US20050044387A1 - Portable access device - Google Patents
Portable access deviceDownload PDFInfo
- Publication number
- US20050044387A1 US20050044387A1US10/651,361US65136103AUS2005044387A1US 20050044387 A1US20050044387 A1US 20050044387A1US 65136103 AUS65136103 AUS 65136103AUS 2005044387 A1US2005044387 A1US 2005044387A1
- Authority
- US
- United States
- Prior art keywords
- access
- code
- biometric
- sensor
- providing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
Definitions
- the inventionprovides devices, methods, and systems for controlling access to secure systems.
- the inventionprovides devices, methods, and systems for controlling access to computers and other secure systems using a portable access device.
- the inventionprovides devices, methods and systems for controlling access to systems such as computers and systems controlling access to secure facilities or premises, etc., using information provided by a person seeking access to the system, and by the system to which the person is seeking access, to determine whether access by that person is to be authorized.
- the information to be provided by the person seeking accessidentifies the person.
- the information to be provided by the systemis made available at a location at which the information to be provided by the person seeking access are input to the system.
- the information to be provided by the person seeking accesscan only be provided in the presence of that person, e.g., biometric data obtained directly from the person.
- the person seeking accessmust be physically present at the location of the system at which the information is to be input to provide his or her information, together with a device (also referred to as an “access device”) which receives the information provided by the system.
- a devicealso referred to as an “access device” which receives the information provided by the system.
- Information from the person seeking access and the systemis then used at the system's input location to determine whether to authorize the person to access the system. If the person seeking access is determined to be authorized, in various embodiments, a signal or code is provided that can be tested, e.g., by the system, to determine whether access is to be provided.
- no codemay be provided, or an invalid code, a warning, a notification of access denial, or other suitable signal(s) may be provided.
- the access deviceuses the information supplied by the person seeking access and the system, and provides the signal or code to the person, who can then provide it to the system for which access is sought by the person, or directly to the system.
- the portable deviceprovides a code to a person seeking access, and that person inputs the code to the system, which then provides access if the code is found to be authorized.
- the access devicemay output a coded signal directly to the system.
- the access deviceSince information is provided both by the person seeking access and the system for which access is sought, the access device must be present at the system location which is to receive the code or coded signal to be provided by the device, and the person must provide his or her information to the access device while at the system location.
- the person's informationis biometrically based, so that the person must be present at the system location when the system provides its information.
- the access devicemay include on-board devices that receive information provided by the person and system, or signals from such devices that are not on board the portable device but linked thereto.
- the inventionprovides a portable access device for providing the code or coded signal that may be tested to determine whether to provide access to the system.
- a portable access devicefor providing the code or coded signal that may be tested to determine whether to provide access to the system.
- such a devicecomprises an output device and at least one processor.
- the processorprocesses information provided by the person seeking access and the system and, depending upon a result of the processing, provides to the output device a code that may be used to access the system, or not, depending upon the provided information.
- the information representing a biometric characteristic of a person seeking access to the systemincludes information representing any physical characteristic of the prospective user which may be used to identify, with a certainty sufficient in view of the purposes and requirements of the system to which access is being sought, to uniquely identify the person as authorized to receive access.
- Such informationcan include, for example, data representing fingerprint patterns or finger images, retina scans, or DNA samples, and is acquired by and/or provided to the processor(s) of the portable access device by any suitable devices, such as one or more biometric sensors.
- suitable biometric characteristics, and methods and sensors for acquiring and processing information representing them, such as fingerprint and retina scannersare known, and are continuously being developed.
- the identification of suitable biometric characteristics, and devices and methods for acquiring and processing information representing them, in view of the purposes and requirements of systems to be protected by controlled accessis within the ability of those having ordinary skill in the art.
- information representing biometric characteristics of prospective usersis read or sampled directly from the person seeking access.
- one or more sensors suitable for acquiring information representing biometric characteristics of a person seeking accessare included in the access device, and configured to provide acquired information to one or more processors for use in determining whether to grant the person from whom the information is acquired access to the system.
- Some embodiments of the inventionprocess signals provided by the system to which access is being sought, in addition to biometric information related to a person seeking access as part of the process of determining whether access is to be authorized.
- the use of information provided by the system to which access is being soughtenables, among other things, the determination as to whether access is to be authorized to be made in various modes according to circumstances. For example, processing related to a request from a person seeking to access a computer system from a user station, designated as a primary entry station, from which access by the person is conditionally pre-authorized, or partly pre-authorized, may proceed in a different way than processing related to a request from the same person attempting to access the same computer system from a user station that is not designated as primary.
- the access devicecomprises one or more sensors for receiving signals from the system to be accessed.
- sensorsmay be used, alone or in combination, to receive and pass to the processor, visible-light, infrared, or other electromagnetic, audio, or other stimuli suitable for carrying information, either by wired or wireless means.
- the selection of suitable systems, devices, and methods for providing such signals to the processorwill be well within the ability of those having ordinary skill in the art, in view of this disclosure.
- the one or more processors for processing biometric information provided by the person seeking access and information provided by the systemcomprise any suitable data and signal processors, including any hardware, firmware, and software, suitable for meeting the purposes described herein.
- processorscomprise one or more application specific integrated circuits (ASICs) and associated devices and software.
- ASICsapplication specific integrated circuits
- Processing for determining whether to provide to an output device a code that may be used to access the system, depending upon the biometric information and the information provided by the system to be accessedmay be performed entirely by processors included in the portable device, or partly by processors included in the portable device and partly by processors included in the system to be accessed, in a data sharing or shared processing scheme, or in other suitable ways consistent with the purposes disclosed herein.
- processing for determining whether to provide to an output device a code that may be used to access the system, using the biometric information and the information provided by the system to be accessedcomprises conditioning provision of the code to the output device upon a correlation between the information representing the biometric characteristic and stored biometric information. For example, biometric information acquired by a biometric sensor and provided to the processor(s) is compared to stored biometric information, and a determination is made as to whether a correlation between the provided and stored information is satisfied. In the event that a satisfactory correlation is established, the processor provides to the output device a code useable for accessing the system.
- the establishment and evaluation of correlations between information acquired from prospective system users and stored biometric informationis known, and is within the ability of those having ordinary skill in the arts.
- Embodiments of access devicesmay comprise memory for storing biometric information for use in determining whether to provide an access code that may be used to access the secure system to an output device, or otherwise enable access to the secure system.
- biometric informationmay be stored in memory associated with the system to be accessed, and information and/or processing for determining whether to provide a useable access code is shared between the access device and the system to be accessed.
- the output devices to which the processors provide codes that may be used to access the secure systemmay be of any type suitable for imparting to a prospective user a code suitable for gaining access to the system, such as a human-readable sequence of alphanumeric or other characters.
- display devicessuch as LEDs, LCDs, CRTs; or printing or audio devices may be used.
- a small LCD displayis used, in order to reduce physical size and power requirements for the portable access device.
- an access devicecomprises a housing for supporting sensors, processors, and other items incorporated by the portable device, and the housing includes one or more surfaces for bearing devices useful for identifying users of the access device or other individuals, such as photographic images, electromagnetic strips, and/or other devices for storing and/or providing access to identifiers or other information.
- Such device-bearing surfacesare useful, for example, where the access device comprises relatively compact components, e.g., suitable for making the access device portable, configured such that the housing can form a suitably-sized and -shaped casing to act as an identification card.
- Such embodimentsmay further comprise electromagnetic strips and other devices for storing and/or providing access to identification and other data.
- the inventionprovides methods, and suitable processors and other components, including software, for providing codes for use in accessing systems of the type described herein. Such methods are preferably performed by portable access devices and comprise processing information received from a biometric sensor associated with a portable access device to establish a correlation between the received biometric information and stored biometric information; and, if the correlation satisfies a correlation criteria, providing to an output device of the portable access device an access code that may be used to access the system, otherwise not providing to the output device a code that may be used to access the system.
- the access codewhere provided, is determined using a signal received by a signal sensor associated with the portable access device from a signal generator associated with the system to be accessed.
- the access code that may be used to access to the systemis preferably session-specific. The provision of session-specific access codes helps, for example, to ensure that a specific authorized user offering access to the system is physically present at the point of access to the system.
- the inventionprovides methods and suitable processors and other components for providing codes for use in accessing systems of the type described herein, where the codes and the determination of whether to provide them may be made according to a plurality of processing modes, the mode used in a given case being determined by the circumstances of the request for access. For example, a signal received by a signal sensor of the portable access device from a signal generator associated with a system to be accessed may be processed to determine whether the system has received information indicating that a person seeking access to the system is attempting to access the system using a conditionally pre-authorized input device (e.g., at a primary entry station).
- a conditionally pre-authorized input devicee.g., at a primary entry station.
- an access code that may be used to access the systemis provided to an output device regardless of any biometric information received from a biometric sensor of the portable access device. Otherwise an access code that may be used to access the system is provided only upon determination that a correlation criterion or criteria is satisfied by biometric information received from the biometric sensor and biometric information otherwise accessed by the access device.
- the inventionalso provides systems for working with portable access devices according to the invention, including all suitable software, processors, memory devices, etc.
- FIG. 1is a schematic perspective view of a preferred embodiment of a portable access device according to the invention.
- FIG. 2is a schematic front elevation of a preferred embodiment of a portable access device according to the invention.
- FIG. 3is a schematic rear elevation of a preferred embodiment of a portable access device according to the invention.
- FIG. 4is a schematic functional block diagram of a preferred embodiment of a portable access device according to the invention.
- FIG. 5is a schematic diagram of a processor, and related components, suitable for use in a portable access device according to the invention.
- FIG. 6is a schematic view of use of a portable access device according to a preferred embodiment of the invention.
- FIGS. 7-9are schematic diagrams of process flows according to preferred embodiments of the invention.
- FIGS. 1-3depict a preferred embodiment of a portable access device 100 according to the invention.
- the inventionis not so limited, and the invention may be embodied in devices other than portable devices.
- all or some of the information provided by a person seeking access and the systemmay be processed by the system. In such a case, the access device need not be portable.
- Portable access device 100is useful for facilitating access to computer and other systems, and comprises: housing 101 ; signal sensor 102 ( FIG. 3 ) for receiving a signal (having the information described above) from a signal generator associated with the computer system; biometric sensor 103 for acquiring information (also referred to as “data”) representing a biometric characteristic of a person seeking access to the computer (or a “user” or “prospective user”) 200 (see also FIG. 6 ), and thereby uniquely identifying the user and the user's co-location with the access device; output device 104 ; and at least one processor 105 ( FIGS. 4, 5 ) for processing the acquired biometric data and the signal, and for providing to the output device an access code determined using the biometric data and the signal.
- signal sensor 102FIG. 3
- biometric sensor 103for acquiring information (also referred to as “data”) representing a biometric characteristic of a person seeking access to the computer (or a “user” or “prospective user”) 200 (see also FIG. 6 ), and
- Device 100further comprises numerous surfaces 107 , including edges of the housing (for clarity unmarked by reference numerals), suitable for bearing user identification devices such as photographic image 106 .
- Housing 101is sized to serve conveniently as an identification card as well as an access device.
- device 100has a length 120 of approximately 57 millimeters, a width 121 of approximately 35 millimeters, and a depth 122 of approximately 2-6 millimeters.
- device 100has dimensions similar to those of a standard credit or electronic identification card such as an automatic bank card, and will fit comfortably in a hand of most human users, in a fashion such that each of the component devices associated with the device 100 may be comfortably and effectively operated, as well as fitting in pockets, wallets, etc.
- Device 100 as depicted in FIGS. 1-3further comprises a slot 115 suitable for use in attaching a lanyard, cord, or other device for facilitating carrying and/or restraint of the access device, as for example by placing a cord around the neck of a user of the device.
- the configuration of device 100may be influenced by aesthetic, or non-functional, as well as functional considerations.
- the configuration and dimensions of slot 115 , length 120 , width 121 , and depth 122 , as well as the choice of a generally rectangular configurationmay be influenced or determined by both functional and aesthetic considerations.
- the location of various components in the devicemay also be influenced by aesthetic considerations.
- the placement of biometric sensor 103 on a first surface 125 of the access device, and signal sensor 126 on a second surface 126facilitates use and operation of the access device, as explained further herein, but may also significantly influenced by aesthetic considerations, as for example in the embodiment depicted in FIGS. 1-3 .
- the portable access device 100 depicted in FIGS. 1-3further comprises a cover (not shown) for covering biometric sensor 103 .
- the coveris opened and closed by selectively operating switch 109 , e.g., a mechanical switch which comprises a mechanical linkage that selectively rotates the cover into an open position, in which the biometric sensor 103 is exposed, and to a closed position, in which the sensor is hidden from view and protected from shocks and other harmful contacts by external objects.
- Switch 109may also include and/or selectively activate one or more switches (e.g., electrical switches 142 , 143 of FIG. 4 ), to activate processor 105 and other components of the access device 100 by activating, for example, one or more of battery 144 and power supply 141 .
- Covers and activating switchesmay also be provided for signal sensor 102 , output device 104 , and/or other components, as desired or suggested by the intended use of the access device 100 and the environment in which the device is expected to be used.
- FIG. 4is a schematic functional block diagram of a preferred embodiment of a portable access device according to the invention, showing the functional arrangement of the device's components.
- the diagram of FIG. 4depicts functional connections between a plurality of signal sensors 102 , biometric sensor 103 , output device 104 , processor 105 , battery 144 , power supply 141 , switches 142 , 143 , memories 147 , 148 , 149 , and other components.
- access device 100comprises a plurality of signal sensors 102 , including visible-light sensor 131 and infrared transceiver 133 .
- Providing a plurality of signal sensorsincreases the utility of the portable access device by, for example, making it operable with a greater variety of secure systems, under a broader range of operating conditions.
- an access devicecomprising a visible-light sensor 131 and an infrared sensor 133 may be used both to receive data based on visible light transmitted by a display screen or other device, as herein described, and to receive and transmit data using infrared signals from infrared light generators.
- Access devices according to the invention incorporating pluralities of signal sensorsmay comprise processors and processing logic, software, etc., suitable for operation of the access devices with the respective types of signal generators.
- the sensors 131 and 133enable wireless operation
- the access devicemay be coupled to the system by a wire, disconnected in the case of a portable access device, over which the system provides information to the access device.
- a suitable visible-light photosensoris the LX1970 visible light detector available from Microsemi Corporation, of Irvine, Calif.
- This componentcomprises, for example, an automatic brightness control that can extend battery operation and lengthen the life of large screen liquid crystal display components, and can operate in temperatures ranging from ⁇ 40 deg. C to +85 deg. C. It has an 8-pin MSOP surface mount package measuring only about 3 ⁇ 3 mm, which helps minimize the size of the access device.
- the Sharp Corporationalso produces several suitable visible-light photosensors.
- infrared light sensorsexist, and are continuously being developed.
- infrared transceiversare used, so that data may be both transmitted and received by the portable device 100 .
- an IrDA (Infrared Data Association) compliant devicemay be used for communication by the device with an infrared sensor to upload software updates or modifications, as well as to transmit and receive data related to access to the secure system, such as code seeds or access codes.
- a suitable biometric sensoris the AES3000 series of finger scanners, and particularly the AES3500 EntréPad® available from Authentec, Inc., of Melbourne, Fla., USA (www.authentec.com), connected to a suitable ASIC as described below via an 8-bit parallel bus, asynchronous serial interface, and/or other appropriate connection.
- the finger scanneris disposed within housing 101 such that it is accessible by the pad of a thumb or finger of a user while the access device 100 is held in the user's hand.
- Housing 101comprises a guide ridge 181 to assist the user in orienting his finger or thumb in a position, relative to the scanner, to facilitate rapid and effective scanning of the pad surface.
- guide 181may be disposed so that its position corresponds with that of a joint between the tip and first knuckle of the user's finger or thumb when the finger or thumb is in position for rapid and effective scanning.
- An example of a suitable output deviceis a dot-matrix LCD providing a 16 ⁇ 48 array of display elements.
- Such a displayis suitable for providing access codes and various warning and instruction messages of 0-12 alphanumeric or other characters, or more.
- audio, line printing, and other types of devicesmay be used.
- Processor 105may comprise an ASIC 105 such as that shown functionally in FIGS. 4 and 5 .
- the ASIC of FIGS. 4 and 5is built around an ARM940T core.
- the ASIC of FIGS. 4 and 5comprises the ARM9 processor, static RAM, and suitable interfaces for controlling and input/output interfacing with other components comprised by the access device.
- Application programming for accomplishing access processes as described hereinis stored in off-chip FLASH memory 147 .
- the access deviceis activated, as for example by activating switch 142 by opening a cover for biometric sensor 103 using switch 109 , processor 105 loads the application from FLASH memory 147 into on-chip RAM 148 .
- Application processing updatescan be provided via infrared sensor interface 133 or other suitable interface.
- processor 105has an operating temperature range of 0-70 degrees Celsius, and an operating voltage of 1.8V ⁇ 10%.
- the ARM940T processoris available through ARM Ltd., 110 Fulbourn Road, Cambridge, England.
- Battery 144may comprise a Nickel Metal Hydride (NiMH) cell providing approximately 450 mAh at 1.8V, with a life, under expected working conditions, of three years or more.
- Power supply 141provides a 100 mA output at 1.8V.
- suitable batteries, power supplies, switches, and other componentsare available commercially through a number of manufacturers.
- Housing 101is fabricated from any suitable material having sufficient strength, rigidity, durability, damage tolerance, and corrosion and water resistance suitable for the purposes described herein. In the example of a hand-held device described herein, a combination of plastic and metal components may be used. In some embodiments security is enhanced by provided access device 100 housed in a housing 101 that is sealed, potted, etc., so that the device may not be opened, or its components accessed, by any user without rendered the device inoperable.
- FIG. 5is a schematic diagram of a processor 105 suitable for use in a portable access device according to the invention.
- Processor 105comprises integrated circuit core 311 , comprising an ARM940T processor as described above, and bus interface 312 , with connections to memories 147 , 148 , 149 , and to other components including biometric sensor 103 , photosensor 102 , and display 104 .
- FLASH memory 147may store additional information, such as, for example, data representing biometric characteristics of one or more authorized prospective users of device 100 and one or more secure computer or other systems. Storage of such biometric data is useful, for example, where processor 105 processes biometric data acquired from biometric sensor 103 to determine whether a correlation exists between the acquired data and the stored biometric data, alone or in combination with one or processors associated with the secure system to which access is being sought.
- FIGS. 4 and 5Connections and interoperability between individual components shown in FIGS. 4 and 5 may be made in known manners. Many suitable components are known, or may be developed hereafter for specific applications. The selection or development of suitable components, and for suitable connections to facilitate their operation in the manner described herein, is well within the ability of those of ordinary skill in the arts, in view of this disclosure.
- FIG. 6is a schematic view of a portable access device according to a preferred embodiment of the invention being used to access a computer or other secure system in accordance with processes described herein.
- User 200is holding an access device 100 with a finger 193 positioned on a scanning surface of biometric sensor 103 , such that the image, or print, of the pad of the user's finger 193 may be scanned, and data representing the print or image acquired, for use by processor 105 as biometric data in determining whether an access code useable for accessing a computer or other system, which may comprise computer 600 and/or any other computers or other secure systems communicatively linked to computer 600 , should be displayed at output device 104 for use by user 200 .
- computer 600may be linked to one or more secure computers or other secure systems over a private local or wide area network, or via a public network such as the Internet, and may thus act as an entry port to another secure system.
- computer 600 and/or any computers or systems communicatively linked to computer 600may comprise a secure system to be accessed by user 200 , or may serve as an entry port for such systems.
- signal sensor 102is exposed to, or otherwise in a position to receive signals emitted by portion 603 of display screen 601 of computer 600 .
- signalsare generated by the system to which access is sought by causing portion 603 of the display screen (which may include all or a portion of screen 601 ) to flash on and off in a series of illuminations representing data.
- screen portion 603functions as a signal generator or light source.
- the intermittent flashes of light generated by screen portion 603 and sensed by signal sensor 102are provided to processor 105 , and interpreted by that or any other processor linked thereto, as representing data that may be used to provide a code, such as a session-unique, human readable code, to output device 104 .
- the signal portion 603may provide any suitable coded light signal.
- the entire screen portion 603may be modulated to provide a coded light signal, e.g., coded according to the Manchester code. This approach is suitable to cause sufficient technology displays, e.g., CRT, LCD, plasma, etc., to emit the coded light signal. Other modulation schemes may also be used, and are known to those of skill in the art.
- signalsare generated by infrared or other wireless devices, such as infrared transceiver 609 of keyboard 611 linked to computer 600 , or by or by port 613 , into which an access device 100 having suitable port communications devices may be inserted. Signals generated by the system to which access is sought may also be transmitted to device 100 by wire.
- FIG. 7is a schematic diagram of a process flow according to a preferred embodiment of the invention. The process depicted in FIG. 7 may be used to initialize an access device according to the invention.
- the access device 100may be provided by the operator of the system for which access is sought, or by the operator's designee, in an unititialized, or unenrolled state, in which the system is incapable of recognizing any user or providing a useable access code to any user.
- the access device 100is received by the prospective user of the secure system.
- the prospective useraccesses an initialization, or enrollment, screen for the system, as for example by using an input device associated with the system, such as a keyboard 611 of system 600 of FIG. 6 .
- an input device associated with the systemsuch as a keyboard 611 of system 600 of FIG. 6 .
- a user wishing to access the BLOOMBERG PROFESSIONAL® service provided by Bloomberg LPaccesses a system enrollment page by using the keyboard and input prompts displayed on a screen 601 and thereby accessing a system home or start-up page and entering a command ENROLL ⁇ GO>.
- the secure systemUpon receipt of the prospective user's request to enroll, e.g., the ENROLL ⁇ GO> command, at 1109 the secure system prompts the user for entry of an identifier uniquely associated with the access device 100 . For example, the system displays a screen at display 601 , prompting the prospective user to enter a serial number provided on the access device's housing 101 , as for example by typing it at a keyboard or other input device associated with system 600 .
- the systemprompts the prospective user with instructions for presenting to a biometric sensor such a biometric characteristic for acquisition of data representing the characteristic.
- a biometric sensorsuch a biometric characteristic for acquisition of data representing the characteristic.
- the systemdisplays instructions directing the prospective user to place a thumb over a fingerprint sensor of, or to present an eye for retina scanning by, a biometric sensor 103 .
- the instructionsmay be presented at a display 601 of the system 600 , at output device 104 , or in other suitable location.
- the userfollows the instructions and presents the biometric characteristic for the biometric sensor 103 , and the sensor 103 scans the presented finger or retina, or otherwise acquires data representing the biometric characteristic.
- the prospective useractivates the access device 100 by turning it on, as for example by operating a switch associated with a power supply, as for example switch 109 which also.
- the systemdetermines whether the biometric data acquired from the prospective user, i.e., biometric data representing a biometric characteristic of the prospective user, is satisfactory for use in comparing data acquired in future samplings to the currently-acquired sample, to determine whether a suitable correlation exists for identifying the prospective user and authorizing presentation of an access code useable for accessing the secure system.
- the determination whether the acquired sample is satisfactory for use in making the comparisonis made by processor(s) 105 of access device 100 , by one or more processors associated with computer 600 , by processors otherwise associated with the system to be accessed, or by any suitable combination of such processors. Criteria and processes to be used in making such determinations are known, and many new suitable criteria and processes are continuously being developed. The establishment and implementation of such criteria and processes will depend, inter alia, upon the biometric characteristics to be used, the degree of certainty desired in the correlation, and other factors, and will be within the ability of those of ordinary skill in the relevant arts.
- data representing the sampleare stored in memory accessible to the processor(s) to be used in establishing the correlation, such as one or more of memories 147 , 148 , 149 , or other memory associated with the access device or system to be accessed, and processing proceeds.
- the sampleis not satisfactory, as for example if the biometric characteristic was improperly positioned relative to the biometric sensor 103 , the prospective user is prompted again at 1113 to re-present the biometric characteristic for re-sampling.
- the usermay be prompted by the system to which access is desired, as for example by messages displayed on display 601 , by messages displayed on output device 104 , such as “bad print”, or both.
- the prospective usermay be invited to provide the biometric characteristic a set number of times before the system shuts down and, for example, requires the user to seek administrative help or to proceed according to other recommendations.
- the cycle 1113 - 1121may repeat 5 or another number of times, depending upon the objects of the secure system and those who administer it.
- the prospective useris prompted to present the access pad 100 such that one or more of signal sensor(s) 102 are able to receive signals generated by the system to be accessed.
- the prospective useris prompted to present the device 100 in the manner shown in FIG. 6 , so that photosensor 102 , 131 may receive light signals from signal generation portion 603 of screen 601 .
- processor 105Upon receipt of signals from signal generating portion 603 , at 1129 processor 105 causes an access code that may be used to access the secure system to be provided at output device 104 , as for example by displaying a four-character code on an LED or LCD display.
- a code provided at output device 104is provided only for a limited time period. This is useful, for example, in preventing unauthorized users from gaining access to the code and the secure system.
- a four-character codeis displayed on an LED display for approximately 20 seconds. It has been found that for controlling access to secure computer systems of the type contemplated herein, the 20 second period is adequate for allowing an authorized user to enter the code at a keyboard and for the secure system to receive and process the code, and grant access, while being short enough to prevent or reduce unauthorized access to the secure system.
- At least process steps 1109 , 1113 , 1117 , 1121 , 1125 , and 1129are performed wholly or at least partially by the portable access device 100 .
- FIG. 8is a schematic diagram of a process flow according to a preferred embodiment of the invention.
- the process depicted in FIG. 8may be used to control access, in any one of multiple modes, to a secure system by providing to an output device 104 in suitable circumstances, an access code that may be used to access the secure system.
- the process of FIG. 8begins at 2311 when the prospective user accesses an authorization (e.g., log-in) function of the secure system to be accessed.
- an authorizatione.g., log-in
- a user wishing to access the BLOOMBERG PROFESSIONAL® service provided by BLOOMBERG LPaccesses a system log-in screen by using a keyboard 611 and input prompts displayed on a screen 601 at a system entry port such as a computer 600 .
- the secure systemIn response to a request from the entry port, at 2315 the secure system causes the prospective user to be presented with prompts, such as interactive input fields on a graphical user interface provided at screen 601 , for the prospective users system identification number and a password.
- the entry port 600forwards data input by the prospective user, along with an identifier of the entry port itself.
- a subscribing (or otherwise authorized) user's computer terminal, or prospective entry portis provided with proprietary software for providing an interface to the BLOOMBERG PROFESSIONAL® service by causing the user's computer terminal to act as an entry port to the service.
- This softwarewhich resides at the user terminal, is designed to cause the system 600 to send to the BLOOMBERG PROFESSIONAL® service, under specified conditions including attempted log-in, an identifier used to uniquely identify the user terminal as a (prospective) entry port.
- the BLOOMBERG PROFESSIONAL® serviceretains in memory a record associating the user terminal with one or more prospective users.
- the secure BLOOMBERG systemupon receipt at 2315 of a prospective user's system i.d., the prospective user's password, and a terminal identifier, the secure BLOOMBERG system is enabled to determine whether the prospective user is attempting to access the system using an entry port with which the user is normally associated, which the system's administrators may designate as a primary entry station for the prospective user.
- the secure systemdetermines whether the entry port has been defined as a primary entry station for the user.
- the useris presented with a request to provide any additional required information, and is granted access to the secure system.
- Access to the secure system at 2335may be conditioned upon additional factors, such as correlation of data representing a biometric characteristic of the prospective user with stored biometric data.
- a primary entry stationsuch as a regular work station/terminal
- a prospective usermay be provided with a biometric sensor associated with the terminal, such as a sensor incorporated in a keyboard 611 , and pre-authorization may be conditioned upon correlation of data acquired by the keyboard sensor and stored data, instead of, or in addition to, any data acquired by a sensor on the portable access device.
- the useris presented at 2323 with instructions to present the portable access device in a fashion such that one or more of signal sensor(s) 102 are able to receive signals from the secure system, as for example by presenting the signal sensor 102 in the fashion shown in FIG. 6 , so that sensor 102 is exposed to light rays emanating from signal generating portion 603 .
- the prospective usermay also be instructed to simultaneously present a biometric characteristic for scanning or other sampling or sensing by biometric sensor 103 , as for example by presenting a fingertip as shown in FIG. 6 .
- the systemdetermines whether the biometric data acquired from the prospective user correlates satisfactorily with previously-acquired, stored data representing the same biometric characteristic.
- the determination whether the correlation between the acquired sample and the stored datais made by processor(s) 105 of access device 100 , by one or more processors associated with computer 600 , by processors otherwise associated with the system to be accessed, or by any suitable combination of such processors. Criteria and processes to be used in determining whether such correlations are satisfactory are known, and many new suitable criteria and processes are continuously being developed. The establishment and implementation of such criteria and processes will depend, inter alia, upon the biometric characteristics to be used, the degree of certainty desired in the correlation, and other factors, and will be within the ability of those of ordinary skill in the relevant arts.
- output device 104is provided with an access code that the prospective user may use to access the secure system, e.g., an alphanumeric code to be entered using a keyboard 611 .
- an access codethat the prospective user may use to access the secure system
- the secure systemUpon receipt of a valid access code, the secure system allows the user access, and proceeds with processing according to the normal rules of the accessed system, for example by providing suitable graphical user interfaces, etc.
- Access codes providedmay be session specific, i.e., valid only for so long as the prospective user continues to use the access system continuously, or opens a controlled door a single time, etc., and may be presented at output device 104 only for a limited time, e.g., 20 seconds, as previously explained.
- At least process steps 2323 , 2327 , and 2331are performed wholly or at least partially by the portable access device 100 .
- FIG. 9is a schematic diagram of a process flow for processing a signal generated by a secure system to provide an access code that may be used to access the secure system. Process steps shown on the left side of FIG. 9 are performed by a processor of the access device 100 and/or by the entry station, those on the right side by a processor or processors associated with the secure system.
- the prospective userinvokes the system log-in screen using a keyboard 611 or other input device at the entry station, as described above, and enters his/her user i.d. and password, and/or other identifying information.
- a processor associated with the secure systemUpon receipt of the user-identifying information, at 2515 a processor associated with the secure system generates a signal to be sent to the portable access device 100 .
- the signalis generated using the system time to define data content for the signal.
- the signalmay also be based on other data, derived for example from a station i.d. provided by the prospective entry station as described herein.
- the signalis transmitted by causing a display 601 , which may be referred to as a Visual Display Interface, or VDI, at the entry station 600 to intermittently transmit light, as for example by flashing signal generating portion 603 between white or other bright color and off or some dark color such as black.
- VDIVisual Display Interface
- a signal sensor 102such as a photosensor 131
- Processor(s) 105processing the signal and optionally a serial number or other identifier associated with the access device 100 , generates an access code that may be used by the prospective user to access the secure system, as for example by inputting the access code at the entry station by using a keyboard 611 .
- the secure systemuses the same algorithm used by the portable access device, or a related algorithm, determines an access code, and preferably the same access code determined by the access device 100 , that may be used by the prospective user to access the secure system.
- processor(s) 105provide the access code to the output device 104 , as for example by displaying an alphanumeric code on an LED or LCD display panel.
- a four-character codehas been found to be useful for systems of the type described herein, in which the prospective user must read the access code and enter it at the entry station within a limited amount of time, as for example 20 seconds. Other-length codes may be useful in similar or different situations.
- Provision of the access code to the output device at 2527may be conditioned upon correlation of biometric data acquired by a sensor 103 from the prospective user with previously stored biometric data, as herein described.
- the secure systemcompares the access code received from the entry station to the access code determined by the secure system at 3523 . If the access codes are the same, or are satisfactorily related according to standards accepted by the secure system, the user is allowed access to the secure system.
- the systemproceeds with allowed processing, as for example providing suitable graphic user interface displays and accepting input for further processing according to the system.
- the systemmay warn the prospective user and afford one or more opportunities for retrying, or may recommend that the prospective user seek administrative or technical help, as appropriate.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
- Storage Device Security (AREA)
- Collating Specific Patterns (AREA)
Abstract
Description
- A portion of the disclosure of this patent document contains material that is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure, as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all copyrights whatsoever.
- The invention provides devices, methods, and systems for controlling access to secure systems. In particular, the invention provides devices, methods, and systems for controlling access to computers and other secure systems using a portable access device.
- Devices for controlling access to systems are disclosed in U.S. Pat. Nos. 5,432,851 and 6,490,680 to Scheidt et al.; U.S. Pat. No. 5,272,754 to Boerbert; U.S. Pat. No. 6,463,537 to Tello; and U.S. Pat. No. 5,347,580 to Molva et al.
- The invention provides devices, methods and systems for controlling access to systems such as computers and systems controlling access to secure facilities or premises, etc., using information provided by a person seeking access to the system, and by the system to which the person is seeking access, to determine whether access by that person is to be authorized. The information to be provided by the person seeking access identifies the person. The information to be provided by the system is made available at a location at which the information to be provided by the person seeking access are input to the system.
- In preferred embodiments, the information to be provided by the person seeking access can only be provided in the presence of that person, e.g., biometric data obtained directly from the person. In such embodiments, the person seeking access must be physically present at the location of the system at which the information is to be input to provide his or her information, together with a device (also referred to as an “access device”) which receives the information provided by the system. Information from the person seeking access and the system is then used at the system's input location to determine whether to authorize the person to access the system. If the person seeking access is determined to be authorized, in various embodiments, a signal or code is provided that can be tested, e.g., by the system, to determine whether access is to be provided.
- If, as a result of processing information received from the system and from the person seeking access, it is determined that access by that person is not authorized, no code may be provided, or an invalid code, a warning, a notification of access denial, or other suitable signal(s) may be provided.
- In preferred embodiments, the access device according to the invention uses the information supplied by the person seeking access and the system, and provides the signal or code to the person, who can then provide it to the system for which access is sought by the person, or directly to the system. In one embodiment, the portable device provides a code to a person seeking access, and that person inputs the code to the system, which then provides access if the code is found to be authorized. In another embodiment, the access device may output a coded signal directly to the system.
- Since information is provided both by the person seeking access and the system for which access is sought, the access device must be present at the system location which is to receive the code or coded signal to be provided by the device, and the person must provide his or her information to the access device while at the system location. In a preferred embodiment, the person's information is biometrically based, so that the person must be present at the system location when the system provides its information.
- The access device may include on-board devices that receive information provided by the person and system, or signals from such devices that are not on board the portable device but linked thereto.
- In one embodiment, the invention provides a portable access device for providing the code or coded signal that may be tested to determine whether to provide access to the system. In a preferred embodiment, such a device comprises an output device and at least one processor. The processor processes information provided by the person seeking access and the system and, depending upon a result of the processing, provides to the output device a code that may be used to access the system, or not, depending upon the provided information.
- As mentioned, the information representing a biometric characteristic of a person seeking access to the system includes information representing any physical characteristic of the prospective user which may be used to identify, with a certainty sufficient in view of the purposes and requirements of the system to which access is being sought, to uniquely identify the person as authorized to receive access. Such information can include, for example, data representing fingerprint patterns or finger images, retina scans, or DNA samples, and is acquired by and/or provided to the processor(s) of the portable access device by any suitable devices, such as one or more biometric sensors. A large number and variety of suitable biometric characteristics, and methods and sensors for acquiring and processing information representing them, such as fingerprint and retina scanners, are known, and are continuously being developed. The identification of suitable biometric characteristics, and devices and methods for acquiring and processing information representing them, in view of the purposes and requirements of systems to be protected by controlled access, is within the ability of those having ordinary skill in the art.
- In preferred embodiments of the invention, information representing biometric characteristics of prospective users is read or sampled directly from the person seeking access. Thus, in some embodiments one or more sensors suitable for acquiring information representing biometric characteristics of a person seeking access are included in the access device, and configured to provide acquired information to one or more processors for use in determining whether to grant the person from whom the information is acquired access to the system.
- Some embodiments of the invention process signals provided by the system to which access is being sought, in addition to biometric information related to a person seeking access as part of the process of determining whether access is to be authorized. The use of information provided by the system to which access is being sought enables, among other things, the determination as to whether access is to be authorized to be made in various modes according to circumstances. For example, processing related to a request from a person seeking to access a computer system from a user station, designated as a primary entry station, from which access by the person is conditionally pre-authorized, or partly pre-authorized, may proceed in a different way than processing related to a request from the same person attempting to access the same computer system from a user station that is not designated as primary.
- Information provided by the system to which access is being sought for processing by the access device may be provided to the access device in any suitable manner. Many systems, devices, and methods for signal transfer are known, and will hereafter be developed. For example, in some embodiments of the invention, the access device comprises one or more sensors for receiving signals from the system to be accessed. Such sensors may be used, alone or in combination, to receive and pass to the processor, visible-light, infrared, or other electromagnetic, audio, or other stimuli suitable for carrying information, either by wired or wireless means. The selection of suitable systems, devices, and methods for providing such signals to the processor will be well within the ability of those having ordinary skill in the art, in view of this disclosure.
- The one or more processors for processing biometric information provided by the person seeking access and information provided by the system comprise any suitable data and signal processors, including any hardware, firmware, and software, suitable for meeting the purposes described herein. In some embodiments of the invention such processors comprise one or more application specific integrated circuits (ASICs) and associated devices and software. Processing for determining whether to provide to an output device a code that may be used to access the system, depending upon the biometric information and the information provided by the system to be accessed, may be performed entirely by processors included in the portable device, or partly by processors included in the portable device and partly by processors included in the system to be accessed, in a data sharing or shared processing scheme, or in other suitable ways consistent with the purposes disclosed herein.
- In some embodiments, processing for determining whether to provide to an output device a code that may be used to access the system, using the biometric information and the information provided by the system to be accessed, comprises conditioning provision of the code to the output device upon a correlation between the information representing the biometric characteristic and stored biometric information. For example, biometric information acquired by a biometric sensor and provided to the processor(s) is compared to stored biometric information, and a determination is made as to whether a correlation between the provided and stored information is satisfied. In the event that a satisfactory correlation is established, the processor provides to the output device a code useable for accessing the system. The establishment and evaluation of correlations between information acquired from prospective system users and stored biometric information is known, and is within the ability of those having ordinary skill in the arts.
- Embodiments of access devices according to the invention may comprise memory for storing biometric information for use in determining whether to provide an access code that may be used to access the secure system to an output device, or otherwise enable access to the secure system. In other embodiments, such stored biometric information may be stored in memory associated with the system to be accessed, and information and/or processing for determining whether to provide a useable access code is shared between the access device and the system to be accessed.
- The output devices to which the processors provide codes that may be used to access the secure system may be of any type suitable for imparting to a prospective user a code suitable for gaining access to the system, such as a human-readable sequence of alphanumeric or other characters. For example, display devices such as LEDs, LCDs, CRTs; or printing or audio devices may be used. In a preferred embodiment, a small LCD display is used, in order to reduce physical size and power requirements for the portable access device.
- In some embodiments, an access device according to the invention comprises a housing for supporting sensors, processors, and other items incorporated by the portable device, and the housing includes one or more surfaces for bearing devices useful for identifying users of the access device or other individuals, such as photographic images, electromagnetic strips, and/or other devices for storing and/or providing access to identifiers or other information. Such device-bearing surfaces are useful, for example, where the access device comprises relatively compact components, e.g., suitable for making the access device portable, configured such that the housing can form a suitably-sized and -shaped casing to act as an identification card. Such embodiments may further comprise electromagnetic strips and other devices for storing and/or providing access to identification and other data.
- In other embodiments, the invention provides methods, and suitable processors and other components, including software, for providing codes for use in accessing systems of the type described herein. Such methods are preferably performed by portable access devices and comprise processing information received from a biometric sensor associated with a portable access device to establish a correlation between the received biometric information and stored biometric information; and, if the correlation satisfies a correlation criteria, providing to an output device of the portable access device an access code that may be used to access the system, otherwise not providing to the output device a code that may be used to access the system. The access code, where provided, is determined using a signal received by a signal sensor associated with the portable access device from a signal generator associated with the system to be accessed. The access code that may be used to access to the system is preferably session-specific. The provision of session-specific access codes helps, for example, to ensure that a specific authorized user offering access to the system is physically present at the point of access to the system.
- In still other embodiments, the invention provides methods and suitable processors and other components for providing codes for use in accessing systems of the type described herein, where the codes and the determination of whether to provide them may be made according to a plurality of processing modes, the mode used in a given case being determined by the circumstances of the request for access. For example, a signal received by a signal sensor of the portable access device from a signal generator associated with a system to be accessed may be processed to determine whether the system has received information indicating that a person seeking access to the system is attempting to access the system using a conditionally pre-authorized input device (e.g., at a primary entry station). If it is determined that this person is attempting to access the system using a conditionally pre-authorized input device, an access code that may be used to access the system is provided to an output device regardless of any biometric information received from a biometric sensor of the portable access device. Otherwise an access code that may be used to access the system is provided only upon determination that a correlation criterion or criteria is satisfied by biometric information received from the biometric sensor and biometric information otherwise accessed by the access device.
- The invention also provides systems for working with portable access devices according to the invention, including all suitable software, processors, memory devices, etc.
- The invention is illustrated in the figures of the accompanying drawings, which are meant to be exemplary and not limiting, and in which like references are intended to refer to like or corresponding parts.
FIG. 1 is a schematic perspective view of a preferred embodiment of a portable access device according to the invention.FIG. 2 is a schematic front elevation of a preferred embodiment of a portable access device according to the invention.FIG. 3 is a schematic rear elevation of a preferred embodiment of a portable access device according to the invention.FIG. 4 is a schematic functional block diagram of a preferred embodiment of a portable access device according to the invention.FIG. 5 is a schematic diagram of a processor, and related components, suitable for use in a portable access device according to the invention.FIG. 6 is a schematic view of use of a portable access device according to a preferred embodiment of the invention.FIGS. 7-9 are schematic diagrams of process flows according to preferred embodiments of the invention.- Preferred embodiments of methods, systems, and apparatus according to the invention are described through reference to the Drawings.
FIGS. 1-3 depict a preferred embodiment of aportable access device 100 according to the invention. Although the representations in the drawings and the discussion below relate to a portable access device, the invention is not so limited, and the invention may be embodied in devices other than portable devices. For example, all or some of the information provided by a person seeking access and the system may be processed by the system. In such a case, the access device need not be portable.Portable access device 100 is useful for facilitating access to computer and other systems, and comprises:housing 101; signal sensor102 (FIG. 3 ) for receiving a signal (having the information described above) from a signal generator associated with the computer system;biometric sensor 103 for acquiring information (also referred to as “data”) representing a biometric characteristic of a person seeking access to the computer (or a “user” or “prospective user”)200 (see alsoFIG. 6 ), and thereby uniquely identifying the user and the user's co-location with the access device;output device 104; and at least one processor105 (FIGS. 4, 5 ) for processing the acquired biometric data and the signal, and for providing to the output device an access code determined using the biometric data and the signal.Device 100 further comprisesnumerous surfaces 107, including edges of the housing (for clarity unmarked by reference numerals), suitable for bearing user identification devices such asphotographic image 106.Housing 101 is sized to serve conveniently as an identification card as well as an access device. In the embodiment depicted,device 100 has alength 120 of approximately 57 millimeters, awidth 121 of approximately 35 millimeters, and a depth122 of approximately 2-6 millimeters. Thus,device 100 has dimensions similar to those of a standard credit or electronic identification card such as an automatic bank card, and will fit comfortably in a hand of most human users, in a fashion such that each of the component devices associated with thedevice 100 may be comfortably and effectively operated, as well as fitting in pockets, wallets, etc.Device 100 as depicted inFIGS. 1-3 further comprises aslot 115 suitable for use in attaching a lanyard, cord, or other device for facilitating carrying and/or restraint of the access device, as for example by placing a cord around the neck of a user of the device.- The configuration of
device 100, and in particular the external configuration, may be influenced by aesthetic, or non-functional, as well as functional considerations. For example, the configuration and dimensions ofslot 115,length 120,width 121, and depth122, as well as the choice of a generally rectangular configuration, may be influenced or determined by both functional and aesthetic considerations. Similarly, the location of various components in the device may also be influenced by aesthetic considerations. For example, the placement ofbiometric sensor 103 on afirst surface 125 of the access device, andsignal sensor 126 on asecond surface 126 facilitates use and operation of the access device, as explained further herein, but may also significantly influenced by aesthetic considerations, as for example in the embodiment depicted inFIGS. 1-3 . A wide variety of configurations and dimensions will be found to be useful and suitable for the wide variety of uses and applications to which it is contemplated that the invention will be put. The selection of dimensions and configurations suitable for devices used for various applications will be well within the ability of designers of ordinary skill in the art, in view of this disclosure. - The
portable access device 100 depicted inFIGS. 1-3 further comprises a cover (not shown) for coveringbiometric sensor 103. The cover is opened and closed by selectively operatingswitch 109, e.g., a mechanical switch which comprises a mechanical linkage that selectively rotates the cover into an open position, in which thebiometric sensor 103 is exposed, and to a closed position, in which the sensor is hidden from view and protected from shocks and other harmful contacts by external objects.Switch 109 may also include and/or selectively activate one or more switches (e.g.,electrical switches 142,143 ofFIG. 4 ), to activateprocessor 105 and other components of theaccess device 100 by activating, for example, one or more ofbattery 144 andpower supply 141. - Covers and activating switches may also be provided for
signal sensor 102,output device 104, and/or other components, as desired or suggested by the intended use of theaccess device 100 and the environment in which the device is expected to be used. FIG. 4 is a schematic functional block diagram of a preferred embodiment of a portable access device according to the invention, showing the functional arrangement of the device's components. The diagram ofFIG. 4 depicts functional connections between a plurality ofsignal sensors 102,biometric sensor 103,output device 104,processor 105,battery 144,power supply 141, switches142,143,memories - In the embodiment shown in
FIG. 4 ,access device 100 comprises a plurality ofsignal sensors 102, including visible-light sensor131 and infrared transceiver133. Providing a plurality of signal sensors increases the utility of the portable access device by, for example, making it operable with a greater variety of secure systems, under a broader range of operating conditions. For example, an access device comprising a visible-light sensor131 and an infrared sensor133 may be used both to receive data based on visible light transmitted by a display screen or other device, as herein described, and to receive and transmit data using infrared signals from infrared light generators. Access devices according to the invention incorporating pluralities of signal sensors may comprise processors and processing logic, software, etc., suitable for operation of the access devices with the respective types of signal generators. Although the sensors131 and133 enable wireless operation, the access device may be coupled to the system by a wire, disconnected in the case of a portable access device, over which the system provides information to the access device. - The selection of specific components for use with access devices according to the invention will depend upon the specific application(s) to which the devices are to be put, the environment(s) in which they are expected to perform, and a number of other factors that will occur to those familiar with the relevant design arts. Examples are described below for the embodiment shown in
FIGS. 1-4 and6. Identification of suitable components, existing or designed for the particular application (as for example ASICs), for systems according to the invention will be within the ability of those of ordinary skill in the relevant arts, once they have been made familiar with this disclosure. - An example of a suitable visible-light photosensor is the LX1970 visible light detector available from Microsemi Corporation, of Irvine, Calif. This component comprises, for example, an automatic brightness control that can extend battery operation and lengthen the life of large screen liquid crystal display components, and can operate in temperatures ranging from −40 deg. C to +85 deg. C. It has an 8-pin MSOP surface mount package measuring only about 3×3 mm, which helps minimize the size of the access device. The Sharp Corporation also produces several suitable visible-light photosensors.
- A variety of suitable infrared light sensors exist, and are continuously being developed. In some embodiments infrared transceivers are used, so that data may be both transmitted and received by the
portable device 100. For example, an IrDA (Infrared Data Association) compliant device may be used for communication by the device with an infrared sensor to upload software updates or modifications, as well as to transmit and receive data related to access to the secure system, such as code seeds or access codes. - An example of a suitable biometric sensor is the AES3000 series of finger scanners, and particularly the AES3500 EntréPad® available from Authentec, Inc., of Melbourne, Fla., USA (www.authentec.com), connected to a suitable ASIC as described below via an 8-bit parallel bus, asynchronous serial interface, and/or other appropriate connection. In the example shown in
FIGS. 1-3 and6, the finger scanner is disposed withinhousing 101 such that it is accessible by the pad of a thumb or finger of a user while theaccess device 100 is held in the user's hand.Housing 101 comprises aguide ridge 181 to assist the user in orienting his finger or thumb in a position, relative to the scanner, to facilitate rapid and effective scanning of the pad surface. For example, guide181 may be disposed so that its position corresponds with that of a joint between the tip and first knuckle of the user's finger or thumb when the finger or thumb is in position for rapid and effective scanning. - An example of a suitable output device is a dot-matrix LCD providing a 16×48 array of display elements. Such a display is suitable for providing access codes and various warning and instruction messages of 0-12 alphanumeric or other characters, or more. Alternatively or in addition, audio, line printing, and other types of devices may be used.
Processor 105 may comprise anASIC 105 such as that shown functionally inFIGS. 4 and 5 . The ASIC ofFIGS. 4 and 5 is built around an ARM940T core. The ASIC ofFIGS. 4 and 5 comprises the ARM9 processor, static RAM, and suitable interfaces for controlling and input/output interfacing with other components comprised by the access device. Application programming for accomplishing access processes as described herein is stored in off-chip FLASH memory 147. When the access device is activated, as for example by activatingswitch 142 by opening a cover forbiometric sensor 103 usingswitch 109,processor 105 loads the application fromFLASH memory 147 into on-chip RAM 148. Application processing updates can be provided via infrared sensor interface133 or other suitable interface. In the embodiment shown inFIGS. 1-3 and6,processor 105 has an operating temperature range of 0-70 degrees Celsius, and an operating voltage of 1.8V±10%. The ARM940T processor is available through ARM Ltd., 110 Fulbourn Road, Cambridge, England.Battery 144 may comprise a Nickel Metal Hydride (NiMH) cell providing approximately 450 mAh at 1.8V, with a life, under expected working conditions, of three years or more.Power supply 141 provides a 100 mA output at 1.8V. A wide variety of suitable batteries, power supplies, switches, and other components are available commercially through a number of manufacturers.Housing 101 is fabricated from any suitable material having sufficient strength, rigidity, durability, damage tolerance, and corrosion and water resistance suitable for the purposes described herein. In the example of a hand-held device described herein, a combination of plastic and metal components may be used. In some embodiments security is enhanced by providedaccess device 100 housed in ahousing 101 that is sealed, potted, etc., so that the device may not be opened, or its components accessed, by any user without rendered the device inoperable.FIG. 5 is a schematic diagram of aprocessor 105 suitable for use in a portable access device according to the invention.Processor 105 comprises integratedcircuit core 311, comprising an ARM940T processor as described above, andbus interface 312, with connections tomemories biometric sensor 103,photosensor 102, anddisplay 104.- In addition to storing application programming instructions,
FLASH memory 147, and/orMROM 149 andSPSRAM 148 may store additional information, such as, for example, data representing biometric characteristics of one or more authorized prospective users ofdevice 100 and one or more secure computer or other systems. Storage of such biometric data is useful, for example, whereprocessor 105 processes biometric data acquired frombiometric sensor 103 to determine whether a correlation exists between the acquired data and the stored biometric data, alone or in combination with one or processors associated with the secure system to which access is being sought. - Connections and interoperability between individual components shown in
FIGS. 4 and 5 may be made in known manners. Many suitable components are known, or may be developed hereafter for specific applications. The selection or development of suitable components, and for suitable connections to facilitate their operation in the manner described herein, is well within the ability of those of ordinary skill in the arts, in view of this disclosure. FIG. 6 is a schematic view of a portable access device according to a preferred embodiment of the invention being used to access a computer or other secure system in accordance with processes described herein.User 200 is holding anaccess device 100 with afinger 193 positioned on a scanning surface ofbiometric sensor 103, such that the image, or print, of the pad of the user'sfinger 193 may be scanned, and data representing the print or image acquired, for use byprocessor 105 as biometric data in determining whether an access code useable for accessing a computer or other system, which may comprisecomputer 600 and/or any other computers or other secure systems communicatively linked tocomputer 600, should be displayed atoutput device 104 for use byuser 200. For example,computer 600 may be linked to one or more secure computers or other secure systems over a private local or wide area network, or via a public network such as the Internet, and may thus act as an entry port to another secure system. Thuscomputer 600 and/or any computers or systems communicatively linked tocomputer 600 may comprise a secure system to be accessed byuser 200, or may serve as an entry port for such systems.- As depicted in
FIG. 6 ,user 200 is holdingdevice 100 such thatsignal sensor 102 is exposed to, or otherwise in a position to receive signals emitted byportion 603 of display screen601 ofcomputer 600. In some embodiments of the invention signals are generated by the system to which access is sought by causingportion 603 of the display screen (which may include all or a portion of screen601) to flash on and off in a series of illuminations representing data. Assuch screen portion 603 functions as a signal generator or light source. The intermittent flashes of light generated byscreen portion 603 and sensed bysignal sensor 102 are provided toprocessor 105, and interpreted by that or any other processor linked thereto, as representing data that may be used to provide a code, such as a session-unique, human readable code, tooutput device 104. Thesignal portion 603 may provide any suitable coded light signal. For example, theentire screen portion 603 may be modulated to provide a coded light signal, e.g., coded according to the Manchester code. This approach is suitable to cause sufficient technology displays, e.g., CRT, LCD, plasma, etc., to emit the coded light signal. Other modulation schemes may also be used, and are known to those of skill in the art. - In other embodiments signals are generated by infrared or other wireless devices, such as infrared transceiver609 of keyboard611 linked to
computer 600, or by or byport 613, into which anaccess device 100 having suitable port communications devices may be inserted. Signals generated by the system to which access is sought may also be transmitted todevice 100 by wire. FIG. 7 is a schematic diagram of a process flow according to a preferred embodiment of the invention. The process depicted inFIG. 7 may be used to initialize an access device according to the invention.- The
access device 100 may be provided by the operator of the system for which access is sought, or by the operator's designee, in an unititialized, or unenrolled state, in which the system is incapable of recognizing any user or providing a useable access code to any user. - Referring to
FIG. 7 , at1011 theaccess device 100 is received by the prospective user of the secure system. At1105 the prospective user accesses an initialization, or enrollment, screen for the system, as for example by using an input device associated with the system, such as a keyboard611 ofsystem 600 ofFIG. 6 . For example, a user wishing to access the BLOOMBERG PROFESSIONAL® service provided by Bloomberg LP accesses a system enrollment page by using the keyboard and input prompts displayed on a screen601 and thereby accessing a system home or start-up page and entering a command ENROLL <GO>. - Upon receipt of the prospective user's request to enroll, e.g., the ENROLL <GO> command, at1109 the secure system prompts the user for entry of an identifier uniquely associated with the
access device 100. For example, the system displays a screen at display601, prompting the prospective user to enter a serial number provided on the access device'shousing 101, as for example by typing it at a keyboard or other input device associated withsystem 600. - Once the system has received a valid identifier entered by the prospective user, at1113 the system prompts the prospective user with instructions for presenting to a biometric sensor such a biometric characteristic for acquisition of data representing the characteristic. For example, the system displays instructions directing the prospective user to place a thumb over a fingerprint sensor of, or to present an eye for retina scanning by, a
biometric sensor 103. The instructions may be presented at a display601 of thesystem 600, atoutput device 104, or in other suitable location. At1117 the user follows the instructions and presents the biometric characteristic for thebiometric sensor 103, and thesensor 103 scans the presented finger or retina, or otherwise acquires data representing the biometric characteristic. If necessary for activating the sensor, the prospective user activates theaccess device 100 by turning it on, as for example by operating a switch associated with a power supply, as forexample switch 109 which also. - At1121 the system determines whether the biometric data acquired from the prospective user, i.e., biometric data representing a biometric characteristic of the prospective user, is satisfactory for use in comparing data acquired in future samplings to the currently-acquired sample, to determine whether a suitable correlation exists for identifying the prospective user and authorizing presentation of an access code useable for accessing the secure system. The determination whether the acquired sample is satisfactory for use in making the comparison is made by processor(s)105 of
access device 100, by one or more processors associated withcomputer 600, by processors otherwise associated with the system to be accessed, or by any suitable combination of such processors. Criteria and processes to be used in making such determinations are known, and many new suitable criteria and processes are continuously being developed. The establishment and implementation of such criteria and processes will depend, inter alia, upon the biometric characteristics to be used, the degree of certainty desired in the correlation, and other factors, and will be within the ability of those of ordinary skill in the relevant arts. - If the sample is satisfactory, data representing the sample are stored in memory accessible to the processor(s) to be used in establishing the correlation, such as one or more of
memories biometric sensor 103, the prospective user is prompted again at1113 to re-present the biometric characteristic for re-sampling. The user may be prompted by the system to which access is desired, as for example by messages displayed on display601, by messages displayed onoutput device 104, such as “bad print”, or both. The prospective user may be invited to provide the biometric characteristic a set number of times before the system shuts down and, for example, requires the user to seek administrative help or to proceed according to other recommendations. For example, the cycle1113-1121 may repeat5 or another number of times, depending upon the objects of the secure system and those who administer it. - If the biometric data acquired at1117 is suitable for establishing correlations with future samplings, at1125 the prospective user is prompted to present the
access pad 100 such that one or more of signal sensor(s)102 are able to receive signals generated by the system to be accessed. For example, using the device depicted inFIGS. 1-3 , the prospective user is prompted to present thedevice 100 in the manner shown inFIG. 6 , so thatphotosensor 102,131 may receive light signals fromsignal generation portion 603 of screen601. - Upon receipt of signals from
signal generating portion 603, at1129processor 105 causes an access code that may be used to access the secure system to be provided atoutput device 104, as for example by displaying a four-character code on an LED or LCD display. - In some embodiments of the invention, a code provided at
output device 104 is provided only for a limited time period. This is useful, for example, in preventing unauthorized users from gaining access to the code and the secure system. For example, in some embodiments of the invention a four-character code is displayed on an LED display for approximately 20 seconds. It has been found that for controlling access to secure computer systems of the type contemplated herein, the 20 second period is adequate for allowing an authorized user to enter the code at a keyboard and for the secure system to receive and process the code, and grant access, while being short enough to prevent or reduce unauthorized access to the secure system. - In preferred embodiments of the invention, at least process steps1109,1113,1117,1121,1125, and1129 are performed wholly or at least partially by the
portable access device 100. FIG. 8 is a schematic diagram of a process flow according to a preferred embodiment of the invention. The process depicted inFIG. 8 may be used to control access, in any one of multiple modes, to a secure system by providing to anoutput device 104 in suitable circumstances, an access code that may be used to access the secure system.- The process of
FIG. 8 begins at2311 when the prospective user accesses an authorization (e.g., log-in) function of the secure system to be accessed. For example, a user wishing to access the BLOOMBERG PROFESSIONAL® service provided by BLOOMBERG LP accesses a system log-in screen by using a keyboard611 and input prompts displayed on a screen601 at a system entry port such as acomputer 600. - In response to a request from the entry port, at2315 the secure system causes the prospective user to be presented with prompts, such as interactive input fields on a graphical user interface provided at screen601, for the prospective users system identification number and a password. The
entry port 600 forwards data input by the prospective user, along with an identifier of the entry port itself. For example, in a system such as the BLOOMBERG PROFESSIONAL® service, a subscribing (or otherwise authorized) user's computer terminal, or prospective entry port, is provided with proprietary software for providing an interface to the BLOOMBERG PROFESSIONAL® service by causing the user's computer terminal to act as an entry port to the service. This software, which resides at the user terminal, is designed to cause thesystem 600 to send to the BLOOMBERG PROFESSIONAL® service, under specified conditions including attempted log-in, an identifier used to uniquely identify the user terminal as a (prospective) entry port. The BLOOMBERG PROFESSIONAL® service retains in memory a record associating the user terminal with one or more prospective users. Thus, upon receipt at2315 of a prospective user's system i.d., the prospective user's password, and a terminal identifier, the secure BLOOMBERG system is enabled to determine whether the prospective user is attempting to access the system using an entry port with which the user is normally associated, which the system's administrators may designate as a primary entry station for the prospective user. - Upon receipt of the prospective user's i.d. and password and the prospective entry port's identifier (if any), at2319 the secure system determines whether the entry port has been defined as a primary entry station for the user.
- If the prospective entry port has been identified as a primary entry station for the prospective user, at2335 the user is presented with a request to provide any additional required information, and is granted access to the secure system. Access to the secure system at2335 may be conditioned upon additional factors, such as correlation of data representing a biometric characteristic of the prospective user with stored biometric data. For example, at a primary entry station, such as a regular work station/terminal, a prospective user may be provided with a biometric sensor associated with the terminal, such as a sensor incorporated in a keyboard611, and pre-authorization may be conditioned upon correlation of data acquired by the keyboard sensor and stored data, instead of, or in addition to, any data acquired by a sensor on the portable access device.
- If at2319 it is determined that the prospective entry port has not been identified as a primary entry station for the prospective user, as for example where a prospective user is attempting to access the secure system from a remote or visitor terminal, or via a network other than the user's primary terminal or network, at2335 the user is presented at2323 with instructions to present the portable access device in a fashion such that one or more of signal sensor(s)102 are able to receive signals from the secure system, as for example by presenting the
signal sensor 102 in the fashion shown inFIG. 6 , so thatsensor 102 is exposed to light rays emanating fromsignal generating portion 603. The prospective user may also be instructed to simultaneously present a biometric characteristic for scanning or other sampling or sensing bybiometric sensor 103, as for example by presenting a fingertip as shown inFIG. 6 . - At2327 the system determines whether the biometric data acquired from the prospective user correlates satisfactorily with previously-acquired, stored data representing the same biometric characteristic. The determination whether the correlation between the acquired sample and the stored data is made by processor(s)105 of
access device 100, by one or more processors associated withcomputer 600, by processors otherwise associated with the system to be accessed, or by any suitable combination of such processors. Criteria and processes to be used in determining whether such correlations are satisfactory are known, and many new suitable criteria and processes are continuously being developed. The establishment and implementation of such criteria and processes will depend, inter alia, upon the biometric characteristics to be used, the degree of certainty desired in the correlation, and other factors, and will be within the ability of those of ordinary skill in the relevant arts. - If correlation is satisfactory, at2331
output device 104 is provided with an access code that the prospective user may use to access the secure system, e.g., an alphanumeric code to be entered using a keyboard611. Upon receipt of a valid access code, the secure system allows the user access, and proceeds with processing according to the normal rules of the accessed system, for example by providing suitable graphical user interfaces, etc. Access codes provided may be session specific, i.e., valid only for so long as the prospective user continues to use the access system continuously, or opens a controlled door a single time, etc., and may be presented atoutput device 104 only for a limited time, e.g., 20 seconds, as previously explained. - In preferred embodiments of the invention, at least process steps2323,2327, and2331 are performed wholly or at least partially by the
portable access device 100. FIG. 9 is a schematic diagram of a process flow for processing a signal generated by a secure system to provide an access code that may be used to access the secure system. Process steps shown on the left side ofFIG. 9 are performed by a processor of theaccess device 100 and/or by the entry station, those on the right side by a processor or processors associated with the secure system.- At2511 the prospective user invokes the system log-in screen using a keyboard611 or other input device at the entry station, as described above, and enters his/her user i.d. and password, and/or other identifying information.
- Upon receipt of the user-identifying information, at2515 a processor associated with the secure system generates a signal to be sent to the
portable access device 100. The signal is generated using the system time to define data content for the signal. The signal may also be based on other data, derived for example from a station i.d. provided by the prospective entry station as described herein. The signal is transmitted by causing a display601, which may be referred to as a Visual Display Interface, or VDI, at theentry station 600 to intermittently transmit light, as for example by flashingsignal generating portion 603 between white or other bright color and off or some dark color such as black. Several suitable methods of using displays to generate light signals are known, and many are or will hereafter be developed. - At2519 a
signal sensor 102, such as a photosensor131, at theportable access device 100 receives the signal from the signal generator and forwards it to processor(s)105. Processor(s)105, processing the signal and optionally a serial number or other identifier associated with theaccess device 100, generates an access code that may be used by the prospective user to access the secure system, as for example by inputting the access code at the entry station by using a keyboard611. - In parallel to the process at2519, at2523 the secure system, using the same algorithm used by the portable access device, or a related algorithm, determines an access code, and preferably the same access code determined by the
access device 100, that may be used by the prospective user to access the secure system. - At2527 processor(s)105 provide the access code to the
output device 104, as for example by displaying an alphanumeric code on an LED or LCD display panel. A four-character code has been found to be useful for systems of the type described herein, in which the prospective user must read the access code and enter it at the entry station within a limited amount of time, as for example 20 seconds. Other-length codes may be useful in similar or different situations. - Provision of the access code to the output device at2527 may be conditioned upon correlation of biometric data acquired by a
sensor 103 from the prospective user with previously stored biometric data, as herein described. - At2531 the secure system compares the access code received from the entry station to the access code determined by the secure system at3523. If the access codes are the same, or are satisfactorily related according to standards accepted by the secure system, the user is allowed access to the secure system. The system proceeds with allowed processing, as for example providing suitable graphic user interface displays and accepting input for further processing according to the system.
- If the access codes are not identical or sufficiently correlated, the system may warn the prospective user and afford one or more opportunities for retrying, or may recommend that the prospective user seek administrative or technical help, as appropriate.
- Many other processes for generating access codes, including the use of coding seeds, are presently known and no doubt hereafter to be developed, and are suitable for use with the invention. The adaptation of any such processes for use in conjunction with the invention will be well within the ability of those of ordinary skill in the arts, once they have been made familiar with this disclosure.
- While the invention has been described and illustrated in connection with preferred embodiments, many variations and modifications as will be evident to those skilled in the relevant arts may be made without departing from the spirit and scope of the invention, and the invention is thus not to be limited to the precise details of methodology or construction set forth above as such variations and modifications are intended to be included within the scope of the invention. Except to the extent necessary or inherent in the processes themselves, no particular order to steps or stages of methods or processes described in this disclosure, including the Figures, is implied. In many cases the order of process steps may be varied without changing the purpose, effect, or import of the methods described.
Claims (17)
1. A device for providing a code that may be used to access a system such as a computer system, the device comprising:
an output device; and
at least one processor for processing information representing a biometric characteristic of a person seeking access to the system and information provided by the system, and, depending on a result of the processing, providing to the output device a code that may be used to access the system.
2. The device ofclaim 1 , wherein providing to the output device a code that may be used to access the system is conditioned upon a correlation between the information representing the biometric characteristic and stored biometric information.
3. The device ofclaim 2 , wherein the correlation between the information representing the biometric characteristic and the stored biometric information is established by the at least one processor.
4. The device ofclaim 2 , comprising memory for storing the stored biometric information.
5. A portable device for providing a code that may be used to access a system such as a computer system, the device comprising:
at least one sensor for receiving a wireless signal from a system to be accessed;
a biometric sensor for acquiring biometric information representing a biometric characteristic of a person seeking access to the system;
an output device; and
at least one processor for processing the biometric information and the signal, and for providing to the output device an access code.
6. The device ofclaim 5 , wherein the wireless signal comprises an optical signal and the at least one sensor comprises a photosensor.
7. The device ofclaim 6 , comprising a plurality of photosensors, at least one of the photosensors being an infrared sensor and at least one other of the photosensors being a visible-spectrum sensor.
8. The device ofclaim 5 , wherein the output device is a display.
9. A portable device for providing a code that may be used to access a system such as a computer system, the device comprising:
at least one sensor for receiving a wireless signal from a signal generator associated with the system to be accessed;
a biometric sensor for acquiring biometric information representing a biometric characteristic of a person seeking access to the system;
at least one processor for processing information received from the at least one sensor and the biometric sensor and providing the code; and
a housing supporting the at least one sensor, the biometric sensor, and the processor.
10. The device ofclaim 9 , wherein the housing comprises at least one surface with which is associated a means for identifying the person.
11. The device ofclaim 10 , wherein the means comprises at least one of a human readable device and a photograph.
12. The device ofclaim 10 , wherein the means comprises machine-readable coding.
13. The device ofclaim 10 , wherein the means comprises an electronic device.
14. A method of providing a code for use in accessing a system such as a computer system, the method performed by an access device and comprising:
processing biometric information received from a biometric sensor associated with the access device to establish a correlation between the received biometric information and stored biometric information; and
if the correlation satisfies a correlation criteria, providing to an output device of the portable access device an access code that may be used to access the system, the access code determined using information received sensor associated from the system to be accessed;
otherwise not providing to the output device a code that may be used to access the system.
15. The method ofclaim 14 , wherein the access code that may be used to access to the system is session-specific.
16. A method of providing a code for use in accessing a system such as a computer system, the method performed by an access device comprising a processor, a signal sensor, and a biometric sensor, the method comprising:
processing a signal received by a signal sensor of the access device from a signal generator associated with a system to be accessed, to determine whether the system has received information indicating that a person seeking access to the system is attempting to access the system using a primary entry station;
if it is determined that the person is attempting to access the system using a primary entry station, providing to an output device of the portable device an access code that may be used to access the system regardless of any biometric information received from a biometric sensor of the access device;
otherwise providing to the output device an access code that may be used to access the system only upon determination that a correlation criteria is satisfied by biometric information received from the biometric sensor and biometric information otherwise accessed by the access device.
17. The method ofclaim 13 , wherein the access code that may be used to access the system is session-specific.
Priority Applications (13)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US10/651,361US20050044387A1 (en) | 2003-08-18 | 2003-08-29 | Portable access device |
| AU2004267649AAU2004267649A1 (en) | 2003-08-18 | 2004-02-13 | Portable access device |
| PCT/US2004/004366WO2005020036A2 (en) | 2003-08-18 | 2004-02-13 | Portable access device |
| CA2536210ACA2536210C (en) | 2003-08-18 | 2004-02-13 | Portable access device |
| JP2006523820AJP2007503047A (en) | 2003-08-18 | 2004-02-13 | Portable access device |
| CN200480023613.1ACN1836397B (en) | 2003-08-18 | 2004-02-13 | Portable access device |
| EP04711178AEP1656761A4 (en) | 2003-08-18 | 2004-02-13 | Portable access device |
| SG2009056177ASG187268A1 (en) | 2003-08-18 | 2004-02-13 | Portable access device |
| KR1020067003368AKR101025298B1 (en) | 2003-08-18 | 2004-02-13 | Portable access devices |
| US12/345,575US8203423B2 (en) | 2003-08-18 | 2008-12-29 | Portable access device |
| US12/485,421US7994898B2 (en) | 2003-08-18 | 2009-06-16 | Portable access device |
| AU2010200586AAU2010200586A1 (en) | 2003-08-18 | 2010-02-18 | Portable access device |
| JP2010269208AJP4881471B2 (en) | 2003-08-18 | 2010-12-02 | Portable access device |
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US29188428 | 2003-08-18 | ||
| US29188427 | 2003-08-18 | ||
| US10/651,361US20050044387A1 (en) | 2003-08-18 | 2003-08-29 | Portable access device |
Related Parent Applications (3)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US10/086,609DivisionUS6627658B2 (en) | 2001-03-02 | 2002-03-01 | Lipoxin analogs as novel inhibitors of angiogenesis |
| US29188427Continuation-In-Part | 2003-08-18 | 2003-08-18 | |
| US29188428Continuation-In-Part | 2003-08-18 | 2003-08-18 |
Related Child Applications (3)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US11/222,458DivisionUS8008282B2 (en) | 2001-03-02 | 2005-09-08 | Lipoxin analogs as novel inhibitors of angiogenesis |
| US12/345,575ContinuationUS8203423B2 (en) | 2003-08-18 | 2008-12-29 | Portable access device |
| US12/485,421ContinuationUS7994898B2 (en) | 2003-08-18 | 2009-06-16 | Portable access device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| US20050044387A1true US20050044387A1 (en) | 2005-02-24 |
Family
ID=34222267
Family Applications (3)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US10/651,361AbandonedUS20050044387A1 (en) | 2003-08-18 | 2003-08-29 | Portable access device |
| US12/345,575Expired - Fee RelatedUS8203423B2 (en) | 2003-08-18 | 2008-12-29 | Portable access device |
| US12/485,421Expired - Fee RelatedUS7994898B2 (en) | 2003-08-18 | 2009-06-16 | Portable access device |
Family Applications After (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US12/345,575Expired - Fee RelatedUS8203423B2 (en) | 2003-08-18 | 2008-12-29 | Portable access device |
| US12/485,421Expired - Fee RelatedUS7994898B2 (en) | 2003-08-18 | 2009-06-16 | Portable access device |
Country Status (7)
| Country | Link |
|---|---|
| US (3) | US20050044387A1 (en) |
| JP (2) | JP2007503047A (en) |
| CN (1) | CN1836397B (en) |
| AU (2) | AU2004267649A1 (en) |
| CA (1) | CA2536210C (en) |
| SG (1) | SG187268A1 (en) |
| WO (1) | WO2005020036A2 (en) |
Cited By (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080178009A1 (en)* | 2006-09-28 | 2008-07-24 | Sony Corporation | Electronic apparatus and information processing method |
| US20080190749A1 (en)* | 2007-02-13 | 2008-08-14 | Julian Poyner | Safety switch |
| US20110044218A1 (en)* | 2009-08-21 | 2011-02-24 | Interdigital Patent Holdings, Inc. | Method and apparatus for a multi-radio access technology layer for splitting downlink-uplink over different radio access technologies |
| CN103843042A (en)* | 2011-06-23 | 2014-06-04 | 泰科消防及安全有限公司 | Security system tag magnetic clutch and method |
| US20150116083A1 (en)* | 2004-03-15 | 2015-04-30 | Xceedid Corporation | Systems and methods for access control |
| US9235698B2 (en) | 2013-08-30 | 2016-01-12 | Cylon Global Technology Inc. | Data encryption and smartcard storing encrypted data |
| US9330511B2 (en) | 2013-08-30 | 2016-05-03 | Cylon Global Technology Inc. | Apparatus and methods for identity verification |
| US9886721B2 (en) | 2011-02-18 | 2018-02-06 | Creditregistry Corporation | Non-repudiation process for credit approval and identity theft prevention |
| US11080378B1 (en) | 2007-12-06 | 2021-08-03 | Proxense, Llc | Hybrid device having a personal digital key and receiver-decoder circuit and methods of use |
| US11086979B1 (en) | 2007-12-19 | 2021-08-10 | Proxense, Llc | Security system and method for controlling access to computing resources |
| US11095640B1 (en) | 2010-03-15 | 2021-08-17 | Proxense, Llc | Proximity-based system for automatic application or data access and item tracking |
| US11113482B1 (en) | 2011-02-21 | 2021-09-07 | Proxense, Llc | Implementation of a proximity-based system for object tracking and automatic application initialization |
| US11120449B2 (en) | 2008-04-08 | 2021-09-14 | Proxense, Llc | Automated service-based order processing |
| US11157909B2 (en) | 2006-05-05 | 2021-10-26 | Proxense, Llc | Two-level authentication for secure transactions |
| US11206664B2 (en) | 2006-01-06 | 2021-12-21 | Proxense, Llc | Wireless network synchronization of cells and client devices on a network |
| US11258791B2 (en) | 2004-03-08 | 2022-02-22 | Proxense, Llc | Linked account system using personal digital key (PDK-LAS) |
| US11546325B2 (en) | 2010-07-15 | 2023-01-03 | Proxense, Llc | Proximity-based system for object tracking |
| US11544365B2 (en)* | 2019-03-22 | 2023-01-03 | Bloomberg Finance L.P. | Authentication system using a visual representation of an authentication challenge |
| US11553481B2 (en) | 2006-01-06 | 2023-01-10 | Proxense, Llc | Wireless network synchronization of cells and client devices on a network |
| US11562644B2 (en)* | 2007-11-09 | 2023-01-24 | Proxense, Llc | Proximity-sensor supporting multiple application services |
| US11727355B2 (en) | 2008-02-14 | 2023-08-15 | Proxense, Llc | Proximity-based healthcare management system with automatic access to private information |
| US11914695B2 (en) | 2013-05-10 | 2024-02-27 | Proxense, Llc | Secure element as a digital pocket |
| US12380797B2 (en) | 2006-11-13 | 2025-08-05 | Proxense, Llc | Biometric authentication using proximity and secure information on a user device |
| US12446014B2 (en) | 2023-09-06 | 2025-10-14 | Proxense, Llc | Wireless network synchronization of cells and client devices on a network |
Families Citing this family (40)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4680918B2 (en) | 2003-05-30 | 2011-05-11 | プリヴァリス・インコーポレーテッド | System and method for assignment and use of media content subscription service privileges |
| KR100678063B1 (en)* | 2003-12-26 | 2007-02-02 | 삼성전자주식회사 | How to Store and Play Content |
| EP1788509A1 (en) | 2005-11-22 | 2007-05-23 | Berner Fachhochschule, Hochschule für Technik und Architektur | Method to transmit a coded information and device therefore |
| US7657849B2 (en) | 2005-12-23 | 2010-02-02 | Apple Inc. | Unlocking a device by performing gestures on an unlock image |
| KR20200090943A (en) | 2007-09-24 | 2020-07-29 | 애플 인크. | Embedded authentication systems in an electronic device |
| US8600120B2 (en) | 2008-01-03 | 2013-12-03 | Apple Inc. | Personal computing device control using face detection and recognition |
| AT506236B1 (en)* | 2008-01-09 | 2011-01-15 | Nanoident Technologies Ag | BIOMETRIC SAFETY DEVICE |
| US8242922B2 (en)* | 2009-04-23 | 2012-08-14 | Bitak Ahi Varasteh | Electronic reminder device |
| US20100283576A1 (en)* | 2009-05-05 | 2010-11-11 | Stanton Concepts Inc. | Key for A Lock Having An Open Architecture |
| USD632696S1 (en)* | 2010-01-29 | 2011-02-15 | Gainteam Holdings Limited | Biometric security memory storage card |
| US10504105B2 (en)* | 2010-05-18 | 2019-12-10 | Dynamics Inc. | Systems and methods for cards and devices operable to communicate to touch sensitive displays |
| US8528072B2 (en) | 2010-07-23 | 2013-09-03 | Apple Inc. | Method, apparatus and system for access mode control of a device |
| US8638385B2 (en) | 2011-06-05 | 2014-01-28 | Apple Inc. | Device, method, and graphical user interface for accessing an application in a locked device |
| US8769624B2 (en) | 2011-09-29 | 2014-07-01 | Apple Inc. | Access control utilizing indirect authentication |
| US9002322B2 (en) | 2011-09-29 | 2015-04-07 | Apple Inc. | Authentication with secondary approver |
| USD702692S1 (en)* | 2011-11-23 | 2014-04-15 | Digital Hard Copy | Card for holding a digital storage medium |
| USD702693S1 (en)* | 2011-11-23 | 2014-04-15 | Digital Hard Copy | Digital storage medium card |
| CN111310619B (en) | 2012-05-18 | 2021-06-04 | 苹果公司 | Device, method and graphical user interface for manipulating a user interface |
| USD733713S1 (en)* | 2013-01-04 | 2015-07-07 | Samsung Electronics Co., Ltd. | SSD storage device |
| US9131076B2 (en) | 2013-02-05 | 2015-09-08 | Kelvin Patrick LeBeaux | System, method and computer program product for facilitating optical data transfer to a mobile device |
| US9898642B2 (en) | 2013-09-09 | 2018-02-20 | Apple Inc. | Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs |
| USD718307S1 (en) | 2013-09-27 | 2014-11-25 | Bloomberg Finance L.P. | Electronic access device |
| US9971886B2 (en) | 2013-09-27 | 2018-05-15 | Bloomberg Finance L.P. | Computer keyboard with secure authentication features |
| TWD162996S (en)* | 2013-12-25 | 2014-09-11 | 廣穎電通股份有限公司 | Part of a memory access device |
| US10043185B2 (en) | 2014-05-29 | 2018-08-07 | Apple Inc. | User interface for payments |
| US9636599B2 (en) | 2014-06-25 | 2017-05-02 | Mattel, Inc. | Smart device controlled toy |
| USD776664S1 (en)* | 2015-05-20 | 2017-01-17 | Chaya Coleena Hendrick | Smart card |
| DK179186B1 (en) | 2016-05-19 | 2018-01-15 | Apple Inc | REMOTE AUTHORIZATION TO CONTINUE WITH AN ACTION |
| DK179978B1 (en) | 2016-09-23 | 2019-11-27 | Apple Inc. | Image data for enhanced user interactions |
| USD855617S1 (en)* | 2017-01-17 | 2019-08-06 | David Williams | Smart card |
| US10984304B2 (en) | 2017-02-02 | 2021-04-20 | Jonny B. Vu | Methods for placing an EMV chip onto a metal card |
| CN117077102A (en) | 2017-09-09 | 2023-11-17 | 苹果公司 | Implementation of biometric authentication |
| KR102185854B1 (en) | 2017-09-09 | 2020-12-02 | 애플 인크. | Implementation of biometric authentication |
| US11170085B2 (en) | 2018-06-03 | 2021-11-09 | Apple Inc. | Implementation of biometric authentication |
| USD956760S1 (en)* | 2018-07-30 | 2022-07-05 | Lion Credit Card Inc. | Multi EMV chip card |
| US10860096B2 (en) | 2018-09-28 | 2020-12-08 | Apple Inc. | Device control using gaze information |
| US11100349B2 (en) | 2018-09-28 | 2021-08-24 | Apple Inc. | Audio assisted enrollment |
| EP4264460A1 (en) | 2021-01-25 | 2023-10-25 | Apple Inc. | Implementation of biometric authentication |
| US12210603B2 (en) | 2021-03-04 | 2025-01-28 | Apple Inc. | User interface for enrolling a biometric feature |
| US12216754B2 (en) | 2021-05-10 | 2025-02-04 | Apple Inc. | User interfaces for authenticating to perform secure operations |
Citations (56)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4329684A (en)* | 1979-01-16 | 1982-05-11 | British Broadcasting Corporation | Apparatus using a light sensing system for sensing time modulated information from a light emitting device |
| US4582985A (en)* | 1981-03-18 | 1986-04-15 | Loefberg Bo | Data carrier |
| US4599489A (en)* | 1984-02-22 | 1986-07-08 | Gordian Systems, Inc. | Solid state key for controlling access to computer software |
| US4720860A (en)* | 1984-11-30 | 1988-01-19 | Security Dynamics Technologies, Inc. | Method and apparatus for positively identifying an individual |
| US4807031A (en)* | 1987-10-20 | 1989-02-21 | Interactive Systems, Incorporated | Interactive video method and apparatus |
| US4819267A (en)* | 1984-02-22 | 1989-04-04 | Thumbscan, Inc. | Solid state key for controlling access to computer systems and to computer software and/or for secure communications |
| US4885778A (en)* | 1984-11-30 | 1989-12-05 | Weiss Kenneth P | Method and apparatus for synchronizing generation of separate, free running, time dependent equipment |
| US4890323A (en)* | 1986-05-22 | 1989-12-26 | Racal-Guardata Limited | Data communication systems and methods |
| US4910775A (en)* | 1988-04-21 | 1990-03-20 | Telecash | Portable electronic device for use in conjunction with a screen |
| US4993068A (en)* | 1989-11-27 | 1991-02-12 | Motorola, Inc. | Unforgeable personal identification system |
| US4998279A (en)* | 1984-11-30 | 1991-03-05 | Weiss Kenneth P | Method and apparatus for personal verification utilizing nonpredictable codes and biocharacteristics |
| US4999617A (en)* | 1985-10-24 | 1991-03-12 | Sharp Kabushiki Kaisha | Device for reading patterns displayed on a display unit |
| US5060263A (en)* | 1988-03-09 | 1991-10-22 | Enigma Logic, Inc. | Computer access control system and method |
| US5131038A (en)* | 1990-11-07 | 1992-07-14 | Motorola, Inc. | Portable authentification system |
| US5136644A (en)* | 1988-04-21 | 1992-08-04 | Telecash | Portable electronic device for use in conjunction with a screen |
| US5146499A (en)* | 1989-10-27 | 1992-09-08 | U.S. Philips Corporation | Data processing system comprising authentification means viz a viz a smart card, an electronic circuit for use in such system, and a procedure for implementing such authentification |
| US5272754A (en)* | 1991-03-28 | 1993-12-21 | Secure Computing Corporation | Secure computer interface |
| US5280527A (en)* | 1992-04-14 | 1994-01-18 | Kamahira Safe Co., Inc. | Biometric token for authorizing access to a host system |
| US5323465A (en)* | 1992-06-10 | 1994-06-21 | Racal-Datacom Limited | Access control |
| US5347580A (en)* | 1992-04-23 | 1994-09-13 | International Business Machines Corporation | Authentication method and system with a smartcard |
| US5432851A (en)* | 1993-10-21 | 1995-07-11 | Tecsec Incorporated | Personal computer access control system |
| US5450491A (en)* | 1993-08-26 | 1995-09-12 | At&T Corp. | Authenticator card and system |
| US5481610A (en)* | 1994-02-28 | 1996-01-02 | Ericsson Inc. | Digital radio transceiver with encrypted key storage |
| US5483595A (en)* | 1993-09-20 | 1996-01-09 | Seiko Communications Holding N.V. | Paging device including password accessed stored cryptographic keys |
| US5488571A (en)* | 1993-11-22 | 1996-01-30 | Timex Corporation | Method and apparatus for downloading information from a controllable light source to a portable information device |
| US5623637A (en)* | 1993-12-06 | 1997-04-22 | Telequip Corporation | Encrypted data storage card including smartcard integrated circuit for storing an access password and encryption keys |
| US5652602A (en)* | 1995-05-08 | 1997-07-29 | Microsoft Corporation | Fast serial data transmission using a CRT |
| US5680460A (en)* | 1994-09-07 | 1997-10-21 | Mytec Technologies, Inc. | Biometric controlled key generation |
| US5801664A (en)* | 1996-02-12 | 1998-09-01 | Microsoft Corporation | System and method for transmitting data from a computer to a portable information device using RF emissions from a computer monitor |
| US5850304A (en)* | 1997-01-08 | 1998-12-15 | Scottsdale Technologies, Inc. | Optically programmable controller |
| US5852615A (en)* | 1996-12-14 | 1998-12-22 | Microsoft Corp. | Method and system for transmitting data from a unidirectional transmitter to a receiver |
| US5853615A (en)* | 1993-11-15 | 1998-12-29 | Cleanosol International Ab | Fluorescent covering for roads, parking areas etc, which fluoresces upon illumination with ultraviolet light |
| US5937065A (en)* | 1997-04-07 | 1999-08-10 | Eaton Corporation | Keyless motor vehicle entry and ignition system |
| US5978656A (en)* | 1995-12-28 | 1999-11-02 | Asulab S.A. | Portable device using inductive antenna to receive data transmitted via modulating vertical or horizonal line synchronization signals of a swept frame video display monitor |
| US5986623A (en)* | 1997-02-03 | 1999-11-16 | Microsoft Corporation | System and method for interlaced display device data transmission |
| US5995630A (en)* | 1996-03-07 | 1999-11-30 | Dew Engineering And Development Limited | Biometric input with encryption |
| US6011858A (en)* | 1996-05-10 | 2000-01-04 | Biometric Tracking, L.L.C. | Memory card having a biometric template stored thereon and system for using same |
| US6016476A (en)* | 1997-08-11 | 2000-01-18 | International Business Machines Corporation | Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security |
| US6035395A (en)* | 1997-03-28 | 2000-03-07 | Kabushiki Kaisha Toshiba | Computer system capable of using removable disk drive as boot device and method of controlling bootstrap |
| US6038666A (en)* | 1997-12-22 | 2000-03-14 | Trw Inc. | Remote identity verification technique using a personal identification device |
| US6038551A (en)* | 1996-03-11 | 2000-03-14 | Microsoft Corporation | System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer |
| US6202151B1 (en)* | 1997-05-09 | 2001-03-13 | Gte Service Corporation | System and method for authenticating electronic transactions using biometric certificates |
| US6281820B1 (en)* | 1999-07-12 | 2001-08-28 | Pointset Corporation | Methods and apparatus for transferring data from a display screen |
| US6300873B1 (en)* | 1999-09-16 | 2001-10-09 | Atlantes Services, Inc. | Locking mechanism for use with one-time access code |
| US20020140542A1 (en)* | 2001-04-02 | 2002-10-03 | Prokoski Francine J. | Personal biometric key |
| US6463537B1 (en)* | 1999-01-04 | 2002-10-08 | Codex Technologies, Inc. | Modified computer motherboard security and identification system |
| US6490681B1 (en)* | 1997-09-18 | 2002-12-03 | International Business Machines Corporation | Electronic watermarking system |
| US6549623B1 (en)* | 1997-02-13 | 2003-04-15 | Tecsec, Incorporated | Cryptographic key split combiner |
| US6618806B1 (en)* | 1998-04-01 | 2003-09-09 | Saflink Corporation | System and method for authenticating users in a computer network |
| US20040148510A1 (en)* | 2001-05-03 | 2004-07-29 | Lorenz Muller | Security device for online transaction |
| US20040230812A1 (en)* | 2003-05-16 | 2004-11-18 | Berner Fachhochschule | Method for authentication of a user with an authorizing device, and a security apparatus for carrying out the method |
| US6965685B1 (en)* | 2001-09-04 | 2005-11-15 | Hewlett-Packard Development Company, Lp. | Biometric sensor |
| US6970853B2 (en)* | 2000-06-06 | 2005-11-29 | Citibank, N.A. | Method and system for strong, convenient authentication of a web user |
| US6992580B2 (en)* | 2002-07-25 | 2006-01-31 | Motorola, Inc. | Portable communication device and corresponding method of operation |
| US7104457B2 (en)* | 2001-07-02 | 2006-09-12 | Tds Todos Data System Ab | Card reader and a method for reading of cards |
| US7155416B2 (en)* | 2002-07-03 | 2006-12-26 | Tri-D Systems, Inc. | Biometric based authentication system with random generated PIN |
Family Cites Families (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1987003977A1 (en) | 1985-12-26 | 1987-07-02 | Gordian Systems | Solid state key for controlling access to computer systems and to computer software and/or for secure communications |
| DE3679819D1 (en) | 1986-05-06 | 1991-07-18 | Siemens Ag | ARRANGEMENT AND METHOD FOR DETERMINING THE AUTHORIZATION OF PERSONS BY CHECKING YOUR FINGERPRINTS. |
| DE4125198C1 (en) | 1991-07-30 | 1992-05-27 | Siemens Nixdorf Informationssysteme Ag, 4790 Paderborn, De | Portable data carrier with biometric scanner for user recognition - detects fingerprint structure through window on side of appts. housing |
| EP0752143B2 (en) | 1994-03-24 | 2005-07-20 | Minnesota Mining And Manufacturing Company | Biometric, personal authentication system |
| US5668876A (en) | 1994-06-24 | 1997-09-16 | Telefonaktiebolaget Lm Ericsson | User authentication method and apparatus |
| US6204796B1 (en)* | 1994-07-01 | 2001-03-20 | Gemstar Development Corporation | Apparatus and methods for generating codes for controlling appliances from a remote controller |
| US6088450A (en) | 1996-04-17 | 2000-07-11 | Intel Corporation | Authentication system based on periodic challenge/response protocol |
| DE19718103A1 (en) | 1997-04-29 | 1998-06-04 | Kim Schmitz | Data transmission system authorise method e.g. for telebanking |
| US6490680B1 (en) | 1997-12-04 | 2002-12-03 | Tecsec Incorporated | Access control and authorization system |
| DE19816117A1 (en) | 1998-04-09 | 1999-10-14 | Primax Electronics Ltd | Electronic code controlled access to computer system |
| US6484260B1 (en) | 1998-04-24 | 2002-11-19 | Identix, Inc. | Personal identification system |
| JP2003524928A (en) | 1999-02-10 | 2003-08-19 | ヴァスコ データ セキュリティ インコーポレイテッド | Security access and authentication token with private key transport function |
| JP2001052181A (en)* | 1999-08-13 | 2001-02-23 | Nippon Telegr & Teleph Corp <Ntt> | Recording medium recording personal authentication method and personal authentication program |
| US6213403B1 (en) | 1999-09-10 | 2001-04-10 | Itt Manufacturing Enterprises, Inc. | IC card with fingerprint sensor |
| JP2001092668A (en)* | 1999-09-20 | 2001-04-06 | Sony Corp | Electronic device, internal program rewriting method of electronic device, and computer-readable information recording medium recording program having internal program rewriting function of electronic device |
| SE521551C2 (en)* | 1999-12-01 | 2003-11-11 | Ericsson Telefon Ab L M | Portable telecommunications apparatus for controlling an electronic consumer product |
| EP1959369A1 (en) | 1999-12-10 | 2008-08-20 | Fujitsu Limited | User verification system, and portable electronic device with user verification function utilising biometric information |
| US6819219B1 (en) | 2000-10-13 | 2004-11-16 | International Business Machines Corporation | Method for biometric-based authentication in wireless communication for access control |
| KR100591743B1 (en)* | 2001-05-25 | 2006-06-22 | 제럴드 알. 블랙 | Secure access system |
| ITBO20010402A1 (en)* | 2001-06-26 | 2002-12-26 | Meliconi Spa | REMOTE CONTROL UNIT FOR ELECTRICAL EQUIPMENT |
| US20030046228A1 (en) | 2001-08-28 | 2003-03-06 | Jean-Marc Berney | User-wearable functional jewelry with biometrics and smartcard to remotely sign and/or authenticate to e-services |
| JP2003085150A (en)* | 2001-09-12 | 2003-03-20 | Sony Corp | Individual authenticating system, individual authenticating method, portable information terminal, portable authenticating medium, authenticating device and storage medium |
| JP2003178031A (en)* | 2001-12-11 | 2003-06-27 | Mitsubishi Electric Corp | Biometrics personal authentication system, server terminal and client terminal |
| US6779721B2 (en)* | 2002-09-20 | 2004-08-24 | Eid Access, Inc. | Systems and methods for managing security at plural physical locations |
- 2003
- 2003-08-29USUS10/651,361patent/US20050044387A1/ennot_activeAbandoned
- 2004
- 2004-02-13CACA2536210Apatent/CA2536210C/ennot_activeExpired - Lifetime
- 2004-02-13CNCN200480023613.1Apatent/CN1836397B/ennot_activeExpired - Lifetime
- 2004-02-13SGSG2009056177Apatent/SG187268A1/enunknown
- 2004-02-13WOPCT/US2004/004366patent/WO2005020036A2/enactiveApplication Filing
- 2004-02-13AUAU2004267649Apatent/AU2004267649A1/ennot_activeAbandoned
- 2004-02-13JPJP2006523820Apatent/JP2007503047A/enactivePending
- 2008
- 2008-12-29USUS12/345,575patent/US8203423B2/ennot_activeExpired - Fee Related
- 2009
- 2009-06-16USUS12/485,421patent/US7994898B2/ennot_activeExpired - Fee Related
- 2010
- 2010-02-18AUAU2010200586Apatent/AU2010200586A1/ennot_activeAbandoned
- 2010-12-02JPJP2010269208Apatent/JP4881471B2/ennot_activeExpired - Lifetime
Patent Citations (59)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4329684A (en)* | 1979-01-16 | 1982-05-11 | British Broadcasting Corporation | Apparatus using a light sensing system for sensing time modulated information from a light emitting device |
| US4582985A (en)* | 1981-03-18 | 1986-04-15 | Loefberg Bo | Data carrier |
| US4599489A (en)* | 1984-02-22 | 1986-07-08 | Gordian Systems, Inc. | Solid state key for controlling access to computer software |
| US4819267A (en)* | 1984-02-22 | 1989-04-04 | Thumbscan, Inc. | Solid state key for controlling access to computer systems and to computer software and/or for secure communications |
| US4720860A (en)* | 1984-11-30 | 1988-01-19 | Security Dynamics Technologies, Inc. | Method and apparatus for positively identifying an individual |
| US4885778A (en)* | 1984-11-30 | 1989-12-05 | Weiss Kenneth P | Method and apparatus for synchronizing generation of separate, free running, time dependent equipment |
| US4998279A (en)* | 1984-11-30 | 1991-03-05 | Weiss Kenneth P | Method and apparatus for personal verification utilizing nonpredictable codes and biocharacteristics |
| US4999617A (en)* | 1985-10-24 | 1991-03-12 | Sharp Kabushiki Kaisha | Device for reading patterns displayed on a display unit |
| US4890323A (en)* | 1986-05-22 | 1989-12-26 | Racal-Guardata Limited | Data communication systems and methods |
| US4807031A (en)* | 1987-10-20 | 1989-02-21 | Interactive Systems, Incorporated | Interactive video method and apparatus |
| US5060263A (en)* | 1988-03-09 | 1991-10-22 | Enigma Logic, Inc. | Computer access control system and method |
| US5136644A (en)* | 1988-04-21 | 1992-08-04 | Telecash | Portable electronic device for use in conjunction with a screen |
| US4910775A (en)* | 1988-04-21 | 1990-03-20 | Telecash | Portable electronic device for use in conjunction with a screen |
| US5146499A (en)* | 1989-10-27 | 1992-09-08 | U.S. Philips Corporation | Data processing system comprising authentification means viz a viz a smart card, an electronic circuit for use in such system, and a procedure for implementing such authentification |
| US4993068A (en)* | 1989-11-27 | 1991-02-12 | Motorola, Inc. | Unforgeable personal identification system |
| US5131038A (en)* | 1990-11-07 | 1992-07-14 | Motorola, Inc. | Portable authentification system |
| US5272754A (en)* | 1991-03-28 | 1993-12-21 | Secure Computing Corporation | Secure computer interface |
| US5280527A (en)* | 1992-04-14 | 1994-01-18 | Kamahira Safe Co., Inc. | Biometric token for authorizing access to a host system |
| US5347580A (en)* | 1992-04-23 | 1994-09-13 | International Business Machines Corporation | Authentication method and system with a smartcard |
| US5323465A (en)* | 1992-06-10 | 1994-06-21 | Racal-Datacom Limited | Access control |
| US5450491A (en)* | 1993-08-26 | 1995-09-12 | At&T Corp. | Authenticator card and system |
| US5483595A (en)* | 1993-09-20 | 1996-01-09 | Seiko Communications Holding N.V. | Paging device including password accessed stored cryptographic keys |
| US5432851A (en)* | 1993-10-21 | 1995-07-11 | Tecsec Incorporated | Personal computer access control system |
| US5853615A (en)* | 1993-11-15 | 1998-12-29 | Cleanosol International Ab | Fluorescent covering for roads, parking areas etc, which fluoresces upon illumination with ultraviolet light |
| US5488571A (en)* | 1993-11-22 | 1996-01-30 | Timex Corporation | Method and apparatus for downloading information from a controllable light source to a portable information device |
| US5535147A (en)* | 1993-11-22 | 1996-07-09 | Timex Corporation | Method and apparatus for downloading information from a controllable light source to a portable information device |
| US5623637A (en)* | 1993-12-06 | 1997-04-22 | Telequip Corporation | Encrypted data storage card including smartcard integrated circuit for storing an access password and encryption keys |
| US5481610A (en)* | 1994-02-28 | 1996-01-02 | Ericsson Inc. | Digital radio transceiver with encrypted key storage |
| US5680460A (en)* | 1994-09-07 | 1997-10-21 | Mytec Technologies, Inc. | Biometric controlled key generation |
| US5652602A (en)* | 1995-05-08 | 1997-07-29 | Microsoft Corporation | Fast serial data transmission using a CRT |
| US5978656A (en)* | 1995-12-28 | 1999-11-02 | Asulab S.A. | Portable device using inductive antenna to receive data transmitted via modulating vertical or horizonal line synchronization signals of a swept frame video display monitor |
| US5801664A (en)* | 1996-02-12 | 1998-09-01 | Microsoft Corporation | System and method for transmitting data from a computer to a portable information device using RF emissions from a computer monitor |
| US5995630A (en)* | 1996-03-07 | 1999-11-30 | Dew Engineering And Development Limited | Biometric input with encryption |
| US6038551A (en)* | 1996-03-11 | 2000-03-14 | Microsoft Corporation | System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer |
| US6011858A (en)* | 1996-05-10 | 2000-01-04 | Biometric Tracking, L.L.C. | Memory card having a biometric template stored thereon and system for using same |
| US5852615A (en)* | 1996-12-14 | 1998-12-22 | Microsoft Corp. | Method and system for transmitting data from a unidirectional transmitter to a receiver |
| US5850304A (en)* | 1997-01-08 | 1998-12-15 | Scottsdale Technologies, Inc. | Optically programmable controller |
| US5986623A (en)* | 1997-02-03 | 1999-11-16 | Microsoft Corporation | System and method for interlaced display device data transmission |
| US6549623B1 (en)* | 1997-02-13 | 2003-04-15 | Tecsec, Incorporated | Cryptographic key split combiner |
| US6035395A (en)* | 1997-03-28 | 2000-03-07 | Kabushiki Kaisha Toshiba | Computer system capable of using removable disk drive as boot device and method of controlling bootstrap |
| US5937065A (en)* | 1997-04-07 | 1999-08-10 | Eaton Corporation | Keyless motor vehicle entry and ignition system |
| US6202151B1 (en)* | 1997-05-09 | 2001-03-13 | Gte Service Corporation | System and method for authenticating electronic transactions using biometric certificates |
| US6016476A (en)* | 1997-08-11 | 2000-01-18 | International Business Machines Corporation | Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security |
| US6490681B1 (en)* | 1997-09-18 | 2002-12-03 | International Business Machines Corporation | Electronic watermarking system |
| US6038666A (en)* | 1997-12-22 | 2000-03-14 | Trw Inc. | Remote identity verification technique using a personal identification device |
| US6618806B1 (en)* | 1998-04-01 | 2003-09-09 | Saflink Corporation | System and method for authenticating users in a computer network |
| US6463537B1 (en)* | 1999-01-04 | 2002-10-08 | Codex Technologies, Inc. | Modified computer motherboard security and identification system |
| US6281820B1 (en)* | 1999-07-12 | 2001-08-28 | Pointset Corporation | Methods and apparatus for transferring data from a display screen |
| US6466145B2 (en)* | 1999-07-12 | 2002-10-15 | Pointset Corporation | Methods and apparatus for transferring data from a display screen |
| US6300873B1 (en)* | 1999-09-16 | 2001-10-09 | Atlantes Services, Inc. | Locking mechanism for use with one-time access code |
| US6970853B2 (en)* | 2000-06-06 | 2005-11-29 | Citibank, N.A. | Method and system for strong, convenient authentication of a web user |
| US20020140542A1 (en)* | 2001-04-02 | 2002-10-03 | Prokoski Francine J. | Personal biometric key |
| US6850147B2 (en)* | 2001-04-02 | 2005-02-01 | Mikos, Ltd. | Personal biometric key |
| US20040148510A1 (en)* | 2001-05-03 | 2004-07-29 | Lorenz Muller | Security device for online transaction |
| US7104457B2 (en)* | 2001-07-02 | 2006-09-12 | Tds Todos Data System Ab | Card reader and a method for reading of cards |
| US6965685B1 (en)* | 2001-09-04 | 2005-11-15 | Hewlett-Packard Development Company, Lp. | Biometric sensor |
| US7155416B2 (en)* | 2002-07-03 | 2006-12-26 | Tri-D Systems, Inc. | Biometric based authentication system with random generated PIN |
| US6992580B2 (en)* | 2002-07-25 | 2006-01-31 | Motorola, Inc. | Portable communication device and corresponding method of operation |
| US20040230812A1 (en)* | 2003-05-16 | 2004-11-18 | Berner Fachhochschule | Method for authentication of a user with an authorizing device, and a security apparatus for carrying out the method |
Cited By (44)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11922395B2 (en) | 2004-03-08 | 2024-03-05 | Proxense, Llc | Linked account system using personal digital key (PDK-LAS) |
| US11258791B2 (en) | 2004-03-08 | 2022-02-22 | Proxense, Llc | Linked account system using personal digital key (PDK-LAS) |
| US9361740B2 (en)* | 2004-03-15 | 2016-06-07 | Xceedid Corporation | Systems and methods for access control |
| US9680837B2 (en)* | 2004-03-15 | 2017-06-13 | Xceedid Corporation | Systems and methods for access control |
| US20150116083A1 (en)* | 2004-03-15 | 2015-04-30 | Xceedid Corporation | Systems and methods for access control |
| US11800502B2 (en) | 2006-01-06 | 2023-10-24 | Proxense, LL | Wireless network synchronization of cells and client devices on a network |
| US11553481B2 (en) | 2006-01-06 | 2023-01-10 | Proxense, Llc | Wireless network synchronization of cells and client devices on a network |
| US11219022B2 (en) | 2006-01-06 | 2022-01-04 | Proxense, Llc | Wireless network synchronization of cells and client devices on a network with dynamic adjustment |
| US11212797B2 (en) | 2006-01-06 | 2021-12-28 | Proxense, Llc | Wireless network synchronization of cells and client devices on a network with masking |
| US11206664B2 (en) | 2006-01-06 | 2021-12-21 | Proxense, Llc | Wireless network synchronization of cells and client devices on a network |
| US11551222B2 (en) | 2006-05-05 | 2023-01-10 | Proxense, Llc | Single step transaction authentication using proximity and biometric input |
| US12014369B2 (en) | 2006-05-05 | 2024-06-18 | Proxense, Llc | Personal digital key initialization and registration for secure transactions |
| US11182792B2 (en) | 2006-05-05 | 2021-11-23 | Proxense, Llc | Personal digital key initialization and registration for secure transactions |
| US11157909B2 (en) | 2006-05-05 | 2021-10-26 | Proxense, Llc | Two-level authentication for secure transactions |
| US20080178009A1 (en)* | 2006-09-28 | 2008-07-24 | Sony Corporation | Electronic apparatus and information processing method |
| US12380797B2 (en) | 2006-11-13 | 2025-08-05 | Proxense, Llc | Biometric authentication using proximity and secure information on a user device |
| US20080190749A1 (en)* | 2007-02-13 | 2008-08-14 | Julian Poyner | Safety switch |
| US11562644B2 (en)* | 2007-11-09 | 2023-01-24 | Proxense, Llc | Proximity-sensor supporting multiple application services |
| US20230146442A1 (en)* | 2007-11-09 | 2023-05-11 | Proxense, Llc | Proximity-Sensor Supporting Multiple Application Services |
| US12033494B2 (en)* | 2007-11-09 | 2024-07-09 | Proxense, Llc | Proximity-sensor supporting multiple application services |
| US11080378B1 (en) | 2007-12-06 | 2021-08-03 | Proxense, Llc | Hybrid device having a personal digital key and receiver-decoder circuit and methods of use |
| US11086979B1 (en) | 2007-12-19 | 2021-08-10 | Proxense, Llc | Security system and method for controlling access to computing resources |
| US11727355B2 (en) | 2008-02-14 | 2023-08-15 | Proxense, Llc | Proximity-based healthcare management system with automatic access to private information |
| US12271865B2 (en) | 2008-02-14 | 2025-04-08 | Proxense, Llc | Proximity-based healthcare management system with automatic access to private information |
| US11120449B2 (en) | 2008-04-08 | 2021-09-14 | Proxense, Llc | Automated service-based order processing |
| US20110044218A1 (en)* | 2009-08-21 | 2011-02-24 | Interdigital Patent Holdings, Inc. | Method and apparatus for a multi-radio access technology layer for splitting downlink-uplink over different radio access technologies |
| US9295092B2 (en) | 2009-08-21 | 2016-03-22 | Interdigital Patent Holdings, Inc. | Method and apparatus for a multi-radio access technology layer for splitting downlink-uplink over different radio access technologies |
| US9807782B2 (en) | 2009-08-21 | 2017-10-31 | Interdigital Patent Holdings, Inc. | Method and apparatus for a multi-radio access technology layer for splitting downlink-uplink over different radio access technologies |
| US11095640B1 (en) | 2010-03-15 | 2021-08-17 | Proxense, Llc | Proximity-based system for automatic application or data access and item tracking |
| US12273339B1 (en) | 2010-03-15 | 2025-04-08 | Proxense, Llc | Proximity-based system for automatic application or data access and item tracking |
| US11546325B2 (en) | 2010-07-15 | 2023-01-03 | Proxense, Llc | Proximity-based system for object tracking |
| US9886721B2 (en) | 2011-02-18 | 2018-02-06 | Creditregistry Corporation | Non-repudiation process for credit approval and identity theft prevention |
| US12056558B2 (en) | 2011-02-21 | 2024-08-06 | Proxense, Llc | Proximity-based system for object tracking and automatic application initialization |
| US11669701B2 (en) | 2011-02-21 | 2023-06-06 | Proxense, Llc | Implementation of a proximity-based system for object tracking and automatic application initialization |
| US11113482B1 (en) | 2011-02-21 | 2021-09-07 | Proxense, Llc | Implementation of a proximity-based system for object tracking and automatic application initialization |
| US11132882B1 (en) | 2011-02-21 | 2021-09-28 | Proxense, Llc | Proximity-based system for object tracking and automatic application initialization |
| CN103843042A (en)* | 2011-06-23 | 2014-06-04 | 泰科消防及安全有限公司 | Security system tag magnetic clutch and method |
| US11914695B2 (en) | 2013-05-10 | 2024-02-27 | Proxense, Llc | Secure element as a digital pocket |
| US12373538B2 (en) | 2013-05-10 | 2025-07-29 | Proxense, Llc | Secure element as a digital pocket |
| US9704312B2 (en) | 2013-08-30 | 2017-07-11 | Cylon Global Technology Inc. | Apparatus and methods for identity verification |
| US9235698B2 (en) | 2013-08-30 | 2016-01-12 | Cylon Global Technology Inc. | Data encryption and smartcard storing encrypted data |
| US9330511B2 (en) | 2013-08-30 | 2016-05-03 | Cylon Global Technology Inc. | Apparatus and methods for identity verification |
| US11544365B2 (en)* | 2019-03-22 | 2023-01-03 | Bloomberg Finance L.P. | Authentication system using a visual representation of an authentication challenge |
| US12446014B2 (en) | 2023-09-06 | 2025-10-14 | Proxense, Llc | Wireless network synchronization of cells and client devices on a network |
Also Published As
| Publication number | Publication date |
|---|---|
| US8203423B2 (en) | 2012-06-19 |
| CA2536210A1 (en) | 2005-03-03 |
| JP2011096266A (en) | 2011-05-12 |
| SG187268A1 (en) | 2013-02-28 |
| US7994898B2 (en) | 2011-08-09 |
| WO2005020036A2 (en) | 2005-03-03 |
| AU2010200586A1 (en) | 2010-03-11 |
| AU2004267649A1 (en) | 2005-03-03 |
| US20090167491A1 (en) | 2009-07-02 |
| CN1836397A (en) | 2006-09-20 |
| CN1836397B (en) | 2015-01-07 |
| CA2536210C (en) | 2012-11-27 |
| WO2005020036A3 (en) | 2005-06-16 |
| JP2007503047A (en) | 2007-02-15 |
| JP4881471B2 (en) | 2012-02-22 |
| US20090273442A1 (en) | 2009-11-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7994898B2 (en) | Portable access device | |
| ES2244049T3 (en) | SECURITY CONTROL. | |
| US10911427B1 (en) | Reconfiguration of a wearable medical device | |
| CN101213559B (en) | Communication device and communication system | |
| US7953670B2 (en) | Biometrically secured identification authentication and card reader device | |
| ES2244088T3 (en) | EXCLUSIVE BIOMETRIC IDENTIFICATION SYSTEM. | |
| CN105874461B (en) | Organism authentication apparatus and biometric authentication method | |
| US20020030581A1 (en) | Optical and smart card identification reader | |
| US20050039027A1 (en) | Universal, biometric, self-authenticating identity computer having multiple communication ports | |
| EP2198552A1 (en) | Systems and methods for biometric identification | |
| US7624281B2 (en) | System and method for providing access to a keyboard video and mouse drawer using biometric authentication | |
| WO2016001689A1 (en) | Portable identity document verification apparatus | |
| WO2001071671A2 (en) | System and method for secure user identification with bluetooth enabled transceiver and biometric sensor implemented in a handheld computer | |
| CA2425183A1 (en) | Device for the control of functions by means of biometric data | |
| EP1656761A2 (en) | Portable access device | |
| CN108052831A (en) | Image watermarking and display methods, mobile terminal and storage medium | |
| MXPA06001904A (en) | Portable access device | |
| HK1095453A (en) | Portable access device | |
| US20070016940A1 (en) | Identification and password management device | |
| WO2011078887A1 (en) | Device for simultaneous acquisition of all fingerprints of either hand | |
| CN215526771U (en) | Recognition device and electronic equipment | |
| Thalheim et al. | Body check | |
| JP2024053175A (en) | Payment Systems | |
| WO2016001690A1 (en) | Emergency shutoff method and apparatus for a portable identity document verification apparatus | |
| MXPA99009658A (en) | A fingerprint recognition system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AS | Assignment | Owner name:BLOOMBERG LP, NEW YORK Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:OZOLINS, HELMARS E.;REEL/FRAME:014948/0715 Effective date:20040122 | |
| AS | Assignment | Owner name:BLOOMBERG FINANCE L.P., NEW YORK Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:BLOOMBERG L.P.;REEL/FRAME:020105/0768 Effective date:20071114 Owner name:BANK OF AMERICA, N.A. AS ADMINISTRATIVE AGENT, NOR Free format text:SECURITY AGREEMENT;ASSIGNOR:BLOOMBERG FINANCE L.P.;REEL/FRAME:020112/0080 Effective date:20071114 Owner name:BLOOMBERG FINANCE L.P.,NEW YORK Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:BLOOMBERG L.P.;REEL/FRAME:020105/0768 Effective date:20071114 Owner name:BANK OF AMERICA, N.A. AS ADMINISTRATIVE AGENT,NORT Free format text:SECURITY AGREEMENT;ASSIGNOR:BLOOMBERG FINANCE L.P.;REEL/FRAME:020112/0080 Effective date:20071114 | |
| STCB | Information on status: application discontinuation | Free format text:ABANDONED -- FAILURE TO PAY ISSUE FEE |