is directed to a computer-implemented method, system, apparatus, or media for managing voting data and/or tallying votes. At least one embodiment is directed to a method for verifying the authenticity of a user submitting information. The information can be collected from a plurality of users that submit information. The method can include printing on a single tally, by an Electronic Identification Device (EID), information from a plurality of database entries associated with submissions from different users; scanning by the EID, a marked up version of the single tally to generate imaged data of the submitted information; parsing the imaged data for at least one identifier associated with a user; and comparing the parsed identifier with identifiers stored in one of the plurality of database entries.

Printing information from a plurality of database entries associated with submissions from different users on the single tally can include printing a plurality of votes from a plurality of database entries associated with voting submissions from different users. Scanning a marked up version of the single tally to generate imaged data of the submitted information can include scanning a marked up version of the printed single tally of votes to generate imaged data of the plurality of votes and a tally of the votes. Parsing the imaged data for at least one identifier associated with a user can include parsing the imaged data for at least one signature associated with a person who is seeking to authenticate the marked up version of the printed single tally. Comparing the parsed identifier with identifiers stored in one of the plurality of database entries can include comparing the at least one signature with signature data stored in one of the plurality of database entries. The method can further include sending a confirmation of the plurality of votes over a network, if the comparison is determined to be complete. Different users can be authenticated to use the EID based on input received in an imaging component, and the scanning can be performed by the same imaging component. The method can also include providing pre-election data before an election begins, wherein the pre-election data includes data configured to determine the matching criteria; and providing real-time election day data including a confirmation of the user's identity; electronically processing post-election data after the election ends, wherein the post-election data includes voter turnout statistics based in part on the real-time election day data; and generating a validation of the election day data based on the post-election data. The postelection data can include the confirmation of the plurality of votes.

Providing the pre-election data can include setting information on an voting card indicating an activation for the user; storing information in an Electronic Poll Book (EPB) to indicate that card can be activated; and indicating a special need of the user so that the special need of the user can be attended to when a vote can be cast using the voting card. At least one embodiment is directed to a system for verifying the authenticity of a user submitting information. The information can be collected from a plurality of users that submit information. The system can include a first computing component configured for printing, on a single tally, information from a plurality of database entries associated with submissions from different users; a second computing component configured for scanning a marked up version of the printed information to generate imaged data of the submitted information; a third computing component configured for parsing the imaged data for at least one identifier associated with a person who is seeking to authenticate the marked up version of the printed single tally; and a fourth computing component configured for comparing the parsed identifier with identifiers stored in one of the plurality of database entries.

A first computing component can be configured for printing a plurality of votes from a plurality of database entries associated with voting submissions from different users. The second computing component can be configured for scanning a marked up version of the printed plurality of votes to generate imaged data of the plurality of votes and a tally of the votes. The third computing component can be configured for parsing the imaged data for at least one signature associated with a person who is seeking to authenticate the marked up version of the printed single tally. The fourth computing component can be configured for comparing the at least one signature with signature data stored in one of the plurality of database entries.

The system can include a fifth computing component configured for sending a confirmation of the plurality of votes over a network, if the comparison is determined to be complete. The system can include a fifth computing component configured for providing preelection data before an election begins, wherein the pre-election data includes data configured to determine the matching criteria; a sixth computing component configured for providing real-time election day data including a confirmation of the user's identity; a seventh computing component configured for electronically processing post-election data after the election ends, wherein the post-election data includes voter turnout statistics based in part on the real-time election day data, and wherein the post-election data includes a confirmation of a tally of votes including the vote cast by the voter; and an eighth computing component configured for generating a validation of the election day data based on the post- election data.

The fifth component for providing the pre-election data can include a ninth computing component configured for setting information on an voting card indicating an activation for the voter; an tenth computing component configured for storing information in an Electronic Poll Book (EPB) to indicate that card is activated; and an eleventh computing component configured for indicating a special need of the user so that the special need of the user can be attended to when a vote is cast using the voting card.

At least one embodiment is directed to a processor readable medium for verifying the authenticity of a user submitting information wherein the information is collected from a plurality of users that submit information, which includes instructions that when executed by a processor causes the processor to perform actions. The actions can include printing information from a plurality of database entries associated with submissions from different users on a single tally; scanning a marked up version of the printed information to generate imaged data of the submitted information; parsing the imaged data for at least one identifier associated with a person who is seeking to authenticate the marked up version of the printed single tally; and comparing the parsed identifier with identifiers stored in one of the plurality of database entries.

Printing information from a plurality of database entries associated with submissions from different users can include printing a plurality of votes from a plurality of database entries associated with voting submissions from different users. Scanning a marked up version of the printed information to generate imaged data of the submitted information can include scanning a marked up version of the printed plurality of votes to generate imaged data of the plurality of votes and a tally of the votes. Parsing the imaged data for at least one identifier associated with a user can include parsing the imaged data for at least one signature associated with a person who is seeking to authenticate the marked up version of the printed single tally. Comparing the parsed identifier with identifiers stored in one of the plurality of database entries can include comparing the at least one signature with signature data stored in one of the plurality of database entries. The actions can further include sending a confirmation of the plurality of votes over a network, if the comparison is determined to be complete. The actions can also further include providing pre-election data before an election begins, wherein the pre-election data includes data configured to determine the matching criteria; and providing real-time election day data including a confirmation of the user's identity; electronically processing post- election data after the election ends, wherein the post-election data is based on a comparison of the parsed identifier with the identifiers stored in one of the plurality of database entries; and generating a validation of the election day data based on the post-election data.

At least one embodiment can be directed to a device for verifying the authenticity of a user submitting information wherein the information is collected from a plurality of users that submit information. The device can include an input device that receives additional information from the user and is associated with the housing, (e.g., the input device can include an imaging device configured to retrieve an identifier that identifies the user); a processor located within the device housing. The processor can be operatively associated with the input device. The processor can be configured for confirming a plurality of votes from a plurality of database entries associated with different users. The processor can cause the output device to print the plurality of votes for confirmation. The plurality of votes can be printed into a single tally.

In one embodiment, input device is configured to scan a marked up version of the printed plurality of votes to generate imaged data of the plurality of votes and a tally of the votes, and wherein the processor is configure to parse the imaged data for a tally of votes for a candidate; parse the imaged data for a verification signature for confirming the tally; parse the imaged data for at least one signature associated with a vote and the tally; and provide a confirmation of the plurality of the votes when the verification signature is confirmed, the parsed tally matches a computed tally for the candidate, and the at least one signature matches signature data associated with the vote and stored in one of the plurality of database entries.

The processor can be further configured to perform actions that includes providing pre-election data before an election begins, wherein the pre-election data includes data configured to determine the matching criteria; and providing real-time election day data including a confirmation of the user's identity; electronically processing post-election data after the election ends, wherein the post-election data includes voter turnout statistics based in part on the real-time election day data and the parsed tally; and generating a validation of the election day data based on the post-election data.

Illustrative Systems and/or Apparatuses

As discussed above, systems and methods for electronic identification and/or associating data with an identified user can be provided. FIG. IA shows a block diagram that illustrates a system in accordance with one embodiment of the present invention. The system 100 includes an electronic identification management service (EIMS) 102 that can communicate bidirectionally via a network/communication medium 106 with the electronic identification device (EID) 104. Network/communication medium 106 can be a wired and/or wireless communication medium. System 100 can also include third-party services 108, which can bidirectionally communicate with the EIMS 102 or EID 104 via the network/communication medium 106.

In one aspect, EID 104 and EIMS 102 can be separate devices in communication over a computer network. The network communications can be via network interfaces. In one aspect, EID 104 and EIMS 102 can be separate devices in communication over a communication interface, such as a cellular or PSTN telephone call. There can be more or fewer components without departing from the scope of the invention. For example, there can be other processors computing different aspects of the operations of the components of EIMS 102. In other aspects, the processor of the EID 104 and EIMS 102 can be the same processor. Also, other communication configurations can also be used besides client-server, such as a peer-to-peer configuration with a plurality of interconnected peers, wherein any node in the peer-to-peer network can perform the actions of the EID 104 or EIMS 102. Of course, any additional components can be in communication or otherwise in operative association with the EID 104 or EIMS 102.

In a preferred aspect, the EID 104 can be a portable all-in-one computing device, a handheld computing device, or any other suitable device for obtaining, receiving, storing, processing, verifying, and/or communicating at least one identifier about the user. In an aspect of the invention, the EID device can include a plurality of components, including a 12.1 inch color display, touch screen, built-in stylus, and/or built-in support for, among other things, bar codes (ID and 2D), magnetic stripe cards, smart card reader/writer, 4.4" graphics printer, GSM/GPRS, finger print reader, 10 hour battery back-up, scanner 650 dpi, 2 external USB ports for future expansion, modem for direct connect to master voter registration, wireless LAN to communicate, and/or a handy padded carrying case with room for election supplies.

In some aspects, the EID can be or include components for providing Electronic Registry Book (ERB). The registry can include lists of user who are authorized to use the system. For example, the ERB can be an Electronic Poll Book (EPB) configured to provide a list of authorized voters at a location, such as a polling place. As used in this application, the term identifier is intended to refer to any information, representative of an entity or individual (e.g., user), which may be read, individually or in combination, by components such as a tactile interface, magnetic stripe card reader, biometric reader, barcode scanner, smartcard reader, or an optical scanner, to identify or aid in the identification of an individual such as a user of a system. In addition, an identifier can include any information identifying or aiding in the identification of an individual encoded electronically, magnetically, or optically in any form readable by any other mechanisms, such as USB drives, hard drives, CDs, DVDs, flash cards, or magnetic tape. It is to be further understood that any form of media or document including such an identifier can also be considered an identifier. For example, an identifier can be, but is not limited to being, an individual's name, a social security number and/or card, a voter registration number and/or card, a driver's license number and/or card, a national identification number and/or card, a personal identification number and/or card, a student identification number and/or card, an employee identification number and/or card, a passport number and/or card, a credit number and/or card, a voter registration form, a voter registration number and/or card, a document bearing an alphanumeric identification number, a document bearing a handwritten signature, a document bearing an image of a handwritten or electronically-generated signature, a document bearing an image of an individual, a document bearing an image of a fingerprint, geographical residence, postal residence, financial account numbers, date of birth, place of birth, medical information, physical characteristics, a fingerprint, an image of patterns on or within an eye, and any such similar information encoded electronically, optically, or magnetically within or on any form of media or document. By way of illustration, identifiers can include one or more of a driver's license number, the image of the licensed driver, the image of the driver's signature, the physical characteristics of the driver, the driver's address, the driver's date of birth, the driver's blood type, the Country or State issuing the driver's license, any information encoded electronically, optically, or magnetically within or on the driver's license, and the driver's license. According to another example, an identifier may include, but is not limited to being, the same or similar information to identify or aid in the identification of an animal, a computer-related component, a physical object, a location, or an organization. Furthermore, a code can include computer readable identifier stored on or in an article.

According to various aspects, the system 100 can facilitate the EID 104 sending or receiving an identifier or identifiers to or from the EIMS 102. In one aspect, the EID 104 relies on at least one identifier from the EIMS 102 to authenticate and/or verify the at least one identifier obtained with the EID 104. As a further aspect, after the authentication and/or verification process is complete, the EID 104 can send the success or failure of the authentication and/or verification process to the EIMS 102. As yet another further aspect, the EID 104 can send instructions and/or data for a component, due to the success or failure of the authentication and/or verification process, to the EIMS 102.

In another aspect, the EIMS 102 authenticates and/or verifies the at least one identifier received from the EID 104 by comparison with at least one identifier previously residing on the EIMS 102. As a further aspect, after the authentication and/or verification process is initially made or complete, the EIMS 102 can send the success or failure of the authentication and/or verification process to the EID 104. As yet another further aspect, the EIMS 102 can send instructions and/or data for a component, due to the success or failure of the authentication and/or verification process, to the EID 104. In this regard, the EIMS 102 can also send an intermediate error message with or without further instructions for resubmission or the further submission of appropriate data to successfully authenticate or verify the identifier.

In system 100, Third-Party Services 108 may also provide to the EID 104 or the EIMS 102 or receive from the EID 104 or the EIMS 102 identifiers or related instructions and/or data. Such third-party data sources can send information to EID 104 and/or EIMS 102 for supplementing the association of data with a confirmed or identified user. Rover 130 can be a mobile unit (e.g., rover device) that is configured to send and receive instructions about geographical locations with problematic usages of an EID, such as EID 104. Rover can include a mobile vehicle with data receiving apparatus for receiving instructions to move to a trouble spot and/or to perform trouble shooting. Rover 130 can also include data upload features for entering reports of problematic usages of the EIDs or for sending data transferred from EIDs to rover. In some aspects, rover 130 can include an EID substantially similar to EID 104, and configured to receive instructions, identification processes, data association processes, etc. The EID of rover 130 can serve as a backup or replacement EID for EID 104.

FIG. IB shows another block diagram that illustrates a system in accordance with one embodiment of the present invention. The components and configuration of FIG. IB are substantially similar to FIG. IA except that EIMS 102 is in further communication with identification system 120, virtual registry system 122, and/or ID system 124. Identification System 120, Virtual Registry (VR) system 122, and/or Identification

(ID) system 124 are computer components configured to communicate over a communication media such as a network. EIMS 102 can store information about users who are authorized to use the system in the VR system, using for example, a web based user interface, a database, or the like. VR system 122 can store field of use specific data such as, for example, voter identities. Such information can be provided to EID 104 and/or a ERB over a communication media. ID System 124 includes any identification source, including a governmental database, which can store information about the identity of individuals, living beings, users, or the like. For example, ID system 124 can be a motor vehicles/driver's license data source for providing and/or confirming the identity of an individual. The system of FIG. IB also shows a plurality of third-party data sources 108-114 including manual ballots 108, touch screen 109, appliance audio 110, vote by phone absentee 111, precinct optical scan 112, central optical scan 113, and/or email ballot on demand 114. Such third-party data sources can send information to EID 104 and/or EIMS 102 for supplementing the association of data with a confirmed or identified user. EID 104 and/or EIMS 102 of FIGS. IA and IB can be configured to perform the processes of FIGS. 5-9B. For example, EID 104 can be configured to receive biometric information representative of the user; parse the biometric information to generate a first identifier; match the first identifier to a database entry about the user that is stored in, for example VR system 122 and/or ID system 124; receive a second identifier representative of a first code, wherein the first code identifies the user, from EIMS 102 and/or third-party services 108-114 over network 106; and provide confirmation over the network 106 of the user's identity when the first identifier, database entry, and second identifier satisfy a matching criteria. FIG. 3 A is an example of a electronic identification device in accordance with one embodiment of the invention. Computing device 300 can act as EID 104 of FIGS. IA- IB. According to this example, the computing device 300 includes a LCD 302 (preferably 12.1"), a touch panel 304 (e.g., combined with LCD 302), a handheld optical scanner 306, a thermal printer 308, a smart card reader & writer 310, a fingerprint scanner 312, a magnetic stripe reader 314, a matrix code scanner 316, and an input/output interface 318 with a RS- 232/422/485 UART 348, a PS/2 port (Mouse) 350, a Power Switch 352, an Adapter DC Power Input 354, a PS/2 port (Keyboard) 356, a VGA output 358, Modem/Cash Drawer RJ- 11 ports 360, Ethernet & USB ports 362, Line Out 364, and Mic In 366. In an embodiment, device 300 has a top surface 320 with a generally rectangular profile. In such an arrangement, device 300 can be configured to be oriented toward the user either in a long or a short configuration. In the preferred embodiment shown in FIGS. 2A- 2G, the device is configured for use in a short configuration, with LCD 302 positioned toward the user along the front end 322 of device 300. FIG. 2F-2G show handheld version of the device. In different embodiments, the remaining features for user interaction, namely fingerprint scanner 312, smart card reader and writer 310, magnetic stripe reader 314, and thermal printer 308, are also positioned on the top surface 320 of device. Such a configuration allows for easy access to these components by the user of device 300 and allows device 300 to be positioned into tight spaces, where, for example, all surfaces of device 300 but the top surface 320 are obstructed. In an embodiment of device 300 that includes a barcode reader 316, barcode reader 316 can be positioned on rear surface 324 of device 300 such that any light used by barcode reader 316 is not directed toward the user. Further, input/output interface 318 is preferably located on rear surface of device 300 to prevent inadvertent user interference therewith, as input/output interface 318 is not intended for user interaction. Device 300 can also include a protective surface 319 cantilevered from rear surface 324 and positioned over input/output interface 318 to conceal any connections from the user. Device 300 can further include a CD Card Cover 340 and a Battery Cover 342 lying flush with bottom surface 328 to also prevent inadvertent user interference with any battery or compact flash memory card components being used with device 300. Device 300 can also include a PCMCIA cover 344 positioned on rear surface 324 over an optional PCMCIA interface. In addition to input entered via LCD/touch panel 302, in some embodiments, information such as a user's PIN, name, address, etc., can be entered via a keyboard 329. In an embodiment, magnetic card reader 314 is positioned within a wall defined by slot 315 that is formed in the upper surface 320 of device 300. In such an embodiment, the user can pass a card with a magnetic stripe through slot 315 and the magnetic stripe of the card passes over magnetic card reader 314 such that the data stored therein is read. In another embodiment, smart card reader 310 includes a slot defining a compartment such that a user can insert a smart card into slot such that it is held in the compartment. This arrangement can allow the card to be maintained in electrical connection with the smart card reader 310 throughout the course of the user's interaction with device such that information can be read off and written to the user's smart card over a period of time. In the embodiment shown in FIG. 3 A, device 300 includes an optical scanner 306.

Optical scanner 306 is preferably in the form of a handheld scanner having a length sufficient to scan an image of a document in a single pass controlled by the user. The optical scanner 306 in such an embodiment preferably has a thickness and a width sufficient for the user to comfortably grasp and manipulate optical scanner 306 using a single hand. In such an embodiment, touch screen 302 can be used as a surface for holding the document to be scanned and can include an appropriate instruction to the user to place the document on the screen 302; a graphical representation of an area appropriate for placing the document on screen 302; and another appropriate instruction to the user to pass the optical scanner 306 over the document. In an aspect of device 300 having a handheld optical scanner 306 preferably also includes a cradle 307 (FIGS. 3 A, 3C) configured for holding the handheld optical scanner 306 in a rest position. Cradle 307 preferably secures handheld optical scanner 306 by providing a matching profile along at least a portion thereof and may further include additional features, such as catches or magnets, to further secure handheld optical scanner 306 in place. Printer 308 is preferably a thermal printer configured for printing on a roll of paper

330 (FIG. 2C). In an embodiment, printer 308 is located inside the outer housing of device 300 and has an output 309 open to the top surface 320 of device 300. Device 300 is also preferably configured to include a door 311 and printer door ejection button 338 formed in the top surface 320 thereof to provide access to the printer 308 mechanism such that an empty roll of paper 330 can be easily replaced. By providing the door 311 on the top surface 320, paper 330 can be provided without moving device 300 from its position of use.

Touch screen 302 is preferably configured as an input and output interface for device 300. In such an embodiment touch screen can both provide information to the user and receive input from the user. The information provided from touch screen 302 can include instructions to perform certain actions, such as inserting a smart card into smart card reader 310, swiping a magnetic card through slot 315, or placing a finger on biometric reader 312. Such actions can include an additional output by device in the form of illuminating one of a series of LED diodes or other light sources 332 (FIG. 2A) associated with a specific one of the input devices. Touch screen 302 can also prompt the user for input directly thereon, which can be inputted by providing graphical "buttons" that can be pressed by the user to answer yes or no questions, to enter a vote or to input letters or numbers by a graphical representation of a keypad. The keypad can be configured as a data source to provide or otherwise receive a PIN (e.g., by typing, tapping, or otherwise), wherein the PIN can be used as or used to determine an identifier associated with the user. Alternatively, screen 302 can be pressure sensitive such that it is actuated using a specific stylus 326 (FIG. 3A, 2G), rather than touch input from a user.

Device 300 can include an adjustable stand 336 rotatably affixed to the bottom surface 328 thereof. Stand 336 can be positioned in a number of configurations to support device 300 at a number of angles relative to the surface upon which it rests. One such configuration can be such that stand 336 is substantially flush against bottom surface 328 such that device 300 lies substantially flat on a surface. In other configurations, device 300 is angled relative to a surface. Such configurations can be made to allow easier visualization of touch screen 302 or improved access to the various input devices, depending on the specific scenario of use. Additionally, by angling device 300, the footprint thereof can be reduced, thereby allowing device 300 to fit into smaller areas.

Device 300 can also include a label 346 affixed to the bottom surface 328 thereof. The information provided from label 346 can include instructions, warnings, notices, power specifications, or environmental conditions for device 300. Preferably, the environmental conditions for the device include: Operation Temperature / humidity: 0 ~ 35°C/20~80%, Storage Temperature / humidity: -10 ~50°C/20~80%; and Operation Acoustic: 42db (max.).

FIGS. 2A-2E show examples of computing devices operable to execute various aspects of embodiments of the invention. Table 1 describes the components shown in FIGS. 2A-2E. TABLE 1

FIGs. 2F and 2G illustrate an alternative hand held device with similar features.

FIG. 4A illustrates a block diagram of a computing device operable to execute various aspects described herein. The exemplary environment 430 includes a computing device 432, the computing device including a processor/memory 434 for controlling the operation of the system; a hard drive 436 operatively coupled to the processor/memory 434 for storing the operating system 486, applications 488, modules 490, and data 492; a display 438 operatively coupled to the processor/memory 434 for exhibiting a textual or graphical interface; and a tactile interface 440 operatively coupled to the processor/memory 434 and/or display 438 for entering commands and information into the computing device 432 and geo- location component 499. The components can be in communication with each over a communication medium such as bus 498.

The processor/memory 434 can be any of various commercially available systems, including systems with single-processor, multi-processor, volatile memory, and/or nonvolatile memory architectures. The hard drive 436 can be any of various commercially available systems providing nonvolatile storage of data, data structures, computer-executable instructions, and so forth, such as a hard disk drive, solid-state drive, or memory card. The display 438 can be any of various commercially available systems for exhibiting a textual or graphical interface, such as an LCD display (e.g., color TFT) or OLED display. The tactile interface 440 can be any of various commercially available systems for entering commands and information into the computing device 432, such as a touch screen, a stylus pen, a keyboard, a touchpad, or a pointing stick.

The computing device 432 can further include a magnetic stripe reader 442 for reading at least one identifier encoded on a band of magnetic material on a card, such as a credit card, an identity card, or a security card. The magnetic stripe reader 442 can be any of various commercially available systems, including systems capable of reading cards compliant with ISO 7810, ISO 7811, ISO 7812, ISO 7813, and/or ISO 4909.

The computing device 432 can further include a biometric reader 444 for obtaining at least one identifier in the form of biometric data, such as a fingerprint or iris scan. The biometric reader 444 can be any of various commercially available systems, including systems compliant with Live Scan, FBI, ANSI and/or NIST standards. The computing device 432 can further include a barcode scanner 446 for obtaining at least one identifier encoded in optical machine -readable representation of data, such as a UPC barcode symbol. The barcode scanner 446 can be any of various commercially available systems, including systems capable of reading various types of linear bar codes, such as UPC, EAN, or CODE39/128, and/or various types of matrix codes, such as PDF417, Micro PDF417, Semacode, or QR Code.

The computing device 432 can further include a smartcard reader & writer 448 for reading or writing at least one identifier to or from a card including embedded integrated circuits for storing or processing data. The smartcard reader & writer 448 can be any of various commercially available systems, including systems capable of reading cards compliant with PC/SC, ISO/IEC 7816, ISO/IEC 7810, ISO/IEC 14443, and/or ISO 15693.

The computing device 432 can further include an optical scanner 480 for obtaining at least one identifier from scans of images, printed text, handwriting, or an object. The optical scanner 480 can be any of various commercially available systems, including flatbed and handheld systems. The computing device 432 and/or optical scanner 480 can also include an Optical Character Recognition (OCR) component and/or a component for detection, conversion, or comparison of at least one identifier, such as handwritten signatures, within scanned images. The computing device 432 can further include a printer 482 for producing paper forms, receipts, ballots, voting records, prescriptions or other documents. The printer 482 can be any of various commercially available systems, including systems such as a thermal printer, a solid ink printer, a dye-sublimation printer, a dot matrix printer, an inkjet printer, or a laser printer.

The computing device 432 can further include a communication interface 484 for sending or receiving instructions and/or data from the computing device 432 to attached peripherals and/or to other systems by use of network communications, wireless networks, cellular communications. The communication interface 484 can be any of various commercially available systems, including systems for communicating by TCP/IP, LAN, wireless LAN, IEEE 802.11, Ethernet, CDMA, GSM, GPRS, EDGE, AMPS, USB, RS-232, RS-485, PS/2 Ports, PCMCIA and Bluetooth.

A number of program modules can be stored in one or more of the processor/memory 434 and/or hard drive 436, including an operating system 486, one or more application programs 488, other program modules 490, and/or program data 492. It is to be appreciated that the innovation can be implemented with various commercially available operating systems or combinations of operating systems or, if desired for further security, its own specially designed operating system.

Geo-location component 499 includes any component configured to determine a position of the component in 2 or 3 or more dimensional space, and can include a Global Positioning System (GPS), WiFi triangulation, IP Mapping, component or the like. Geo- location component 499 can send geo-location information to processor/memory 434 for further processing.

The programs 488, processor/memory 434 and/or other components of the device can be configured to interact with a user in multiple languages facilitating identification of users and/or associations of data in multiple languages (e.g., to facilitate the voting process to linguistic minorities).

A summary of preferred configurations of the components of the subsystems of the device environment 430 is described in Table 2. Table 2

System Board 432 Chipset: CN700, VT8237R+

On board Memory: 1024MB (IGB)

Memory: SODIMM supporting DDR2 333/400, 128 MB, up to 1 GB

5 SODIMM slot

6 Serial Interface (UART) for I/O devices

✓ 1 for thermal printer (SII SII LTPV445A-832-E)

> 34-pin for Pmtek CBV401 -A Interface s 1 for 2D Scanner (optional)

> For Intermec : Ix 12 pin ZIF, 0.5 mm spacing connector on MB

> 2D scanner: Intermec EAl 5: RS232 TTL and SPI (optional)

✓ 1 for MSR/ Combo MSR

> MSR (optional)

> Combo MSR

✓ 1 COM port on rear (RS232/RS422/RS485 by jumper setting)

✓ 1 for HW modem (C-Com 56MWCC) (Optional)

> RS232 modem s 1 for reserve

1 Parallel. (For Thermal Printer) s Connector signals combined in 32 pins (Parallel and

Serial)

(SII LPT445 + Pmtek CBV401-A Interface, Parallel and Serial auto setting by software)

2 SATA ports & 1 IDE connector & 1 CF slot 6 USB ports (USB 2.0) for I/O devices

✓ Smart Card (Castles EZ- 11 OPU) s Finger Scanner (optional) v Card Bus control IC

✓ Touch panel (N010-0551-T261-T) via 7-W control IC (T010-7WIC-TUSB)

✓ 2 for rear I/O

1 il394 port (IEEE 1394a) for extending one 4-pin socket s Reserve pin headers

2 RJl 1 ports v 1 for Modem s 1 for Cash drawer (optional)

10/100BaseT Ethernet (Standard)

Mini-PCI for IEEE802.11 b+g Ethernet

PCMCIA for IEEE802.11 b+g Ethernet (optional)

The electrical key components of device environment 430 are described in Table 3.

Table 3

FIG. 4B shows a block diagram that illustrates a system in accordance with one embodiment of the present invention. According to one embodiment, system 400 includes client device 402 and server 420, both of which can be separate devices in communication over a computer network 418. The network communications can be via network interfaces. In one embodiment, client device 402 and server 420 can be components of computing device 432, wherein the client device 402 and server 420 are in communication over a communication interfaces, such as a bus. There can be more or fewer components without departing from the scope of the invention. For example, there can be other processors computing different aspects of the operations of the modules of server 420. In other embodiments, the processor of the client and the server can be the same processor. Also, other communication configurations can also be used besides client-server, such as a peer-to- peer configuration with a plurality of interconnected peers, wherein any node in the peer-to- peer network can perform the actions of the client device 402 or server 420. In some aspects, client device 452 can be EID 104 of FIG. 1A-1B and/or device 430 of FIG. 4A. In some aspects, server device 462 can be EIMS 102 of FIG. 1A-1B, device 430 of FIG. 4A, and/or the server device 420 of FIG. 4B. Components of the devices of FIG. 4B can performed by at least one of the components of the device of FIG. 4A.

Client device 402 comprises components in communication with each other, including an input/output control 404, a display 406, a client application manager 410, a processor/memory 412, a data source reader(s) 414-415 (e.g., a scanner/multimedia reader, a data source reader, or document reader) and/or Independent Data Monitor (IDM) 408.

Input/output control 404 provides an interface for entering user commands and/or receiving feedback from the device. The input/output control 404 can comprise a keyboard, mouse, sound output, haptic interfaces, etc. Display 406 includes any component for displaying visual information. For example, display 406 can be a LCD display or an OLED display. Data source readers 414-415 can include any component for reading multimedia, for example. Client application manager 410 includes any component within client 402 for receiving, sending, processing, or storing instructions and/or data between the other components of client 402, any component of server 420, or any other components of system 400. Application manager 410 can be configured to perform the processes of FIGS. 5-9B to manage application summaries, application specific parsing of identifiers and/or data, or the like.

Server 420 comprises components in communication with each other, including a server application manager 422, a client verifier 424, a processor/memory 426, a data manager 428 and/or Independent Data Monitor (IDM) 409.

Server application manager 422 includes any component within server 420 for receiving, sending, processing, or storing instructions and/or data between the other components of server 420, any component of client 402, or any other components of system 400. Application Manager 422 can be configured to perform the process of FIG. 5-9B to manage application summaries, application specific parsing of identifiers and/or data, or the like.

Application managers 410 and 422 can interoperate with each other and/or communicate with each other over network/communication medium 418 to perform the data and/or identifier processing. The application managers can include an independent data monitor such as IDM 408.

Client verifier 424 includes any component for authenticating and/or verifying whether client 402 is permitted to communicate instructions and/or data to or from server 420 or other components of system 400.

Processor/Memory 412 and 426 include any computing component and/or computer memory component. For example, the Processor/Memory 412 and 426 include any device for performing computerized operations, such as running a program based on processor- readable instructions stored within a memory such as RAM, ROM, EEPROM, hard-disk drive, etc. The memory can store, for example, an ERB and/or an EPB. The processors can manage the registry in the ERB/EPB. The electronic registry/poll book can provide a storage for a registration data base which can provide instantaneous updates substantially in realtime of updated user (voter) information. The ERB/EPB may need little or no additional human resources for reconciling voter updates. The ERB/EPB can reduce errors due to manual input, because, at least in some embodiments, the ERB/EPB can receive user (e.g., voter) information automatically from identified users, such as via the processes of FIGS. 6A, 7A, 7B. The ERB/EPB can also communicate with identifier managers 454 and/or 464 to provide identification and verification of user who present themselves to be in the registry as described herein. The ERB/EPB can receive signature capture via touch screen, an ID card scan, and/or input from auxiliary technologies (e.g., fingerprint). The ERB/EPB can compare the received information against the list of registered users (e.g., voters). In one aspect, ERB/EPB can provide voter registration and/or identification.

Data manager 428 includes any database component for receiving from, storing in, or transmitting to a storage component instructions and/or data. For example, data manager 428 can store an ERB and/or an EPB. Data manager 428 and/or memory of 412 and/or 426 can be configured to store information in a schema substantially similar to the schema of FIG. 12. IDM 408 includes any component configured to track usage of devices, data integrity, and/or identity confirmations, or any combinations thereof. IDM 408 includes an integrated, online tracking system to monitor logistics and hardware management for data entry, including voting entry for elections. IDM 408 can send/or receive data about locations for identifying and/or associating data, substantially in real-time. For example, IDM 408 can be used to with a deployed EID tool at each polling site, and with each Rover, to monitor each precinct in real-time.

IDM 408 can provide an interface, such as an interactive web interface, to enable access to identification and/or data association information. The interface of FIG. 11 is an example of such an interface. For example, through a headquarters web site, an election official can access a dynamic map giving a snapshot of the entire localities technical performance.

IDM 408 can utilize a plurality of transmission mechanisms to communicate between Headquarters, Rovers and Polling Sites. The ability to use more than one transmission method eliminates the occurrence of "black spots" caused by insufficient cell coverage.

Transmission Methods include: CDMA, GSM, GPS, GPRS, or the like. In one aspect, IDMs can be configured to communicate or is otherwise compatible with any election equipment and technical infrastructure. IDM 408 can use the process of FIG. 9A-9B to provide monitoring of identification and data association information. Processor/Memory 412 and 426 can also provide routing of a user. In one aspect, client 452 can receive a request for identification from a user; determine that the user is registered and identified but is not associated with the geo-location of the client; retrieve another geo-location of another device for which user has permission, and provide the user with the identity of the other geo-location and/or other device. FIG. 4C shows a block diagram that illustrates another system in accordance with an embodiment of the present invention. According to various aspects, system 450 can provide electronic identification for voting activities, such as voter registration, ballot casting, and vote tallying. The system 450 includes client 452 that can use peer-to-peer connections to communicate with the server 462. In one embodiment, client 452 and server 462 can be separate devices in communication over a computer network. The network communications can be via network interfaces. In one embodiment, client 452 and server 462 can be separate devices in communication over a communication interface, such as a cellular or PSTN telephone call. There can be more or fewer components without departing from the scope of the invention. For example, there can be other processors computing different aspects of the operations of the components of server 462. In some aspects, client device 452 can be EID 104 of FIG. 1A-1B and/or device 430 of FIG. 4A. In some aspects, server device 462 can be EIMS 102 of FIG. 1A-1B, device 430 of FIG. 4A, and/or the server device 420 of FIG. 4B. Components of the devices of FIG. 4C can performed by at least one of the components of the device of FIG. 4A and/or 4B.

Client 452 can be, for instance, a computing device 432 that includes a client identifier manager 454, a client verification manager 456, a client voting manager 458 component, and a client tally manager 460. Server 462 can be, for instance, a computing device 432 that includes a server identifier manager 464, a server verification manager 466, a server voting manager 468, and a server tally manager 470. There can be more or fewer components without departing from the scope of the invention. For example, there can be other computing devices performing different aspects of the operations of the components of server 462. According to one aspect, the client 452 can include electronic copies of voter registration forms in client voting manager 458. Using a tactile interface on client 452, such as a keyboard or a touch screen, a user can fill out a voter registration electronically. According to another example, client 452 can print out the voter registration form so that the user can fill out the form by some other method, such as handwriting, after which client 452 can image or scan the modified voter registration form for handling by client voting manager 458.

To avoid duplicate, fraudulent, or any otherwise undesirable voter registrations, client voting manager 458 can require or request that the user provide identifiers to client 452, such as by signing the form or by providing a driver's license. Client voting manager 458 may then send the identifiers provided to a client verification manager 456. Client verification manager 456 may request identifiers from client identifier manager 454 that allow it to verify and/or authenticate the identifiers provided. According to another example, client voting manager 458 may store the identifiers with client identifier manager 454 for later verification and/or authentication. According to yet another example, client verification manager 456 may initiate client 452 to communicate with server 462. In such a situation, the client verification manager 456 may transmit the identifiers provided, or a portion thereof, to server 462. When server 462 receives the identifiers provided, server verification manager 466 can verify and/or authenticate the identifiers provided by client 452. In another such situation, the client verification manager 456 may transmit the identifiers provided to server 462, after which server verification manager 466 will initiate server 462 to transmit identifiers to client 452. The client verification manager 456 may then use the identifiers transmitted from client 452 to verify and/or authenticate identifiers the original identifiers provided by the user or to evaluate new identifiers provided by the user.

It is to be understood that in many of these situations, the client verification manager 456 of client 452 or the server verification manager 466 of server 462 may store the identifiers provided or transmitted in the client identifier manager 454 of client 452, the server identifier manager 464 of server 462, or both. It is to be also under that the result of a verification and/or authentication by the client verification manager 456 of client 452 or the server verification manager 466 of server 462 may be relayed to the client voting manager 458 of client 452 or the server voting manager 468 of server 462.

Another aspect of client 452 is that it can use the client tally manager 460 to compile lists, statistics, and other information gathering routines about information included within the client voting manager 458. For instance, client 452 could be used to determine which polling facilities require handicapped access, the distribution of political party registrations, or the success of a voter registration drive to reach a targeted demographic. Since the tallying of such information may be highly sensitive, client 452 can utilize the client verification manager 456 to control access to features of the client tally manager 460. For instance, the client tally manager 460 can be used to process forms, in electronic or paper form, requesting that the client tally manager 460 provide an analysis of information stored in client identifier manager 454, the client verification manager 456, or the client voting manager 458. To avoid unauthorized access to the client tally manger 460, it can request or require or request that the user provide identifiers to client 452, such as by signing the form or by providing a fingerprint.

Client tally manger 460 may then send the identifiers provided to a client verification manager 456. Client verification manager 456 may request identifiers from client identifier manager 454 that allow it to verify and/or authenticate the identifiers provided. According to another example, client tally manger 460 may store the identifiers with client identifier manager 454 for later verification and/or authentication. According to yet another example, client verification manager 456 may initiate client 452 to communicate with server 462. In such a situation, the client verification manager 456 may transmit the identifiers provided, or a portion thereof, to server 462. When server 462 receives the identifiers provided, server verification manager 466 can verify and/or authenticate the identifiers provided by client 452. In another such situation, the client verification manager 456 may transmit the identifiers provided to server 462, after which server verification manager 466 will initiate server 462 to transmit identifiers to client 452. The client verification manager 456 may then use the identifiers transmitted from server 462 to verify and/or authenticate identifiers the original identifiers provided by the user or to evaluate new identifiers provided by the user. It is to be understood that in many of these situations, the client verification manager

456 of client 452 or the server verification manager 466 of server 462 may store the identifiers provided or transmitted in the client identifier manager 454 of client 452, the server identifier manager 464 of server 462, or both. It is to be also under that the result of a verification and/or authentication by the client verification manager 456 of client 452 or the server verification manager 466 of server 462 may be relayed to the client tally manger 460 of client 452 or the server tally manger 470 of server 462.

Another example of System 450 is its possible use for casting ballots. According to one aspect, the client 452 can include electronic copies of ballots in client voting manager 458. Using a tactile interface on client 452, such as a keyboard or a touch screen, a user can fill out a ballot electronically. According to another example, client 452 can print out the ballot so that the user can fill out the form by some other method, such as handwriting, after which client 452 can image or scan the modified ballot for handling by client voting manager 458.

To avoid duplicate, fraudulent, or any otherwise undesirable ballots, client voting manager 458 can require or request that the user provide identifiers to client 452, such as by signing the form or by providing a driver's license. Verification and/or Authentication can then proceed in the same manner described herein for voter registration.

As mentioned before, another aspect of client 452 is that it can use the client tally manager 460 to compile lists, statistics, and other information gathering routines about information included within the client voting manager 458. For instance, client 452 could be used to determine the vote totals for a polling station or the number of votes invalidated. Since the tallying of such information may be highly sensitive, client 452 can utilize the client verification manager 456 in the same manner to control access to features of the client tally manager 460. For instance, once voting is complete, a user may tally all printed ballots by hand and then convert them to image data using a handheld optical scanner of client 452. The user can then use client 452 to process images of the ballots and tally, during which client 452 can verify and/or authenticate the ballots and/or the tally. The client 452 may then send the results to server 462 for further processing. For instance, the server 462 may also verify and/or authenticate that the user and/or client 452 is authorized to conduct and/or submit a tally, after which the server tally manager 470 can proceed to conduct a tally of the tally results received from other clients. Tally managers 460 and/or 470 can use the process of FIGS. 8A-8D to tally votes. Voting managers 458 and/or 468 can provide an ERB and/or an EPB. The electronic registry/poll book can provide a storage for a voter registration data base, as described above, with respect to FIG. 4B.

Client 452 can be further configured to provide a voter receipt using, e.g., an internal printer. Client 452 can also provide smart card activation (e.g., smart card storage of voter profiles), administration privileges, management of a tally process (tally). Client 452 can also provide voter information, an independent election monitoring system (e.g., see IDM), and/or auditing tools (e.g., for printing logs of usage (voting) of client 452).

Client 452 can also provide routing of a voter. In one aspect, client 452 can receive a request for identification from a voter; determine that the user is registered and identified but is not associated with the geo-location of the client 452; retrieve another geo-location of another device for which voter has permission, and provide the voter with the identity of the other geo-location and/or other device. In one aspect, client 452 can provide a voter with a geo-location of a correct polling place for the user.

The computing devices of FIGS. 2A-4C can be configured to perform the processes of FIGS. 5-9B. For example, the components can be configured to receive biometric information representative of the user from, for example, data source readers 414-415, biometric reader 444, fingerprint scanner 312; parse the biometric information to generate a first identifier, using for example, using for example a processor/memory 434, 436; match the first identifier to a database entry about the user that is stored in the processor/memory 434, 436; receive a second identifier representative of a first code, wherein the first code identifies the user, using, for example, readers 310, 314, 306, data source readers 414-415; and provide confirmation of the user's identity when the first identifier, database entry, and second identifier satisfy a matching criteria. Illustrative Processes

FIG. 5 is a flow chart for a process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention. The steps of FIG. 5 can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C.

Processing begins at step 502 where application method(s) can be determined based on a field of use and/or a geo-location. The geo-location can be of an identification and/or data association device. At decision step 504, it is determined if application method(s) is related to a first field of use. Fields of use can include civil registration, national ID cards, voter registration, law enforcement, access control, network security, tally results, governmental benefits, financial services, health care, defense, and/or transportation, or the like. If application method(s) is related to the first field of use, processing continues to step 508 where parsing method(s) is determined based on the first field of use and/or a geo-location.

Parsing includes any process for applying a transformation or processing to data, and/or retrieving portions of the processed data. Processing and/or transformations can be performed by rules, algorithms, context-free grammars, context-sensitive grammars, neural networks, decision trees, mathematical transformations (e.g., Fourier transforms), or the like. For example, document data may be scanned. A geo-location of the scanning may be received (e.g., using GPS, or IP mapping). Records of parsing algorithm table 1202 of FIG. 12 can be searched for the record matching the geo-location field and/or a data type field of the document data. The parsing function field of the marched record can be used to process and parse the scanned document data in step 512. For example, the parsed document data can generate data for storage in record table 1210.

If application method(s) is not related to the first field of use, processing continues to step 506.

At decision step 506, it is determined if application method(s) is related to a second field of use. If application method(s) is related to the second field of use, processing continues to step 510 where parsing method(s) is determined based on the second field of use and/or a geo-location. If application method(s) is not related to the second field of use, processing loops back to step 502. As shown, the processing is performed for two fields of use, but any number of fields of use can be processed without departing from the scope of the invention.

At decision step 511, it is determined if the geo-location is associated with the user. Step 511 can be optional and can be skipped. For example, a user can be identified (e.g., see processes of FIGS. 6A, 7A, or 7B), and a geo-location associated with the user can be matched against the current geo-location (e.g., of an EID receiving current input from the user). If the geo-location is associated with the user, processing continues to step 512. Otherwise, processing continues to step 514, where an indication of a correct geo-location for the user is provided (e.g., an output using the template of FIG. 1OE can be provided to the user) and then processing can return to other steps or processes. Step 514 can be optional and can be skipped.

At step 512, an identity of user is identified and application method(s) and parsing method(s) are applied to data associated with identified user. Step 512 can be performed by the processes of FIG. 6A, 7A, 7B. Processing then returns to other steps or processes. FIG. 6 A is a flow chart for a process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention. The steps of FIG. 6A can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C.

Processing begins at step 602 where at least one identifier from at least one data source is received. A plurality of data sources may be received, in series or in parallel. For example, a PIN, a plurality of documents and/or biometric data may be scanned, parsed, received over a network/communication medium in series or in parallel. The process at step 602 may receive the identifier(s) by way of the process in FIG. 6B. For example, at least one document with at least one identifier can be received, scanned, and/or parsed to generate or retrieve the at least one identifier.

At decision step 604, it is determined if the received identifier(s) matches a database entry of an identifier associated with the individual. The database entry can be associated with an identifier, a user, an application, or any combination thereof. If the identifier is a handwritten signature, the database of handwritten signature images may be searched to determine if there is a corresponding match. As yet another example, it may use information provided by the user or other identifiers, such as a name, to determine a specific database entry for comparison. User table 1204 of FIG. 12 is an example of a schema for the database entry. If it is determined that the identifier(s) from the data source(s) and the corresponding database entry match, then processing continues to step 606. If it is determined that the identifier from the data sources and the corresponding database entry do not match then the data is rejected and processing loops back to step 602. According to another example, the processing may continue to step 606 regardless of whether a match does not occur.

At decision step 606, it is determined if the data source(s) includes other identifiers associated with an individual. If it is determined that there are more identifiers associated with an individual, then processing loops back to step 604. If it is determined that there are no more identifiers associated with an individual, then processing continues to step 608. At step 608, a confirmation or denial of an identity or identifiers is provided based on successful matches occurring in step 604. For instance, confirmation or denial for at least one or a series of individuals may be provided based on the results of matching a series of identifiers through step 604. According to another aspect, if there are multiple identifiers for one individual, the confirmation may be provided according to a pre-determined criteria for evaluating the successful matching across multiple identifiers, such as a weighted average or a majority decision rule. According to yet another aspect, the failure to match a specified identifier, regardless of any other identifier, may negate confirmation for all identifiers evaluated in step 604, regardless of whether the identifier was found to match another identifier or not. According to another aspect, a hierarchy of identifier types may be used to determine if the confirmation is provided. Some types of identifiers may be more reliable than others and may be weighted higher, or given precedence. For example, a retina scan or DNA scan may produce an identifier that is ranked very high, while an identifier derived from a student ID document may be ranked lower, and an envelope with an address of an individual may be ranked even lower. If a higher ranked identifier matches, but the lower ranked identifier does not match, the identity of the individual may still be confirmed. If however, in aggregate the pre-defined or algorithmically derived number of lower ranked identifier does not match, then the confirmation may not be provided. The hierarchy and/or algorithm of rankings may be based on the application to which the identification process of FIG. 6A is applied. For example, for highly secured fields of use such as voting or military applications, the algorithm may require a complete match of all identifiers or at least the highest N number of identifiers must match. In less secured fields of use, a less strict ranking process may be used (e.g., N can be a lower number). In any case, any algorithm of ranking or precedence may be used without departing from the scope of the invention.

At step 610, data is received as a multimedia object associated with individual. For example, a voting record may be scanned, converted into an image, stored, used to determine a winner of an election, or the like. A hospital record may be scanned, converted into an image, stored, and used to determine appropriate medical treatment. Processing then returns to other steps or processes. Optionally, the multimedia object and associated information about the data such as the data's type, may be stored or modified in record table 1210 of FIG. 12, in for example, multimedia object field, and data type field, respectively. Processing then returns to other steps or processes.

FIG. 6B is a flow chart for another process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention. The steps of FIG. 6B can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C. Processing begins at step 612 where a data source with at least one identifier is received. For instance, the data source can be a document such as a passport, a fingerprint data, or the like. Receiving may comprise having the data source inserted into a device, automatically moving the data source into a scanner, and/or scanning the data source.

At step 614, scanned and/or imaged data of the data source including at least one identifier are received. The scanned and/or imaged data can include a handwritten signature, a matrix code, electronic signature, video, sound recording, etc. Optionally, the scanned and/or imaged data and/or the type of the scanned data may be stored in a database entry, such as the multimedia object field and/or data type field within record table 1210 of FIG. 12. A data type of the data can be determined and/or stored in the database entry, based on examination of the data (e.g., matching the data against an image, sound, or other filter). At least some fields of the database entry may be unfilled.

At step 616, the data source is parsed to generate at least one identifier associated with an individual and/or parsed data. At least one parsing algorithm can be determined for parsing the data based on the type of the data and/or the type of application the process of FIG. 6B is used for. The parsing algorithm can be retrieved from a database entry based on the schema of parsing algorithm table 1202 of FIG. 12 based on the type of application identified in a database entry that is based on application table 1206. For example, the parsing function field of parsing algorithm table 1202 may be retrieved based on the application ID field of parsing algorithm table 1202 and/or application table 1206. In some aspects, a voting application may include parsing methods for voter registration cards, fingerprint scanners (based on a geo-location), etc. In other aspects, a hospital application may include a retina scan parsing method, a military card parsing method, etc. Other application fields can also be used. In any case, the at least one parsing algorithm is applied to the data to parse the data and generate at least one identifier and/or parsed data.

In some cases, the parsed data can be specific to the application and/or parsing method. For example, a parsing algorithm to determine a vote on a voting document can determine a candidate a user voted for. In another example, a parsing algorithm can parse a handwriting on a written form, which can be arranged according to a template, such as the template of FIG. 1OA. The parsing algorithm can isolate portions of handwriting in prearranged areas of the template (e.g., in the voting box column). The parsing algorithm can convert the handwriting into an alphanumeric code, based on for example, the type of data, the entity chosen, and/or the date (e.g., "vote:Pedro:8-27-2004") and appropriate process the parsed data. In yet another example, a parsing algorithm can parse a recording (multimedia object) of a vote (e.g., "I vote for Pedro"), and store the vote as appropriate parsed data (e.g., in an alphanumeric form). The parsed data can for example, be stored in the Parsed Data field of record table 1210.

In some cases, different identifiers can be generated for each parsing method, or a combination of parsing methods can be used to generate an identifier (e.g., by exclusive or'ing the identifiers). The identifiers can be as simple as a True -False indication (1 or 0), or more complex, such as an alpha-numeric code, holographic code, color code, etc. In one aspect, the parsing algorithm may determine other information associated with the data source, such as whether a user has voted for a particular candidate. In some cases, parsing may not identify an identifier, in which case no identifier is then returned from the process of FIG. 6B.

At step 618, a database entry associated with the identifier can be created. Step 618 can be optional and can be skipped. In one aspect step 618 may create the database entry if a database entry does not already exist for the identifier. The database entry can be created by an administrator when the user is first entered into a system, for example. Optionally, the database entry can be based on the schema of user table 1204 of FIG. 12. At least some fields of the table may not be filled. For example, the identifier(s) can be stored in the fields User ID, Name, Social Security Number, Date of Birth or encoded biometric data of user table 1204. The User ID field can be a combination (exclusive or'ed) of identifiers. In some cases, a user associated with the identifier may not yet be confirmed or entered, and therefore no user name, data or date of birth, social security number, etc., will be entered, until such data is available. In some cases, the data retrieved and/or parsed by the process of FIG. 6B can be stored in temporary memory, such as main memory, and will not be stored in database entries until the identifiers/users have been confirmed. Processing then returns to other steps or processes.

FIG. 7 A is a flow chart for another process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention. The steps of FIG. 7A can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C.

Processing begins at step 752 where a biometric information representative of the user is received. For instance, a fingerprint or iris scan can be received over a data entry device, from a data store, over a network, or the like. At step 754, at least one parsing algorithm can be applied to the biometric information to generate a first identifier. The at least one parsing algorithm can be determined dynamically for an application. The parsing algorithm can be retrieved from a database entry based on the schema of parsing algorithm table 1202 of FIG. 12 based on the type of application identified in a database entry that is based on application table 1206, as described in step 616 of FIG. 6B above. In some aspects, the application may be based on a geo-location (e.g., based on the Geo-Location field of application table 1206). In some aspects, the parsing algorithm may be based on a geo-location (e.g., based on the Geo- Location field of parsing algorithm table 1202). Accordingly, the parsing of the biometric information can include determining an origination location of the biometric information; and decoding the biometric information based on the origination location. In some aspects, the first identifier can be a mapping of biometric data to an alphanumeric code, using for example, a mapping table. In other aspects, a function such as an encoding function (e.g., hashing function, Huffman coding, or lossy or lossless encoding functions) can be applied to the biometric data to generate the first identifier. At step 756, the first identifier is matched to a database entry about the user.

Matching can include determining if the first identifier is equal to or sufficiently similar to at least one an identifier stored in the database entry. For example, the first identifier can be compared to an encoded biometric data field of a database entry using the schema of user table 1204 of FIG. 12. In some aspects, if the matching is successful, processing continues to step 758, and otherwise loops back to step 752. In other aspects, processing may continue directly to step 758.

At step 758, at least one a second identifier representative of a first code, wherein the first code identifies the user, can be received. For instance, the process at step 758 may receive a second identifier by way of the processes in FIG. 6B, 7C or 7D. For example, a document can be parsed using a parsing function to generate the second identifier. In one aspect, the receiving of the second identifier can also include providing a user identification article that includes the second identifier; and scanning the second identifier from the identification article. The identification article can be a user identification card. The scanning can include imaging the user identification card; selecting a parsing algorithm based on a geo-location of the scanning; and applying the parsing algorithm to generate the second identifier.

In another aspect, the receiving of the second identifier can include providing a user identification article that has the first identifier and an access code associated with the article; electronically processing the user identification article to obtain the first identifier and access code; transmitting the first identifier and access code to an authority for confirmation of the user identification card; and when so confirmed, receiving the second identifier from the authority. In another aspect, the receiving of the second identifier can include providing a user identification article that has personal information of the user associated therewith; electronically processing the user identification article to obtain the user's personal information; and generating the second identifier based on the user's personal information. In some aspects, step 758 may be optional and may not be performed. At decision step 760, it is determined if the first identifier, database entry, and/or second identifier satisfy a matching criteria. The matching criteria may be based on algorithms, rules, or functions, such as equivalence, a partial match, or the like. The criteria for matching can be determined by a variety of mechanism, but can include without limitation: confirming that the first identifier is sufficiently similar or identical to the second identifier; confirming that the first identifier is sufficiently similar or identical to information stored in the database entry; confirming that the second identifier is sufficiently similar or identical to the information stored in the database entry; and/or confirming that the first identifier, second identifier, and information stored in the database entry are all sufficiently similar or identical to each other. For example, the first and/or second identifier can be compared to the User ID, Name, Social Security and/or Date of Birth fields of user table 1204 of FIG. 12.

If it is determined that the first identifier, database entry, and/or second identifier does not satisfy the matching criteria, then processing returns to step 752. If it is determined that the first identifier, database entry, and/or second identifier does satisfy the matching criteria, then processing continues to step 762.

At step 762, a confirmation of the identity of the user is provided. The confirmation can include an electronic (security) flag that enables an application program to continue operating. The confirmation can include providing an indication to an administrator and/or user. The indication can be a security token usable to continue using the application program. The confirmation can be the storage of data in a database entry, such as storing data for a user and/or the user's identifiers in for example, user table 1204 of FIG. 12 (e.g., in user ID, name, social security and/or date of birth, or encoded biometric data fields). At step 764, a multimedia object is received and/or stored in the database entry. A document associated with the user can be scanned to generate the multimedia object. The multimedia object can be stored (e.g., over a network) in the database entry if the user's identity is confirmed, wherein the database entry is shareable across the network.

At step 766, application data input of the user can be received and/or stored. Receiving the application data input can include scanning a data source to generate a multimedia media object; determining a parsing algorithm based on an application associated with the apparatus; and applying the parsing algorithm to a data source to generate a parsed data. The parsing algorithm can be determined as described, e.g., in step 616 of FIG. 6B. The multimedia object and/or parsed application data can be stored in user table 1204 and/or record table 1210 of FIG. 12, as described above in FIG. 6B.

At step 768, an application summary algorithm can be applied to the application data to generate an application summary. The application of the summary algorithm can include determining an application summary algorithm based on an application associated with the apparatus; and applying the application summary algorithm to a plurality of parsed data including the parsed data to generate a summary and certification of the plurality of parsed data. The application summary algorithm can be a method configured to determine and confirm a tally of votes. For example, the method configured to determine and confirm a tally of votes can be specified by the application table 1206, which proceeds to determine and confirm a tally of votes stored in record table 1208, after which the result of processing can be stored in the Application Summary Data table 1208. Optionally, the application method can be applied to the data to produce an output for the user, such as a receipt, using for example, the template of FIG. 10C- 1OD. The application summary algorithm can aggregate information about the user's data association, the user's personal information, etc., and fill in the slots of the template and/or print the filled in template or otherwise provide the template to the user.

Processing then returns to other steps or processes.

FIG. 7B is a flow chart for another process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention. The steps of FIG. 7B can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C.

The steps of FIG. 7B is substantially similar to the steps of FIG. 7A except, processing begins at step 702 where a biometric information representative of the user is received. For instance, a fingerprint or iris scan can be received over a data entry device, from a data store, over a network, or the like.

At step 704, at least one parsing algorithm can be applied to the biometric information to generate a first identifier. The at least one parsing algorithm can be determined dynamically for an application. The parsing algorithm can be retrieved from a database entry based on the schema of parsing algorithm table 1202 of FIG. 12 based on the type of application identified in a database entry that is based on application table 1206, as described in step 616 of FIG. 6B above. In some aspects, the application may be based on a geo-location (e.g., based on the Geo-Location field of application table 1206). In some aspects, the parsing algorithm may be based on a geo-location (e.g., based on the Geo- Location field of parsing algorithm table 1202). Accordingly, the parsing of the biometric information can include determining an origination location of the biometric information; and decoding the biometric information based on the origination location. In some aspects, the first identifier can be a mapping of biometric data to an alphanumeric code, using for example, a mapping table. In other aspects, a function such as an encoding function (e.g., hashing function, Huffman coding, or lossy or lossless encoding functions) can be applied to the biometric data to generate the first identifier.

At step 706, the first identifier is matched to a database entry about the user to obtain a second identifier. Matching can include determining if the first identifier is equal to or sufficiently similar to at least one an identifier stored in the database entry. For example, the first identifier can be compared to an encoded biometric data field of a database entry using the schema of user table 1204 of FIG. 12. In some aspects, if the matching is successful, processing continues to step 708, and otherwise loops back to step 702. In other aspects, processing may continue directly to step 708.

At step 708, a third identifier is received. For instance, the process at step 708 may receive a third identifier by way of the processes in FIGS. 6B, 7C, or 7D. For example, a document can be parsed using a parsing function to generate the third identifier. In one aspect, the receiving of the third identifier can also include providing a user identification article that includes the third identifier; and scanning the third identifier from the identification article. The identification article can be a user identification card. The scanning can include imaging the user identification card; selecting a parsing algorithm based on a geo-location of the scanning; and applying the parsing algorithm to generate the third identifier. In another aspect, the receiving of the third identifier can include providing a user identification article that has the first identifier and an access code associated with the article; electronically processing the user identification article to obtain the first identifier and access code; transmitting the first identifier and access code to an authority for confirmation of the user identification card; and when so confirmed, receiving the third identifier from the authority.

In another aspect, the receiving of the third identifier can include providing a user identification article that has personal information of the user associated therewith; electronically processing the user identification article to obtain the user's personal information; and generating the third identifier based on the user's personal information. In some aspects, step 708 may be optional and may not be performed.

At decision step 710, it is determined if the first identifier, the second identifier, and/or third identifier satisfy the matching criteria. The matching criteria may be based on algorithms, rules, or functions, such as equivalence, a partial match, or the like. The criteria for matching can be determined by a variety of mechanism, but can include without limitation: confirming that the first identifier is sufficiently similar or identical to the second identifier; confirming that the first identifier is sufficiently similar or identical to the third identifier; confirming that the second identifier is sufficiently similar or identical to the third identifier; and/or confirming that the first identifier, second identifier, and third identifier are all sufficiently similar or identical to each other. For example, the first and/or third identifier can be compared to a second identifier of user table 1204 of FIG. 12.

If it is determined that the first identifier, second identifier, and/or third identifier does not satisfy the matching criteria, then processing returns to step 702. If it is determined that the first identifier, second identifier, and/or third identifier does satisfy the matching criteria, then processing continues to step 712.

At step 712, a confirmation of the identity of the user is provided. The confirmation can include an electronic (security) flag that enables an application program to continue operating. The confirmation can include providing an indication to an administrator and/or user. The indication can be a security token usable to continue using the application program. The confirmation can be the storage of data in a database entry, such as storing data for a user and/or the user's identifiers in for example, user table 1204 of FIG. 12 (e.g., in user ID, name, social security and/or date of birth, or encoded biometric data fields).

At step 714, a multimedia object is received and/or stored in the database entry. A document associated with the user can be scanned to generate the multimedia object. The multimedia object can be stored (e.g., over a network) in the database entry if the user's identity is confirmed, wherein the database entry is shareable across the network.

At step 716, the voting input of the user is received and/or stored in the database entry. Receiving the voting input can include scanning a data source to generate a multimedia media object; determining a parsing algorithm based on an application associated with the apparatus; and applying the parsing algorithm to a data source to generate a parsed data. The parsing algorithm can be determined as described, e.g., in step 616 of FIG. 6B. The multimedia object and/or parsed application data can be stored in user table 1204 and/or record table 1210 of FIG. 12, as described above in FIG. 6B. At step 718, a plurality of votes, including the voting input of the user, is confirmed.

The confirmation of the plurality of votes, including the voting input of the user, can include determining an confirmation algorithm based on an application associated with the apparatus; and applying the confirmation algorithm to a plurality of parsed data including the parsed data to generate a summary and certification of the plurality of parsed data. The confirmation algorithm can be a method configured to determine and confirm a tally of votes.

Processing then returns to other steps or processes. FIG. 7C is a flow chart for another process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention. The steps of FIG. 7C can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C. At step 720, a user identification card is scanned to obtain a first identifier associated with the card. The scanning can include imaging the user identification card; selecting a parsing algorithm based on a geo-location of the scanning; and applying the parsing algorithm to generate the second identifier.

At step 722, the first identifier is sent over a network to an authority, along with a second identifier associated with the process sending the first identifier, for the purpose of confirming the user identification card. According to one aspect, the authority can use the second identifier to confirm that the process sending the first identifier should have access to the authority. For example, the second identifier can be compared to an encoded Application ID contained in a database entry residing on the authority to determine if the process should have access to the authority. In some aspects, if the process is confirmed to have access to the authority, processing continues to step 724, and otherwise loops back to step 720. In other aspects, processing may continue directly to step 724.

According to another aspect, the authority can record the second identifier in association with the first identifier for record-keeping purposes. At step 724, a third identifier is received from the authority. For example, the third identifier received from the authority may be one selected by the authority from a database entry containing an identifier corresponding to the first identifier (e.g., handwritten signatures), but which was recorded at an earlier time (e.g., voter registration). Processing then returns to other steps or processes. FIG. 7D is a flow chart for another process for electronic identification and/or association of data with an identified user in accordance with one embodiment of the invention. The steps of FIG. 7D can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C.

At step 726, imaged data is generated from an image and/or scan of a user's identification card. The scanning can include imaging the user identification card; selecting a parsing algorithm based on a geo-location of the scanning; and applying the parsing algorithm to generate the second identifier. At step 728, a parsing algorithm is selected based on a geo-location of the scanning event.

At step 730, at least one identifier is generated by applying the selected parsing algorithm to the imaged data. For instance, the parsing algorithm may obtain the user's name and date or other data of birth from the user's driver's license, via the geo-location determined parsing algorithm.

Processing then returns to other steps or processes.

FIG. 8 A is a flow chart for a process for managing voting data in accordance with one embodiment of the invention. The steps of FIG. 8 A can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C.

At step 802, a plurality of votes is provided from a plurality of database entries associated with different users. Providing the votes can comprise printing the votes. The printout of the votes may be configured in a form substantially similar to FIG. 1OA. The printout may be configured to have pre-defined positions for signatures and tallies. At step 804, imaged data is received of a marked-up plurality of votes and a tally of the plurality of votes. The printout can be scanned and converted into an image, such as an JPEG, GIF, BMP, etc. The data can be in a resolution sufficient for optical character recognition (e.g., in a high dots per inch).

At step 806, the imaged data is parsed for at least one signature associated with at least one vote in the imaged votes. The signature can be for a verification of the votes. Any other verification process can be used by the person verifying. For example, a person can verify the signatures for each of the votes (e.g., signatures 1008 of FIG. 10A), for example, by comparing the signature against signatures provided in an EPB, such as the one shown in FIG. 1OB. Parsing can comprise optical character recognition, hand writing recognition, intelligent word recognition, or the like.

At decisional step 808, the signature is evaluated based on matching criteria, such as whether they are identical or sufficiently similar, to a database entry associated with the vote. If the match is not successful, processing returns to step 802. If the match is successful, processing continues to step 810. The signature can be converted to an alphanumeric code and matched against signature data stored in the database entry and that is in the form of an alphanumeric code. At step 810, the imaged data is parsed for a tally of votes. Parsing can include scanning for a hand written number, scanning for a bubbled in number, optical mark recognition, optical character recognition, bar code recognition, or the like.

At decisional step 812, the parsed tally is evaluated to confirm whether it is identical to the computed tally of votes, e.g., computed from the plurality of database entry. If the parsed tally and computed tally are not identical, processing returns to step 802. If the parsed tally and computed tally are identical, processing returns to other steps or processes. According to another aspect, if the parsed tally and computed tally are not identical, the process can store the discrepancies between the two tallies and/or send them to another EID, EIMS, etc., after which processing returns to other steps or process.

FIG. 8B is a flow chart for a process for managing voting data in accordance with one embodiment of the invention. The steps of FIG. 8B can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C.

Processing beings at step 822, where an election is managed based on confirmed user identification, as described in the processes of FIGS. 5, 6A, 7A, and/or 7B. Step 872 can be performed by process of FIG. 8C. Briefly, the election process can include a pre-electoral phase in which a governmental entity such as a State uploads voter data in any commercial off the shelf format into an EID. On election day, the State receives real-time data from all polling places from, for example, the EID. In a Post-Electoral phase, the State is able to generate voter history updates immediately alter polls are closed from data retrieved from the EID.

At step 824, extraction & validation of voting data is performed. Changes and/or results to voter polls, valid voter lists, voting records, etc. can be transmitted in real time to a central headquarters. For example, voter/voting history can be updated in a database based on the identification information and/or voting information retrieved from step 822.

At step 826, master application data associated with a voting regions (e.g., state) specific data is uploaded (transmitted) and stored (e.g., on a plurality of EIDs). For example, the master application's data (e.g., list of valid voters) can be copied onto a plurality of EIDs. In one aspect, generating more than 8,000 such copies per day can be performed. The updated EIDs can be distributed to each precinct. The EIDs can be used again for other elections. Processing then returns to other steps or processes. FIG. 8C is a flow chart for a process for managing voting data in accordance with one embodiment of the invention. The steps of FIG. 8C can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C.

At step 852 pre-election data is managed to set up voting configurations. Pre- election day data management can include providing voter education tools (e.g., Voter Information Look-Up devices, such as for voter information outreach) via a network/communication medium to various polling areas, EIDs, devices, or the like. Preelection data can comprise processing early voters, using the EIDs, as described above, and such processing can include election management and logistics. At step 854, data for an election day is managed to process votes. Election day data management can include identifying the voter via variable ID types, redirecting voters to correct precincts, processing voters in lieu of paper poll books, and/or receiving real-time voter turnout (e.g., from an EID), confirming a tally of votes (e.g., FIG. 8A), providing election management and logistics (as described herein with respect to FIGS. 9A-9B and 11), or the like.

At step 856, post election data is managed to provide statistics. Post-election day data management can include scanning and/or transmitting results, recording voter history updates, recording voter turnout statistics, providing election management and logistics (as described herein with respect to FIGS. 9A-9B and 11), providing an auditing tool, reconciling voters processed against any ballots cast, or the like. Processing then returns to other steps or processes.

FIG. 8D is a flow chart for a process for managing voting data in accordance with one embodiment of the invention. The steps of FIG. 8D can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C. The process begins at step 861, where a voter is electronically registered and/or identified, as described, for example, in the processes of FIGS. 6 A, 7 A, and/or 7B. Registration can be performed via an EID or an ERB/EPB.

At step 862, a voter card can be activated by, for example, setting information on the voter's card, by storing in an EID/ERB/EPB (pre-election data) that the card is activated, or the like. Identification of the voter and/or a voter's special needs can be stored on card, so that when at the polls, such needs can be attended to (e.g., handicapped ramp).

At step 864, an activated voting card is received (e.g., voter inserts the card into an EID). At step 866, a casting of a vote can be received (e.g., using the process of data associations as described above). Such casting can use the process of data association as described above. For example, a voter can use an EID via a simple touch screen to cast a vote (after confirming the user's identity as described above and/or in conjunction with information on the voting card). A summary screen can be displayed to allow for final voter approval.

At step 870, the voting result can be printed and/or stored. A physical print-out of votes cast can be shown to the voter, scanned in and/or stored in a database, such as at an EIMS, EID, etc. An auditable paper receipt can be cut and dropped into a secure ballot box. Votes can be recorded to CD R/W and/or a hard drive (e.g., of the EID).

At step 872, the voter card can be received and/or returned (e.g., to the polling place). The card can be deactivated, so that the card cannot be used again in this election, and then, optionally, returned to voter for re-use in a next election. Optionally, a card can be returned to an administration for reactivation and use by another voter. Processing then returns to other steps or processes.

At step 874, a tallying of the votes can be performed and/or transmitted to a central location. Tallying can be performed by the steps of process 8 A. Tallying can include automated voter registration update to a central DB and/or results sent via secure connection.

FIG. 9 A shows an example of a process for monitoring identification of users and data usage in accordance with one embodiment of the invention. The steps of FIG. 9A can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C. The process of FIG. 9A can render the user interface of FIG. 11.

At step 902, user identification information, data association information, and/or geo- location information is received from a plurality of devices located at a plurality of geo- locations. User identification information can comprise a number of users properly verified or not properly verified or otherwise confirmed, a level of certainty about the identity of users, or any other information, statistics, summary, etc. related to the process of identifying users (e.g., as described above). Data association information can comprise multimedia objects associated with identified users, an amount of data identified with users, a rate of data identified with user, or any other information, statistics, and summary, etc. related to the process of associating data with (identified) users (e.g., as described above). Geo-location information can comprise any information sufficient to identify an entity in 2 or 3 or more dimensional space (e.g., on a map, longitude, latitude, elevation, or a time series map), using various mechanisms, including GPS, WiFi triangulation, IP Mapping, etc. In one aspect, the geo-location information identifies where the devices are located.

At step 903, a map of encompassing the plurality of geo-locations is generated based on the received information, e.g., for single-view management. The map can be any data structure representing 2 or 3 or more dimensional space and sufficient to be rendered.

Geographical markers, such as boundaries, natural terrain, etc. can be rendered on the map. The map can be large enough to encompass the received geo-location information, such that all the geo-locations can be rendered on the map. Icons or other visual representation representative of the received information can also be rendered on the map, e.g., at the particular geo-locations. For example, a visual representation such as a green dot can represent a location that has a satisfactory or sufficient level of user identification (e.g., a ratio or proper identification to improper identification is greater than a threshold). A red dot may represent a geo-location where the identification is at an insufficient level. In some aspects, the dot's colors can range between colors to represent different degrees of sufficiency. In some aspects, data association information can also be mapped as another visual representation (e.g., as a dot, a triangle, or a square) at the geo-location to represent that data has been associated with a user at the geo-location. For example, if a sufficient number of voters have had their vote scanned and stored in association with the user, then a triangle may appear at the particular geo-location. At step 904, the statuses of each identification and/or data association device(s) at each geo-location are rendered, e.g., within the map. Statuses can include "working", "problematic", "critical", can be color coded (e.g., red, yellow, or green), based on the number or duration of problems reported about the device/geo-location, and/or the load of usage of the device at the geo-location. The statuses can be based on self-tests performed by the device on the device (e.g., to determine if different functions, such as identification and data association, are being provided adequately by the device). For example, a voting polling site can send usage statuses of the fingerprint scanners of the EIDs at the polling site over a network, and the status can be received and rendered within the map.

At step 906, an indication of a location of a rover is rendered, e.g., within the map. In one aspect, geo-location information such as GPS data can be received from the rovers, converted to the proper map coordinates, and an icon for the rover(s) can be rendered on the map (e.g., as a moving dot). A user interface element may also be enabled to convey instructions to the rover to travel to a particular problematic geo-location where a device is malfunctioning so that the rover can service the device, wherein the instructions can include instructions on how to fix the malfunctioning device. In other aspects, a rover within a certain range of a problematic geo-location or the closest rover to the geo-location can be automatically dispatched to the geo-location. At step 908, an (interactive) trouble-shooting guide for an identification and/or data association device(s) (e.g., EID) is provided based on at least one trouble report provided by the device and/or a user interface input within the map. In one aspect, to determine the trouble report, devices may perform self tests, such as whether a printer is operating, whether a user can enter a touch command, whether a fingerprint is successfully scanned, or the like. The trouble reports can be summarized and/or otherwise electronically packaged for delivery (e.g., over a network, or locally on the same device), to for example, an EIMS. A lookup table, algorithm, decision tree, or the like can map the trouble report to a trouble-shooting guide(s) (such as a web page, a text message, an image, a video, spoken recording, or the like). A user interface component can be displayed on the map (e.g., a dialogue box pointing to a geo-location reporting the problem). The user interface component can request whether to send the determined trouble-shooting guide to the problematic device, and if the indication is yes, the guide is sent. In other aspects, the user interface component is not provided, and the guide is sent directly without user interaction.

The trouble-shooting guide can be interactive, in some aspects. For example, a web page may be provide (e.g., to an EID over the touch screen display of the EID) and may ask the users of the device a plurality of question based on a decision tree. The answer to the decision tree can be a suggestion about what to do with the device to correct its operation (e.g., removing a battery or replacing printer paper), or send a rover to the device. The trouble-shooting guide can be communicated over a network. The trouble shooting guide can be sent to the rover.

At step 910, a management report may optionally be provided. For example, at the end of usage of the device (e.g., close of polls), a management report about the usage of the device or data sufficient to generate such report can be received. Such report data can include any information about the usage of the device, including time of usage (e.g., when polls were "Open" or "Closed" per polling place); occurrence and duration of technical problems; and/or type and number of technical faults, or the like. Such management report can be collected with and or provided with the generated map, for instance, in a side -by-side fashion, to create an overall report of the usage of a plurality of identification and/or data association devices. Processing then returns to other steps or processes.

FIG. 9B shows an example of a process for monitoring identification of users and data usage in accordance with one embodiment of the invention. The steps of FIG. 9B can be performed by, for example, the system and/or computing device(s) of FIGS. 1A-4C. The process of FIG. 9A can render the user interface of FIG. 11.

At step 912, at a geo-location where an identification and/or data association device is located (e.g., polling place), a problem can be reported via the identification and/or data association device or other device, as described above with respect to steps 902 and 908 of FIG. 9A.

At step 914, at an HQ (e.g., election HQ), or over a network (e.g., online), or even on the identification device, the reported problems can be monitored (e.g., over a user interface as described above with respect to the process of FIG. 9A). For example, at headquarters, an election official can view a dynamic map giving the official a snapshot of the entire localities technical performance.

At step 916, a rover is located (e.g., within a range of or close to a geo-location) via the rendered dynamic map, as described above with respect to the process of FIG. 9A.

At step 918, a rover vehicle can be (automatically) dispatched to the geo-location.

At step 920, the reported problem can be serviced by the rover (e.g., the identification and/or data association device can be fixed). In some aspects, this servicing can be performed without the use of call center personnel. In some aspects, an EID can be deployed at each polling site, and with each rover, to monitor each precinct in real-time, and to replace or fix an EID that is broken at a polling site with the rover's EID. In some aspects, data from the rover's EID may be synched with the EID of the polling site to fix the EID of the polling site. Processing then returns to other steps or processes.

Illustrative Data Structures And Interfaces

FIG. 1OA shows an embodiment of a template for printing a tally of votes or other data. As shown, the template can be an arrangement in two or more dimensions for data that is sufficient to enable a processor to provide data to a user (e.g., via a screen or a printout). The template can be structured in a data structure, such as an object, a file (markup language, XML, etc.), a database, or the like. The template of FIG. 1OA can be used by the process of FIG. 8 A to manage voting data, including reading and confirming a tally of votes or other data. The process of FIG. 8 A can print the template with the associated vote or other data from a polling place; receive a marked-up version of the printed template; read the predetermined slots; and determine if information scanned with the slots are confirmed.

As shown, the template includes a plurality of rows slots 1004 (e.g., for printing a vote or other data) associated with a plurality of candidate slots 1002. Each row can be associated a signature slot 1008 (e.g., for a person to sign and verify the associated row's vote or other data in the signature slot and for a process to read and confirm the signature within the slot). Each column can have a different summation slot 1006 (e.g., for a tally of the number of votes or other data for a candidate to but marked in that slot and for scanning the number). The summation slots can also be associated with a verification slot 1010 (e.g., for marking a signature to confirm the overall tally).

FIG. 1OB shows an embodiment of a template for printing a tally of votes or other data, such as an Electronic Poll Book (EPB). The template and/or slots of FIG. 1OB is substantially similar to the template and/or slots of FIG. 1OA except, the template includes a plurality of rows for each user (e.g., voter), including information for user personal information column 1011, user signature column 1012, and barcode column 1013. Each user's personal information can be printed in a slot of column 1011. The associated user can sign or designate that an electronic signature be marked in a slot of column 1012. A barcode associated with the user and/or the user's data association can be marked in a slot of column 1013. As shown, the barcode may be encoded in a non-human readable fashion (barcode, holographic code, color code, etc.). Referring to FIG. 10D, the barcode information 1015 can be divided into a plurality of portions, including a portion representing a user's data association 1017 (e.g., vote), and a unique random identifier 1013 that identifies the user. In this way, humans cannot determine what the data associated with the user is, but an electronic software can confirm a data association (e.g., vote), and tally the results (e.g., in a computed tally).

FIG. 1OC shows an example of a template for providing a receipt of user identification and/or data association (e.g., receipt for a confirmed voter's vote). The template can be used by any of the data association processes described here, for example, to produce an output to the user to confirm the success of the data association. As shown, the template includes data association slots 1014 shown in human readable format to confirm the data association with the user (e.g., the user's votes). The template can also include barcode 1015 which can be of the format of barcode 10D, described above. In this way, the barcode 1015 can be confirmed by matching against the barcode placed or marked on a tally of for example the tallies of FIG. 10A- 1OB. The template also includes a time-date stamp 1016 to confirm the data of the data association (e.g., day of voting).

FIG. 1OE shows an example of a template for providing a receipt for routing a user to a geo-location for further identification and/or data association. The template can be used to create a printout, for example, in step 514 of FIG. 5. As shown, the template includes personal user information slot 1020 (e.g., for rendering personal information) and indication 1021 for indicating the correct geo-location associated with the user. The printout of 1OE can be printed in lieu of FIG. 1OC if a user is not authorized to use a particular EID at a particular geo-location.

In operation, the data structures of FIGS. 10A- 1OE can be used by the EID and/or the processes described above. For example, the tabulation/tallying of votes includes providing (e.g., printing) an electronic poll book as shown in FIG. 1OB by an EID. The tallying process can also include printing the tally of votes, such as shown in FIG. A by an EID. The tally can be a single printed tally or even separate receipts such as shown in FIG. 1OC or even the receipt of FIG. 1OE (to show that no vote was entered for the person receiving the receipt of FIG. 10E). The voter can either sign an area(s) 1008 and/or 1012-1013 corresponding to the votes or an electronic signature or user unique barcode 1015 may be printed on the area. A human voting monitor can read the tally, compare the signature against the information from the EPB, and sum up the votes for the various candidates or categories 1002 in sum areas 1006. The monitor can verify the tally by signing the tally in area 1010. The tally can be scanned into and saved in the EID using the EID 's handheld scanner. The election monitor's signature or the voter's signature can be compared against the corresponding signature(s) stored in the EID. The sums of the votes can be read in and compared against the sums stored on the EID. If the signatures match and the sums match, the tally is verified. Auditing reports can be printed based on the scanned in tally.

FIG. 11 shows a user interface for monitoring identification of users and data usage (of identified uses) in accordance with one embodiment of the invention. In some aspects, the user interface can provide an integrated, online tracking system to monitor logistics and hardware for identification and/or data association devices (e.g., for management of elections using EIDs). The user interface of FIG. 11 shows a terminal (e.g., electronic identification device)' s current status in the different polling places as well as any possible communication problems. The user interface also shows a historical file of the terminal. The interface of FIG. 11 can be used by the process of FIG. 9A-9B for monitoring identification of users and data usage.

Element 1101 shows a zone that can be chosen by the user by clicking on a mouse. Element 1102 shows a data from the terminal that is currently selected. Element 1103 shows a graphic representative of incidences registered in a terminal on that date, including a historical statistic of operating statuses for the terminal and/or a percentage of operating to non-operating statuses for the terminal, or the like. Element 1104 shows a historical file with all registered incidences registered in at least on terminal or a plurality of terminals, including historical statistics for a plurality of terminals. Element 1105 includes a button to print the document with the same structure as the current screen. Element 1106 includes menus of the application and status bar. The user interface and/or specific user interface elements can be touch sensitive or activated by mouse clicks, or other input. When activated, the elements can expand to provide more information about the element (e.g., more information about the statutes of a selected geo-location, to dispatch a selected rover). The user can click on element 1105 to printout at least a portion of the user interface. FIG. 12 shows an embodiment of a data schema for identification of users and association of data. The schema can define data in relational databases, object oriented databases, markup language files, or the like. Rows associated with each of the table may be stored, for example, in components of FIGS. 1A-4C. The tables and fields shown are examples, and more, other, or fewer fields and/or tables can be used without departing from the scope of the invention. The schema includes parsing algorithm table 1202, application table 1206, user table 1204, application summary table 1208, and record table 120.

Parsing algorithm table 1202 includes fields parsing algorithm ID (e.g., for uniquely identifying a record in the table), data type (e.g., for identifying the type of data operable by a particular parsing method), parsing function (e.g., an algorithm or routine for processing data and/or storing the processed data such as in database entries described herein), and an application ID (e.g., a foreign key to identify the type of application associated with this parsing method). As shown, the parsing algorithm table 1202 can have a relationship (e.g., one-to-one, one-to-many, or many-to-many) with application table 1206 (e.g., via data type field or application ID). As shown, the parsing algorithm table 1202 can have a relationship with record table 1210 (e.g., via data type field).

Application table 1206 includes application ID (e.g., for uniquely identifying a row in this table), data type (e.g., for identifying at least one type of data operable by this application's function), application function (e.g., a function to apply to the database entries), including records of application summary table 1208, user table 1204, and/or record table 1210, and geo-location field (e.g., for identifying the geo-location where this application is usable). As shown, the application table 1206 can have a relationship (e.g., one-to-one, one-to-many, or many-to-many) with application summary table 1208 (e.g., via data type field or application ID).

Application summary table 1208 includes application summary ID (e.g., for uniquely identifying a row in this table), application ID (e.g., for identifying a function operable on this table), sum (e.g., for storing a summation of data from record table 1210 or user table 1204), certification (e.g., for storing certification information, including whether the information is confirmed - for example by a tally process), and data type field (e.g., for identifying at least one type of data operable by this application's function). As shown, the application summary table 1208 can have a relationship (e.g., one-to-one, one-to-many, or many-to-many) with record table 1210 (e.g., via data type field). Record table 1210 includes user ID (e.g., for identifying a user associated with this record entry), record ID (e.g., for uniquely identifying a row in this table), data type field (e.g., for identifying at least one type of data operable by this application's function), multimedia object (e.g., for storing multimedia object received from data source), and/or parsed data (e.g., for storing an output of an application of a parsing function into received data such as a multimedia object; the data can be a vote registered to a user). As shown, the application record table 1210 can have a relationship (e.g., one-to-one, one-to-many, or many-to-many) with user table 1204 (e.g., via user ID field).

User table 1204 includes User ID (e.g., for uniquely identifying a row in this table; the data in this field can be an encoding of information uniquely identifying the user such as biometric data combined with a driver's license number), name (e.g., for identifying the name of the user), social security number (e.g., for identifying the social security number of the user), date of birth (e.g., for identifying the date or other data of birth of the user), and encoded biometric data (e.g., for storing biometric information that has been encoded, into, for example, an alphanumeric string). The invention described herein may have a variety of further uses. For example, a user wishing to fulfill a medical prescription may use an EID to scan the paper prescription. Once the prescription is scanned, at least one identifier (e.g., the patient's name) can be parsed and used via a plurality of database entries to locate a in a database entry containing a biometric identifier (e.g., a fingerprint). The user can then provide a matching biometric identifier via a biometric reader (e.g., fingerprint scanner) contained within the EID. If the match of the biometric identifiers is successful, then the EID may confirm the prescription as valid, store it in a database entry, and/or launch an application to process the prescription. Furthermore, the EID can also process other identifiers, such as the doctor's signature, to determine whether the prescription is valid. The EID, by itself or via an EIMS, may also verify the patient's identity using the processes described above; validate medical benefits; obtain or update medical records (e.g., to avoid drug abuse or drug interactions); or obtain medical information about the prescription (e.g., potential side effects). In another example, a user in a remote inhospitable location (e.g., a jungle) wishing to obtain access to encrypted computer records may use an EID to obtain biometric information (e.g., both a fingerprint scan and iris scan). This biometric information can then be parsed into identifiers that can be compared to a plurality of identifiers in a database. If an appropriate match is found (e.g., a database entry with corresponding fingerprint and iris scans), then the database entry may provide an access code. The access code can then be used to unlock the encrypted files. Furthermore, the EID may require the user to successfully confirm other identifiers (e.g., a signature) before unlocking the encrypted files.

For the sake of brevity, it should be understood that certain structures and functionality, or aspects thereof, of embodiments of the present invention that are evident from the illustrations of the Figures have not been necessarily restated herein.

A computer or processor readable medium such as a floppy disk, CD-ROM, DVD, etc. may be use to store the processes, techniques, software, and information illustratively described herein. The media may store instructions, which when executed by a computer processor causes the processor to perform the processes described herein. The media can also be stored on devices, such as a server device, within a database, within main memory, within secondary storage, or the like.

It is to be understood that the invention is not to be limited to the exact configuration as illustrated and described herein. Accordingly, all expedient modifications readily attainable by one of ordinary skill in the art from the disclosure set forth herein, or by routine experimentation there from, are deemed to be within the spirit and scope of the invention as defined by the appended claims.

Claims

THE CLAIMSWhat is claimed is:

1. An apparatus for confirming the identification of a user when associating data with the user, the apparatus comprising: a biometric reader configured to receive biometric information representative of the user; a scanner configured to receive information for determining a first code; a data source reader configured to receive a second identifier representative of a first code, wherein the first code identifies the user; and a processor configured to perform actions comprising: parsing the biometric information to generate a first identifier; matching the first identifier to a database entry about the user; receiving a second identifier representative of the first code, wherein the first code identifies the user; and providing confirmation of the user's identity when the first identifier, database entry, and second identifier satisfy a matching criteria.

2. The apparatus of claim 1 , wherein parsing the biometric information to generate the first identifier comprises: determining a parsing algorithm based on an application associated with the apparatus; and applying the parsing algorithm to the biometric information.

3. The apparatus of claim 1, wherein receiving the second identifier representative of a first code, wherein the first code identifies the user, comprises: determining a parsing algorithm based on an application associated with the apparatus; receiving a data source from the data source reader; and applying the parsing algorithm to the data source to generate the second identifier.

4. The apparatus of claim 1, wherein the actions further comprises: determining a parsing algorithm based on an application associated with the apparatus; and applying the parsing algorithm to a data source to generate parsed data or a multimedia object.

5. The apparatus of claim 4, wherein the actions further comprises: determining an application summary algorithm based on an application associated with the apparatus; and applying the application summary algorithm to a plurality of parsed data including the parsed data to generate a summary and certification of the plurality of parsed data, wherein the application summary algorithm is a method configured to determine and confirm a tally of votes based on imaged data received by scanning a printout of the votes on the scanner.

6. The apparatus of claim 5, wherein the actions further comprises: providing pre-election data before an election begins, wherein the pre-election data comprises data configured to determine the matching criteria; providing real-time election day data comprising the confirmation of the user's identity; electronically processing post-election data after the election ends, wherein the postelection data comprises the tally of votes based in part on the real-time election day data; and generating a validation of the election day data based on the post-election data, wherein the post-election data comprises a confirmation of a tally of votes on a single tally including the vote cast by the voter.

7. The apparatus of claim 1, wherein providing confirmation of the user's identity comprises: setting information on an smart card indicating an activation for the user, wherein the smart card is configured to be readable by the data source reader; storing information in an Electronic Registration Book (ERB) to indicate that card is activated; and indicating a special need of the user so that the special need of the user can be attended to when a vote is cast using the smart card.

8. A system for confirming the identification of a user when associating data with the user over a network, the system comprising: a client device configured to perform actions comprising: receiving biometric information representative of the user; processing the biometric information to generate a first identifier; matching the first identifier to a database entry about the user; imaging a document to automatically retrieve a second identifier, wherein the second identifier is representative of a first code, and wherein the first code identifies the user; providing confirmation of the user's identity when the first identifier, database entry, and second identifier satisfy the matching criteria; and sending the confirmation and at least a portion of data from the database entry to a server device; wherein the server device is configured to perform actions that include storing the confirmation and the at least the portion of the data in another database entry associated with the user.

9. The system of claim 8, wherein the imaging the document to retrieve the second identifier comprises: providing a user identification article that includes the second identifier; and applying an application specific parsing algorithm to the user identification article to retrieve the second identifier, wherein the identification article includes a user identification card, driver's license, a social security card, a credit card, or a birth certificate; wherein the identification article is imaged, and the a security token based on the second identifier is optionally identified.

10. The system of claim 8, wherein the imaging the document to retrieve the second identifier comprises: providing a user identification article preferably in the form of a card that has the first identifier and personal information of the user or an access code associated with the article; scanning the user identification article; and transmitting over the network the scanned article to an authority for confirmation thereof and when so confirmed, receiving the second identifier from the authority; or generating the second identifier based on the user's personal information.

11. The system of claim 8, wherein the server device is configured to perform actions comprising: determining an operating status of an identification device based on the plurality of attempted authentication, wherein the plurality of attempted authentication comprises the provided confirmation; and rendering a map encompassing a plurality of geo-locations based on a plurality of statuses for the plurality of geo-locations, wherein the statuses comprises the determined operating status.

12. A processor readable medium for confirming the identification of a user when associating data with the user, comprising instructions that when executed by a processor causes the processor to perform actions comprising: receiving biometric information representative of the user; applying a parsing algorithm to the biometric information to encode a first identifier; matching the first identifier to a database entry about the user; imaging a document to automatically retrieve a second identifier of the plurality of identifies, wherein the second identifier is representative of a first code, and wherein the first code identifies the user; and providing confirmation of the user's identity when the first identifier, database entry, and second identifier satisfy the matching criteria.

13. A device for confirming the identification of a user when associating data with the user comprising: a device housing; a biometric input device that receives biometric information from a user and is associated with the housing; at least one second input device that receives additional information from the user and is associated with the housing, wherein the at least one second input device comprises an imaging device configured to retrieve an identifier that identifies the user; a processor located within the device housing, wherein the processor is operatively associated with the biometric and second input devices and is configured for associating data obtained from the information received therefrom with a database entry to confirm the identity of the user.

14. The device of claim 13, wherein the biometric input device is a fingerprint scanner, a retinal scanner, or a voice scanner, and the second input device is a magnetic stripe reader, a smart card reader, or an optical scanner.

15. The device of claim 13, further including an output device associated with the device housing and configured for providing information to the user, wherein the output device is a printer, an optical scanner associated with a printer, or a computer screen each configured to display information in a graphical and textual manner.

16. A method for confirming the identity of a user when computing an association of data with the user by a method which comprises: receiving biometric information representative of the user; parsing the biometric information to generate a first identifier of a plurality of identifiers; matching the first identifier to a database entry about the user; imaging a document to automatically retrieve a second identifier of the plurality of identifies, wherein the second identifier is representative of a first code, and wherein the first code identifies the user; and providing a confirmation of the user's identity when the database entry and plurality of identifiers satisfy a matching criteria.

17. The method of claim 16, wherein the imaging the document to retrieve the second identifier comprises: providing a user identification article that includes the second identifier; and providing instructions on a screen display on where to place the user identification article on the screen display, wherein the instructions provide a graphical representation of an area appropriate for placing the article on the screen display; scanning the second identifier from the identification article that is placed in the area on the screen display.

18. The method of claim 16, wherein the imaging the document to retrieve the second identifier comprises: providing a user identification article that has the first identifier and an access code associated with the article; electronically processing the user identification article to obtain the first identifier and access code; transmitting the first identifier and access code to an authority for confirmation of the user identification article; and when so confirmed, receiving the second identifier from the authority.

19. The method of claim 16, wherein imaging the document to retrieve the second identifier comprises: providing a user identification article that has personal information of the user associated therewith; electronically processing the user identification article to obtain the user's personal information; generating the second identifier based on the user's personal information; providing a keypad on a touch screen for entry of a PIN of the user; receiving the PIN; and determining a third identifier of the plurality of identifiers based on the PIN.

20. The method of claim 16, which further comprises: receiving voting input of the user when the user's identity is confirmed; storing the received voting input in the database entry; confirming a plurality of votes from the plurality of database entries associated with different users, including the stored voting input; printing the plurality of votes on a single tally from the plurality of database entries associated with the different users; scanning a marked up version of the printed plurality of votes on the single tally to generate imaged data of the plurality of votes and a tally of the votes; parsing the imaged data for at least one signature associated with a vote and the tally; and providing a confirmation of the plurality of the votes when the at least one signature matches signature data associated with the vote and stored in one of the plurality of database entries.