US20100161488A1

Movatterモバイル変換

Info

Publication number: US20100161488A1
Application number: US12/340,990
Authority: US
Inventors: Paul Michael Evans; Jim Gopinathan
Original assignee: Mastercard International Inc
Current assignee: Mastercard International Inc
Priority date: 2008-12-22
Filing date: 2008-12-22
Publication date: 2010-06-24
Also published as: US8706634B2; US20130332365A1

Abstract

Pursuant to some embodiments, methods, systems, apparatus, computer program code and means for verifying a cardholder during a transaction involving a transaction device and a terminal are provided. Pursuant to some embodiments, the invention includes transmitting biometric rule information from a transaction device to a terminal, the biometric rule information defining a biometric sample to be acquired at the terminal, receiving, from the terminal, a detected biometric sample. The detected biometric sample is compared to a biometric reference template stored in the transaction device, and the cardholder is verified if the detected biometric sample matches the biometric reference template.

Description

The use of biometric techniques to authenticate payment transactions and verify the identity of payment device holders is increasing. Biometric techniques that are promoted for this use include voice, fingerprint, iris, vein pattern and other scans. Currently, the type of biometric to be captured for a given transaction is determined by the biometric terminal in use at a transaction location. Further, the transaction terminal also controls what steps are to be taken in the event of an authentication failure. Payment device issuers have little (if any) control over the authentication process to be used.
It would be desirable to allow payment (or other information carrying) device issuers to have greater control over the biometric authentication process. It would further be desirable to allow issuers to control the type and level of biometric authentication required for transactions, and how verification failures are to be handled.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram depicting a system configured pursuant to some embodiments.

FIG. 2 is a block diagram depicting a transaction device configured pursuant to some embodiments.

FIG. 3 is a block diagram depicting a transaction system configured pursuant to some embodiments.

FIG. 4 is a flow diagram depicting a verification process pursuant to some embodiments.

DESCRIPTION

Embodiments of the present invention relate to systems, methods, processes, computer program code, and means for biometric verification. Pursuant to some embodiments, a biometric verification rules table is stored on a transaction device (such as a payment card or other information device having an integrated circuit chip and memory). The biometric verification rules table is created by an issuer of the device (or an agent of the issuer) and is stored on the transaction device in a personalization process or by updating a memory of the transaction device. The biometric verification rules table specifies the level (and type) of biometric authentication required by transactions involving the transaction device. Pursuant to some embodiments, biometric authentication may be controlled and carried out in off-line transactions (e.g., without need for a terminal which is in remote communication with the issuer).

In some embodiments, a reader is operated to verify the identity of a cardholder during a transaction, including receiving a biometric information template from the transaction device, prompting the cardholder to present a required biometric feature for reading by the reader, the required biometric feature determined based on information in the biometric information template, reading the required biometric feature to create a sample set of biometric data, transmitting the sample set of biometric data to the transaction device, and receiving a response from the transaction device, the response including at least one of a success code, a further biometric information template, and a failure code.

Embodiments of the present invention allow an issuer of a transaction device to specify the level of biometric authentication required, as well as to define alternative biometric and other authentication steps in the event of authentication failure. Further, pursuant to some embodiments, issuers may enforce multiple biometric verification requirements as part of a single transaction. The result is a system which puts control of the authentication process in the hand of the issuer and which ensures that biometric authentication may be used in locations (and for transactions) where the communications infrastructure is unreliable or unavailable.

A number of terms are used herein to describe features of some embodiments of the present invention. For example, as used herein, the term “transaction device” is used to refer to a portable device which includes one or more integrated circuit (“IC”) chips and which stores information (such as payment information, personal information, or the like) that may be used in conjunction with transactions (such as payment transactions). Pursuant to some embodiments, a “transaction device” may be a contact or a contactless device capable of communication with a reader device using wireless communication techniques. For example, a transaction device may be an information-carrying device that is compliant with one or more of: ISO/IEC 14443 Standard, ISO/IEC 18000 standard, the NFC standards including ISO/IEC 18092/ECMA 340 and ISO/IEC 21481/ECMA 352, and other standards such as the EMV standards (available at www.emvco.com) and the “PayPass” standards promulgated by MasterCard International Incorporated.

For illustration, and to describe features of some embodiments, a particular transaction device will be used as an example herein—a payment device compliant with the ISO/IEC 14443 Standard, the EMV standards, and the “PayPass” standards (e.g., a contactless payment card will be used as an illustrative example of a particular “transaction device” throughout this disclosure). Those skilled in the art will appreciate, upon reading the present disclosure, that similar techniques may be used for other transaction devices.

As used herein, the term “issuer” is used to refer to an entity (or an agent of the entity) that “issues” or distributes transaction devices configured pursuant to embodiments of the present invention. For example, in the context of a transaction device used for payment transactions, the issuer may be the financial institution that holds a payment account associated with the transaction device and that holds an account relationship with the customer (referred to herein as a “cardholder”) the transaction device was issued to. In general, “issuers” are concerned with ensuring that the identities of cardholders are properly verified during transactions involving their transaction cards. Embodiments of the present invention allow issuers to control the biometric techniques used to verify cardholders during transactions involving devices issued by the issuer.

As used herein, the term “biometric” or “biometrics” is used to refer to scans or digital representations (or “samples”) of physical features associated with a cardholder that are to be verified during a transaction. The physical features can include voice, fingerprint, iris, vein pattern or the like. As used herein, feature data from a biometric sample may be extracted to select features of interest. Extracted biometric feature data is referred to herein as a “template”.

As used herein, the term “cardholder verification method” (or “CVM”) is used to refer to a selected method to verify a cardholder during a transaction involving a transaction device configured pursuant to embodiments of the present invention. A CVM may be, for example, a biometric verification, password verification, or the like.

Features of embodiments of the present invention will now be described by first referring toFIG. 1, which is a block diagram depicting asystem100 configured pursuant to some embodiments.

As shown inFIG. 1 asystem100 includes atransaction device102 in communication with aterminal104. Theterminal104 includes abiometric reader106. Thetransaction device102 may be any of a number of different types of portable devices having one or more IC chips which are configured to support biometric verification pursuant to the present invention. For the purpose of illustrating features of the present invention, thetransaction device102 will be described as a contactless payment card which is configured to operate in accordance with the EMV specifications as well as the PayPass specifications introduced above. Theterminal104 is, for example, a point of sale terminal configured to operate in accordance with the EMV specifications and may include a contactless reader configured to interact withtransaction device102. Pursuant to some embodiments, theterminal104 need not be in constant communication with a remote processing center; instead, pursuant to some embodiments, theterminal104 may interact with thetransaction device102 in an “off line” manner as will be described herein. Those skilled in the art will appreciate that terminals which are in communication with a remote processing center during all (or part of) a transaction (e.g., are “online” transactions) may also be used pursuant to the present invention.

According to some embodiments, a cardholder may present thetransaction device102 to theterminal104 to conduct a transaction (such as a payment transaction). In many situations, an issuer of thetransaction device102 may wish to enforce one or more cardholder verification rules to ensure that the person presenting thetransaction device102 in the transaction is an authorized holder of the transaction device. In previous systems, cardholder verification was performed using personal identification numbers (or “PINs”) or other methods. It is desirable, in some situations, to require that a biometric feature of the cardholder be verified to prior to conducting certain transactions. Embodiments of the present invention allow biometric verification to be performed in a manner specified by an issuer of thetransaction device102.

While further details regarding the biometric verification will be provided below, a brief overview will illustrate certain features of the present invention. In a typical transaction pursuant to the present invention, a person presentstransaction device102 atterminal104 to conduct a transaction. Theterminal104 and thetransaction device102 interact with an initial communications handshake in which thetransaction device102 and theterminal104 establish a communications session. The exact nature of the communications handshake may vary depending on the communications standard used (e.g., the communications handshake may follow the communications protocol established by the EMV specifications, for example).

Once communication has been established, and theterminal104 andtransaction device102 identify each other as supporting biometric verification processing, theterminal104 requests a biometric information template (or “BIT”) from thetransaction device102. Thetransaction device102 returns a BIT, and theterminal104 uses the details in the BIT to prompt the cardholder to present a required biometric feature to thebiometric reader106 for reading (e.g., if the BIT specifies that the cardholder's fingerprint from their right index finger be obtained, theterminal104 prompts the cardholder to present his or her right index finger to a thebiometric reader106 for scanning). Theterminal104 obtains and processes the sample to create a template (as will be described further below) and returns the sample to thetransaction device102. Thetransaction device102 compares the received sample with a stored template. If the biometric sample matches the stored template, a success message may be returned to the terminal indicating that the cardholder has been successfully verified. The transaction may then be completed as normal (e.g., a payment transaction may be completed, following the normal authorization rules of the payment system).

Pursuant to some embodiments, as will be described further below, the verification may require the capture of additional biometric information as defined by the issuer of thetransaction device102. Pursuant to embodiments of the present invention, issuers are able to specify the verification sequence by storing verification rules in thetransaction device102. Thetransaction device102 follows the rules and is responsible for issuing a verification success or failure message upon completion of those rules. The result is a system and method that allows issuers to control the cardholder verification process even in situations where thetransaction device102 is used in off-line environments (e.g., where theterminal104 is not in communication with the issuer or other processing center). Unlike previous biometric verification systems, the verification process and success/failure criteria is controlled by rules in thetransaction device102, not by rules and criteria stored in theterminal device104 or remote processing centers.

Reference is now made toFIG. 2 which is a block diagram depicting a transaction device200 (such as thetransaction device102 ofFIG. 1) configured pursuant to some embodiments. In some embodiments,transaction device200 may be formed as a card-shaped device (e.g., such as a credit card size device compliant with ISO Standard 7816). The device may be formed in other shapes as well. For example, the device may be shaped as a small format card and inserted in a mobile telephone or other device.

Pursuant to some embodiments, thetransaction device200 has one ormore IC chips202 embedded therein. TheIC chip202 includes aprocessor portion208, an I/O portion206, and one ormore memory portions210. The I/O portion206 may include a plurality of electrical contacts (in the case where thetransaction device200 communicates with terminals via contacts) and/or one or more antennas (in the case where thetransaction device200 communicates with terminals via radio frequency communication). In some embodiments, atransaction device200 may have both contactless and contact communication capabilities and may include both a plurality of contacts and one or more antennas. Those skilled in the art will recognize thatIC chip202 may include other components (not shown) such as control logic, timers or the like as is known in the art.

Thememory portion210 may include different forms or types of memory, including, for example, read-only memory, non-volatile memory and programmable memory as is known in the art. As shown, thememory portion210 stores a number of data items for use in performing biometric verification pursuant to some embodiments. Those skilled in the art will appreciate that thememory portion210 may store additional data elements and applications (not shown) to enable thetransaction device200 to interact with terminal devices and to perform transactions.

As shown, thememory portion210

stores application data

212, one or more biometric rules tables214, one or more biometric reference templates (“BRTs”)216, and one or more biometric information templates (“BITs”)218. Theapplication data212 includes program instructions that, when executed by theprocessor208, cause the processor to execute a biometric verification process pursuant to embodiments of the present invention.

The biometric rules tables214 stores data (e.g., loaded into the memory by an issuer of the transaction device200) used to control the biometric verification of the cardholders For example, the biometric rules table214 may include the following data: a field containing one or more biometric rule numbers (uniquely identifying each biometric rule associated with the transaction device and the cardholder), a field containing one or more BIT reference numbers (each referring to a particular biometric information template stored in the memory), a field containing data identifying an action (or actions) to be taken should the biometric verification be successful (e.g., the data may specify either that an additional biometric rule number be processed, or that the cardholder is successfully verified), a field containing data identifying an action (or actions) to be taken should the biometric verification fail (e.g., the data may specify that another rule be processed or that the verification transaction be failed), and a field containing data identifying a number of retries that may be attempted should the verification fail.

Each of these data elements are used in conjunction with theapplication212 to perform biometric verification processing pursuant to embodiments of the present invention. Examples of verification rules will be provided further below in conjunction with a description ofFIG. 4. In general, the biometric verification rules table210 and related data are used to allow issuers of atransaction device200 to control the authentication process during a transaction involving thetransaction device200.

For example, use of the biometric verification rules table allows the issuer to control, using rules stored in thetransaction device200, how many retries to allow for each biometric sample (e.g. the card holder could be allowed to submit their left index fingerprint up to three times within a transaction), what to do in the event of a successful verification (e.g., the issuer could decide to approve the transaction, or the issuer could decide that more biometric samples are required, for example, the issuer may decide that the card holder needs to successfully submit their left index fingerprint and their right index fingerprint before the transaction is approved), and what to do in the event of a failed verification (e.g., the issuer could deny the transaction, or the issuer could allow the card holder to submit an alternative biometric. For example, the issuer may decide that the card holder needs to submit either their left middle fingerprint or their right middle fingerprint.). Pursuant to some embodiments, the issuer defines the level of biometric authentication required for a transaction. The issuer may also choose to use a combination of different types of biometrics, for example iris scan and fingerprint.

Thetransaction card200 may store a number of different combinations and types of biometric rules, as will be illustrated below. In one embodiment, a biometric verification rules table may specify a single biometric rule and template (e.g., as shown below in TABLE 1).

TABLE 1

RULE	BIT No.	SUCCESS	FAILURE	RETRIES

R1	B1	SUCCESS	FAILED	4

In some embodiments, thetransaction device200 may store several biometric verification rules in the biometric rules table214. For example, as shown in TABLE 2, twobiometric information templates218 and rules are provided. As an example, the rules may be constructed such that if the first rule is failed (as discussed further below), then the second rule must be attempted to successfully verify the cardholders As a specific example, the first rule could apply a template (B1) representing the cardholder's left index finger fingerprint, while the second rule could apply a template (B2) representing the cardholder's right index finger fingerprint. Successful verification of either template would result in verification of the cardholder using this scheme.

TABLE 2

RULE	BIT No.	SUCCESS	FAILURE	RETRIES

R1	B1	SUCCESS	R2	3
R2	B2	SUCCESS	FAILED	3

In some embodiments, the biometric verification rules table214 in atransaction device200 may require that more than one biometric template be verified. As an example, as shown in TABLE 3, two biometric information templates may be provided, and the rules may specify that both templates must be matched for the verification to be successful.

TABLE 3

RULE	BIT No.	SUCCESS	FAILURE	RETRIES

R1	B1	R2	FAILED	4
R2	B2	SUCCESS	FAILED	2

In some embodiments, biometric verification rules may be established which require that more than one, but not all, of the biometric information templates be matched for a successful verification. As an example, shown in TABLE 4, four biometric information templates may be provided, and the biometric verification rules table214 may specify that two out of the four templates must be matched for the verification to be successful.

TABLE 4

RULE	BIT No.	SUCCESS	FAILURE	RETRIES

R1	B1	R2	R3	4
R2	B2	SUCCESS	R3	4
R3	B3	R4	FAILED	4
R4	B4	SUCCESS	FAILED	4

The biometric information templates and biometric reference templates may be created using an industry standard format (e.g., such as ISO Standard 19092). The samples taken from the cardholder may be taken prior to, or in conjunction with a personalization process performed by the issuer (or an agent of the issuer) during issuance of the card. In some embodiments, the samples may be taken from the cardholder at a later time, and transmitted to, and stored in, a memory of thetransaction device200.

Reference is now made toFIG. 3, which is a block diagram depicting atransaction system300 configured pursuant to some embodiments. In a typical transaction environment involving cardholder verification pursuant to the present invention, atransaction system300 includes a number of entities, including a transaction device302 (e.g., such as thetransaction device200 described above in conjunction withFIG. 2), aterminal device304, aprocessing center320, and anissuer330. Those skilled in the art will appreciate that a system will include any number oftransaction devices302,terminal devices304, andissuers330. One ormore processing centers320 may also be involved.

In embodiments in which features of the present invention are used to perform cardholder verification for payment card transactions, theterminal device304 may be a point of sale terminal deployed, for example, at a merchant or sales location, and used to facilitate the sales of goods or services. Theterminal device304 may be in communication (either intermittently or on a regular basis) with one ormore processing centers320 to authorize and transmit payment information toissuers330 to facilitate the clearing and settlement of transactions. In some embodiments, theprocessing center320 is or includes a payment network (such as the network operated by MasterCard International Incorporated). Some or all of the systems or entities may be in communication over networks such as the Internet, or private or secure networks.

As shown, theterminal device304 may include a number of components to allow interaction with atransaction device302. For example, theterminal device304 may include a card reader306 (e.g., such as a contact or contactless reader), a biometric sensor308 (e.g., such as a fingerprint reader, an iris scanner, a signature reader, a handprint scanner, or the like), a program or application310 (e.g., including, for example, an application to allow communication with transaction device302), aprocessor312 and an input/output device314 (e.g., to allow communication with other devices including, for example, a processing center320). Those skilled in the art will appreciate that a wide range of different types ofterminal devices304 may be used. For example, aterminal device304 may be a typical point-of-sale terminal, a terminal embedded or installed in a vending machine, a passport or other information device processing terminal, or the like.

Further detail regarding a verification process pursuant to some embodiments will now be provided by reference toFIG. 4, which is a flow diagram depicting averification process400 pursuant to some embodiments. Theverification process400 may be performed by a transaction device (such as thedevice200 ofFIG. 2) in interaction with a terminal device (such as thedevice304 ofFIG. 3) during a transaction. Theprocess400 may be performed after initial communications between a transaction device and a terminal device have been completed (e.g., after an initial handshake process has occurred).

Processing begins at402 where, for example, an application stored in the terminal device determines that biometric cardholder verification processing is required. Processing continues at404 where the terminal device reads a biometric information template (“BIT”) from the transaction device. The selection of the BIT to be provided to the terminal device is, for example, determined by the biometric verification rules stored in the transaction device (e.g., in the biometric verification rules table, such as table214 ofFIG. 2). For example, the transaction card may begin with the first biometric verification rule stored in the card, and cause the BIT associated with the first biometric verification rule to be transmitted to the terminal.

The BIT specifies the nature of the biometric sample to be collected by the terminal. Processing continues at406 where the terminal collects the required biometric data. This may be performed, for example, by generating a prompt to the cardholder, instructing the cardholder to present the required biometric feature for reading. If the BIT read at404, for example, requires a left index finger fingerprint, then the terminal may prompt the cardholder to present their left index finger fingerprint to a fingerprint reader to collect the sample. If the terminal is unable to collect or read the required feature, processing continues to410. If the terminal is able to collect the required feature, processing continues at408 as the terminal converts the sampled feature into a sample template (e.g., in accordance with a standard format such as the format specified by ISO Standard 19092) and transmits the sampled data in a sample template to the transaction card.

At408, the transaction card processes the sample template from the terminal by comparing the biometric reference template associated with the current BIT to the sample template. Processing continues at410 where the transaction card applies the biometric verification rules in the biometric verification rules table to the results of408. If the sample template matches the biometric reference template, then the transaction card application examines the “success” column of the biometric verification rules table. If the “success” column indicates that another rule must be performed, then the application moves to the new rule in the table, and the process returns to404. If the “success” column indicates that the verification should be considered successful based on the single BIT verification, then the transaction card returns a “SUCCESS” message to the terminal and verification is complete.

If the sample template does not match the biometric reference template, then the transaction device application examines the “retries” column of the rules table to determine whether the transaction should “FAIL” or if a retry is available. If a retry is available, the retry counter is decremented, and processing reverts to step406, and the same BIT is applied. If the retry counter has been exhausted, then the transaction device will examine the “failed” column of the biometric verification rules table. If another rule is available and should be followed, then the transaction device will retrieve the next rule and it's associated BIT and processing reverts to step404. The process continues until a final “SUCCESS” or “FAIL” is reached.

In the embodiments described above, a fixed mode of operation specified by the biometric verification rules table is followed, and all of the matching is determined by an application stored on thetransaction device200. In some embodiments, a transaction device may randomly choose rules from the biometric verification rules table. In such embodiments, thetransaction device200 may be configured with additional parameters which define the number of rules which must be passed for authentication to succeed and the maximum number of failed rules before authentication is considered to be a failure.

In this embodiment, the transaction device randomly selects rules from the biometric verification rules table. If verification is successful then the transaction device increments a success counter. If the count is equal to the number of successful verifications required then the transaction device considers the authentication as successful. If more successes are required then the transaction device picks another rule at random.

In the case of a failed verification, the transaction device increments a failed counter if the number of retries has been exhausted or the verification is skipped. If the failed count is greater than a maximum number of failures allowed then the transaction device considers the authentication as failed. If more failures are allowed then the transaction device selects another rule at random.

In a further embodiment, transaction devices may be deployed without biometric reference data stored thereon (e.g., the cardholder's biometric reference data is not loaded onto the transaction device). In such embodiments, the transaction device may only store the biometric verification rules table. The biometric verification rules table may be read by the terminal during transactions and the terminal may use the data from the table to directly perform the required authentications.

The above descriptions of processes herein should not be considered to imply a fixed order for performing the process steps. Rather, the process steps may be performed in any order that is practicable, including simultaneous performance of at least some steps.

Although the present invention has been described in connection with specific exemplary embodiments, it should be understood that various changes, substitutions, and alterations apparent to those skilled in the art can be made to the disclosed embodiments without departing from the spirit and scope of the invention as set forth in the appended claims.

Claims

1. A method for operating a reader to verify a cardholder during a transaction, the method comprising:

receiving a biometric information template from said transaction device;

prompting the cardholder to present a required biometric feature for reading by said reader, said required biometric feature determined based on information in said biometric information template;

returning a response to said biometric information template to said transaction device;

receiving a verification response from said transaction device, said verification response including at least one of a success code, a further biometric information template, and a failure code.

2. The method ofclaim 1, further comprising reading said required biometric feature to create a sample template of biometric data, said response returned to said transaction device further comprising said sample template of biometric data.

3. The method ofclaim 1, wherein said response returned to said transaction device includes data indicating that no biometric feature was captured by said reader.

4. The method ofclaim 1, wherein said verification response includes a failure code, the method further comprising:

prompting said cardholder to represent said required biometric feature for reading by said reader;

reading said required biometric feature to create a second sample template of biometric data;

transmitting said second sample template of biometric data to said transaction device; and

receive a second verification response from said transaction device, said second response including at least one of a success code, a further biometric information template, and a failure code.

5. The method ofclaim 1, wherein said verification response includes both a failure code and a request to repeat said reading said required biometric feature to create a second sample template of biometric data.

6. The method ofclaim 1, wherein said verification response includes a further biometric information template, the method further comprising:

prompting the cardholder to present an additional required biometric feature for reading by said reader, said additional required biometric feature determined based on information in said further biometric information template;

reading said additional required biometric feature to create a sample template of additional biometric data;

transmitting said sample template of additional biometric data to said transaction device; and

receiving a further verification response from said transaction device, said further verification response including at least one of a success code, a further biometric information template, and a failure code.

7. The method ofclaim 1, wherein said biometric information template is selected based on a currently active rule in said transaction device.

8. The method ofclaim 1, wherein said biometric information template includes information specifying a particular biometric feature to be sampled.

9. The method ofclaim 8, wherein said particular biometric feature to be sampled includes at least one of: a finger image, a finger pattern, an iris image, a signature image, a vascular image, and a hand image.

10. The method ofclaim 8, wherein said biometric information template further comprises information specifying an algorithm to be used to create said sample template of biometric data.

11. A method for verifying a cardholder during a transaction involving a transaction device and a terminal, comprising:

transmitting biometric rule information from the transaction device to the terminal, the biometric rule information defining a biometric sample to be acquired at said terminal;

receiving, from said terminal, a detected biometric sample;

comparing said detected biometric sample to a biometric reference template, and

verifying said cardholder if said detected biometric sample matches said biometric reference template.

12. A transaction device, comprising:

a processor;

an input/output device coupled to said processor;

a memory unit in communication with said processor and storing at least a first biometric verification rule, at least a first biometric information template and a program, wherein the processor is operative with said program to:

receive a transaction request from a terminal device;

determine a current biometric verification rule, and based on said current biometric verification rule transmit said at least first biometric information template to said terminal device;

receive a biometric sample template from said terminal device;

compare said biometric sample template with a stored biometric sample; and

determine a verification status based on said comparison.

13. The transaction device ofclaim 12, wherein said transaction device is a payment card.

14. The transaction device ofclaim 12, wherein said input/output device communicates with said terminal device, said input/output device including at least one of a plurality of electrical contacts and an antenna, said input/output device communicating with said terminal device.

15. The transaction device ofclaim 12, wherein the processor is further operative with said program to:

transmit said verification status to said terminal device.

16. The transaction device ofclaim 12, wherein said verification status is at least one of a success code, a further biometric information template, and a failure code.

17. The transaction device ofclaim 12, wherein said at least first biometric template includes information specifying a particular biometric feature to be sampled.

18. The transaction device ofclaim 17, wherein said particular biometric feature to be sampled is at least one of: a fingerprint, a finger pattern, an iris, a signature, a vascular image, and a handprint.

19. A computer-readable medium storing processor-executable process steps that, when executed by a processor, perform a method, wherein the method comprises:

receiving, from said terminal, a detected biometric sample;

comparing said detected biometric sample to a biometric reference template stored in said transaction device; and