Secure access systemTechnical Field
The present invention relates to various systems for verifying the identity of an individual, and in particular, to an individual carrying a wireless device for use at a point-of-sale terminal, the wireless device having a memory, such as an ID card, credit card, smart card, transponder, bar code, or a combination of such memories.
Technical Field
There are many authentication systems in the prior art. In some systems, a picture of a person or a fingerprint pattern thereof is affixed to an identification card. In other approaches, various methods are used to store the image or password information in a magnetic stripe or visually encoded image or pattern that is part of the identification card. There are also methods of using "smart cards" that have their own semiconductor memory capability for information storage.
Us patent No. 6,175,922(Wang) discloses an electronic transaction system for completing a transaction request at a point-of-sale terminal, using a portable electronic authentication device carried by a user. The device first receives digital data representing a transaction request. The electronic verification device provides information regarding the ability to approve the transaction request. When the transaction is approved, the electronic verification device receives additional data representing an electronic service verification token.
U.S. patent No. 6,140,939(Flick) discloses a biometric security system for an automobile. The control system includes a controller for learning a unique biometric characteristic of an individual to determine that the learned individual is capable of causing a function associated with the vehicle to be performed. The vehicle function control system includes a biometric characteristic sensor, and a controller at the vehicle for controlling vehicle functions responsive to the biometric characteristic sensor.
U.S. patent No. 5,857,152(Everett) discloses an electronic system for toll payment. The system identifies an electronic wallet and transfers the value over a communication system without the need for the car to stop. The system provides for toll payment through the use of a communication device and an electronic wallet connected to the device. The remote communication system communicates with the mobile device by cryptographically exchanging security information to effect toll payment.
U.S. patent No. 5,706349(Aditham et al) discloses a system for authenticating remote users in a distributed environment. Once the security mechanism determines that someone requests to be a remote user, a token is initially sent to the remote user. Prior to accessing the connection between the remote user and the application server, the system verifies that the token associated with the connection request has been issued by the security mechanism.
U.S. patent No. 6,202,055(Houvener et al) discloses a system for processing financial documents. A client at the recognition terminal initially submits a document-perhaps a check. The accounting account number is communicated to a remote database containing digital photographic images of authorized users of the accounting account. The remote database is searched and any photo images associated with the accounting account number are transmitted to the recognition terminal. The image is displayed and compared to the physical appearance of the customer. The employee at the site then determines whether at least one of the displayed digital images matches the appearance of the person initiating the transaction.
Us patent No. 5,903,225(Schmitt et al) discloses an access control system with fingerprint sensor registration. The system includes a station for enrolling an individual as an authorized individual based on the read fingerprint. The system also includes a wireless device carried by the authorized person and an access controller for authorizing access to the authorized person. The wireless device cooperates with the enrolment station to store data for the approved person based on the read fingerprint. An authorized person with a wireless device is discreetly granted access by approaching the access location.
Us patent No. 5,973,731(Schwab) discloses an authentication system that provides interactive communication of text and image information between a central server and a plurality of remote terminals. The central server maintains a centralized database of individual, data-compressed images-and then transmits the data-compressed images to the local terminals upon request during the transaction. The image may comprise a copy of an approved signature which is then used by the transaction terminal to compare with the scanned signature image on the authorization slip (slip).
While written signatures are also being considered by people as the preferred way to convey admission and legal commitments, the need for absolute confirmation is maintained to ensure that the customer is the very person authorized to make the commitment.
What is needed is a system that will use wireless technology (principally) accepted by parties in commercial transactions of any value that captures a digital signature (as an international standard for identification) while capturing an electronic signature (written text), the combined signature being irrefutable, a pen-based system that is both compatible with and independent of card-based systems.
Disclosure of Invention
The present system addresses these needs. For purposes herein, a list of key terms is presented hereafter to clarify the scope of the authenticated payment system of the present invention.
The transponder is a wireless device, which is a transceiver. The transponder is part of a transponder system-the system also includes an interrogator. The transponder is able to accept the challenge of the interrogator by transmitting an appropriate reply. The transponder receives and transmits data wirelessly, typically by low frequency radio waves. The transponder is typically an ID card, a key fob, a wireless telephone, a Personal Digital Assistant (PDA), or some other device that can be carried by a customer in a purse, wallet, key chain, or pocket. The transponder may be active or passive. This definition specifically excludes any data transfer that relies on swiping or inserting the card into a conventional card reader.
A stylus refers to any device compatible with a user's hand or finger for the purpose of marking on a flat surface. The plane may be a digital surface or a sheet of paper. While the drawings depict a stylus of conventional shape, other shapes and designs are also within the scope of the invention, such as any attachment for a finger or a stylus-like device, or for that purpose, any hand-graspable tool. The stylus may or may not include an ink cartridge.
Dynamic registration refers to the process by which an existing customer can register his identity into a new system by engaging in a regular transaction. For example, if an electronic or digital signature is to be used for reference purposes, such a signature is captured when a customer picks up a stylus and signs his name. To the client, the registration is traceless and virtually invisible.
The authenticated payment system of the present invention includes a wireless device carried by a customer, a device reader for accessing customer data via the wireless device, a device for generating an electronic signature, a sensor for capturing a digital signature during a commercial transaction process, a point-of-sale processor for processing the electronic signature data and the digital signature data from the device reader, and a host in digital communication with the point-of-sale processor.
The method for authenticating a payment of the present invention comprises: a customer approaches a point-of-sale terminal having goods to be purchased, the customer generates an electronic signature when indicating intent to commit to a commercial transaction, captures the customer's digital signature when the electronic signature is generated, compares the captured customer digital signature to a reference digital signature, and approves the transaction as long as a predefined threshold for authentication is met and the customer has sufficient funds to pay for the transaction.
The first preferred embodiment of the identity verification system of the present invention is used in commercial transactions. The system includes a host, an interrogation device, a transponder device, and a stylus.
The host may access data connecting the customer and the customer's payment account. The interrogator is connected to the host and is located at the point of sale terminal. The transponder is wireless and carried by the client and transmits data to the interrogator upon request. The transmitted data belongs to the identity of the client. The stylus is attached to the point-of-sale terminal and includes a sensor mounted in a stylus holder. The sensitive element captures the digital signature of the customer when the customer signs his name. Access to the customer's payment account is only allowed if the read digital signature matches the reference digital signature.
For use in a commercial transaction at a point-of-sale terminal, a customer registers to select a customer account for payment. The customer also submits a digital signature, preferably a fingerprint, for reference purposes. The customer is then issued a responder which connects the customer to the customer account and references the digital signature. When a customer makes a payment at a point-of-sale terminal, an interrogator mounted at the point-of-sale terminal transmits a radio signal requesting authentication. The wireless transponder submits data to the interrogator. Thereafter, when the customer submits written data (e.g., a signature) using the stylus, a sensor in the stylus performs a temporary capture of biometric data to enable the interrogator to confirm the customer's identity. Similarly, the system may be used to verify identity when a customer wants to cash a personal check.
At the heart of the method is a stylus with any number of biometric sensors or with one or more measurement sensors, which is capable of temporarily capturing data relating to authentication while the stylus is in use. The identity verification method of the invention can access computer networks at point-of-sale terminals in different controlled environments, including pen-based computers and smart pens, conventional handwriting tools for electronic commerce, and multi-purpose handwriting tools in applications.
For purposes of illustration, the system presented herein is described in conjunction with a point-of-sale terminal, but it should be understood that the principles presented herein may be applied to a wide range of other activities requiring handwriting or signatures, such as internet and intranet commerce, access control, government activities (voting, driver registration, receipt of government benefits), and in constrained environments (e.g., hospitals, and banks).
Digital signatures can be generated in a number of ways:
PCT application PCT/US99/17900 entitled "identity confirmation System" filed on 7.4.1999; us patent application 09/490,687 entitled handwriting tool and authentication system, filed 24/1/2000; U.S. patent application No. 09/535,411 entitled "authentication method" filed on 3/20/2000; and PCT application PCT/US00/19652 entitled "authentication system and method" filed on 7/18/2000, the applicant disclosed the use of a fingerprint sensor mounted in a stylus barrel for generating an electronic signature as the preferred digital signature.
U.S. patent No. 6,064,751 (smiths) discloses a method of generating a digital signature using various measurement and biometric sensors mounted in a stylus barrel. A computer-based system captures and verifies an electronic handwritten signature. The system comprises: a stylus having a plurality of sensors that capture biometric characteristics of a user, and a database of signature templates that store verified signature information. In signing, a digital signature is generated that contains certain characteristics of the author during the signing action, such as the relative positions of size, shape and curves, circles, lines, points, intersections, and other characteristics of the signature being inscribed, as well as the relative speed at which the characteristics were given. A composite digital signature of the captured signature measurements is compared to a stored set of reference measurements to obtain a similarity score.
The interrogator is in digital communication with the host-the interrogator is installed at a point-of-sale terminal. The wireless device is preferably a transponder. The stylus may be attached to the point-of-sale terminal via a pen-based computer or a signature strip. During the enrollment step, a digital signature, such as a fingerprint, is captured and saved in a file associated with the enrollee or in the wireless device.
The customer registers to notify the system of the customer's account to be used for payment. The customer also submits an electronic signature (written handwriting of the name) and a digital signature for reference purposes-a fingerprint. The client is then sent to a wireless device, which has memory. The memory may be an ID card, credit card, smart card, transponder, bar code, or a combination of these memories. An authentication device reader (e.g., card reader, interrogator, scanner) compatible with the wireless device is located at the point-of-sale terminal. Thereafter, when the customer submits the written data using a stylus, an electronic signature is generated. Similarly, a sensor in the stylus captures data used to generate the digital signature. The reference picture is then accessed through a memory in the wireless device carried by the customer. The digital and electronic signatures are then compared to reference data to verify identity.
The stylus includes one or more fingerprint sensing elements that capture an image of the customer's fingers while the stylus is grasped. Fingerprint sensors are used herein for purposes of explanation, and it is to be specifically understood that the principles of the present invention are also applicable to the readout of DNA and other biotechnological properties, including cell capture or cell analysis sensors. During conventional use of the stylus, the sensitive element compares the necessary data with the digital signature to determine authentication. The preferred embodiment of the present invention's authenticated commercial transaction system is compatible with the following:
fingerprint-sensitive elements (card readers, point-of-sale counters, cards) in devices other than a stylus
Stylus with fingerprint sensing element for attachment to point of sale
Credit card
Stored value, ATM, check card
Reference to photographs, banks, and account numbers in cards, key cards (keytags), or wallets
Account number, key plate or wallet in bank and card
Personal identifier, key tag, or wallet in a card
Intelligent pen with fingerprint sensing element attached to point of sale
Credit card
Stored value, ATM, check card
Referring to photo, bank, and account number in card, key tag, or wallet
Account number, key plate or wallet in bank and card
Personal identifier, key tag, or wallet in a card
Wireless intelligent pen with fingerprint sensing element carried by client
Reference to account numbers in photographs, banks, and smart pens
Account number in bank and intelligent pen
Personal identifier in a smart pen
For a more complete understanding of the authenticated payment system of the present invention, reference is made to the following detailed description and accompanying drawings, in which the presently preferred embodiments of the invention are shown by way of example. As the present invention may be embodied in several forms without departing from the spirit of the essential characteristics thereof, it should be expressly understood that the drawings are for illustrative purposes and description only and are not intended as limiting the invention. Throughout the detailed description, like reference numerals refer to like elements throughout the several views.
Brief description of the drawings
FIG. 1A discloses a preferred embodiment of the payment processing RFID system of the present invention, which includes a wireless device (including an RFID memory for a unique customer record number), a stylus for capturing biometric characteristics during the signing process, a local processor-interrogator (for authenticating identity based on a comparison of the captured customer data with reference customer data), and a host (for storing customer records and transaction records and for generating monthly reports).
FIG. 1B discloses a second embodiment of the payment processing RFID system of the present invention, which includes a wireless device (RFID memory for reference biometric data, measurement data, and signature data), a stylus for capturing biometric characteristics during the signature process, a local processor-interrogator (for authenticating identity based on a comparison of the captured customer data and the reference customer data), and a host (for storing transaction records and for generating monthly reports).
Fig. 1C discloses a third preferred embodiment of the payment processing system of the invention comprising a stylus for capturing biometric characteristics during the signing process, a smart card reader, a smart card memory comprising reference biometric data, measurement data and signature data, an authentication based on a comparison of the captured customer data with the reference customer data present in the smart card memory, and a host for storing transaction records.
FIG. 1D discloses a fourth preferred embodiment of the payment processing RFID system of the present invention, which includes a wireless device (including an RFID memory for a unique customer record number), a stylus for capturing biometric characteristics during the signing process, a local processor-interrogator (for collecting data from the wireless device and stylus), and a host (for authenticating identity based on a comparison of the captured customer data with reference customer data, for storing customer records and transaction records, and for generating monthly report books).
Fig. 2A discloses a preferred embodiment of the secure RFID processing system of the present invention, which includes a wireless device (including an RFID memory for a unique user record number), a stylus for capturing biometric characteristics during the signing process, a local processor-interrogator (for authenticating the user's identity based on a comparison of the captured client data with reference client data), and a host (for storing a secure access code and access request).
Fig. 2B discloses a second preferred embodiment of the secure RFID processing system of the present invention, which includes a wireless device (an RFID memory including user biometric data, measurement data, user signature data, and a unique user record number), a stylus to capture biometric characteristics during the signing process, a local processor-interrogator (for authenticating the user's identity based on a comparison of the captured client data to reference client data), and a host (for storing a secure access code and access request).
Fig. 3 discloses a preferred embodiment of the payment processing barcode system of the present invention, which includes a wireless device (including a barcode memory for a unique customer record number), a stylus for capturing biometric characteristics during the signing process, a local processor-barcode reader (for authenticating identity based on comparison of the captured customer data with reference customer data), and a host (for storing customer records and transaction records, and for generating monthly reports).
Fig. 4 discloses a preferred embodiment of the system of the present invention for processing a conventional payment for goods and services at a point-of-sale terminal, which includes a customer ID card (including an RFID memory for a unique customer record number), a user credit or debit card from which goods or services are paid, a stylus for capturing biometric characteristics during the signing process, a local processor-interrogator (for authenticating identity based on a comparison of captured customer data with reference customer data), and a host (for storing customer records and transaction records and for generating monthly reports), the transaction being blocked if the ID card reference data does not match the biometric, measurement or signature data captured from the stylus.
Fig. 5A discloses a simplified logical diagram of a preferred method of the present invention for registering a new user for access to a (account, network data, physical) security system.
Fig. 5B discloses a simplified logical diagram of the preferred method of the present invention for registering an existing user access (account, network data, physical) security system, registration occurring dynamically as field access requests are processed.
Fig. 6A discloses a simplified logical diagram of a preferred method of enabling access to account, network data or physical data including lower security authentication, two strings of read data are compared to two strings of reference data, and access is enabled if one string of read data matches the corresponding string of reference data.
Fig. 6B discloses a simplified logical diagram of a preferred method of enabling access to account, network data or physical data including medium level security authentication, a string of read data being compared to a string of reference data, and access being enabled if the read data matches the reference data.
Fig. 6C discloses a simplified logical diagram of a preferred method of enabling access to account, network data or physical data including higher security authentication, two strings of read data are compared to two strings of reference data, and access is only enabled if each string of read data matches a corresponding string of reference data.
Fig. 7A and 7C disclose a simplified logic diagram of a preferred method of the present invention for a security system to enable access to network data to a remote user, including higher security authentication a network high security request, wherein the receive threshold is adjusted (see fig. 18A and 18B), two data streams are captured and processed, and access is enabled only if each data stream of the read data matches a corresponding stream of reference data.
FIGS. 7B and 7C disclose a simplified logic diagram of a preferred method of the present invention for a security system to enable access to network data to a remote user, including higher security identity authentication a network high security request, wherein a receive threshold is adjusted (see FIGS. 18A and 18B), two data streams are captured and processed, and access is enabled only if each data stream of the read data matches a corresponding stream of reference data; if the authentication is not confirmed, a data error is provided to the user.
FIG. 8 discloses a simplified logic diagram of another embodiment of the present invention for a security system in which reference data is used for the purpose of authenticating the identity of a user for cashing a check.
Fig. 9 discloses a simplified logic diagram of a preferred method for enabling access to a secure area, a user carrying a wireless device with an RFID memory, a string of read data compared to a string of reference data, and enabling access if the read data matches the reference data.
Fig. 10A and 11A disclose a preferred embodiment of a simplified RFID memory and a simplified customer record for the host of the payment processing system of fig. 1A.
FIGS. 10B and 11B disclose a preferred embodiment of a simplified RFID memory and a simplified customer record for the host of the payment processing system of FIG. 1B.
Fig. 12A discloses a preferred embodiment of a stylus of the security system of the present invention for providing an image of any finger touching the grip region of the stylus, an ultrasonic sensor positioned along the axis of the stylus, the sensor rotating to capture an image of the finger (like a sonar), and an enclosing sensor structure provided for capturing an image of a fingerprint.
Fig. 12B discloses another preferred embodiment of the stylus of the security system of the present invention for providing an image of any finger contacting the grip region of the stylus, six elongated silicon chip sensors mounted on the surface of the grip providing an encased sensor structure for capturing a fingerprint image.
Fig. 13A and 13B disclose exploded views of other preferred embodiments of encased sensor structures for capturing images of fingerprints.
Fig. 14A and 14B disclose simplified user record data and secure access site lists for use with the financial association.
Fig. 15A and 15B disclose various wireless styluses for use with the secure access system of the present invention, the wireless stylus including a fingerprint sensitive element, a magnetic stripe, and a hinge that opens and closes a pivot sheet where the magnetic stripe is disposed.
Fig. 16A discloses a customer identification device for the secure access system of the present invention, the customer identification device being a card, wherein the card comprises an active transponder.
Fig. 16B discloses a customer identification device for use in the secure access system of the present invention, the customer identification device being a card, wherein the card comprises a magnetic stripe credit card.
Fig. 16C discloses a customer identification device for the secure access system of the present invention, the customer identification device being a card, wherein the card includes a bar code.
Fig. 16D discloses a customer identification device for the secure access system of the present invention, the customer identification device being a card with two memories, one of which is a passive transponder and the second of which is a bar code.
Fig. 16E discloses a customer identification device for use in the secure access system of the present invention, the customer identification device being a card having three memories, one of which is a magnetic stripe, a second of which is a passive transponder, and a third of which is a bar code.
Fig. 16F discloses a customer identification device for use in the secure access system of the present invention, the customer identification device being a card having two memories, one of which is a magnetic stripe and the second of which is a bar code.
Fig. 17 discloses another preferred embodiment of the wireless device of the present invention, the wireless device is a commercial ticket with an RFID memory installed therein, the memory enables the commercial ticket to be tracked and authenticated at the transfer site. For purposes of discussion herein, there are two types of RFID devices: (1) a token issued to and used by the principal; (2) tokens (similar to currency) issued to and easily and freely exchanged between parties. The latter may take the form of a plastic card, paper strip or coin.
FIG. 18A discloses a simplified threshold map for discriminating low risk commercial transactions; and FIG. 18B discloses a simplified threshold map for discriminating high-risk commercial transactions.
DETAILED DESCRIPTION OF EMBODIMENT (S) OF INVENTION
Referring to the drawings, FIGS. 1A, 1B, 1C disclose the security access system of the present invention generally. An authenticated commercial transaction system includes a wireless device carried by a customer, a device reader for accessing customer data via the wireless device, a device for generating an electronic signature, a sensor for capturing the digital signature during the course of a commercial transaction, a point-of-sale processor for processing the electronic signature data and the digital signature data from the device reader, and a host in digital communication with the point-of-sale processor.
The preferred embodiment of the authentication system of the present invention is for accessing account data, for accessing network data, and for physical access. The host has access to data connecting the customer and the customer's payment account. An interrogator mounted at a point-of-sale terminal is connected to the host. The transponder is wireless and carried by the client and transmits data to the interrogator upon request. The data transmitted from the transponder enables the system to perform an initial customer identification. The stylus is attached to the point of sale terminal and includes a sensing element disposed in a stylus holder. The sensitive element captures and generates a digital signature of the customer when the customer signs his name. The customer's payment account is only accessible after the identity is verified, which is verified by matching the digital and/or electronic signature with reference data previously submitted by the customer.
In the two-step process of the authentication process of the present invention, the data transmitted from the transponder to the interrogator is used to initially determine the identity of the customer. The second step involves the capture of data for generating digital and electronic signatures. The transaction is allowed to proceed only after the captured data is compared to the reference data.
The method of the present invention for authenticating a commercial transaction comprises: a customer approaches a point-of-sale terminal having goods to be purchased, the customer generates an electronic signature when indicating intent to commit to a commercial transaction, captures the customer's digital signature when the electronic signature is generated, compares the captured customer digital signature to a reference digital signature, and approves the transaction as long as a predefined threshold for authentication is met and the customer has sufficient funds to pay for the transaction.
The self-identity authentication system is used in commercial transactions at point-of-sale terminals. The customer registers to notify the system of the customer's account to be used for payment. The customer also submits an electronic signature (written handwriting of the name) and a digital signature for reference purposes-a fingerprint. The client is then sent to a wireless device, which has memory. The memory may be an ID card, credit card, smart card, transponder, bar code, or a combination of these memories. An authentication device reader (e.g., card reader, interrogator, scanner) compatible with the wireless device is located at the point-of-sale terminal. Thereafter, when the customer submits the written data using a stylus, an electronic signature is generated. Similarly, a sensor in the stylus captures data used to generate the digital signature. The reference picture is then accessed through a memory in the wireless device carried by the customer. The digital and electronic signatures are then compared to reference data to verify identity.
Fig. 2A and 2B disclose simplified methods for registering new customers and existing customers, respectively. For new customers, customer records must be generated. For existing customers, customer records already exist. One major advantage of having reference data in the customer record (rather than the transponder) is that: the amount of memory available for reference signature storage is not of concern for the first bit. When reference signature data is to be stored in a transponder, the amount of memory in the transponder may be insufficient to store that data. For existing customers, the customer record already exists but a confirmation check is necessary to confirm that the customer is authorized to use the account.
This approach overcomes the inconvenience of having to re-register all existing customers. Existing customers may use "dynamic registration" during regular transactions. A stylus is used to capture digital and electronic signatures during a conventional commercial transaction. Thereafter, during the commercial transaction, as part of the authentication process, whenever the card is presented through the card reader, the read photograph is compared to the reference photograph. Similarly, if a transponder is used, perhaps to purchase gasoline or other items in a convenience store attached to a gas station, the stylus captures the digital signature and uses it as a reference photograph.
For example, at a bank branch, the stylus of the present invention is placed at all cashier windows, at all automated teller machines, and at all staff desks. The new customer is issued a debit/check security/ATM card upon filling the application form. The customer uses a stylus similar to the stylus at the cashier window. During registration, preferably within a branch of the bank, a reference photograph of the customer is captured and the digital and electronic signature data is encrypted and stored in the customer's bank record. Once the registration is completed, such cards are issued and distributed to the user much like a hotel issues a room key based on the registration. The card is preprinted and certain data has been loaded into the card prior to issuance.
The stylus may be attached to a point-of-sale terminal, to a pen-based computer, or to a signature strip. Further, the stylus may be wireless, whereby the transponder is integrated with the wireless stylus (see fig. 1B and 1C). Each stylus also includes one or more fingerprint sensing elements that capture an image of the customer's finger when the stylus is grasped.
The transponder responds to the radio signal by transmitting its own radio signal. Each transponder is labeled with a unique serial number. The serial number may be linked to a credit card or debit account. A typical sale may require a match of a digital signature, require a match of an electronic signature, and require a match of a digital signature and an electronic signature at the same time. The customer selects the goods and proceeds to the point-of-sale terminal. The point-of-sale terminal indicates that the transaction is to be paid for by the transponder. An interrogator installed at a point-of-sale terminal collects data from the transponder. One light notifies the customer that payment has been accepted. Payment is effected immediately from the customer's registered account. The interrogator typically transmits a low frequency transmission via its antenna. The transponder remains inactive until it is activated by the interrogator. When the transponder passes within the effective range, the transponder is activated and causes the transponder to transmit its data in response to the interrogation. The interrogator submits a query to the transponder and receives return data from the transponder.
In a preferred embodiment the transponder has an increased memory (similar to a smart card), in which case the encrypted reference fingerprint is stored within the transponder memory. Likewise, the memory may contain account numbers, balances and customer data to be saved in the transponder memory. Fig. 6A discloses the corresponding customer bank record. The comparison of the read-out picture with the reference picture for the purpose of identity authentication is preferably performed in the transponder. A significant advantage of the system can be accomplished at the point-of-sale terminal with minimal access/input from the drive. Another advantage of the system is that both the drive and account data are updated after the transaction is completed.
In another preferred embodiment, the transponder has limited memory (similar to a magnetic stripe). The writing device is a tethered stylus attached to the point of sale terminal and the digital and electronic signatures are stored in the customer record. Both the customer bank and the account number are in the transponder. The reference signature is in a customer record at the customer bank. The comparison of the read signature with the reference signature for the purpose of identity authentication is preferably performed either in the drive, where the read photograph is transmitted, or in the point of sale terminal, where the reference photograph is transmitted. In a variation of this embodiment, the transponder has an indexed reference to the customer's bank and account number. The index reference numbers in the account index and on the transponder vary with each transaction to enhance security. The reference picture is in a customer record at the customer bank. A significant advantage of this system is that it is not very useful to thieves and hackers if the transponder is lost or stolen, since there is only minimal information on the transponder device. They can obtain the customer's bank and account number (they can know from the personal check), but they cannot gain the right to use those funds because the digital and/or electronic signatures do not match. Another advantage of this system is that the transmission of data is via a wired connection (more secure).
Passive transponders carried by the customer themselves (not including the power source) are mounted in cards carried in wallets or on key fobs. Which needs to be removed and swiped through a card reader or in an interrogator accessory. The active transponder (including the power source) may also be a PDA, jewelry, glasses, clothing or the like.
The transponder option, AMSKAN by margler, victoria, australia, is available as a commercial choice-infraved Datalink allows continuous "through-the-windshield" data transfer between the car and the roadside during the day with high reliability, which is currently used to capture information from the car when the car is refueled, restocked or at highway speeds. IRDs are composed of two main components, an interrogator and a wireless transponder. Or the interrogator is installed at a point-of-sale terminal. The size of the transponder is 130x80x50 mm.
Another choice for transponders is the Miotec's mPollux-which was developed on the SIM card and which integrated security solutions provide a flexible and secure platform for wireless PKI systems with sufficient capacity. The SIM platform is a FLASH microcontroller with a separate RISC processor for RSA operations. The MioCOS operating system is compatible with both GSM and PKI standards. Further, the integrated biometric function enables replacing the PIN code in the electronic ID card with a fingerprint match.
In a further preferred embodiment of the pen-based authentication system of the invention, the transponder is used in a smart card. Smart cards are compatible with contactless and contact transactions. Such cards are currently commercially available, such as "digital still cards". The digital still card is one of the earliest cards that combined the functions of a contact and a contactless smart card on a single chip. Which combines credit card, debit card, and pre-paid card functions to provide a wide range of services. Compatible with smart pagers, the card is used in the existing Hanaro transportation scheme. The card holder can recharge his e-wallet again at the reloading machine or ATM machine.
As proven and secure, the dual interface technology works in both contact and non-contact modes. The card is loaded with either a contact interface or a non-contact interface. This allows many recharging possibilities, including at bank terminals, bus stops, or with a PC and card reader, over the internet, which also allows electronic shopping via the internet.
The use of the transponder as a component of the pen-based authentication system of the present invention enables the transponder to be compatible with both card-based and cardless systems. In card-based systems, the device is read through a card reader at the point-of-sale terminal-and the user signs his name using a fingerprint stylus. The reference fingerprint image is stored in the smartcard/transponder device, which is also where the read-out photograph (from the pen) is compared and matched with the reference fingerprint image. This embodiment, which enables compatibility with the card reader and transponder, is also critical to being able to convert to a cardless system.
The preferred embodiment of the secure access system of the present invention is compatible with the following:
fingerprint-sensitive elements (card readers, point-of-sale counters, cards) in devices other than a stylus
Stylus with fingerprint sensing element for attachment to point of sale
Credit card
Stored value, ATM, check card
Referring to photo, bank, and account number in card, key tag, or wallet
Account number, key plate or wallet in bank and card
Personal identifier, key tag, or wallet in a card
Intelligent pen with fingerprint sensing element attached to point of sale
Credit card
Stored value, ATM, check card
Referring to photo, bank, and account number in card, key tag, or wallet
Account number, key plate or wallet in bank and card
Personal identifier, key tag, or wallet in a card
Wireless intelligent pen with fingerprint sensing element carried by client
Reference to account numbers in photographs, banks, and smart pens
Account number in bank and intelligent pen
Personal identifier in a smart pen
System security becomes particularly important when wireless devices are used because an integral part of the system, in this example a transponder, is not attached to the system, but is wireless and carried by the customer. The reference number and electronic signature data are stored in the transponder and customer records. During a request for a point-of-sale transaction, reference data on the transponder is compared with reference data in the customer record to determine whether the transponder has been altered or replaced with a counterfeit transponder. This check need not be done every time, but rather randomly or when a large transaction is involved. There are other ways. When the reference picture is stored in a transponder carried by the customer, one of the following techniques may be used:
U.S. patent No. 5,619,025(Hickman et al) discloses a method of using a photorefractive crystal for tamper evidence identification. The method for document authentication employs a temporally variable physical process to produce a reproducible effect that cannot be reproduced. A beam spot or bar is provided to a document, such as a credit card, which combines at least one, and preferably a plurality of, photorefractive crystals arranged in a random manner. The document authentication device includes a continuous light source, such as a diode laser, to illuminate the photorefractive crystal, and a photosensitive element to receive light scattered from the photorefractive crystal. The random distribution and orientation of the photorefractive crystals includes a unique feature for each card or document, and the feature is not based on any assigned numbers or codes. The photorefractive crystal includes a time-varying characteristic in response to continuous illumination that depends on the intensity of the illumination itself and the characteristics of the illumination at that time. The input to the laser illuminator can be varied to produce different responses from the photorefractive crystal, a factor that is difficult for counterfeiters to ascertain. Also, for any given illumination intensity or temporal pattern, the image received by the photosensitive elements varies over time. The time at which the photosensor signal is sampled to obtain an identification image may also vary, further increasing the difficulty for counterfeiters to overcome. A large number of "snapshots" of a time-varying image of a document are electronically captured, digitized, and stored in an electronic medium. Comparing the photosensor signal to stored data; a match indicates that it is a valid document and a mismatch indicates that it is an invalid or unauthorized document. The image recognition process may be enhanced by comparison of the rate of change in a series of images elicited by a laser illuminator.
Us patent No. 5,834,748(Litman) discloses a card comprising magnetic particles and being difficult to forge. The signal strength, period, amplitude and/or alignment of the magnetic field may be read by the magnetic reading head as encoded information. The encoding of this information can be made increasingly difficult to imitate or counterfeit by varying parameters in these (and other) mechanically readable records. A readable (mechanically readable) security device is meant to prevent counterfeiting of identification cards (including new smart cards with readable chips therein) and pens. The security of the pen is enhanced by implementing a mechanically readable security system that includes a mechanically readable magnetic tag embedded in the transaction. The indicia may also be visually noticeable or readable, but it must at least be readable by a read head capable of reading the channels of magnetic material. The marker is preferably at least two magnetic filaments or strips and preferably comprises a plurality of filaments of different coercivity, magnetic field strength, magnetic field arrangement, size or spacing to give confirmation when the stylus is passing the reading apparatus at a predetermined and preferably continuous speed only when the appropriate signal is provided by the appropriate alignment of the magnetic elements in the stylus.
When a digital signature is generated by means of fingerprint data, enrollment may also take place without a pen, but rather with a fingerprint sensor to capture a substantially complete fingerprint of the finger for reference purposes. Subsequently, when the stylus is used, the partial photograph is compared to the full fingerprint for matching purposes.
The use of a stylus compatible with existing card readers provides many similar advantages for a wireless stylus, namely compatibility with card-based systems and pen-based (cardless) systems, precisely because a transponder compatible with existing card readers enables the inventive system to be compatible with both card-based systems and pen-based (cardless) systems. Fig. 15A and 15B disclose a first preferred embodiment of a stylus holder for use with the identity authentication system of the present invention, the holder having a rotatable lamina comprising a magnetic strip readable by a conventional card reader.
The selection of the fingerprint sensing element may be one of:
FingerTIP from InfineonTMThe sensor enables the integration of a miniature fingerprint sensor into a wide variety of end products, including PCs, laptops, handheld devices, set-top boxes, point-of-sale terminal ATMs, kiosks, building access systems, or any other application that facilitates the replacement of a PIN and password identification with biometric-based authentication. The chip is compact, reliable and energetic enough to translate the previous exotic technology, biometric user ID, into a daily reality. FingerTIP is a small IC (18mm x 21mm x 1.5mm) embedded with an array of 288x 224 pixel touch sensitive elements that capture an image of the lines and ridges of a person's fingerprint when the user touches the device. Each pixel has an 8-bit data depth, enabling the evaluation of the fine grayscale (256 nuances of gray) of a fingertip and translation into a set of indices, key identifying features of a person's fingerprint. It takes only 100 milliseconds to acquire the image and transfer of the impression.
STMicroelectronics developed a fingerprint sensor that is virtually the same size as the Infineon sensor, using capacitive-sensor-array technology; a silicon IC containing an array of sensitive device chips is built. The ST's TouchChip technique uses a capacitive sensing technique to capture high resolution images of a fingerprint in less than a tenth of a second when a finger is pressed directly against the chip surface. The output of the chip is a digital representation of the fingerprint, which can be processed by algorithms developed by 5AGEM, which immediately confirm or invalidate the identification of a previously authenticated person and then be further processed by application-based software.
The transponder option, AMSKAN by margler, victoria, australia, is available as a commercial choice-infraved Datalink allows continuous "through-the-windshield" data transfer between the car and the roadside during the day with high reliability, which is currently used to capture information from the car when the car is refueled, restocked or at highway speeds. IRDs are composed of two main components, an interrogator and a wireless transponder. Or the interrogator is installed at a point-of-sale terminal. The size of the transponder is 130x80x50 mm.
Another choice for transponders is the Miotec's mPollux-which was developed on the SIM card and which integrated security solutions provide a flexible and secure platform for wireless PKI systems with sufficient capacity. The SIM platform is a FLASH microcontroller with a separate RISC processor for RSA operations. The MioCOS operating system is compatible with both GSM and PKI standards. Further, the integrated biometric function enables replacing the PIN code in the electronic ID card with a fingerprint match.
Those skilled in the art will also recognize that the principles of the identity verification system of the present invention may be applied to electronic commerce where a principal seeks to enter or access data, or simply communicate with another person. When the party seeking to conduct the transaction is remote from the host terminal (or second party), the remote party is generally not seen, and as such, neither race, ethnicity, gender, or even species can be ascertained. In this case, the need for authentication becomes increasingly important. Thus, the authentication method of the present invention requires a remote party to have access to a signature strip-the signature strip having means for generating digital and electronic signatures. Before allowing the transaction to occur, the digital and/or electronic signature is compared to reference data, and the digital and electronic signature is captured and stored in a transaction record.
In this application, a number of U.S. patents, patent applications, and PCT applications are referenced by application numbers and inventors. The disclosures of these patents and applications in their entireties are hereby incorporated by reference into this specification in order to more fully describe the state of the art to which this technology pertains.
In this application, a number of U.S. patents, patent applications, and PCT applications are referenced by application numbers and inventors. The disclosures of these patents and applications in their entireties are hereby incorporated by reference into this specification in order to more fully describe the state of the art to which this technology pertains. It is evident that many variations, modifications and variations of the authenticated commercial transaction system of the present invention will be apparent to those skilled in the art in light of the disclosure herein. The scope of the present invention is defined by the appended claims rather than the language of the foregoing specification, and all such changes, modifications and variations are intended to be included within the spirit and scope of these claims.