US20030101348A1 - Method and system for determining confidence in a digital transaction - Google Patents
Method and system for determining confidence in a digital transaction Download PDFInfo
- Publication number
- US20030101348A1 US20030101348A1 US10/194,959 US19495902A US2003101348A1 US 20030101348 A1 US20030101348 A1 US 20030101348A1 US 19495902 A US19495902 A US 19495902A US 2003101348 A1 US2003101348 A1 US 2003101348A1
- Authority
- US
- United States
- Prior art keywords
- transaction
- trust metric
- token
- trust
- confidence
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/02—Reservations, e.g. for tickets, services or events
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/10—Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
- G06V40/12—Fingerprints or palmprints
- G06V40/1335—Combining adjacent partial images (e.g. slices) to create a composite input or reference pattern; Tracking a sweeping finger movement
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/08—Randomization, e.g. dummy operations or using noise
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
- H04L2209/805—Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
Definitions
- the present invention relates generally to the field of methods, computer programs and computer program products, devices, and systems for encryption systems, especially public key infrastructure (PKI) systems, and also to the field of biometrics, especially but not limited to biometrics such as human fingerprints and human voiceprints.
- PKI public key infrastructure
- authentication methods are grouped into three categories, also called authentication factors: (1) something you know—a secret such as a password or a PIN or other information; (2) something you have—such as a smartcard, the key to a mechanical lock, an ID badge, or other physical object; and (3) something you are—a measure of a person such as a fingerprint or voiceprint.
- Each method has advantages and disadvantages including those relating to ways that a system may be fooled into accepting a normally unauthorized user in cases where, for example, a password has been guessed or a key has been stolen.
- Biometric identification is used to verify the identity of a person by measuring selected features of some physical characteristic and comparing those measurements with those filed for the person in a reference database or stored in a token (such as a smartcard) carried by the person.
- Physical characteristics that are used today include fingerprints, voiceprints, hand geometry, the pattern of blood vessels on the wrist or on the retina of the eye, the topography of the iris of the eye, facial patterns, and the dynamics of writing a signature or typing on a keyboard.
- Biometric identification methods are widely used today for securing physical access to buildings and securing data networks and personal computers.
- a secure system is based upon either a mutually-shared secret or a private key of a public-private key pair.
- the secret is first selected or created, then agreed upon and stored for later use.
- Each of the above broad categories has its own specific risk factors depending on the type of secret, where and how it is stored and how it is created.
- the risk of guessing is dependent on a variety of factors including, but not limited to, the type of secret (for example, a password, a private PKI key, a symmetric key, or the like), the length of the secret (for example, number of characters in the password or number of bits in the private key), and the randomness of the secret (for example, an entropy calculation plus, in the case of a password, whether the password matches a dictionary word).
- the risk of observation during transmission is dependent on factors including, but not limited to: whether it was transmitted at all (generally, there is no transmission of the secret in PKI); what type of encryption was used, if any, during transmission; and the network used for the transmission (for example, whether it was transmitted using a telephone, an internet, a private network, or other network or communication link or channel).
- the risk of a stored secret being illicitly retrieved is dependent on factors including, but not limited to: the number of devices where instances of the secret are stored (for example, a secret may be stored on a user's PC as well as in a system database); the storage medium used for each stored instance (hard disk, paper notes, smart card, portable memory device such as a flash memory card, PKCS-11 token (as discussed further in “PKCS #11 v2.11: Cryptrographic Token Interface Standard” published June 2001 by RSA Laboratories, hereby incorporated by reference), or the like); whether the secret is stored in plain text or encrypted; if stored encrypted, the risk associated with the encryption key used; what kind of biometrics used, if any, to restrict access to the storage medium; the security of passphrase used, if any, to retrieve secret; the security of biometric system(s) used, if any, to retrieve secret; and the security of physical token used, if any, to retrieve secret—for example if a token is used, the security of that
- the risk associated with the secret being issued to the wrong person is dependent on factors including, but not limited to: the specific method or methods used to verify the user's identity prior to issuing the secret; the degree of human interaction, if any, involved in the verification process (i.e. is it supervised and verified by a trained human being); what specific biometric system or systems, if any, is used to aid verification; which government agencies (such as for example the FBI, Secret Service, or other agency), if any, aid in the verification process; and which trusted documents, if any, were required for verification (for example bank statement, social security number, passport, or the like).
- the security and integrity of information systems depends primarily on keeping data confidential so that only authorized users may see or act against the data, and assuring the integrity of data so that the data can not be changed or tampered with undetected.
- the field of cryptography provides well-known tools for assuring confidentiality and integrity using encryption techniques such as ciphers and hash algorithms.
- PKI Public Key Infrastructure
- PKI gets its name from its use of a class of cryptographic algorithm called a public key algorithm.
- a public key algorithm is a cryptographic algorithm that operates using two different but mathematically-related keys, a public key that may be shared with any party and a private key which must be kept secret, such that (for must such algorithms) data encrypted with the public key may only be decrypted with the private key, and vice-versa.
- PKI standards provide powerful mechanisms for safe and private storage and transmission of confidential data so that it remains hidden from unauthorized parties.
- the standards provide for digital signatures, which provide the receiving party of some data with an assurance of the identity of the transmitting party.
- PKI standards further provide for digital certificates, which provide a tamper-resistant, portable record of the association of a public key with a person's or organization's name, attested to and signed by a trusted party, thus presenting a form of unique, irrefutable digital identity or credential for that person or organization.
- PKI standards also provide other useful and powerful mechanisms that can contribute to the security and integrity of information systems.
- PKI is widely used in commercial and non-commercial systems, both over the Internet and in more closed or local applications.
- Most web browsers for example, use PKI and PKI-based standards to interoperate with web servers when high security is desired, as when a user specifies a credit card number for payment while placing an online order.
- the proliferation of electronic commerce has led many jurisdictions around the world to begin to develop legal standards with the intended result that a correctly constituted digital signature would be every bit as legally binding as a handwritten signature is today.
- PKI provides powerful mechanisms, but it has weaknesses.
- One way for digital identities to be compromised is for an impostor to somehow get a copy of the private key that is associated with the public key embedded in a certificate, thus invalidating an assumption that only the person or organization to which the certificate is issued has access to the (secret) private key.
- An impostor to somehow get a copy of the private key that is associated with the public key embedded in a certificate, thus invalidating an assumption that only the person or organization to which the certificate is issued has access to the (secret) private key.
- anyone with both the certificate (which is meant to be public information, freely exchanged with anyone) and the associated private key (which is meant to be secret) can impersonate someone else and compromise the security and integrity of an information system dependent on the valid use of a certificate and associated private key.
- the invention provides a transaction confidence token for use in a secure communication system, comprising an envelope and a seal.
- the envelope comprises transaction information and a trust metric.
- the seal contains a digital signature of the envelope.
- the envelope further includes a timestamp.
- the transaction information contained in the envelope includes a web site address, a web session identifier, a monetary or exchange value, an order number, an SKU number, a credit card number, or any combinations thereof.
- the trust metric within the envelope is an overall trust metric indicating a combined confidence level for enrollment, storage, transmission, and authentication processes employed for authentication of a transaction.
- the trust metric comprises a storage trust metric indicating a confidence level for a storage process associated with authentication of a transaction.
- the trust metric comprises a transmission trust metric indicating a confidence level for a transmission process associated with authentication of a transaction.
- the trust metric comprises an authentication trust metric indicating a confidence level for an authentication process associated with authentication of a transaction.
- the trust metric comprises an enrollment trust metric indicating a confidence level for an enrollment process associated with authentication of a transaction.
- a plurality of trust metrics are provided in the envelope.
- a first trust metric comprises an overall trust metric and at least a second trust metric is provided chosen from the group consisting of an enrollment trust metric, a storage trust metric, a transmission trust metric, an authentication trust metric, and combinations thereof.
- the digital signature contained in the seal is signed with a private key.
- a method for assuring a secure transaction comprises receiving a transaction confidence token comprising a trust metric associated with the transaction, determining if the trust metric indicates a sufficient trust level; and processing the transaction if the trust metric indicates or exceeds said sufficient trust level.
- a method further comprises requiring a mitigating factor if said trust metric indicates less than said sufficient trust level.
- the mitigating factor may be chosen based on the trust metric.
- the mitigating factor may be chosen from the group consisting of a fee, a waiting period, an authentication procedure, and combinations thereof.
- the method further comprises processing the transaction after receiving a mitigating factor.
- the method further comprises constructing a transaction confidence token comprising a trust metric, and transmitting said transaction confidence token to a server.
- a method for assuring a secure transaction comprises receiving a transaction confidence token comprising a trust metric associated with said transaction, determining if said trust metric indicates an acceptable risk level; and processing said transaction if said trust metric indicates or is less than said acceptable risk level.
- the method further comprises requiring a mitigating factor if said trust metric indicates greater than said acceptable risk level. In still other embodiments, the method further includes processing said transaction after receiving said mitigating factor.
- FIG. 1 is a schematic representation of one embodiment of a transaction confidence token according to an embodiment of the present invention.
- FIG. 2 is a schematic flowchart showing a method of processing a transaction according to an embodiment of the present invention.
- FIG. 3 is a schematic flowchart outlining a process for using a transaction confidence token according to an embodiment of the present invention.
- This invention introduces the concept of a software token that associates a secret—such as a private key or password—with risk factors involved in protecting that secret from illicit access.
- the token includes an indication or calculation of the “overall risk of compromise” (OROC), generally represented as an overall trust metric, associated with the secret.
- OROC all risk of compromise
- the token also includes a calculation of individual risk factor probabilities used to determine the OROC, or overall trust metric. This token can then be used to inform system operators or third parties of the confidence of a given system transaction that depends on the secret. A third party can then take whatever actions it deems appropriate according to the estimated risk.
- the risk factor is used to deny a transaction if the risk is deemed to great—that is if the risk factor is greater than a predetermined (or sufficient) value.
- the risk factor is used to charge the user a fee in an effort to mitigate the risk, or where some fee may already be charged to the user for the transaction to charge different fees according to the assessed risk or trust level.
- the fee may be a flat fee charged to all transactions having less than a sufficient trust level or the fee may vary according to the trust level indicated by the token.
- the present invention provides a mechanism for a system to add an estimate of risk or confidence on that yes or no answer, and for other systems to use that confidence information to their advantage. In one embodiment, it also provides a mechanism for documenting the party's identity so as to provide a non-repudiation mechanism for the transaction.
- the present invention provides systems utilizing tokens to assign or mitigate risk.
- FIG. 1 depicts a schematic representation of transaction confidence token 100 according to one embodiment of the present invention.
- a token such as token 100
- Token 100 is created using available information regarding risk factors, examples of which are discussed above.
- Token 100 can be in the form of a separate packet of stored data associated with the secret, integrated either with the secret itself or, in the case of PKI, with the associated digital certificate.
- the present invention provides transaction confidence tokens comprising at least one trust metric.
- trust metric generally refers to a measure of a risk factor. Examples of typical risk factors are discussed above.
- token 100 comprises information on at least one risk factor discussed above.
- token 100 comprises an overall risk-of-compromise (OROC) value, or overall trust metric 110 , which may take one or more risk factors into consideration.
- OROC overall risk-of-compromise
- token 100 is created and stored in a database during both enrollment and subsequent transactions, includes all the fields shown in FIG. 1. In other embodiments, only a subset of fields shown in FIG. 1 are present.
- trust metrics such as overall trust metric 110
- trust metrics are given by an absolute probability ranging from 0.0 to 1.0, calculated using a weighted Bayesian equation. Other ranges and equations for calculating trust metrics may also or alternatively be employed.
- trust metrics are given by an arbitrary mapping of risk information to three categories—low, medium, and high. Any number of categories may alternatively be used, with each category represented by a unique indicator. The risk information may alternatively be provided by a continuous range of values rather than in discrete categories.
- Overall trust metric 110 represents a weighted combination of individual risk probabilities of a plurality of risk factors.
- a system uses token 100 to deny or accept a transaction. In other embodiments, a system charges a fee, or imposes another mitigation factor—such as a waiting period or another required authentication—based on risk information contained in token 100 .
- transaction confidence token 100 is composed of two data structures: envelope 120 and seal 130 .
- Envelope 120 comprises transaction contents, or transaction information 140 and at least one trust metric, although a plurality of trust metrics are shown in FIG. 1. Further, envelope 120 comprises timestamp 150 .
- transaction information 140 represents a complete record of a transaction—including, as appropriate, account numbers, web session identifiers, monetary or exchange values, item quantities, an SKU number, an order number, a credit card number, a web URL or address, or other data describing the user's authenticated request. In other embodiments, transaction information 140 comprises only some of the above information associated with a transaction.
- transaction information 140 comprises only a transaction identifier or reference string such as a web session identifier as is often used in web applications.
- transaction information 140 field comprises a complete transaction confidence token, which may in turn (i.e., recursively) contain another transaction confidence token in its transaction contents field, without particular limit. This embodiment allows for multiple parties to attest to a transaction and attach their own confidence to the transaction as it is processed by each of a number of systems in series.
- the innermost transaction confidence token corresponds to the original transaction when it is first authenticated and signed by the originating party.
- Timestamp 150 generally comprises a string indicating a date and time at which the authentication event which is the subject of the transaction confidence token took place.
- any time indicator is appropriate for timestamp 150 .
- timestamp 150 is expressed in Universal Coordinated Time (UTC).
- UTC Universal Coordinated Time
- Overall trust metric 110 indicates a degree of overall confidence in a transaction.
- overall trust metric 110 provides a degree of confidence in enrollment, storage, transmission, and authentication processes employed for authentication of a transaction.
- Overall trust metric 110 can be defined according to the specifics of the application contemplated, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence.
- low security refers to a password authentication against a 4-digit numeric PIN stored in non-secure storage.
- Medium security refers to a fingerprint authentication or strong password (alphanumeric, mixed case, greater than 8 characters) against a secret in non-secure storage, and high security is attributed to a fingerprint authentication or strong password against a secret in secure storage such as a smart card.
- any number of trust categories can be assigned among any authentication processes.
- Envelope 120 may comprise metrics related to measures of individual aspects of an authentication process. That is, envelope 120 may comprise some or all of the following optional fields: (1) Enrollment Trust Metric 160 , (2) Storage Trust Metric 170 , (3) Transmission Trust Metric 180 , and (4) Authentication Trust Metric 190 .
- Enrollment Trust Metric 160 indicates a degree of confidence in security of an enrollment or personalization process under which a secret was issued to an authenticating party.
- Enrollment trust metric 160 can be defined according to specifics of the application employed. In a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence.
- a low confidence enrollment trust metric is assigned to self-enrollment where little or no manual verification of user identity is carried out;
- a medium confidence enrollment trust metric is assigned to online verification using a “weak secret” such as a credit card number, which may be independently verified to match the enrollee's name by the credit card issuer;
- a high confidence enrollment trust metric is assigned in an enrollment situation where the user's identity is verified—using trusted documents such as a passport, driver's license, or the like—by a human being who works for the enrollment agency or represents another predetermined organization.
- Storage Trust Metric 170 indicates a degree of confidence in the security of a method of storage used to store a secret.
- Storage Trust Metric 170 can be defined according to the specifics of the application employed. In a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence.
- a storage trust metric indicating a low confidence level is assigned to storage of a secret in unencrypted form on a hard disk or FLASH memory of a PC or other computing device;
- a storage trust metric indicating a medium confidence level is assigned to storage of a secret in encrypted form on a hard drive or FLASH memory of a PC or other computing device and protected with a PIN or password;
- a storage trust metric indicating a high confidence level is assigned to storage of a secret in secure storage, such as that of a smart card, and protected with a PIN or password.
- Transmission Trust Metric 180 indicates a degree of confidence in security of a method of transmission, if any, of a secret.
- This Transmission Trust Metric can be defined according to specifics of the application employed, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence.
- a transmission trust metric indicating a low confidence level is assigned to a transmission of a secret in unencrypted form via the internet or local computer network;
- a transmission trust metric indicating a medium confidence level is assigned to transmission of a secret in encrypted form using SSL or TLS (as known in the art and described further in Dierks, T., and Allen, C., “The TLS Protocol Version 1.0,” RFC 2246, January 1999, hereby incorporated by reference) or other common standard of network encryption;
- a transmission trust metric indicating a high confidence level applies to transmission of a secret via armored car using a certified carrier such as, for example, Brink's@, Inc.
- Authentication Trust Metric 190 indicates a degree of confidence in the security of a method of authentication for a particular transaction.
- Authentication Trust Metric 190 can be defined according to specifics of the application employed, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. Accordingly, in one embodiment, an authentication trust metric indicating a low confidence level is assigned to authentication using a PIN or password (“something you know”); an authentication trust metric indicating a medium confidence level is assigned to authentication using a physical token such as a PKCS-11 standard device or smart card (“something you have”); and an authentication trust metric indicating a high confidence level is assigned authentication requiring use of a biometric such as fingerprint, voiceprint, or face recognition (“something you are”).
- trust metrics provide an indication of security based on measurable risk factors
- trust metric values are not constrained by theoretical security weaknesses. For example, a particular storage method or enrollment procedure may be assigned a stronger or weaker trust metric based on a preferred or encouraged method for performing those functions.
- Seal 130 of transaction confidence token 100 is a string of bytes containing a digital signature of envelope 120 , signed in a preferred embodiment with the private key of the authenticating party or system.
- envelope 120 and seal 130 are constructed according to PKCS #7—for a detailed description of the standard, see, for example RSA Laboratories.
- PKCS #7 Cryptographic Message Syntax Standard. Version 1.5, November 1993, hereby incorporated by reference.
- PKCS #7 also allows for the recursion of transaction information field 140 of envelope 120 in a transaction confidence token.
- envelope 120 and seal 130 are constructed according to the XML Signature Syntax and Processing Recommendation—for a detailed description of the standard see, for example Eastlake 3 rd , D., Reagle, J., and Solo, D., “(Extensible Markup Language) XML-Signature Syntax and Processing,” RFC 3275, March 2002, incorporated herein by reference.
- the present invention further provides systems and methods for using a transaction confidence token. For example, when a requester (client) or server initiates a transaction requiring authentication, such as in step 200 in FIG. 2, server 210 requests the authentication and an associated transaction confidence token. In other embodiments, no specific request is made by server 210 .
- a requester client
- server 210 requests the authentication and an associated transaction confidence token. In other embodiments, no specific request is made by server 210 .
- step 230 such as a private encryption key using an authentication method, such as a biometric match.
- Numerous devices and methods exist for securing a secret including those described in U.S. application Ser. No. ______, filed ______, entitled “Secure Network And Networked Devices Using Biometrics” (Attorney Docket No.
- Requester 220 generates, step 240 , contents of a requested transaction, such as the quantity and SKUs of item(s) to be purchased, in a form suitable to be encoded in the transaction confidence token's transaction contents, or transaction information field, such as transaction information 140 in token 100 depicted in FIG. 1.
- Requester 220 determines at least one trust metric, step 250 , as described above and encodes at least one trust metric in the transaction confidence token.
- Requester 220 signs the transaction confidence token in step 260 .
- Server 210 receives a transaction confidence token associated with a transaction request in step 270 .
- Server 210 then adjusts its confidence level, in the transaction, step 280 , based on whether the signature is valid and takes action appropriate to the confidence level, completing the transaction in step 290 .
- the present invention further provides methods for a server to act on a transaction confidence token.
- FIG. 3 provides a schematic overview of an embodiment of such a method according to the present invention.
- a server receives a transaction confidence token, step 300 , and verifies the signature of the transaction confidence token, step 310 , using, for example, the public key of the originator of the transaction confidence token. If the signature verification fails, indicating that the transaction confidence token was not created by the purported originating party, had been altered after its creation, or otherwise is invalid, then the system may then discard the token, step 320 , and assume no confidence in the authenticity of the associated transaction. In a preferred embodiment, a transaction confidence token with an invalid signature is discarded and the associated transaction request is discarded or rolled back according to appropriate exception handling practice for the application employing methods of the present invention.
- the server determines its confidence in the transaction, step 330 , calculated from one or more trust metric fields in the transaction confidence token.
- step 340 the original receiving server may construct a new transaction confidence token, and embed the current transaction confidence token, optionally asserting its own degree of confidence in the transaction, step 350 .
- the server then transmits, step 360 , a new transaction confidence token (comprising embedded first transaction confidence token) to other participating Server(s), step 370 .
- the Server may then do its own processing of the transaction request employing the confidence it has determined, step 370 . For example, if a trust metric within the transaction confidence token indicates or exceeds a predetermined sufficient trust level, the server processes the transaction. However, in one embodiment, if a trust metric does not indicate a minimum sufficient trust level, the server rejects the transaction. If a trust metric indicates a minimum sufficient trust level but less than a sufficient trust level, the server may require a mitigating factor. For example, the server may require an additional authentication procedure, a fee, or a waiting period in an effort to mitigate risk associated with a predetermined range of trust metric values.
- trust metrics are assigned and evaluated with respect to risk. That is, risk is generally the opposite of trust and trust metrics may be assigned such that increasing trust metric values corresponding to an increasing risk associated with a transaction. In these embodiments, less secure situations would receive a higher trust metric value. For example, in some embodiments of the present invention, a confidence level between 0 . 0 and 1 . 0 is calculated. A corresponding risk level in this embodiment is given generally by 1—(confidence level).
- a trust metric within the transaction confidence token indicates or exceeds a predetermined maximum risk level, the risk is determined to be too great, and the server the server rejects the transaction.
- the server may require a mitigating factor before processing the transaction. For example, the server may require an additional authentication procedure, a fee, or a waiting period in an effort to mitigate risk associated with a predetermined range of trust metric values. If a trust metric indicates less than an acceptable risk level, the server will process the transaction.
- the invention may advantageously implement the methods and procedures described herein on a general purpose or special purpose computing device, such as a device having a processor for executing computer program code instructions and a memory coupled to the processor for storing data and/or commands.
- a general purpose or special purpose computing device such as a device having a processor for executing computer program code instructions and a memory coupled to the processor for storing data and/or commands.
- the computing device may be a single computer or a plurality of networked computers and that the several procedures associated with implementing the methods and procedures described herein may be implemented on one or a plurality of computing devices.
- the inventive procedures and methods are implemented on standard server-client network infrastructures with the inventive features added on top of such infrastructure or compatible therewith.
Abstract
Description
- This application further relates to the following co-pending applications:
- U.S. application Ser. No. ______, filed ______, entitled “BIOMETRICALLY ENHANCED DIGITAL CERTIFICATES AND SYSTEM AND METHOD FOR MAKING AND USING” (Attorney Docket No. A-70596/RMA/JML);
- U.S. application Ser. No. ______, filed ______, entitled “SECURE NETWORK AND NETWORKED DEVICES USING BIOMETRICS” (Attorney Docket No. A70595/RMA/JML); and
- U.S. application Ser. No. ______, filed ______, entitled “METHOD AND SYSTEM FOR BIOMETRIC IMAGE ASSEMBLY FROM MULTIPLE PARTIAL BIOMETRIC FRAME SCANS” (Attorney Docket No. A-70591/RMA/JML); all of which are hereby incorporated by reference.
- This application claims the benefit under 35 U.S.C. §119 and/or 35 U.S.C. §120 of the filing date of: U.S. Provisional Application Serial No. 60/305,120, filed Jul. 12, 2001, which is hereby incorporated by reference, and entitled SYSTEM, METHOD, DEVICE AND COMPUTER PROGRAM FOR NON-REPUDIATED WIRELESS TRANSACTIONS; U.S. patent application Ser. No. 10/099,554 filed Mar. 13, 2002 and entitled SYSTEM, METHOD, AND OPERATING MODEL FOR MOBILE WIRELESS NETWORK-BASED TRANSACTION AUTHENTICATION AND NON-REPUDIATION; and U.S. patent application Ser. No. 10/099,558 filed Mar. 13, 2002 and entitled FINGERPRINT BIOMETRIC CAPTURE DEVICE AND METHOD WITH INTEGRATED ON-CHIP DATA BUFFERING; each of which applications are incorporated by reference herein.
- The present invention relates generally to the field of methods, computer programs and computer program products, devices, and systems for encryption systems, especially public key infrastructure (PKI) systems, and also to the field of biometrics, especially but not limited to biometrics such as human fingerprints and human voiceprints.
- The security and integrity of information systems depends in part on authentication of individual users—accurately and reliably determining the identity of a user attempting to use the system. Once a user is authenticated, a system is then able to authorize the user to retrieve certain information or perform certain actions appropriate to the system's understanding of the user's identity. Examples of such actions include downloading a document, completing a financial transaction, or digitally signing a purchase.
- Numerous methods have been developed for authenticating users. Generally, as will be understood by those skilled in the art, authentication methods are grouped into three categories, also called authentication factors: (1) something you know—a secret such as a password or a PIN or other information; (2) something you have—such as a smartcard, the key to a mechanical lock, an ID badge, or other physical object; and (3) something you are—a measure of a person such as a fingerprint or voiceprint. Each method has advantages and disadvantages including those relating to ways that a system may be fooled into accepting a normally unauthorized user in cases where, for example, a password has been guessed or a key has been stolen.
- The third category above—referred to herein as ‘something you are’ authentication methods—are the subject of the biometrics field. Biometric identification is used to verify the identity of a person by measuring selected features of some physical characteristic and comparing those measurements with those filed for the person in a reference database or stored in a token (such as a smartcard) carried by the person. Physical characteristics that are used today include fingerprints, voiceprints, hand geometry, the pattern of blood vessels on the wrist or on the retina of the eye, the topography of the iris of the eye, facial patterns, and the dynamics of writing a signature or typing on a keyboard. Biometric identification methods are widely used today for securing physical access to buildings and securing data networks and personal computers.
- A secure system is based upon either a mutually-shared secret or a private key of a public-private key pair. During the enrollment process, the secret is first selected or created, then agreed upon and stored for later use. There are generally four major sources of risk associated with the secret being compromised: (1) the secret can be guessed by an unauthorized user; (2) the secret was observed by an unauthorized user during creation or subsequent transmission; (3) the stored secret can be retrieved and employed by an unauthorized user after creation; and/or (4) the stored secret was issued to the wrong party.
- Each of the above broad categories has its own specific risk factors depending on the type of secret, where and how it is stored and how it is created. For example, the risk of guessing is dependent on a variety of factors including, but not limited to, the type of secret (for example, a password, a private PKI key, a symmetric key, or the like), the length of the secret (for example, number of characters in the password or number of bits in the private key), and the randomness of the secret (for example, an entropy calculation plus, in the case of a password, whether the password matches a dictionary word). The risk of observation during transmission is dependent on factors including, but not limited to: whether it was transmitted at all (generally, there is no transmission of the secret in PKI); what type of encryption was used, if any, during transmission; and the network used for the transmission (for example, whether it was transmitted using a telephone, an internet, a private network, or other network or communication link or channel).
- The risk of a stored secret being illicitly retrieved is dependent on factors including, but not limited to: the number of devices where instances of the secret are stored (for example, a secret may be stored on a user's PC as well as in a system database); the storage medium used for each stored instance (hard disk, paper notes, smart card, portable memory device such as a flash memory card, PKCS-11 token (as discussed further in “PKCS #11 v2.11: Cryptrographic Token Interface Standard” published June 2001 by RSA Laboratories, hereby incorporated by reference), or the like); whether the secret is stored in plain text or encrypted; if stored encrypted, the risk associated with the encryption key used; what kind of biometrics used, if any, to restrict access to the storage medium; the security of passphrase used, if any, to retrieve secret; the security of biometric system(s) used, if any, to retrieve secret; and the security of physical token used, if any, to retrieve secret—for example if a token is used, the security of that token is dependent upon whether someone else has had access to it, or if it has been lost or stolen; what combinations of passphrase, biometric, and token are required, if any; and the security of the enrolled biometric template.
- The risk associated with the secret being issued to the wrong person is dependent on factors including, but not limited to: the specific method or methods used to verify the user's identity prior to issuing the secret; the degree of human interaction, if any, involved in the verification process (i.e. is it supervised and verified by a trained human being); what specific biometric system or systems, if any, is used to aid verification; which government agencies (such as for example the FBI, Secret Service, or other agency), if any, aid in the verification process; and which trusted documents, if any, were required for verification (for example bank statement, social security number, passport, or the like).
- Systems used for e-commerce, online banking and other financially related areas rely on security to prevent unauthorized users from accessing services for monetary gain. For example, well-designed systems try to prevent would-be buyers from purchasing goods and services with someone else's credit card by requiring a PIN or a password.
- More generally, the security and integrity of information systems depends primarily on keeping data confidential so that only authorized users may see or act against the data, and assuring the integrity of data so that the data can not be changed or tampered with undetected. The field of cryptography provides well-known tools for assuring confidentiality and integrity using encryption techniques such as ciphers and hash algorithms.
- One widely known and implemented body of these tools, and procedures and practices for their use, is called Public Key Infrastructure (PKI). PKI gets its name from its use of a class of cryptographic algorithm called a public key algorithm. As is widely known to those versed in the cryptographic field, a public key algorithm is a cryptographic algorithm that operates using two different but mathematically-related keys, a public key that may be shared with any party and a private key which must be kept secret, such that (for must such algorithms) data encrypted with the public key may only be decrypted with the private key, and vice-versa. PKI standards are well known, X.509 for example, described in Housley, R., “Internet X.509 Public Key Infrastructure Certificate and CRL Profile,” RFC 2459, January 1999, and ITU-T Recommendation X.509 (1997 E): Information Technology—Open Systems Interconnection—The Directory: Authentication Framework, June 1997, both of which are hereby incorporated by reference.
- These standards provide powerful mechanisms for safe and private storage and transmission of confidential data so that it remains hidden from unauthorized parties. The standards provide for digital signatures, which provide the receiving party of some data with an assurance of the identity of the transmitting party. PKI standards further provide for digital certificates, which provide a tamper-resistant, portable record of the association of a public key with a person's or organization's name, attested to and signed by a trusted party, thus presenting a form of unique, irrefutable digital identity or credential for that person or organization. PKI standards also provide other useful and powerful mechanisms that can contribute to the security and integrity of information systems.
- PKI is widely used in commercial and non-commercial systems, both over the Internet and in more closed or local applications. Most web browsers, for example, use PKI and PKI-based standards to interoperate with web servers when high security is desired, as when a user specifies a credit card number for payment while placing an online order. The proliferation of electronic commerce has led many jurisdictions around the world to begin to develop legal standards with the intended result that a correctly constituted digital signature would be every bit as legally binding as a handwritten signature is today.
- PKI provides powerful mechanisms, but it has weaknesses. One way for digital identities to be compromised is for an impostor to somehow get a copy of the private key that is associated with the public key embedded in a certificate, thus invalidating an assumption that only the person or organization to which the certificate is issued has access to the (secret) private key. Anyone with both the certificate (which is meant to be public information, freely exchanged with anyone) and the associated private key (which is meant to be secret) can impersonate someone else and compromise the security and integrity of an information system dependent on the valid use of a certificate and associated private key.
- Most systems, therefore, secure the private key such that the user must authenticate before the private key can be used for any task. Many such systems require a password (“something you know”) or a smartcard (“something you have”), or both. Some systems provide additional security by putting the private key on a smartcard that is resistant to tampering or copying. Other systems may also employ biometrics (“something you are”) to ensure that the person using the private key is in fact the true owner of the certificate.
- However, smart cards may be lost, damaged, or stolen. Passwords may be forgotten or guessed. Biometrics systems can be fooled. These concerns are part of what is called in the field “the last-meter problem”, the problem of making sure that an otherwise secure system isn't compromised by a failure to correctly authenticate the person using (and usually physically adjacent to) some part of the system. The last-meter problem can present opportunities for impostors in PKI systems. Mathematically, the theoretical probability of a PKI system being fooled or otherwise compromised is extremely low (much less than 1 in a billion, for instance). However, once the “last meter problem” is taken into account, the security of such a system is greatly reduced, as the “last meter problem” becomes the weakest link in an otherwise very secure chain.
- Today's PKI systems do not take into account the risk associated with the “last meter problem” when assessing the trust level to associate with users of such systems.
- Accordingly, it is an object of the present invention to provide an indication of the security of a given transaction.
- In a first embodiment, the invention provides a transaction confidence token for use in a secure communication system, comprising an envelope and a seal. The envelope comprises transaction information and a trust metric. The seal contains a digital signature of the envelope. In preferred embodiments, the envelope further includes a timestamp. In some embodiments, the transaction information contained in the envelope includes a web site address, a web session identifier, a monetary or exchange value, an order number, an SKU number, a credit card number, or any combinations thereof.
- In one embodiment, the trust metric within the envelope is an overall trust metric indicating a combined confidence level for enrollment, storage, transmission, and authentication processes employed for authentication of a transaction.
- In another embodiment, the trust metric comprises a storage trust metric indicating a confidence level for a storage process associated with authentication of a transaction. In yet another embodiment, the trust metric comprises a transmission trust metric indicating a confidence level for a transmission process associated with authentication of a transaction. In still another embodiment, the trust metric comprises an authentication trust metric indicating a confidence level for an authentication process associated with authentication of a transaction. In a further embodiment, the trust metric comprises an enrollment trust metric indicating a confidence level for an enrollment process associated with authentication of a transaction. In other embodiments, a plurality of trust metrics are provided in the envelope. In one embodiment, a first trust metric comprises an overall trust metric and at least a second trust metric is provided chosen from the group consisting of an enrollment trust metric, a storage trust metric, a transmission trust metric, an authentication trust metric, and combinations thereof.
- In some embodiments, the digital signature contained in the seal is signed with a private key.
- The present invention further provides methods for assuring a secure transaction. In one embodiment, a method for assuring a secure transaction comprises receiving a transaction confidence token comprising a trust metric associated with the transaction, determining if the trust metric indicates a sufficient trust level; and processing the transaction if the trust metric indicates or exceeds said sufficient trust level.
- In some embodiments, a method further comprises requiring a mitigating factor if said trust metric indicates less than said sufficient trust level. The mitigating factor may be chosen based on the trust metric. The mitigating factor may be chosen from the group consisting of a fee, a waiting period, an authentication procedure, and combinations thereof.
- In yet other embodiments, the method further comprises processing the transaction after receiving a mitigating factor.
- In other embodiments, the method further comprises constructing a transaction confidence token comprising a trust metric, and transmitting said transaction confidence token to a server.
- In other embodiments, a method for assuring a secure transaction comprises receiving a transaction confidence token comprising a trust metric associated with said transaction, determining if said trust metric indicates an acceptable risk level; and processing said transaction if said trust metric indicates or is less than said acceptable risk level.
- In some embodiments, the method further comprises requiring a mitigating factor if said trust metric indicates greater than said acceptable risk level. In still other embodiments, the method further includes processing said transaction after receiving said mitigating factor.
- The present invention may be better understood, and its features and advantages made apparent to those skilled in the art by referencing the accompanying drawings.
- FIG. 1 is a schematic representation of one embodiment of a transaction confidence token according to an embodiment of the present invention.
- FIG. 2 is a schematic flowchart showing a method of processing a transaction according to an embodiment of the present invention.
- FIG. 3 is a schematic flowchart outlining a process for using a transaction confidence token according to an embodiment of the present invention.
- Many systems today, especially those that use PKI, involve transactions that depend on keeping a secret protected from use by third parties. If there is any risk that the secret is compromised, then that risk is propagated to the provider of the transaction itself. For example, if an internet-based system allows a user to purchase an item by entering any valid credit card number, then the risk to the credit card company or merchant related to an unauthorized purchase is dependent on how well that credit card number can be kept secret, for example, how well authenticated are the parties to whom the secret is made available.
- This invention introduces the concept of a software token that associates a secret—such as a private key or password—with risk factors involved in protecting that secret from illicit access. Furthermore, in preferred embodiments of the present invention, the token includes an indication or calculation of the “overall risk of compromise” (OROC), generally represented as an overall trust metric, associated with the secret. In some embodiments of the present invention, the token also includes a calculation of individual risk factor probabilities used to determine the OROC, or overall trust metric. This token can then be used to inform system operators or third parties of the confidence of a given system transaction that depends on the secret. A third party can then take whatever actions it deems appropriate according to the estimated risk. For example, in one embodiment of the present invention, the risk factor is used to deny a transaction if the risk is deemed to great—that is if the risk factor is greater than a predetermined (or sufficient) value. In another embodiment, the risk factor is used to charge the user a fee in an effort to mitigate the risk, or where some fee may already be charged to the user for the transaction to charge different fees according to the assessed risk or trust level. The fee may be a flat fee charged to all transactions having less than a sufficient trust level or the fee may vary according to the trust level indicated by the token.
- Most authentication systems are geared to answer the question of whether the party trying to use the system is the party it claims to be with either a yes or no, even though the authentication method or methods employed are imperfect. The present invention provides a mechanism for a system to add an estimate of risk or confidence on that yes or no answer, and for other systems to use that confidence information to their advantage. In one embodiment, it also provides a mechanism for documenting the party's identity so as to provide a non-repudiation mechanism for the transaction.
- That is, the present invention provides systems utilizing tokens to assign or mitigate risk.
- FIG. 1 depicts a schematic representation of
transaction confidence token 100 according to one embodiment of the present invention. - A token, such as
token 100, is created using available information regarding risk factors, examples of which are discussed above. Token 100 can be in the form of a separate packet of stored data associated with the secret, integrated either with the secret itself or, in the case of PKI, with the associated digital certificate. - The present invention provides transaction confidence tokens comprising at least one trust metric. As used herein, ‘trust metric’ generally refers to a measure of a risk factor. Examples of typical risk factors are discussed above. In one embodiment, token100 comprises information on at least one risk factor discussed above. In another embodiment, token 100 comprises an overall risk-of-compromise (OROC) value, or overall trust metric 110, which may take one or more risk factors into consideration. In a preferred embodiment, token 100 is created and stored in a database during both enrollment and subsequent transactions, includes all the fields shown in FIG. 1. In other embodiments, only a subset of fields shown in FIG. 1 are present.
- In one embodiment of the present invention, trust metrics, such as overall trust metric110, are given by an absolute probability ranging from 0.0 to 1.0, calculated using a weighted Bayesian equation. Other ranges and equations for calculating trust metrics may also or alternatively be employed. In preferred embodiments of the present invention, trust metrics are given by an arbitrary mapping of risk information to three categories—low, medium, and high. Any number of categories may alternatively be used, with each category represented by a unique indicator. The risk information may alternatively be provided by a continuous range of values rather than in discrete categories. Overall trust metric 110 represents a weighted combination of individual risk probabilities of a plurality of risk factors. In a preferred embodiment, a system uses token 100 to deny or accept a transaction. In other embodiments, a system charges a fee, or imposes another mitigation factor—such as a waiting period or another required authentication—based on risk information contained in
token 100. - Accordingly, transaction confidence token100 (FIG. 1) is composed of two data structures: envelope 120 and
seal 130. Envelope 120 comprises transaction contents, ortransaction information 140 and at least one trust metric, although a plurality of trust metrics are shown in FIG. 1. Further, envelope 120 comprisestimestamp 150. In a preferred embodiment,transaction information 140 represents a complete record of a transaction—including, as appropriate, account numbers, web session identifiers, monetary or exchange values, item quantities, an SKU number, an order number, a credit card number, a web URL or address, or other data describing the user's authenticated request. In other embodiments,transaction information 140 comprises only some of the above information associated with a transaction. In a preferred embodiment,transaction information 140 comprises only a transaction identifier or reference string such as a web session identifier as is often used in web applications. In an alternative embodiment,transaction information 140 field comprises a complete transaction confidence token, which may in turn (i.e., recursively) contain another transaction confidence token in its transaction contents field, without particular limit. This embodiment allows for multiple parties to attest to a transaction and attach their own confidence to the transaction as it is processed by each of a number of systems in series. The innermost transaction confidence token corresponds to the original transaction when it is first authenticated and signed by the originating party.Timestamp 150 generally comprises a string indicating a date and time at which the authentication event which is the subject of the transaction confidence token took place. Generally, any time indicator is appropriate fortimestamp 150. In a preferred embodiment,timestamp 150 is expressed in Universal Coordinated Time (UTC). Overall trust metric 110 indicates a degree of overall confidence in a transaction. In one embodiment, overall trust metric 110 provides a degree of confidence in enrollment, storage, transmission, and authentication processes employed for authentication of a transaction. Overall trust metric 110 can be defined according to the specifics of the application contemplated, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. In a preferred embodiment, low security refers to a password authentication against a 4-digit numeric PIN stored in non-secure storage. Medium security refers to a fingerprint authentication or strong password (alphanumeric, mixed case, greater than 8 characters) against a secret in non-secure storage, and high security is attributed to a fingerprint authentication or strong password against a secret in secure storage such as a smart card. Generally, any number of trust categories can be assigned among any authentication processes. - Envelope120 may comprise metrics related to measures of individual aspects of an authentication process. That is, envelope 120 may comprise some or all of the following optional fields: (1) Enrollment Trust Metric 160, (2)
Storage Trust Metric 170, (3)Transmission Trust Metric 180, and (4)Authentication Trust Metric 190. - Enrollment Trust Metric160 indicates a degree of confidence in security of an enrollment or personalization process under which a secret was issued to an authenticating party. Enrollment trust metric 160 can be defined according to specifics of the application employed. In a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. In one embodiment, a low confidence enrollment trust metric is assigned to self-enrollment where little or no manual verification of user identity is carried out; a medium confidence enrollment trust metric is assigned to online verification using a “weak secret” such as a credit card number, which may be independently verified to match the enrollee's name by the credit card issuer; and a high confidence enrollment trust metric is assigned in an enrollment situation where the user's identity is verified—using trusted documents such as a passport, driver's license, or the like—by a human being who works for the enrollment agency or represents another predetermined organization.
-
Storage Trust Metric 170 indicates a degree of confidence in the security of a method of storage used to store a secret.Storage Trust Metric 170 can be defined according to the specifics of the application employed. In a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. Here, in one embodiment, a storage trust metric indicating a low confidence level is assigned to storage of a secret in unencrypted form on a hard disk or FLASH memory of a PC or other computing device; a storage trust metric indicating a medium confidence level is assigned to storage of a secret in encrypted form on a hard drive or FLASH memory of a PC or other computing device and protected with a PIN or password; and a storage trust metric indicating a high confidence level is assigned to storage of a secret in secure storage, such as that of a smart card, and protected with a PIN or password. -
Transmission Trust Metric 180 indicates a degree of confidence in security of a method of transmission, if any, of a secret. This Transmission Trust Metric can be defined according to specifics of the application employed, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. In one embodiment, a transmission trust metric indicating a low confidence level is assigned to a transmission of a secret in unencrypted form via the internet or local computer network; a transmission trust metric indicating a medium confidence level is assigned to transmission of a secret in encrypted form using SSL or TLS (as known in the art and described further in Dierks, T., and Allen, C., “The TLS Protocol Version 1.0,” RFC 2246, January 1999, hereby incorporated by reference) or other common standard of network encryption; and a transmission trust metric indicating a high confidence level applies to transmission of a secret via armored car using a certified carrier such as, for example, Brink's@, Inc. -
Authentication Trust Metric 190 indicates a degree of confidence in the security of a method of authentication for a particular transaction.Authentication Trust Metric 190 can be defined according to specifics of the application employed, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. Accordingly, in one embodiment, an authentication trust metric indicating a low confidence level is assigned to authentication using a PIN or password (“something you know”); an authentication trust metric indicating a medium confidence level is assigned to authentication using a physical token such as a PKCS-11 standard device or smart card (“something you have”); and an authentication trust metric indicating a high confidence level is assigned authentication requiring use of a biometric such as fingerprint, voiceprint, or face recognition (“something you are”). - In other embodiments, greater or fewer trust levels are provided. In still other embodiments a continuous range of trust metric values is provided. In some embodiments, more than one type of procedure, device, or method may be assigned an identical trust metric value. For example, in some embodiments both encrypted and unencrypted storage of a secret on a hard disk receive a trust metric indicating a low trust level, while secure storage of a secret—for example on a smart card protected with a PIN—receives a trust metric indicating a high trust level. Although in preferred embodiments, trust metrics provide an indication of security based on measurable risk factors, in other embodiments trust metric values are not constrained by theoretical security weaknesses. For example, a particular storage method or enrollment procedure may be assigned a stronger or weaker trust metric based on a preferred or encouraged method for performing those functions.
-
Seal 130 oftransaction confidence token 100 is a string of bytes containing a digital signature of envelope 120, signed in a preferred embodiment with the private key of the authenticating party or system. - In a preferred embodiment, envelope120 and seal 130 are constructed according to PKCS #7—for a detailed description of the standard, see, for example RSA Laboratories. PKCS #7: Cryptographic Message Syntax Standard. Version 1.5, November 1993, hereby incorporated by reference. Using that standard's signed-data content type such that envelope 120 is embodied in a content information (contentInfo) field and seal 130 is embodied in a signer information (signerInfos) field. Note that PKCS #7 also allows for the recursion of
transaction information field 140 of envelope 120 in a transaction confidence token. - In another embodiment, envelope120 and seal 130 are constructed according to the XML Signature Syntax and Processing Recommendation—for a detailed description of the standard see, for example Eastlake 3rd, D., Reagle, J., and Solo, D., “(Extensible Markup Language) XML-Signature Syntax and Processing,” RFC 3275, March 2002, incorporated herein by reference.
- Other encodings or structures of a transaction confidence token are also possible.
- The present invention further provides systems and methods for using a transaction confidence token. For example, when a requester (client) or server initiates a transaction requiring authentication, such as in
step 200 in FIG. 2,server 210 requests the authentication and an associated transaction confidence token. In other embodiments, no specific request is made byserver 210. During the course of thetransaction Requester 220 allows access to a secret, step 230, such as a private encryption key using an authentication method, such as a biometric match. Numerous devices and methods exist for securing a secret, including those described in U.S. application Ser. No. ______, filed ______, entitled “Secure Network And Networked Devices Using Biometrics” (Attorney Docket No. A-70595/RMA/JML), incorporated herein by reference.Requester 220 generates,step 240, contents of a requested transaction, such as the quantity and SKUs of item(s) to be purchased, in a form suitable to be encoded in the transaction confidence token's transaction contents, or transaction information field, such astransaction information 140 intoken 100 depicted in FIG. 1. -
Requester 220 determines at least one trust metric,step 250, as described above and encodes at least one trust metric in the transaction confidence token.Requester 220 signs the transaction confidence token instep 260.Server 210 receives a transaction confidence token associated with a transaction request in step 270.Server 210 then adjusts its confidence level, in the transaction,step 280, based on whether the signature is valid and takes action appropriate to the confidence level, completing the transaction instep 290. - The present invention further provides methods for a server to act on a transaction confidence token. FIG. 3 provides a schematic overview of an embodiment of such a method according to the present invention. A server receives a transaction confidence token,
step 300, and verifies the signature of the transaction confidence token,step 310, using, for example, the public key of the originator of the transaction confidence token. If the signature verification fails, indicating that the transaction confidence token was not created by the purported originating party, had been altered after its creation, or otherwise is invalid, then the system may then discard the token,step 320, and assume no confidence in the authenticity of the associated transaction. In a preferred embodiment, a transaction confidence token with an invalid signature is discarded and the associated transaction request is discarded or rolled back according to appropriate exception handling practice for the application employing methods of the present invention. - If the signature verification succeeds, then the server determines its confidence in the transaction,
step 330, calculated from one or more trust metric fields in the transaction confidence token. - If another Server or plurality of Servers are to participate in the transaction,
step 340, the original receiving server may construct a new transaction confidence token, and embed the current transaction confidence token, optionally asserting its own degree of confidence in the transaction,step 350. The server then transmits,step 360, a new transaction confidence token (comprising embedded first transaction confidence token) to other participating Server(s),step 370. - The Server may then do its own processing of the transaction request employing the confidence it has determined,
step 370. For example, if a trust metric within the transaction confidence token indicates or exceeds a predetermined sufficient trust level, the server processes the transaction. However, in one embodiment, if a trust metric does not indicate a minimum sufficient trust level, the server rejects the transaction. If a trust metric indicates a minimum sufficient trust level but less than a sufficient trust level, the server may require a mitigating factor. For example, the server may require an additional authentication procedure, a fee, or a waiting period in an effort to mitigate risk associated with a predetermined range of trust metric values. - Although embodiments of the present invention discussed above generally refer to ‘confidence levels’ or ‘trust levels’ with increasing trust metric values associated with increasing trust or confidence in a transaction, in other embodiments, trust metrics are assigned and evaluated with respect to risk. That is, risk is generally the opposite of trust and trust metrics may be assigned such that increasing trust metric values corresponding to an increasing risk associated with a transaction. In these embodiments, less secure situations would receive a higher trust metric value. For example, in some embodiments of the present invention, a confidence level between0.0 and 1.0 is calculated. A corresponding risk level in this embodiment is given generally by 1—(confidence level).
- That is, in another embodiment, if a trust metric within the transaction confidence token indicates or exceeds a predetermined maximum risk level, the risk is determined to be too great, and the server the server rejects the transaction. However, if a trust metric indicates less than a maximum risk level but greater than an acceptable risk level, the server may require a mitigating factor before processing the transaction. For example, the server may require an additional authentication procedure, a fee, or a waiting period in an effort to mitigate risk associated with a predetermined range of trust metric values. If a trust metric indicates less than an acceptable risk level, the server will process the transaction.
- Having described several methods and procedures, it will be appreciated that the invention may advantageously implement the methods and procedures described herein on a general purpose or special purpose computing device, such as a device having a processor for executing computer program code instructions and a memory coupled to the processor for storing data and/or commands. It will be appreciated that the computing device may be a single computer or a plurality of networked computers and that the several procedures associated with implementing the methods and procedures described herein may be implemented on one or a plurality of computing devices. In some embodiments the inventive procedures and methods are implemented on standard server-client network infrastructures with the inventive features added on top of such infrastructure or compatible therewith.
- The foregoing descriptions of specific embodiments and best mode of the present invention have been presented for purposes of illustration and description. They are not intended to be exhaustive or to limit the invention to the precise forms disclosed, and obviously many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and its practical application, to thereby enable others skilled in the art to best utilize the invention and various embodiments with various modifications as are suited to the particular use contemplated. It is intended that the scope of the invention be defined by the claims appended hereto and their equivalents.
Claims (19)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/194,959 US20030101348A1 (en) | 2001-07-12 | 2002-07-12 | Method and system for determining confidence in a digital transaction |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US30512001P | 2001-07-12 | 2001-07-12 | |
US9955402A | 2002-03-13 | 2002-03-13 | |
US10/099,558 US20030021495A1 (en) | 2001-07-12 | 2002-03-13 | Fingerprint biometric capture device and method with integrated on-chip data buffering |
US10/194,959 US20030101348A1 (en) | 2001-07-12 | 2002-07-12 | Method and system for determining confidence in a digital transaction |
Related Parent Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US9955402A Continuation-In-Part | 2001-07-12 | 2002-03-13 | |
US10/099,558 Continuation-In-Part US20030021495A1 (en) | 2001-07-12 | 2002-03-13 | Fingerprint biometric capture device and method with integrated on-chip data buffering |
Publications (1)
Publication Number | Publication Date |
---|---|
US20030101348A1 true US20030101348A1 (en) | 2003-05-29 |
Family
ID=27378853
Family Applications (5)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/194,994 Active 2024-09-28 US7197168B2 (en) | 2001-07-12 | 2002-07-12 | Method and system for biometric image assembly from multiple partial biometric frame scans |
US10/194,959 Abandoned US20030101348A1 (en) | 2001-07-12 | 2002-07-12 | Method and system for determining confidence in a digital transaction |
US10/194,444 Abandoned US20030115475A1 (en) | 2001-07-12 | 2002-07-12 | Biometrically enhanced digital certificates and system and method for making and using |
US10/194,949 Abandoned US20030115490A1 (en) | 2001-07-12 | 2002-07-12 | Secure network and networked devices using biometrics |
US11/707,624 Expired - Fee Related US7751595B2 (en) | 2001-07-12 | 2007-02-16 | Method and system for biometric image assembly from multiple partial biometric frame scans |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/194,994 Active 2024-09-28 US7197168B2 (en) | 2001-07-12 | 2002-07-12 | Method and system for biometric image assembly from multiple partial biometric frame scans |
Family Applications After (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/194,444 Abandoned US20030115475A1 (en) | 2001-07-12 | 2002-07-12 | Biometrically enhanced digital certificates and system and method for making and using |
US10/194,949 Abandoned US20030115490A1 (en) | 2001-07-12 | 2002-07-12 | Secure network and networked devices using biometrics |
US11/707,624 Expired - Fee Related US7751595B2 (en) | 2001-07-12 | 2007-02-16 | Method and system for biometric image assembly from multiple partial biometric frame scans |
Country Status (5)
Country | Link |
---|---|
US (5) | US7197168B2 (en) |
EP (1) | EP1573426A4 (en) |
JP (1) | JP2005531935A (en) |
AU (3) | AU2002316679A1 (en) |
WO (3) | WO2003007121A2 (en) |
Cited By (61)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030115490A1 (en) * | 2001-07-12 | 2003-06-19 | Russo Anthony P. | Secure network and networked devices using biometrics |
US20050015596A1 (en) * | 2002-07-19 | 2005-01-20 | Bowers Charles R. | Method and apparatus for managing confidential information |
US20050273442A1 (en) * | 2004-05-21 | 2005-12-08 | Naftali Bennett | System and method of fraud reduction |
DE102004046153A1 (en) * | 2004-09-23 | 2006-04-06 | Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. | Network e.g. Internet, subscriber`s e.g. mobile telephone, digital reputation determining method, involves determining reputation of subscriber of network by central server based on token issued by service provider to subscriber |
US20060242691A1 (en) * | 2002-10-24 | 2006-10-26 | Gisela Meister | Method for carrying out a secure electronic transaction using a portable data support |
WO2006126183A2 (en) * | 2005-05-27 | 2006-11-30 | Nice Systems Ltd. | Method and apparatus for fraud detection |
US20060277092A1 (en) * | 2005-06-03 | 2006-12-07 | Credigy Technologies, Inc. | System and method for a peer to peer exchange of consumer information |
US20070006163A1 (en) * | 2005-07-01 | 2007-01-04 | Aoki Norihiro E | Method and apparatus for authenticating usage of an application |
US20070080778A1 (en) * | 2005-10-11 | 2007-04-12 | Newfrey Llc | Door lock with protected biometric sensor |
US20070130070A1 (en) * | 2005-12-02 | 2007-06-07 | Credigy Technologies, Inc. | System and method for an anonymous exchange of private data |
US20070162377A1 (en) * | 2005-12-23 | 2007-07-12 | Credigy Technologies, Inc. | System and method for an online exchange of private data |
US20070288759A1 (en) * | 2003-05-22 | 2007-12-13 | Wood Richard G | Methods of registration for programs using verification processes with biometrics for fraud management and enhanced security protection |
US20080263662A1 (en) * | 2005-05-06 | 2008-10-23 | Pau-Chen Cheng | System and method for fuzzy multi-level security |
US20090178129A1 (en) * | 2008-01-04 | 2009-07-09 | Microsoft Corporation | Selective authorization based on authentication input attributes |
US20090241173A1 (en) * | 2008-03-19 | 2009-09-24 | Websense, Inc. | Method and system for protection against information stealing software |
US20100017845A1 (en) * | 2008-07-18 | 2010-01-21 | Microsoft Corporation | Differentiated authentication for compartmentalized computing resources |
US20100088509A1 (en) * | 2002-08-15 | 2010-04-08 | Joseph Fedronic Dominique Louis | System and method for sequentially processing a biometric sample |
US20110099112A1 (en) * | 2007-08-31 | 2011-04-28 | Mages Kenneth G | Apparatus and method for conducting securing financial transactions |
US20130047215A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Method and apparatus for token-based reassignment of privileges |
US20130047201A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Apparatus and Method for Expert Decisioning |
US20130047251A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Method and Apparatus for Token-Based Context Caching |
US20130047248A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Apparatus and Method for Determining Subject Assurance Level |
US20130047204A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Apparatus and Method for Determining Resource Trust Levels |
US20130047262A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Method and Apparatus for Object Security Session Validation |
US20130047266A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Method and apparatus for token-based access of related resources |
US8421890B2 (en) | 2010-01-15 | 2013-04-16 | Picofield Technologies, Inc. | Electronic imager using an impedance sensor grid array and method of making |
US8539558B2 (en) | 2011-08-15 | 2013-09-17 | Bank Of America Corporation | Method and apparatus for token-based token termination |
US8572683B2 (en) | 2011-08-15 | 2013-10-29 | Bank Of America Corporation | Method and apparatus for token-based re-authentication |
US8572689B2 (en) | 2011-08-15 | 2013-10-29 | Bank Of America Corporation | Apparatus and method for making access decision using exceptions |
US8584202B2 (en) | 2011-08-15 | 2013-11-12 | Bank Of America Corporation | Apparatus and method for determining environment integrity levels |
US8631486B1 (en) * | 2009-03-31 | 2014-01-14 | Emc Corporation | Adaptive identity classification |
US8726361B2 (en) * | 2011-08-15 | 2014-05-13 | Bank Of America Corporation | Method and apparatus for token-based attribute abstraction |
US8726339B2 (en) | 2011-08-15 | 2014-05-13 | Bank Of America Corporation | Method and apparatus for emergency session validation |
US20140149747A1 (en) * | 2002-07-19 | 2014-05-29 | Charles R. Bowers | Method and apparatus for managing confidential information |
US8752157B2 (en) | 2011-08-15 | 2014-06-10 | Bank Of America Corporation | Method and apparatus for third party session validation |
US8752124B2 (en) | 2011-08-15 | 2014-06-10 | Bank Of America Corporation | Apparatus and method for performing real-time authentication using subject token combinations |
US8789143B2 (en) * | 2011-08-15 | 2014-07-22 | Bank Of America Corporation | Method and apparatus for token-based conditioning |
US8789162B2 (en) * | 2011-08-15 | 2014-07-22 | Bank Of America Corporation | Method and apparatus for making token-based access decisions |
US8791792B2 (en) | 2010-01-15 | 2014-07-29 | Idex Asa | Electronic imager using an impedance sensor grid array mounted on or about a switch and method of making |
US8806602B2 (en) | 2011-08-15 | 2014-08-12 | Bank Of America Corporation | Apparatus and method for performing end-to-end encryption |
US8850515B2 (en) | 2011-08-15 | 2014-09-30 | Bank Of America Corporation | Method and apparatus for subject recognition session validation |
US8866347B2 (en) | 2010-01-15 | 2014-10-21 | Idex Asa | Biometric image sensing |
US8910290B2 (en) * | 2011-08-15 | 2014-12-09 | Bank Of America Corporation | Method and apparatus for token-based transaction tagging |
WO2015013522A1 (en) | 2013-07-24 | 2015-01-29 | Visa International Service Association | Systems and methods for communicating risk using token assurance data |
US8996860B1 (en) * | 2012-08-23 | 2015-03-31 | Amazon Technologies, Inc. | Tolerance factor-based secret decay |
WO2015054697A1 (en) | 2013-10-11 | 2015-04-16 | Visa International Service Association | Network token system |
US9015842B2 (en) | 2008-03-19 | 2015-04-21 | Websense, Inc. | Method and system for protection against information stealing software |
US9038148B1 (en) | 2012-08-23 | 2015-05-19 | Amazon Technologies, Inc. | Secret variation for network sessions |
US9055053B2 (en) | 2011-08-15 | 2015-06-09 | Bank Of America Corporation | Method and apparatus for token-based combining of risk ratings |
US20150199554A1 (en) * | 2014-01-15 | 2015-07-16 | Motorola Mobility Llc | Finger Print State Integration with Non-Application Processor Functions for Power Savings in an Electronic Device |
US9203818B1 (en) | 2012-08-23 | 2015-12-01 | Amazon Technologies, Inc. | Adaptive timeouts for security credentials |
US9241259B2 (en) | 2012-11-30 | 2016-01-19 | Websense, Inc. | Method and apparatus for managing the transfer of sensitive information to mobile devices |
US9253197B2 (en) | 2011-08-15 | 2016-02-02 | Bank Of America Corporation | Method and apparatus for token-based real-time risk updating |
US9609001B2 (en) | 2007-02-02 | 2017-03-28 | Websense, Llc | System and method for adding context to prevent data leakage over a computer network |
US20170124356A1 (en) * | 2015-10-30 | 2017-05-04 | Mark A. Allyn | Authenticity-assured data gathering apparatus and method |
US9798917B2 (en) | 2012-04-10 | 2017-10-24 | Idex Asa | Biometric sensing |
US10460322B2 (en) * | 2013-08-30 | 2019-10-29 | Mastercard International Incorporated | Methods and systems for verifying cardholder authenticity when provisioning a token |
US10575785B2 (en) | 2015-02-05 | 2020-03-03 | Samsung Electronics Co., Ltd. | Method and apparatus for obtaining biometric information |
US20200265132A1 (en) * | 2019-02-18 | 2020-08-20 | Samsung Electronics Co., Ltd. | Electronic device for authenticating biometric information and operating method thereof |
US11023890B2 (en) | 2014-06-05 | 2021-06-01 | Visa International Service Association | Identification and verification for provisioning mobile application |
US11423475B2 (en) * | 2016-09-27 | 2022-08-23 | Visa International Service Association | Distributed electronic record and transaction history |
Families Citing this family (381)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7054470B2 (en) * | 1999-12-02 | 2006-05-30 | International Business Machines Corporation | System and method for distortion characterization in fingerprint and palm-print image sequences and using this distortion as a behavioral biometrics |
US7160432B2 (en) * | 2001-03-14 | 2007-01-09 | Applied Materials, Inc. | Method and composition for polishing a substrate |
US6899804B2 (en) * | 2001-12-21 | 2005-05-31 | Applied Materials, Inc. | Electrolyte composition and treatment for electrolytic chemical mechanical polishing |
US7128825B2 (en) * | 2001-03-14 | 2006-10-31 | Applied Materials, Inc. | Method and composition for polishing a substrate |
US7582564B2 (en) * | 2001-03-14 | 2009-09-01 | Applied Materials, Inc. | Process and composition for conductive material removal by electrochemical mechanical polishing |
US7323416B2 (en) * | 2001-03-14 | 2008-01-29 | Applied Materials, Inc. | Method and composition for polishing a substrate |
US6811680B2 (en) * | 2001-03-14 | 2004-11-02 | Applied Materials Inc. | Planarization of substrates using electrochemical mechanical polishing |
US7232514B2 (en) * | 2001-03-14 | 2007-06-19 | Applied Materials, Inc. | Method and composition for polishing a substrate |
US20060169597A1 (en) * | 2001-03-14 | 2006-08-03 | Applied Materials, Inc. | Method and composition for polishing a substrate |
US7237117B2 (en) | 2001-03-16 | 2007-06-26 | Kenneth P. Weiss | Universal secure registry |
US7203347B2 (en) * | 2001-06-27 | 2007-04-10 | Activcard Ireland Limited | Method and system for extracting an area of interest from within a swipe image of a biological surface |
EP1293874A3 (en) * | 2001-09-06 | 2006-08-02 | Nippon Telegraph and Telephone Corporation | Authentication method, authentication system, and authentication token |
US8200980B1 (en) * | 2001-09-21 | 2012-06-12 | Open Invention Network, Llc | System and method for enrolling in a biometric system |
JP2003173430A (en) * | 2001-09-28 | 2003-06-20 | Sharp Corp | Ic card, scramble releasing device, server device, physical characteristic reader, permitter determining method, permitter registering method, frequency managing method, permitter determining program, permittter registering program, and frequency managing program |
US20070295611A1 (en) * | 2001-12-21 | 2007-12-27 | Liu Feng Q | Method and composition for polishing a substrate |
JP4169185B2 (en) * | 2002-02-25 | 2008-10-22 | 富士通株式会社 | Image linking method, program, and apparatus |
US20040054913A1 (en) * | 2002-02-28 | 2004-03-18 | West Mark Brian | System and method for attaching un-forgeable biometric data to digital identity tokens and certificates, and validating the attached biometric data while validating digital identity tokens and certificates |
JP4187451B2 (en) * | 2002-03-15 | 2008-11-26 | 松下電器産業株式会社 | Personal authentication device and mobile terminal |
JP2003346149A (en) * | 2002-05-24 | 2003-12-05 | Omron Corp | Face collating device and bioinformation collating device |
US7274807B2 (en) * | 2002-05-30 | 2007-09-25 | Activcard Ireland Limited | Method and apparatus for supporting a biometric registration performed on a card |
JP4563662B2 (en) * | 2002-07-17 | 2010-10-13 | パナソニック株式会社 | System for preventing unauthorized use of recording media |
CA2494299C (en) | 2002-08-06 | 2013-10-08 | Privaris, Inc. | Methods for secure enrollment and backup of personal identity credentials into electronic devices |
US20040034784A1 (en) * | 2002-08-15 | 2004-02-19 | Fedronic Dominique Louis Joseph | System and method to facilitate separate cardholder and system access to resources controlled by a smart card |
US20040104807A1 (en) * | 2002-10-16 | 2004-06-03 | Frank Ko | Networked fingerprint authentication system and method |
US7900052B2 (en) * | 2002-11-06 | 2011-03-01 | International Business Machines Corporation | Confidential data sharing and anonymous entity resolution |
US7046234B2 (en) * | 2002-11-21 | 2006-05-16 | Bloomberg Lp | Computer keyboard with processor for audio and telephony functions |
US7571472B2 (en) * | 2002-12-30 | 2009-08-04 | American Express Travel Related Services Company, Inc. | Methods and apparatus for credential validation |
US7228011B1 (en) * | 2003-02-28 | 2007-06-05 | L-I Identity Solutions, Inc. | System and method for issuing a security unit after determining eligibility by image recognition |
US20050008148A1 (en) * | 2003-04-02 | 2005-01-13 | Dov Jacobson | Mouse performance identification |
WO2004097741A1 (en) * | 2003-04-25 | 2004-11-11 | Fujitsu Limited | Fingerprint matching device, fingerprint matching method, and fingerprint matching program |
JP2005004718A (en) * | 2003-05-16 | 2005-01-06 | Canon Inc | Signal processor and controlling method |
AU2003902422A0 (en) * | 2003-05-19 | 2003-06-05 | Intellirad Solutions Pty. Ltd | Access security system |
US7200250B2 (en) * | 2003-05-20 | 2007-04-03 | Lightuning Tech, Inc. | Sweep-type fingerprint sensor module |
WO2004109455A2 (en) | 2003-05-30 | 2004-12-16 | Privaris, Inc. | An in-circuit security system and methods for controlling access to and use of sensitive data |
US7390429B2 (en) * | 2003-06-06 | 2008-06-24 | Applied Materials, Inc. | Method and composition for electrochemical mechanical polishing processing |
RU2005138121A (en) | 2003-06-16 | 2007-07-27 | Ю-Ар-Ю Тэкнолоджи, Инкорпорейтед (Us) | SYSTEM AND METHOD FOR CREATING DEVICES WITH A UNIFIED SET OF ACCOUNTING INFORMATION ADAPTED TO PROCESSING BIOMETRIC DATA, AS WELL AS THE SYSTEM AND METHOD FOR APPLYING SUCH DEVICES |
US7474772B2 (en) * | 2003-06-25 | 2009-01-06 | Atrua Technologies, Inc. | System and method for a miniature user input device |
US20050039016A1 (en) * | 2003-08-12 | 2005-02-17 | Selim Aissi | Method for using trusted, hardware-based identity credentials in runtime package signature to secure mobile communications and high-value transaction execution |
US20050044388A1 (en) * | 2003-08-19 | 2005-02-24 | Brant Gary E. | Reprise encryption system for digital data |
US7587072B2 (en) * | 2003-08-22 | 2009-09-08 | Authentec, Inc. | System for and method of generating rotational inputs |
US20050047631A1 (en) * | 2003-08-26 | 2005-03-03 | Cross Match Technologies, Inc. | Method and apparatus for rolled fingerprint image capture with variable blending |
DE10339743B4 (en) * | 2003-08-28 | 2007-08-02 | Infineon Technologies Ag | A method of comparing a test fingerprint with a stored reference fingerprint and apparatus suitable for performing the method |
US7351974B2 (en) * | 2003-09-05 | 2008-04-01 | Authentec, Inc. | Integrated circuit infrared sensor and associated methods |
WO2005078636A2 (en) * | 2003-09-05 | 2005-08-25 | Authentec, Inc. | Multi-biometric finger sensor using different biometrics having different selectivities and associated methods |
CN100483444C (en) * | 2003-09-24 | 2009-04-29 | 奥森泰克公司 | Finger biometric sensor with sensor electronics distributed over thin film and monocrystalline substrates and related methods |
US7787667B2 (en) * | 2003-10-01 | 2010-08-31 | Authentec, Inc. | Spot-based finger biometric processing method and associated sensor |
US7599530B2 (en) * | 2003-10-01 | 2009-10-06 | Authentec, Inc. | Methods for matching ridge orientation characteristic maps and associated finger biometric sensor |
WO2005034021A1 (en) * | 2003-10-01 | 2005-04-14 | Authentec, Inc. | Methods for finger biometric processing and associated finger biometric sensors |
SG113483A1 (en) * | 2003-10-30 | 2005-08-29 | Ritronics Components S Pte Ltd | A biometrics parameters protected usb interface portable data storage device with usb interface accessible biometrics processor |
JP3924558B2 (en) * | 2003-11-17 | 2007-06-06 | 富士通株式会社 | Biological information collection device |
US7403644B2 (en) * | 2003-11-26 | 2008-07-22 | Microsoft Corporation | Fingerprint scanner with translating platen |
US7526109B2 (en) * | 2003-11-26 | 2009-04-28 | Microsoft Corporation | Fingerprint scanner with translating scan head |
US7447911B2 (en) * | 2003-11-28 | 2008-11-04 | Lightuning Tech. Inc. | Electronic identification key with portable application programs and identified by biometrics authentication |
TWI282940B (en) * | 2003-12-02 | 2007-06-21 | Aimgene Technology Co Ltd | Memory storage device with a fingerprint sensor and method for protecting the data therein |
FR2864289B1 (en) * | 2003-12-17 | 2007-02-02 | Bouygues Telecom Sa | BIOMETRIC ACCESS CONTROL USING A MOBILE TELEPHONY TERMINAL |
US7697729B2 (en) * | 2004-01-29 | 2010-04-13 | Authentec, Inc. | System for and method of finger initiated actions |
WO2005079413A2 (en) * | 2004-02-12 | 2005-09-01 | Atrua Technologies, Inc. | System and method of emulating mouse operations using finger image sensors |
JP4454335B2 (en) * | 2004-02-12 | 2010-04-21 | Necインフロンティア株式会社 | Fingerprint input device |
US7548981B1 (en) * | 2004-03-03 | 2009-06-16 | Sprint Spectrum L.P. | Biometric authentication over wireless wide-area networks |
US7336841B2 (en) * | 2004-03-25 | 2008-02-26 | Intel Corporation | Fingerprinting digital video for rights management in networks |
US20050246763A1 (en) * | 2004-03-25 | 2005-11-03 | National University Of Ireland | Secure digital content reproduction using biometrically derived hybrid encryption techniques |
JP4462988B2 (en) * | 2004-04-13 | 2010-05-12 | Necインフロンティア株式会社 | Fingerprint reading method and fingerprint reading system |
US8229184B2 (en) * | 2004-04-16 | 2012-07-24 | Validity Sensors, Inc. | Method and algorithm for accurate finger motion tracking |
US8447077B2 (en) | 2006-09-11 | 2013-05-21 | Validity Sensors, Inc. | Method and apparatus for fingerprint motion tracking using an in-line array |
US8165355B2 (en) * | 2006-09-11 | 2012-04-24 | Validity Sensors, Inc. | Method and apparatus for fingerprint motion tracking using an in-line array for use in navigation applications |
US8131026B2 (en) * | 2004-04-16 | 2012-03-06 | Validity Sensors, Inc. | Method and apparatus for fingerprint image reconstruction |
US8358815B2 (en) * | 2004-04-16 | 2013-01-22 | Validity Sensors, Inc. | Method and apparatus for two-dimensional finger motion tracking and control |
US8175345B2 (en) | 2004-04-16 | 2012-05-08 | Validity Sensors, Inc. | Unitized ergonomic two-dimensional fingerprint motion tracking device and method |
EP1747525A2 (en) | 2004-04-23 | 2007-01-31 | Validity Sensors Inc. | Methods and apparatus for acquiring a swiped fingerprint image |
WO2005109320A1 (en) * | 2004-04-23 | 2005-11-17 | Sony Corporation | Fingerprint image reconstruction based on motion estimate across a narrow fingerprint sensor |
US7212658B2 (en) * | 2004-04-23 | 2007-05-01 | Sony Corporation | System for fingerprint image reconstruction based on motion estimate across a narrow fingerprint sensor |
US7194116B2 (en) * | 2004-04-23 | 2007-03-20 | Sony Corporation | Fingerprint image reconstruction based on motion estimate across a narrow fingerprint sensor |
US20050249388A1 (en) * | 2004-05-07 | 2005-11-10 | Linares Miguel A | Three-dimensional fingerprint identification system |
US7542590B1 (en) | 2004-05-07 | 2009-06-02 | Yt Acquisition Corporation | System and method for upgrading biometric data |
US20050255840A1 (en) * | 2004-05-13 | 2005-11-17 | Markham Thomas R | Authenticating wireless phone system |
US8156548B2 (en) * | 2004-05-20 | 2012-04-10 | Future Internet Security Ip Pty Ltd. | Identification and authentication system and method |
US9286457B2 (en) | 2004-06-14 | 2016-03-15 | Rodney Beatson | Method and system for providing password-free, hardware-rooted, ASIC-based authentication of a human to a mobile device using biometrics with a protected, local template to release trusted credentials to relying parties |
US8842887B2 (en) * | 2004-06-14 | 2014-09-23 | Rodney Beatson | Method and system for combining a PIN and a biometric sample to provide template encryption and a trusted stand-alone computing device |
US20050276454A1 (en) * | 2004-06-14 | 2005-12-15 | Rodney Beatson | System and methods for transforming biometric image data to a consistent angle of inclination |
US20080201299A1 (en) * | 2004-06-30 | 2008-08-21 | Nokia Corporation | Method and System for Managing Metadata |
JP4411152B2 (en) * | 2004-07-05 | 2010-02-10 | Necインフロンティア株式会社 | Fingerprint reading method, fingerprint reading system and program |
US20060041507A1 (en) * | 2004-08-13 | 2006-02-23 | Sbc Knowledge Ventures L.P. | Pluggable authentication for transaction tool management services |
US20060034497A1 (en) * | 2004-08-15 | 2006-02-16 | Michael Manansala | Protometric authentication system |
US8380125B2 (en) * | 2004-09-01 | 2013-02-19 | Kyocera Corporation | Systems and methods for bluetooth resource conservation |
JP4553379B2 (en) * | 2004-09-10 | 2010-09-29 | キヤノン株式会社 | Data reproduction apparatus, control method therefor, and computer program |
US20060078178A1 (en) * | 2004-09-18 | 2006-04-13 | Will Shatford | Swipe sensor |
JP4339221B2 (en) * | 2004-09-30 | 2009-10-07 | Necインフロンティア株式会社 | Image construction method, fingerprint image construction apparatus and program |
EP1800243B1 (en) | 2004-10-04 | 2010-08-11 | Validity Sensors, Inc. | Fingerprint sensing assemblies comprising a substrate |
US7280679B2 (en) | 2004-10-08 | 2007-10-09 | Atrua Technologies, Inc. | System for and method of determining pressure on a finger sensor |
JP4340618B2 (en) * | 2004-10-08 | 2009-10-07 | 富士通株式会社 | Biometric information authentication apparatus and method, biometric information authentication program, and computer-readable recording medium recording the biometric information authentication program |
US7693314B2 (en) * | 2004-10-13 | 2010-04-06 | Authentec, Inc. | Finger sensing device for navigation and related methods |
US8117339B2 (en) * | 2004-10-29 | 2012-02-14 | Go Daddy Operating Company, LLC | Tracking domain name related reputation |
US7797413B2 (en) * | 2004-10-29 | 2010-09-14 | The Go Daddy Group, Inc. | Digital identity registration |
US20060095459A1 (en) * | 2004-10-29 | 2006-05-04 | Warren Adelman | Publishing domain name related reputation in whois records |
US20070208940A1 (en) * | 2004-10-29 | 2007-09-06 | The Go Daddy Group, Inc. | Digital identity related reputation tracking and publishing |
US20060095404A1 (en) * | 2004-10-29 | 2006-05-04 | The Go Daddy Group, Inc | Presenting search engine results based on domain name related reputation |
US20080028443A1 (en) * | 2004-10-29 | 2008-01-31 | The Go Daddy Group, Inc. | Domain name related reputation and secure certificates |
US8904040B2 (en) * | 2004-10-29 | 2014-12-02 | Go Daddy Operating Company, LLC | Digital identity validation |
US20080022013A1 (en) * | 2004-10-29 | 2008-01-24 | The Go Daddy Group, Inc. | Publishing domain name related reputation in whois records |
US9015263B2 (en) | 2004-10-29 | 2015-04-21 | Go Daddy Operating Company, LLC | Domain name searching with reputation rating |
US20060200487A1 (en) * | 2004-10-29 | 2006-09-07 | The Go Daddy Group, Inc. | Domain name related reputation and secure certificates |
US20080028100A1 (en) * | 2004-10-29 | 2008-01-31 | The Go Daddy Group, Inc. | Tracking domain name related reputation |
US20060104484A1 (en) * | 2004-11-16 | 2006-05-18 | Bolle Rudolf M | Fingerprint biometric machine representations based on triangles |
FR2878632B1 (en) * | 2004-12-01 | 2007-02-09 | Sagem | METHOD FOR IDENTIFYING AN INDIVIDUAL FROM IMAGE FRAGMENTS |
JP2006189999A (en) * | 2005-01-04 | 2006-07-20 | Fujitsu Ltd | Security management method, program, and information apparatus |
TWI296787B (en) * | 2005-01-19 | 2008-05-11 | Lightuning Tech Inc | Storage device and method for protecting data stored therein |
US20060181521A1 (en) * | 2005-02-14 | 2006-08-17 | Atrua Technologies, Inc. | Systems for dynamically illuminating touch sensors |
US7831070B1 (en) | 2005-02-18 | 2010-11-09 | Authentec, Inc. | Dynamic finger detection mechanism for a fingerprint sensor |
US7899216B2 (en) * | 2005-03-18 | 2011-03-01 | Sanyo Electric Co., Ltd. | Biometric information processing apparatus and biometric information processing method |
US7481364B2 (en) | 2005-03-24 | 2009-01-27 | Privaris, Inc. | Biometric identification device with smartcard capabilities |
US8291224B2 (en) * | 2005-03-30 | 2012-10-16 | Wells Fargo Bank, N.A. | Distributed cryptographic management for computer systems |
DE102005014794B4 (en) * | 2005-03-31 | 2009-01-15 | Advanced Micro Devices, Inc., Sunnyvale | A method of testing a multi-sample semiconductor sample |
US8231056B2 (en) * | 2005-04-08 | 2012-07-31 | Authentec, Inc. | System for and method of protecting an integrated circuit from over currents |
US20060249395A1 (en) * | 2005-05-05 | 2006-11-09 | Applied Material, Inc. | Process and composition for electrochemical mechanical polishing |
US20060249394A1 (en) * | 2005-05-05 | 2006-11-09 | Applied Materials, Inc. | Process and composition for electrochemical mechanical polishing |
CN1332346C (en) * | 2005-05-26 | 2007-08-15 | 上海交通大学 | Sliding fingerprint sequence seamless joint method of extension phase correlated |
EP1891772A2 (en) * | 2005-06-01 | 2008-02-27 | Koninklijke Philips Electronics N.V. | Compensating for acquisition noise in helper data systems |
US20060282680A1 (en) * | 2005-06-14 | 2006-12-14 | Kuhlman Douglas A | Method and apparatus for accessing digital data using biometric information |
TWI262696B (en) * | 2005-06-17 | 2006-09-21 | Lightuning Tech Inc | Storage device and method for protecting data stored therein |
US7505613B2 (en) * | 2005-07-12 | 2009-03-17 | Atrua Technologies, Inc. | System for and method of securing fingerprint biometric systems against fake-finger spoofing |
US8049731B2 (en) * | 2005-07-29 | 2011-11-01 | Interlink Electronics, Inc. | System and method for implementing a control function via a sensor having a touch sensitive control input surface |
US20070061126A1 (en) * | 2005-09-01 | 2007-03-15 | Anthony Russo | System for and method of emulating electronic input devices |
JP4351201B2 (en) * | 2005-09-16 | 2009-10-28 | 富士通株式会社 | Portable device with fingerprint sensor |
US8090939B2 (en) * | 2005-10-21 | 2012-01-03 | Hewlett-Packard Development Company, L.P. | Digital certificate that indicates a parameter of an associated cryptographic token |
JP4771528B2 (en) * | 2005-10-26 | 2011-09-14 | キヤノン株式会社 | Distributed processing system and distributed processing method |
US7940249B2 (en) * | 2005-11-01 | 2011-05-10 | Authentec, Inc. | Devices using a metal layer with an array of vias to reduce degradation |
US7809211B2 (en) * | 2005-11-17 | 2010-10-05 | Upek, Inc. | Image normalization for computed image construction |
TW200745970A (en) * | 2005-12-21 | 2007-12-16 | Koninkl Philips Electronics Nv | Biometric information detection using sweep-type imager |
US7657849B2 (en) | 2005-12-23 | 2010-02-02 | Apple Inc. | Unlocking a device by performing gestures on an unlock image |
CN100367296C (en) * | 2006-01-18 | 2008-02-06 | 北京飞天诚信科技有限公司 | Fingerprint image acquisition and imaging method and its apparatus |
CN100375107C (en) * | 2006-01-18 | 2008-03-12 | 北京飞天诚信科技有限公司 | Fingerprint image fragment splicing method |
US8224034B2 (en) * | 2006-02-02 | 2012-07-17 | NL Giken Incorporated | Biometrics system, biologic information storage, and portable device |
JP4547629B2 (en) * | 2006-02-10 | 2010-09-22 | ソニー株式会社 | Registration device, registration method, and registration program |
US8700902B2 (en) * | 2006-02-13 | 2014-04-15 | At&T Intellectual Property I, L.P. | Methods and apparatus to certify digital signatures |
US8234220B2 (en) | 2007-02-21 | 2012-07-31 | Weiss Kenneth P | Universal secure registry |
US11227676B2 (en) | 2006-02-21 | 2022-01-18 | Universal Secure Registry, Llc | Universal secure registry |
WO2007145687A1 (en) | 2006-02-21 | 2007-12-21 | Weiss Kenneth P | Method and apparatus for secure access payment and identification |
US20070237366A1 (en) * | 2006-03-24 | 2007-10-11 | Atmel Corporation | Secure biometric processing system and method of use |
US8261072B2 (en) * | 2006-03-24 | 2012-09-04 | Atmel Corporation | Method and system for secure external TPM password generation and use |
US20070226514A1 (en) * | 2006-03-24 | 2007-09-27 | Atmel Corporation | Secure biometric processing system and method of use |
JP2008526173A (en) | 2006-04-07 | 2008-07-17 | ▲ホア▼▲ウェイ▼技術有限公司 | Information security authentication method and system |
US20070254485A1 (en) * | 2006-04-28 | 2007-11-01 | Daxin Mao | Abrasive composition for electrochemical mechanical polishing |
US7787697B2 (en) * | 2006-06-09 | 2010-08-31 | Sony Ericsson Mobile Communications Ab | Identification of an object in media and of related media objects |
US8081805B2 (en) * | 2006-06-19 | 2011-12-20 | Authentec, Inc. | Finger sensing device with multiple correlators and associated methods |
WO2008091361A2 (en) * | 2006-06-19 | 2008-07-31 | Authentec, Inc. | Finger sensing device with spoof reduction features and associated methods |
US7885436B2 (en) * | 2006-07-13 | 2011-02-08 | Authentec, Inc. | System for and method of assigning confidence values to fingerprint minutiae points |
US7978884B1 (en) * | 2006-08-08 | 2011-07-12 | Smsc Holdings S.A.R.L. | Fingerprint sensor and interface |
US11762972B1 (en) * | 2006-08-13 | 2023-09-19 | Tara Chand Singhal | System and methods for a multi-factor remote user authentication |
NL1032340C2 (en) * | 2006-08-17 | 2008-02-25 | Hieronymus Watse Wiersma | System and method for digitally signing data files. |
US20090021349A1 (en) * | 2007-07-19 | 2009-01-22 | Stephen Errico | Method to record and authenticate a participant's biometric identification of an event via a network |
US7916908B1 (en) | 2006-09-06 | 2011-03-29 | SMSC Holdings S.à.r.l | Fingerprint sensor and method of transmitting a sensor image to reduce data size and data rate |
US8225096B2 (en) * | 2006-10-27 | 2012-07-17 | International Business Machines Corporation | System, apparatus, method, and program product for authenticating communication partner using electronic certificate containing personal information |
DE102007015320B4 (en) * | 2006-11-03 | 2008-10-23 | Basler Ag | Camera for analyzing objects |
US8204831B2 (en) * | 2006-11-13 | 2012-06-19 | International Business Machines Corporation | Post-anonymous fuzzy comparisons without the use of pre-anonymization variants |
WO2008074342A1 (en) | 2006-12-19 | 2008-06-26 | Telecom Italia S.P.A. | Method and arrangement for secure user authentication based on a biometric data detection device |
US8190908B2 (en) * | 2006-12-20 | 2012-05-29 | Spansion Llc | Secure data verification via biometric input |
US20080162943A1 (en) * | 2006-12-28 | 2008-07-03 | Ali Valiuddin Y | Biometric security system and method |
US8984280B2 (en) | 2007-02-16 | 2015-03-17 | Tibco Software Inc. | Systems and methods for automating certification authority practices |
US8880889B1 (en) * | 2007-03-02 | 2014-11-04 | Citigroup Global Markets, Inc. | Systems and methods for remote authorization of financial transactions using public key infrastructure (PKI) |
CN101790717B (en) * | 2007-04-13 | 2014-07-16 | 阿维萨瑞公司 | Machine vision system for enterprise management |
EP1986161A1 (en) * | 2007-04-27 | 2008-10-29 | Italdata Ingegneria Dell'Idea S.p.A. | Data survey device, integrated with a communication system, and related method |
US8107212B2 (en) * | 2007-04-30 | 2012-01-31 | Validity Sensors, Inc. | Apparatus and method for protecting fingerprint sensing circuitry from electrostatic discharge |
US20090248623A1 (en) * | 2007-05-09 | 2009-10-01 | The Go Daddy Group, Inc. | Accessing digital identity related reputation data |
US8290150B2 (en) * | 2007-05-11 | 2012-10-16 | Validity Sensors, Inc. | Method and system for electronically securing an electronic device using physically unclonable functions |
US20110002461A1 (en) * | 2007-05-11 | 2011-01-06 | Validity Sensors, Inc. | Method and System for Electronically Securing an Electronic Biometric Device Using Physically Unclonable Functions |
US20080288291A1 (en) * | 2007-05-16 | 2008-11-20 | Silver Springs - Martin Luther School | Digital Signature, Electronic Record Software and Method |
DE602007014329D1 (en) * | 2007-05-16 | 2011-06-16 | Precise Biometrics Ab | Sequential image orientation |
US9237018B2 (en) * | 2007-07-05 | 2016-01-12 | Honeywell International Inc. | Multisystem biometric token |
US8181031B2 (en) * | 2007-08-01 | 2012-05-15 | International Business Machines Corporation | Biometric authentication device and system |
US20090037742A1 (en) * | 2007-07-31 | 2009-02-05 | International Business Machines Corporation | Biometric authentication device, system and method of biometric authentication |
EP2203865A2 (en) | 2007-09-24 | 2010-07-07 | Apple Inc. | Embedded authentication systems in an electronic device |
JP4466707B2 (en) * | 2007-09-27 | 2010-05-26 | ミツミ電機株式会社 | Finger separation detection device, finger separation detection method, fingerprint reading device using the same, and fingerprint reading method |
AU2008316289B2 (en) * | 2007-10-22 | 2012-03-22 | Cpc Patent Technologies Pty Ltd | A transmitter for transmitting a secure access signal |
US8204281B2 (en) * | 2007-12-14 | 2012-06-19 | Validity Sensors, Inc. | System and method to remove artifacts from fingerprint sensor scans |
US8276816B2 (en) * | 2007-12-14 | 2012-10-02 | Validity Sensors, Inc. | Smart card system with ergonomic fingerprint sensor and method of using |
JP2009146266A (en) * | 2007-12-17 | 2009-07-02 | Fujitsu Ltd | Electronic apparatus |
FR2925732B1 (en) * | 2007-12-21 | 2010-02-12 | Sagem Securite | GENERATION AND USE OF A BIOMETRIC KEY |
US20090164796A1 (en) * | 2007-12-21 | 2009-06-25 | Daon Holdings Limited | Anonymous biometric tokens |
US9361440B2 (en) | 2007-12-21 | 2016-06-07 | Apple Inc. | Secure off-chip processing such as for biometric data |
EP2238562B1 (en) | 2007-12-24 | 2012-10-31 | Telecom Italia S.p.A. | Biometrics based identification |
TWI359381B (en) * | 2007-12-25 | 2012-03-01 | Htc Corp | Method for unlocking a locked computing device and |
US8600120B2 (en) | 2008-01-03 | 2013-12-03 | Apple Inc. | Personal computing device control using face detection and recognition |
US9785330B1 (en) | 2008-02-13 | 2017-10-10 | Apple Inc. | Systems for and methods of providing inertial scrolling and navigation using a fingerprint sensor calculating swiping speed and length |
US7653577B2 (en) | 2008-02-19 | 2010-01-26 | The Go Daddy Group, Inc. | Validating e-commerce transactions |
EP2264994A4 (en) * | 2008-03-18 | 2012-05-16 | Lucent Technologies Inc | A method and device for automatically processing unanswered call in a communication terminal |
US20090243794A1 (en) * | 2008-03-24 | 2009-10-01 | Neil Morrow | Camera modules communicating with computer systems |
US8005276B2 (en) | 2008-04-04 | 2011-08-23 | Validity Sensors, Inc. | Apparatus and method for reducing parasitic capacitive coupling and noise in fingerprint sensing circuits |
US8116540B2 (en) | 2008-04-04 | 2012-02-14 | Validity Sensors, Inc. | Apparatus and method for reducing noise in fingerprint sensing circuits |
KR101189712B1 (en) * | 2008-04-24 | 2012-10-10 | 교세라 가부시키가이샤 | Mobile electronic device |
US20090279745A1 (en) * | 2008-05-08 | 2009-11-12 | Sonavation, Inc. | Method and System for Image Resolution Improvement of Biometric Digit Imprint Sensors Using Staggered Rows |
US8503740B2 (en) * | 2008-05-12 | 2013-08-06 | Sonavation, Inc. | Methods and apparatus for digit swipe sensor data streaming |
EP2313870B1 (en) * | 2008-06-30 | 2013-12-04 | Telecom Italia S.p.A. | Method and system for communicating access authorization requests based on user personal identification as well as method and system for determining access authorizations |
WO2010001311A1 (en) * | 2008-07-02 | 2010-01-07 | C-True Ltd. | Networked face recognition system |
JP5040835B2 (en) * | 2008-07-04 | 2012-10-03 | 富士通株式会社 | Biological information reader, biological information reading method, and biological information reading program |
TWI444903B (en) * | 2008-07-22 | 2014-07-11 | Validity Sensors Inc | System, device and method for securing a device component |
JP5247295B2 (en) * | 2008-08-13 | 2013-07-24 | ラピスセミコンダクタ株式会社 | Image processing method and image processing apparatus |
JP5206218B2 (en) * | 2008-08-20 | 2013-06-12 | 富士通株式会社 | Fingerprint image acquisition device, fingerprint authentication device, fingerprint image acquisition method, and fingerprint authentication method |
US8296563B2 (en) | 2008-10-22 | 2012-10-23 | Research In Motion Limited | Method of handling a certification request |
EP2180634B1 (en) | 2008-10-22 | 2018-04-04 | BlackBerry Limited | Method of handling a certification request |
DE102008053366A1 (en) * | 2008-10-27 | 2010-05-20 | Giesecke & Devrient Gmbh | Method and system for personalizing a portable data carrier |
US8471679B2 (en) * | 2008-10-28 | 2013-06-25 | Authentec, Inc. | Electronic device including finger movement based musical tone generation and related methods |
US20110187496A1 (en) * | 2008-10-30 | 2011-08-04 | Denison William D | Electronic Access Control Device and Management System |
US8391568B2 (en) * | 2008-11-10 | 2013-03-05 | Validity Sensors, Inc. | System and method for improved scanning of fingerprint edges |
US8074880B2 (en) | 2008-12-01 | 2011-12-13 | Research In Motion Limited | Method, system and mobile device employing enhanced fingerprint authentication |
US20100153722A1 (en) * | 2008-12-11 | 2010-06-17 | International Business Machines Corporation | Method and system to prove identity of owner of an avatar in virtual world |
US9071440B2 (en) * | 2008-12-22 | 2015-06-30 | Google Technology Holdings LLC | Method and system of authenticating the identity of a user of a public computer terminal |
US20100161488A1 (en) * | 2008-12-22 | 2010-06-24 | Paul Michael Evans | Methods and systems for biometric verification |
KR101390045B1 (en) * | 2008-12-24 | 2014-04-30 | 에릭슨엘지엔터프라이즈 주식회사 | Communication apparatus and controlling device thereof |
CA2748695C (en) | 2008-12-31 | 2017-11-07 | Bce Inc. | System and method for unlocking a device |
US20100180136A1 (en) * | 2009-01-15 | 2010-07-15 | Validity Sensors, Inc. | Ultra Low Power Wake-On-Event Mode For Biometric Systems |
US8278946B2 (en) | 2009-01-15 | 2012-10-02 | Validity Sensors, Inc. | Apparatus and method for detecting finger activity on a fingerprint sensor |
US8600122B2 (en) * | 2009-01-15 | 2013-12-03 | Validity Sensors, Inc. | Apparatus and method for culling substantially redundant data in fingerprint sensing circuits |
US20100176892A1 (en) * | 2009-01-15 | 2010-07-15 | Validity Sensors, Inc. | Ultra Low Power Oscillator |
US8374407B2 (en) | 2009-01-28 | 2013-02-12 | Validity Sensors, Inc. | Live finger detection |
US8301902B2 (en) * | 2009-02-12 | 2012-10-30 | International Business Machines Corporation | System, method and program product for communicating a privacy policy associated with a biometric reference template |
US8359475B2 (en) * | 2009-02-12 | 2013-01-22 | International Business Machines Corporation | System, method and program product for generating a cancelable biometric reference template on demand |
US8289135B2 (en) * | 2009-02-12 | 2012-10-16 | International Business Machines Corporation | System, method and program product for associating a biometric reference template with a radio frequency identification tag |
US8242892B2 (en) * | 2009-02-12 | 2012-08-14 | International Business Machines Corporation | System, method and program product for communicating a privacy policy associated with a radio frequency identification tag and associated object |
US9298902B2 (en) * | 2009-02-12 | 2016-03-29 | International Business Machines Corporation | System, method and program product for recording creation of a cancelable biometric reference template in a biometric event journal record |
US8327134B2 (en) * | 2009-02-12 | 2012-12-04 | International Business Machines Corporation | System, method and program product for checking revocation status of a biometric reference template |
US20100208953A1 (en) * | 2009-02-17 | 2010-08-19 | Validity Sensors, Inc. | Illuminated Fingerprint Sensor and Method |
US8255685B2 (en) | 2009-03-17 | 2012-08-28 | Research In Motion Limited | System and method for validating certificate issuance notification messages |
US7690032B1 (en) | 2009-05-22 | 2010-03-30 | Daon Holdings Limited | Method and system for confirming the identity of a user |
US9336428B2 (en) | 2009-10-30 | 2016-05-10 | Synaptics Incorporated | Integrated fingerprint sensor and display |
US9400911B2 (en) | 2009-10-30 | 2016-07-26 | Synaptics Incorporated | Fingerprint sensor and integratable electronic display |
US9274553B2 (en) | 2009-10-30 | 2016-03-01 | Synaptics Incorporated | Fingerprint sensor and integratable electronic display |
US9832019B2 (en) * | 2009-11-17 | 2017-11-28 | Unho Choi | Authentication in ubiquitous environment |
KR101088029B1 (en) * | 2009-11-19 | 2011-11-29 | 최운호 | System for Authentication of Electronic Cash Using Smart Card and Communication Terminal |
US9666635B2 (en) | 2010-02-19 | 2017-05-30 | Synaptics Incorporated | Fingerprint sensing circuit |
US8716613B2 (en) * | 2010-03-02 | 2014-05-06 | Synaptics Incoporated | Apparatus and method for electrostatic discharge protection |
EP2386998B1 (en) * | 2010-05-14 | 2018-07-11 | Honda Research Institute Europe GmbH | A Two-Stage Correlation Method for Correspondence Search |
KR101198120B1 (en) * | 2010-05-28 | 2012-11-12 | 남궁종 | Iris information based 3-factor user authentication method for otp generation and secure two way authentication system of wireless communication device authentication using otp |
US9001040B2 (en) | 2010-06-02 | 2015-04-07 | Synaptics Incorporated | Integrated fingerprint sensor and navigation device |
EP2593903A4 (en) * | 2010-07-12 | 2014-04-02 | Fingerprint Cards Ab | Biometric verification device and method |
US8528072B2 (en) | 2010-07-23 | 2013-09-03 | Apple Inc. | Method, apparatus and system for access mode control of a device |
US9225510B1 (en) | 2010-08-17 | 2015-12-29 | Go Daddy Operating Company, LLC | Website secure certificate status determination via partner browser plugin |
US9225511B1 (en) | 2010-08-17 | 2015-12-29 | Go Daddy Operating Company, LLC | Systems for determining website secure certificate status via partner browser plugin |
US8331096B2 (en) | 2010-08-20 | 2012-12-11 | Validity Sensors, Inc. | Fingerprint acquisition expansion card apparatus |
WO2012037479A1 (en) | 2010-09-17 | 2012-03-22 | Universal Secure Registry, Llc | Apparatus, system and method employing a wireless user-device |
US20120090757A1 (en) | 2010-10-18 | 2012-04-19 | Qualcomm Mems Technologies, Inc. | Fabrication of touch, handwriting and fingerprint sensor |
KR101574968B1 (en) * | 2010-11-01 | 2015-12-08 | 한국전자통신연구원 | Portable sensor apparatus, and service system based on biometric Authentication including the same |
US9972146B1 (en) * | 2010-11-17 | 2018-05-15 | Cypress Semiconductor Corporation | Security system with a wireless security device |
US8840020B2 (en) * | 2010-12-01 | 2014-09-23 | Lumidigm, Inc. | Biometric terminals |
US8996879B2 (en) * | 2010-12-23 | 2015-03-31 | Intel Corporation | User identity attestation in mobile commerce |
RU2453921C1 (en) * | 2010-12-28 | 2012-06-20 | Валерий Александрович Гуров | System for remote control of transactions |
WO2012095917A1 (en) * | 2011-01-13 | 2012-07-19 | 株式会社ニコン | Electronic device and electronic device control program |
US8538097B2 (en) | 2011-01-26 | 2013-09-17 | Validity Sensors, Inc. | User input utilizing dual line scanner apparatus and method |
US8594393B2 (en) | 2011-01-26 | 2013-11-26 | Validity Sensors | System for and method of image reconstruction with dual line scanner using line counts |
US9129107B2 (en) * | 2011-02-10 | 2015-09-08 | SecurenCrypt, LLC | Document encryption and decryption |
GB2489100A (en) | 2011-03-16 | 2012-09-19 | Validity Sensors Inc | Wafer-level packaging for a fingerprint sensor |
US8638994B2 (en) | 2011-04-21 | 2014-01-28 | Authentec, Inc. | Electronic device for collecting finger data and displaying a finger movement trace and related methods |
US8527360B2 (en) | 2011-04-29 | 2013-09-03 | Daon Holdings Limited | Methods and systems for conducting payment transactions |
US20140089672A1 (en) * | 2012-09-25 | 2014-03-27 | Aliphcom | Wearable device and method to generate biometric identifier for authentication using near-field communications |
KR101284481B1 (en) * | 2011-07-15 | 2013-07-16 | 아이리텍 잉크 | Authentication method and device using OTP including biometric data |
US20150363586A1 (en) * | 2011-08-26 | 2015-12-17 | Life Technologies Corporation | Systems and methods for identifying an individual |
EP2748801B1 (en) * | 2011-08-26 | 2020-04-29 | Life Technologies Corporation | Systems and methods for identifying an individual |
US8769624B2 (en) | 2011-09-29 | 2014-07-01 | Apple Inc. | Access control utilizing indirect authentication |
US9002322B2 (en) | 2011-09-29 | 2015-04-07 | Apple Inc. | Authentication with secondary approver |
US8965069B2 (en) * | 2011-09-30 | 2015-02-24 | University Of Louisville Research Foundation, Inc. | Three dimensional minutiae extraction in three dimensional scans |
KR101160681B1 (en) | 2011-10-19 | 2012-06-28 | 배경덕 | Method, mobile communication terminal and computer-readable recording medium for operating specific function when activaing of mobile communication terminal |
US10043052B2 (en) | 2011-10-27 | 2018-08-07 | Synaptics Incorporated | Electronic device packages and methods |
US9959576B2 (en) * | 2011-12-07 | 2018-05-01 | Visa International Service Association | Multi-purpose device having multiple certificates including member certificate |
KR20140097467A (en) * | 2011-12-21 | 2014-08-06 | 인텔 코오퍼레이션 | Method for authentication using biometric data for mobile device e-commerce transactions |
US9195877B2 (en) | 2011-12-23 | 2015-11-24 | Synaptics Incorporated | Methods and devices for capacitive image sensing |
US9785299B2 (en) | 2012-01-03 | 2017-10-10 | Synaptics Incorporated | Structures and manufacturing methods for glass covered electronic devices |
KR101443960B1 (en) * | 2012-02-22 | 2014-11-03 | 주식회사 팬택 | Electronic device and method for user identification |
US9137438B2 (en) | 2012-03-27 | 2015-09-15 | Synaptics Incorporated | Biometric object sensor and method |
US9268991B2 (en) * | 2012-03-27 | 2016-02-23 | Synaptics Incorporated | Method of and system for enrolling and matching biometric data |
US9251329B2 (en) | 2012-03-27 | 2016-02-02 | Synaptics Incorporated | Button depress wakeup and wakeup strategy |
US9600709B2 (en) * | 2012-03-28 | 2017-03-21 | Synaptics Incorporated | Methods and systems for enrolling biometric data |
US9152838B2 (en) | 2012-03-29 | 2015-10-06 | Synaptics Incorporated | Fingerprint sensor packagings and methods |
US9024910B2 (en) | 2012-04-23 | 2015-05-05 | Qualcomm Mems Technologies, Inc. | Touchscreen with bridged force-sensitive resistors |
BR112014028774B1 (en) | 2012-05-18 | 2022-05-10 | Apple Inc | Method, electronic device, computer readable storage medium and information processing apparatus |
US11553857B1 (en) | 2012-09-25 | 2023-01-17 | Micro Mobio Corporation | System and method for through window personal cloud transmission |
US11786146B1 (en) | 2012-09-25 | 2023-10-17 | Micro Mobio Corporation | Wireless hub system and method |
US10437295B1 (en) | 2012-09-25 | 2019-10-08 | Micro Mobio Corporation | Personal cloud case cover with a plurality of modular capabilities |
US11058326B1 (en) | 2012-09-25 | 2021-07-13 | Micro Mobio Corporation | Cloud communication antenna panel system and method |
US11877842B1 (en) | 2012-09-25 | 2024-01-23 | Micro Mobio Corporation | Personal cloud with a plurality of modular capabilities |
US11642045B1 (en) | 2012-09-25 | 2023-05-09 | Micro Mobio Corporation | Personal health and environmental monitoring device and method |
US9086847B2 (en) | 2012-09-25 | 2015-07-21 | Micro Mobio Corporation | Personal cloud case cover with a plurality of modular capabilities |
FR2996942B1 (en) * | 2012-10-11 | 2016-01-08 | Morpho | IMPROVED SIGNATURE KEY GENERATION METHOD |
GB2507539A (en) | 2012-11-02 | 2014-05-07 | Zwipe As | Matching sets of minutiae using local neighbourhoods |
GB2507540A (en) * | 2012-11-02 | 2014-05-07 | Zwipe As | Enrolling fingerprints by combining image strips to obtain sufficient width |
US9672339B2 (en) * | 2012-12-12 | 2017-06-06 | Intel Corporation | Electro-biometric authentication |
US9665762B2 (en) | 2013-01-11 | 2017-05-30 | Synaptics Incorporated | Tiered wakeup strategy |
US9378350B2 (en) * | 2013-03-15 | 2016-06-28 | Airwatch Llc | Facial capture managing access to resources by a device |
US9754149B2 (en) | 2013-04-01 | 2017-09-05 | AMI Research & Development, LLC | Fingerprint based smart phone user verification |
US10121049B2 (en) | 2013-04-01 | 2018-11-06 | AMI Research & Development, LLC | Fingerprint based smart phone user verification |
EP2813961B1 (en) * | 2013-05-13 | 2016-08-24 | Ira Konvalinka | Biometric verification with improved privacy and network performance in client-server networks |
US9262003B2 (en) | 2013-11-04 | 2016-02-16 | Qualcomm Incorporated | Piezoelectric force sensing array |
US9323393B2 (en) | 2013-06-03 | 2016-04-26 | Qualcomm Incorporated | Display with peripherally configured ultrasonic biometric sensor |
US9178888B2 (en) | 2013-06-14 | 2015-11-03 | Go Daddy Operating Company, LLC | Method for domain control validation |
US9521138B2 (en) | 2013-06-14 | 2016-12-13 | Go Daddy Operating Company, LLC | System for domain control validation |
US9898642B2 (en) | 2013-09-09 | 2018-02-20 | Apple Inc. | Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs |
GB2519076A (en) * | 2013-10-08 | 2015-04-15 | A Men Technology Corp | Point transaction system and method for mobile communication device |
CN104545842B (en) * | 2013-10-16 | 2017-09-26 | 原相科技股份有限公司 | Thin physiological characteristic detection module |
TWI514286B (en) * | 2013-10-16 | 2015-12-21 | Pixart Imaging Inc | Thin biometric detection module |
CN105981039B (en) | 2013-11-22 | 2019-04-12 | 深圳市汇顶科技股份有限公司 | The somatic fingerprint sensor of safety |
US10924472B2 (en) | 2013-11-27 | 2021-02-16 | Shenzhen GOODIX Technology Co., Ltd. | Wearable communication devices for secured transaction and communication |
US10713466B2 (en) | 2014-03-07 | 2020-07-14 | Egis Technology Inc. | Fingerprint recognition method and electronic device using the same |
TWI517057B (en) * | 2014-03-07 | 2016-01-11 | 神盾股份有限公司 | Fingerprint recognition method and device |
US9472195B2 (en) * | 2014-03-26 | 2016-10-18 | Educational Testing Service | Systems and methods for detecting fraud in spoken tests using voice biometrics |
US20150317466A1 (en) * | 2014-05-02 | 2015-11-05 | Verificient Technologies, Inc. | Certificate verification system and methods of performing the same |
WO2015171941A1 (en) | 2014-05-08 | 2015-11-12 | Northrop Grumman Systems Corporation | Methods, devices, and computer-readable media for biometric collection, quality checking, and matching |
NO20140653A1 (en) * | 2014-05-27 | 2015-11-30 | Idex Asa | Biometric sensor |
US9483763B2 (en) | 2014-05-29 | 2016-11-01 | Apple Inc. | User interface for payments |
US9230152B2 (en) * | 2014-06-03 | 2016-01-05 | Apple Inc. | Electronic device for processing composite finger matching biometric data and related methods |
WO2016007548A1 (en) | 2014-07-07 | 2016-01-14 | Goodix Technology Inc. | Smart watch |
US9519819B2 (en) | 2014-07-14 | 2016-12-13 | Fingerprint Cards Ab | Method and electronic device for noise mitigation |
KR101915374B1 (en) | 2014-07-23 | 2018-11-05 | 선전 구딕스 테크놀로지 컴퍼니, 리미티드 | Optical heart rate sensor |
KR20160016583A (en) * | 2014-07-31 | 2016-02-15 | 에지스 테크놀러지 인코포레이티드 | Fingerprint recognition methods and devices |
US10282535B2 (en) * | 2014-09-02 | 2019-05-07 | NXT-ID, Inc. | Method and system to validate identity without putting privacy at risk |
KR20160135303A (en) * | 2014-09-06 | 2016-11-25 | 선전 후이딩 테크놀로지 컴퍼니 리미티드 | swipe motion registration on A fingerprint sensor |
US10114939B1 (en) * | 2014-09-22 | 2018-10-30 | Symantec Corporation | Systems and methods for secure communications between devices |
US9760755B1 (en) * | 2014-10-03 | 2017-09-12 | Egis Technology Inc. | Fingerprint matching methods and device |
FR3027753B1 (en) * | 2014-10-28 | 2021-07-09 | Morpho | AUTHENTICATION PROCESS FOR A USER HOLDING A BIOMETRIC CERTIFICATE |
US10732771B2 (en) | 2014-11-12 | 2020-08-04 | Shenzhen GOODIX Technology Co., Ltd. | Fingerprint sensors having in-pixel optical sensors |
CN105447436B (en) | 2014-12-19 | 2017-08-04 | 比亚迪股份有限公司 | Fingerprint recognition system and fingerprint identification method and electronic equipment |
CN106576044B (en) * | 2015-04-23 | 2020-05-15 | 崔云虎 | Authentication in ubiquitous environments |
WO2016172713A1 (en) * | 2015-04-23 | 2016-10-27 | Shenzhen Huiding Technology Co., Ltd. | Multifunction fingerprint sensor |
TWI541731B (en) * | 2015-04-27 | 2016-07-11 | 瑞鼎科技股份有限公司 | Capacitive fingerprint sensing apparatus and capacitive fingerprint sensing method |
US11481771B2 (en) * | 2015-05-20 | 2022-10-25 | Ripple Luxembourg S.A. | One way functions in a resource transfer system |
US10740732B2 (en) | 2015-05-20 | 2020-08-11 | Ripple Luxembourg S.A. | Resource transfer system |
SE1550689A1 (en) | 2015-05-28 | 2016-11-29 | Fingerprint Cards Ab | Method and fingerprint sensing system for forming a fingerprint representation |
US10868672B1 (en) | 2015-06-05 | 2020-12-15 | Apple Inc. | Establishing and verifying identity using biometrics while protecting user privacy |
US11140171B1 (en) | 2015-06-05 | 2021-10-05 | Apple Inc. | Establishing and verifying identity using action sequences while protecting user privacy |
KR101928319B1 (en) | 2015-06-18 | 2018-12-12 | 선전 구딕스 테크놀로지 컴퍼니, 리미티드 | Multifunction fingerprint sensor with photo sensing capability |
US10410037B2 (en) | 2015-06-18 | 2019-09-10 | Shenzhen GOODIX Technology Co., Ltd. | Under-screen optical sensor module for on-screen fingerprint sensing implementing imaging lens, extra illumination or optical collimator array |
US10410033B2 (en) | 2015-06-18 | 2019-09-10 | Shenzhen GOODIX Technology Co., Ltd. | Under-LCD screen optical sensor module for on-screen fingerprint sensing |
CN107004130B (en) | 2015-06-18 | 2020-08-28 | 深圳市汇顶科技股份有限公司 | Optical sensor module under screen for sensing fingerprint on screen |
US10437974B2 (en) | 2015-06-18 | 2019-10-08 | Shenzhen GOODIX Technology Co., Ltd. | Optical sensing performance of under-screen optical sensor module for on-screen fingerprint sensing |
US9759813B2 (en) | 2015-06-22 | 2017-09-12 | Appetite Lab Inc. | Devices and methods for locating and visualizing underwater objects |
US9946375B2 (en) * | 2015-06-30 | 2018-04-17 | Synaptics Incorporated | Active matrix capacitive fingerprint sensor with 2-TFT pixel architecture for display integration |
US10095948B2 (en) * | 2015-06-30 | 2018-10-09 | Synaptics Incorporated | Modulation scheme for fingerprint sensing |
US10339178B2 (en) * | 2015-06-30 | 2019-07-02 | Samsung Electronics Co., Ltd. | Fingerprint recognition method and apparatus |
EP3185163B1 (en) * | 2015-06-30 | 2019-10-02 | Huawei Technologies Co., Ltd. | Method and terminal for unlocking screen with fingerprint |
US10331936B2 (en) | 2015-07-14 | 2019-06-25 | Idex Asa | Duplicate pattern reconstructions |
US10578706B2 (en) * | 2015-08-06 | 2020-03-03 | Navico Holding As | Wireless sonar receiver |
US10325134B2 (en) * | 2015-11-13 | 2019-06-18 | Fingerprint Cards Ab | Method and system for calibration of an optical fingerprint sensing device |
US20170140233A1 (en) * | 2015-11-13 | 2017-05-18 | Fingerprint Cards Ab | Method and system for calibration of a fingerprint sensing device |
WO2017139537A1 (en) * | 2016-02-11 | 2017-08-17 | AMI Research & Development, LLC | Fingerprint based smart phone user verification |
CN105825098B (en) | 2016-03-16 | 2018-03-27 | 广东欧珀移动通信有限公司 | Unlocking screen method, image-pickup method and the device of a kind of electric terminal |
US11108767B2 (en) * | 2016-04-21 | 2021-08-31 | Tharmalingam Satkunarajah | Apparatus and system for obtaining and encrypting documentary materials |
DK179186B1 (en) | 2016-05-19 | 2018-01-15 | Apple Inc | REMOTE AUTHORIZATION TO CONTINUE WITH AN ACTION |
US10404464B2 (en) | 2016-08-22 | 2019-09-03 | Mastercard International Incorporated | Method and system for secure FIDO development kit with embedded hardware |
US11036870B2 (en) * | 2016-08-22 | 2021-06-15 | Mastercard International Incorporated | Method and system for secure device based biometric authentication scheme |
US10237270B2 (en) * | 2016-09-29 | 2019-03-19 | International Business Machines Corporation | Distributed storage of authentication data |
US10719077B2 (en) | 2016-10-13 | 2020-07-21 | Navico Holding As | Castable sonar devices and operations in a marine environment |
US10277400B1 (en) * | 2016-10-20 | 2019-04-30 | Wells Fargo Bank, N.A. | Biometric electronic signature tokens |
US10430638B2 (en) * | 2016-11-10 | 2019-10-01 | Synaptics Incorporated | Systems and methods for spoof detection relative to a template instead of on an absolute scale |
EP3542307A4 (en) * | 2016-11-15 | 2020-06-10 | Fingerprint Cards AB | Method and electronic device for fingerprint enrollment |
US10506926B2 (en) | 2017-02-18 | 2019-12-17 | Arc Devices Limited | Multi-vital sign detector in an electronic medical records system |
US10492684B2 (en) | 2017-02-21 | 2019-12-03 | Arc Devices Limited | Multi-vital-sign smartphone system in an electronic medical records system |
US10614283B2 (en) | 2017-03-07 | 2020-04-07 | Shenzhen GOODIX Technology Co., Ltd. | Devices with peripheral task bar display zone and under-LCD screen optical sensor module for on-screen fingerprint sensing |
WO2018201853A1 (en) | 2017-05-01 | 2018-11-08 | Shenzhen GOODIX Technology Co., Ltd. | Ultrasound fingerprint sensing and sensor fabrication |
US10602548B2 (en) | 2017-06-22 | 2020-03-24 | Infineon Technologies Ag | System and method for gesture sensing |
US10331939B2 (en) | 2017-07-06 | 2019-06-25 | Shenzhen GOODIX Technology Co., Ltd. | Multi-layer optical designs of under-screen optical sensor module having spaced optical collimator array and optical sensor array for on-screen fingerprint sensing |
EP3461292B1 (en) | 2017-07-18 | 2021-03-24 | Shenzhen Goodix Technology Co., Ltd. | Anti-spoofing sensing for rejecting fake fingerprint patterns in under-screen optical sensor module for on-screen fingerprint sensing |
US10602987B2 (en) | 2017-08-10 | 2020-03-31 | Arc Devices Limited | Multi-vital-sign smartphone system in an electronic medical records system |
KR102399539B1 (en) * | 2017-08-28 | 2022-05-19 | 삼성전자주식회사 | Method and apparatus for identifying an object |
KR102185854B1 (en) | 2017-09-09 | 2020-12-02 | 애플 인크. | Implementation of biometric authentication |
JP6736686B1 (en) | 2017-09-09 | 2020-08-05 | アップル インコーポレイテッドApple Inc. | Implementation of biometrics |
US10460458B1 (en) * | 2017-09-14 | 2019-10-29 | United States Of America As Represented By The Secretary Of The Air Force | Method for registration of partially-overlapped aerial imagery using a reduced search space methodology with hybrid similarity measures |
KR102367761B1 (en) | 2017-10-25 | 2022-02-24 | 시냅틱스 인코포레이티드 | Systems and methods for biometric recognition |
KR101936941B1 (en) * | 2018-02-22 | 2019-01-11 | 스티븐 상근 오 | Electronic approval system, method, and program using biometric authentication |
AU2018411281B2 (en) | 2018-02-28 | 2021-05-13 | Motorola Solutions, Inc | Method for registering a mobile device using a machine-readable optical label |
US10984213B2 (en) | 2018-03-27 | 2021-04-20 | Shenzhen GOODIX Technology Co., Ltd. | 3-dimensional optical topographical sensing of fingerprints using under-screen optical sensor module |
US10320962B1 (en) * | 2018-04-20 | 2019-06-11 | Zte Corporation | Dual screen smartphone and portable devices with a full display screen |
US10485431B1 (en) | 2018-05-21 | 2019-11-26 | ARC Devices Ltd. | Glucose multi-vital-sign system in an electronic medical records system |
US11170085B2 (en) | 2018-06-03 | 2021-11-09 | Apple Inc. | Implementation of biometric authentication |
US10860096B2 (en) | 2018-09-28 | 2020-12-08 | Apple Inc. | Device control using gaze information |
US11100349B2 (en) | 2018-09-28 | 2021-08-24 | Apple Inc. | Audio assisted enrollment |
US10742786B2 (en) * | 2018-11-15 | 2020-08-11 | Osram Opto Semiconductors Gmbh | Mobile device with side-looking biometric sensor |
CN109690563B (en) * | 2018-12-04 | 2023-05-30 | 深圳市汇顶科技股份有限公司 | Fingerprint registration method, terminal and computer-readable storage medium |
US10530577B1 (en) * | 2019-02-08 | 2020-01-07 | Talenting, Inc. | Systems and methods for biometric key generation in data access control, data verification, and path selection in block chain-linked workforce data management |
WO2020170040A2 (en) * | 2019-02-21 | 2020-08-27 | Next Biometrics Group Asa | Method of detecting replay attacks in a fingerprint sensor system |
GB2587404B (en) * | 2019-09-27 | 2024-03-27 | Airbus Defence & Space Ltd | Encryption and verification method |
US11504014B2 (en) | 2020-06-01 | 2022-11-22 | Arc Devices Limited | Apparatus and methods for measuring blood pressure and other vital signs via a finger |
US10923216B1 (en) * | 2020-06-12 | 2021-02-16 | Tensorx, Inc. | Health status system, platform, and method |
WO2022074450A1 (en) * | 2020-10-09 | 2022-04-14 | Unho Choi | Chain of authentication using public key infrastructure |
JP2024027032A (en) * | 2022-08-16 | 2024-02-29 | 株式会社日立製作所 | Authentication system and authentication method |
Citations (64)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4222076A (en) * | 1978-09-15 | 1980-09-09 | Bell Telephone Laboratories, Incorporated | Progressive image transmission |
US4405829A (en) * | 1977-12-14 | 1983-09-20 | Massachusetts Institute Of Technology | Cryptographic communications system and method |
US4558372A (en) * | 1984-01-19 | 1985-12-10 | Tektronix, Inc. | Scanning method and apparatus |
US4654876A (en) * | 1984-12-19 | 1987-03-31 | Itek Corporation | Digital image motion correction method |
US4868877A (en) * | 1988-02-12 | 1989-09-19 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
US5144448A (en) * | 1990-07-31 | 1992-09-01 | Vidar Systems Corporation | Scanning apparatus using multiple CCD arrays and related method |
US5155597A (en) * | 1990-11-28 | 1992-10-13 | Recon/Optical, Inc. | Electro-optical imaging array with motion compensation |
US5227839A (en) * | 1991-06-24 | 1993-07-13 | Etec Systems, Inc. | Small field scanner |
US5293323A (en) * | 1991-10-24 | 1994-03-08 | General Electric Company | Method for fault diagnosis by assessment of confidence measure |
US5444478A (en) * | 1992-12-29 | 1995-08-22 | U.S. Philips Corporation | Image processing method and device for constructing an image from adjacent images |
US5453777A (en) * | 1993-04-12 | 1995-09-26 | Presstek, Inc. | Method and apparatus for correcting and adjusting digital image output |
US5456256A (en) * | 1993-11-04 | 1995-10-10 | Ultra-Scan Corporation | High resolution ultrasonic imaging apparatus and method |
US5559961A (en) * | 1994-04-04 | 1996-09-24 | Lucent Technologies Inc. | Graphical password |
US5577120A (en) * | 1995-05-01 | 1996-11-19 | Lucent Technologies Inc. | Method and apparatus for restrospectively identifying an individual who had engaged in a commercial or retail transaction or the like |
US5576763A (en) * | 1994-11-22 | 1996-11-19 | Lucent Technologies Inc. | Single-polysilicon CMOS active pixel |
US5602585A (en) * | 1994-12-22 | 1997-02-11 | Lucent Technologies Inc. | Method and system for camera with motion detection |
US5623552A (en) * | 1994-01-21 | 1997-04-22 | Cardguard International, Inc. | Self-authenticating identification card with fingerprint identification |
US5625304A (en) * | 1995-04-21 | 1997-04-29 | Lucent Technologies Inc. | Voltage comparator requiring no compensating offset voltage |
US5631704A (en) * | 1994-10-14 | 1997-05-20 | Lucent Technologies, Inc. | Active pixel sensor and imaging system having differential mode |
US5668874A (en) * | 1995-02-28 | 1997-09-16 | Lucent Technologies Inc. | Identification card verification system and method |
US5671279A (en) * | 1995-11-13 | 1997-09-23 | Netscape Communications Corporation | Electronic commerce using a secure courier system |
US5673123A (en) * | 1994-06-30 | 1997-09-30 | Lucent Technologies Inc. | Methods and means for processing images |
US5739562A (en) * | 1995-08-01 | 1998-04-14 | Lucent Technologies Inc. | Combined photogate and photodiode active pixel image sensor |
US5764789A (en) * | 1994-11-28 | 1998-06-09 | Smarttouch, Llc | Tokenless biometric ATM access system |
US5768439A (en) * | 1994-03-23 | 1998-06-16 | Hitachi Software Engineering Co., Ltd. | Image compounding method and device for connecting a plurality of adjacent images on a map without performing positional displacement at their connections boundaries |
US5774525A (en) * | 1995-01-23 | 1998-06-30 | International Business Machines Corporation | Method and apparatus utilizing dynamic questioning to provide secure access control |
US5812704A (en) * | 1994-11-29 | 1998-09-22 | Focus Automation Systems Inc. | Method and apparatus for image overlap processing |
US5825907A (en) * | 1994-12-28 | 1998-10-20 | Lucent Technologies Inc. | Neural network system for classifying fingerprints |
US5864296A (en) * | 1997-05-19 | 1999-01-26 | Trw Inc. | Fingerprint detector using ridge resistance sensor |
US5903225A (en) * | 1997-05-16 | 1999-05-11 | Harris Corporation | Access control system including fingerprint sensor enrollment and associated methods |
US5920640A (en) * | 1997-05-16 | 1999-07-06 | Harris Corporation | Fingerprint sensor and token reader and associated methods |
US5963679A (en) * | 1996-01-26 | 1999-10-05 | Harris Corporation | Electric field fingerprint sensor apparatus and related methods |
US5987156A (en) * | 1996-11-25 | 1999-11-16 | Lucent Technologies | Apparatus for correcting fixed column noise in images acquired by a fingerprint sensor |
US5991408A (en) * | 1997-05-16 | 1999-11-23 | Veridicom, Inc. | Identification and security using biometric measurements |
US6003135A (en) * | 1997-06-04 | 1999-12-14 | Spyrus, Inc. | Modular security device |
US6016355A (en) * | 1995-12-15 | 2000-01-18 | Veridicom, Inc. | Capacitive fingerprint acquisition sensor |
US6016476A (en) * | 1997-08-11 | 2000-01-18 | International Business Machines Corporation | Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security |
US6047268A (en) * | 1997-11-04 | 2000-04-04 | A.T.&T. Corporation | Method and apparatus for billing for transactions conducted over the internet |
US6049620A (en) * | 1995-12-15 | 2000-04-11 | Veridicom, Inc. | Capacitive fingerprint sensor with adjustable gain |
US6097418A (en) * | 1998-03-24 | 2000-08-01 | Agfa Corporation | Method and apparatus for combining a plurality of images without incurring a visible seam |
US6175922B1 (en) * | 1996-12-04 | 2001-01-16 | Esign, Inc. | Electronic transaction systems and methods therefor |
US6192142B1 (en) * | 1994-11-28 | 2001-02-20 | Smarttouch, Inc. | Tokenless biometric electronic stored value transactions |
US6195447B1 (en) * | 1998-01-16 | 2001-02-27 | Lucent Technologies Inc. | System and method for fingerprint data verification |
US6195471B1 (en) * | 1998-03-24 | 2001-02-27 | Agfa Corporation | Method and apparatus for combining a plurality of images at random stitch points without incurring a visible seam |
US6202151B1 (en) * | 1997-05-09 | 2001-03-13 | Gte Service Corporation | System and method for authenticating electronic transactions using biometric certificates |
US6208264B1 (en) * | 1997-05-23 | 2001-03-27 | Automated Identification Service, Inc. | Personal verification in a commercial transaction system |
US6219793B1 (en) * | 1996-09-11 | 2001-04-17 | Hush, Inc. | Method of using fingerprints to authenticate wireless communications |
US6230235B1 (en) * | 1996-08-08 | 2001-05-08 | Apache Systems, Inc. | Address lookup DRAM aging |
US6230148B1 (en) * | 1994-11-28 | 2001-05-08 | Veristar Corporation | Tokenless biometric electric check transaction |
US6256737B1 (en) * | 1999-03-09 | 2001-07-03 | Bionetrix Systems Corporation | System, method and computer program product for allowing access to enterprise resources using biometric devices |
US6260300B1 (en) * | 1999-04-21 | 2001-07-17 | Smith & Wesson Corp. | Biometrically activated lock and enablement system |
US6289114B1 (en) * | 1996-06-14 | 2001-09-11 | Thomson-Csf | Fingerprint-reading system |
US6310966B1 (en) * | 1997-05-09 | 2001-10-30 | Gte Service Corporation | Biometric certificates |
US6330345B1 (en) * | 1997-11-17 | 2001-12-11 | Veridicom, Inc. | Automatic adjustment processing for sensor devices |
US6333989B1 (en) * | 1999-03-29 | 2001-12-25 | Dew Engineering And Development Limited | Contact imaging device |
US6366682B1 (en) * | 1994-11-28 | 2002-04-02 | Indivos Corporation | Tokenless electronic transaction system |
US20020060243A1 (en) * | 2000-11-13 | 2002-05-23 | Janiak Martin J. | Biometric authentication device for use in mobile telecommunications |
US6501846B1 (en) * | 1997-11-25 | 2002-12-31 | Ethentica, Inc. | Method and system for computer access and cursor control using a relief object image generator |
US20030021495A1 (en) * | 2001-07-12 | 2003-01-30 | Ericson Cheng | Fingerprint biometric capture device and method with integrated on-chip data buffering |
US6518560B1 (en) * | 2000-04-27 | 2003-02-11 | Veridicom, Inc. | Automatic gain amplifier for biometric sensor device |
US6535622B1 (en) * | 1999-04-26 | 2003-03-18 | Veridicom, Inc. | Method for imaging fingerprints and concealing latent fingerprints |
US6546122B1 (en) * | 1999-07-29 | 2003-04-08 | Veridicom, Inc. | Method for combining fingerprint templates representing various sensed areas of a fingerprint to derive one fingerprint template representing the fingerprint |
US20030115475A1 (en) * | 2001-07-12 | 2003-06-19 | Russo Anthony P. | Biometrically enhanced digital certificates and system and method for making and using |
US6853988B1 (en) * | 1999-09-20 | 2005-02-08 | Security First Corporation | Cryptographic server with provisions for interoperability between cryptographic systems |
Family Cites Families (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4993068A (en) * | 1989-11-27 | 1991-02-12 | Motorola, Inc. | Unforgeable personal identification system |
BR9001916A (en) * | 1990-04-20 | 1991-11-12 | Metal Leve Sa | PROCESS OF OBTAINING REFRIGERATED PUMP AND REFRIGERATED PUMP |
TW335241U (en) * | 1992-11-30 | 1998-06-21 | Thomson Consumer Electronics | A video display system |
US20020013898A1 (en) * | 1997-06-04 | 2002-01-31 | Sudia Frank W. | Method and apparatus for roaming use of cryptographic values |
US5458256A (en) * | 1994-04-19 | 1995-10-17 | May-Wes Manufacturing, Inc. | Slide lid |
US6973477B1 (en) * | 1995-05-19 | 2005-12-06 | Cyberfone Technologies, Inc. | System for securely communicating amongst client computer systems |
GB9600804D0 (en) * | 1996-01-17 | 1996-03-20 | Robb Garry D | Multiphone |
US6075905A (en) * | 1996-07-17 | 2000-06-13 | Sarnoff Corporation | Method and apparatus for mosaic image construction |
DE29722222U1 (en) * | 1997-12-16 | 1998-06-25 | Siemens Ag | Radio-operated communication terminal with navigation key |
US6038666A (en) * | 1997-12-22 | 2000-03-14 | Trw Inc. | Remote identity verification technique using a personal identification device |
US6681034B1 (en) | 1999-07-15 | 2004-01-20 | Precise Biometrics | Method and system for fingerprint template matching |
JP3743246B2 (en) * | 2000-02-03 | 2006-02-08 | 日本電気株式会社 | Biometric input device and biometric verification device |
JP4426733B2 (en) * | 2000-03-31 | 2010-03-03 | 富士通株式会社 | Fingerprint data synthesizing method, fingerprint data synthesizing device, fingerprint data synthesizing program, and computer-readable recording medium recording the program |
US7236617B1 (en) * | 2000-04-13 | 2007-06-26 | Nanyang Technological University | Method and device for determining a total minutiae template from a plurality of partial minutiae templates |
SE0001761L (en) * | 2000-05-15 | 2001-07-02 | Ericsson Telefon Ab L M | Method for generating a composite image and apparatus for detecting fingerprints |
US6542740B1 (en) * | 2000-10-24 | 2003-04-01 | Litepoint, Corp. | System, method and article of manufacture for utilizing a wireless link in an interface roaming network framework |
US20020078347A1 (en) * | 2000-12-20 | 2002-06-20 | International Business Machines Corporation | Method and system for using with confidence certificates issued from certificate authorities |
US7103234B2 (en) * | 2001-03-30 | 2006-09-05 | Nec Laboratories America, Inc. | Method for blind cross-spectral image registration |
US7203347B2 (en) * | 2001-06-27 | 2007-04-10 | Activcard Ireland Limited | Method and system for extracting an area of interest from within a swipe image of a biological surface |
US7043061B2 (en) * | 2001-06-27 | 2006-05-09 | Laurence Hamid | Swipe imager with multiple sensing arrays |
-
2002
- 2002-07-12 WO PCT/US2002/022163 patent/WO2003007121A2/en not_active Application Discontinuation
- 2002-07-12 US US10/194,994 patent/US7197168B2/en active Active
- 2002-07-12 WO PCT/US2002/022200 patent/WO2003007125A2/en not_active Application Discontinuation
- 2002-07-12 AU AU2002316679A patent/AU2002316679A1/en not_active Abandoned
- 2002-07-12 US US10/194,959 patent/US20030101348A1/en not_active Abandoned
- 2002-07-12 JP JP2003512825A patent/JP2005531935A/en active Pending
- 2002-07-12 AU AU2002346107A patent/AU2002346107A1/en not_active Abandoned
- 2002-07-12 EP EP02747003A patent/EP1573426A4/en not_active Withdrawn
- 2002-07-12 WO PCT/US2002/022211 patent/WO2003007127A2/en active Search and Examination
- 2002-07-12 US US10/194,444 patent/US20030115475A1/en not_active Abandoned
- 2002-07-12 AU AU2002332414A patent/AU2002332414A1/en not_active Abandoned
- 2002-07-12 US US10/194,949 patent/US20030115490A1/en not_active Abandoned
-
2007
- 2007-02-16 US US11/707,624 patent/US7751595B2/en not_active Expired - Fee Related
Patent Citations (70)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4405829A (en) * | 1977-12-14 | 1983-09-20 | Massachusetts Institute Of Technology | Cryptographic communications system and method |
US4222076A (en) * | 1978-09-15 | 1980-09-09 | Bell Telephone Laboratories, Incorporated | Progressive image transmission |
US4558372A (en) * | 1984-01-19 | 1985-12-10 | Tektronix, Inc. | Scanning method and apparatus |
US4654876A (en) * | 1984-12-19 | 1987-03-31 | Itek Corporation | Digital image motion correction method |
US4868877A (en) * | 1988-02-12 | 1989-09-19 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
US5144448A (en) * | 1990-07-31 | 1992-09-01 | Vidar Systems Corporation | Scanning apparatus using multiple CCD arrays and related method |
US5155597A (en) * | 1990-11-28 | 1992-10-13 | Recon/Optical, Inc. | Electro-optical imaging array with motion compensation |
US5227839A (en) * | 1991-06-24 | 1993-07-13 | Etec Systems, Inc. | Small field scanner |
US5293323A (en) * | 1991-10-24 | 1994-03-08 | General Electric Company | Method for fault diagnosis by assessment of confidence measure |
US5444478A (en) * | 1992-12-29 | 1995-08-22 | U.S. Philips Corporation | Image processing method and device for constructing an image from adjacent images |
US5453777A (en) * | 1993-04-12 | 1995-09-26 | Presstek, Inc. | Method and apparatus for correcting and adjusting digital image output |
US5456256A (en) * | 1993-11-04 | 1995-10-10 | Ultra-Scan Corporation | High resolution ultrasonic imaging apparatus and method |
US5623552A (en) * | 1994-01-21 | 1997-04-22 | Cardguard International, Inc. | Self-authenticating identification card with fingerprint identification |
US5768439A (en) * | 1994-03-23 | 1998-06-16 | Hitachi Software Engineering Co., Ltd. | Image compounding method and device for connecting a plurality of adjacent images on a map without performing positional displacement at their connections boundaries |
US5559961A (en) * | 1994-04-04 | 1996-09-24 | Lucent Technologies Inc. | Graphical password |
US5673123A (en) * | 1994-06-30 | 1997-09-30 | Lucent Technologies Inc. | Methods and means for processing images |
US5631704A (en) * | 1994-10-14 | 1997-05-20 | Lucent Technologies, Inc. | Active pixel sensor and imaging system having differential mode |
US5835141A (en) * | 1994-11-22 | 1998-11-10 | Lucent Technologies Inc. | Single-polysilicon CMOS active pixel image sensor |
US5576763A (en) * | 1994-11-22 | 1996-11-19 | Lucent Technologies Inc. | Single-polysilicon CMOS active pixel |
US6192142B1 (en) * | 1994-11-28 | 2001-02-20 | Smarttouch, Inc. | Tokenless biometric electronic stored value transactions |
US6366682B1 (en) * | 1994-11-28 | 2002-04-02 | Indivos Corporation | Tokenless electronic transaction system |
US6230148B1 (en) * | 1994-11-28 | 2001-05-08 | Veristar Corporation | Tokenless biometric electric check transaction |
US5764789A (en) * | 1994-11-28 | 1998-06-09 | Smarttouch, Llc | Tokenless biometric ATM access system |
US5812704A (en) * | 1994-11-29 | 1998-09-22 | Focus Automation Systems Inc. | Method and apparatus for image overlap processing |
US5602585A (en) * | 1994-12-22 | 1997-02-11 | Lucent Technologies Inc. | Method and system for camera with motion detection |
US5825907A (en) * | 1994-12-28 | 1998-10-20 | Lucent Technologies Inc. | Neural network system for classifying fingerprints |
US5774525A (en) * | 1995-01-23 | 1998-06-30 | International Business Machines Corporation | Method and apparatus utilizing dynamic questioning to provide secure access control |
US5668874A (en) * | 1995-02-28 | 1997-09-16 | Lucent Technologies Inc. | Identification card verification system and method |
US5625304A (en) * | 1995-04-21 | 1997-04-29 | Lucent Technologies Inc. | Voltage comparator requiring no compensating offset voltage |
US5577120A (en) * | 1995-05-01 | 1996-11-19 | Lucent Technologies Inc. | Method and apparatus for restrospectively identifying an individual who had engaged in a commercial or retail transaction or the like |
US5739562A (en) * | 1995-08-01 | 1998-04-14 | Lucent Technologies Inc. | Combined photogate and photodiode active pixel image sensor |
US5671279A (en) * | 1995-11-13 | 1997-09-23 | Netscape Communications Corporation | Electronic commerce using a secure courier system |
US6016355A (en) * | 1995-12-15 | 2000-01-18 | Veridicom, Inc. | Capacitive fingerprint acquisition sensor |
US6538456B1 (en) * | 1995-12-15 | 2003-03-25 | Veridicom, Inc. | Capacitive fingerprint sensor with adjustable gain |
US6049620A (en) * | 1995-12-15 | 2000-04-11 | Veridicom, Inc. | Capacitive fingerprint sensor with adjustable gain |
US5963679A (en) * | 1996-01-26 | 1999-10-05 | Harris Corporation | Electric field fingerprint sensor apparatus and related methods |
US6289114B1 (en) * | 1996-06-14 | 2001-09-11 | Thomson-Csf | Fingerprint-reading system |
US6459804B2 (en) * | 1996-06-14 | 2002-10-01 | Thomson-Csf | Fingerprint-reading system |
US6230235B1 (en) * | 1996-08-08 | 2001-05-08 | Apache Systems, Inc. | Address lookup DRAM aging |
US6219793B1 (en) * | 1996-09-11 | 2001-04-17 | Hush, Inc. | Method of using fingerprints to authenticate wireless communications |
US5987156A (en) * | 1996-11-25 | 1999-11-16 | Lucent Technologies | Apparatus for correcting fixed column noise in images acquired by a fingerprint sensor |
US6175922B1 (en) * | 1996-12-04 | 2001-01-16 | Esign, Inc. | Electronic transaction systems and methods therefor |
US6202151B1 (en) * | 1997-05-09 | 2001-03-13 | Gte Service Corporation | System and method for authenticating electronic transactions using biometric certificates |
US6310966B1 (en) * | 1997-05-09 | 2001-10-30 | Gte Service Corporation | Biometric certificates |
US5991408A (en) * | 1997-05-16 | 1999-11-23 | Veridicom, Inc. | Identification and security using biometric measurements |
US5903225A (en) * | 1997-05-16 | 1999-05-11 | Harris Corporation | Access control system including fingerprint sensor enrollment and associated methods |
US6069970A (en) * | 1997-05-16 | 2000-05-30 | Authentec, Inc. | Fingerprint sensor and token reader and associated methods |
US5920640A (en) * | 1997-05-16 | 1999-07-06 | Harris Corporation | Fingerprint sensor and token reader and associated methods |
US5864296A (en) * | 1997-05-19 | 1999-01-26 | Trw Inc. | Fingerprint detector using ridge resistance sensor |
US6208264B1 (en) * | 1997-05-23 | 2001-03-27 | Automated Identification Service, Inc. | Personal verification in a commercial transaction system |
US6003135A (en) * | 1997-06-04 | 1999-12-14 | Spyrus, Inc. | Modular security device |
US6016476A (en) * | 1997-08-11 | 2000-01-18 | International Business Machines Corporation | Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security |
US6047268A (en) * | 1997-11-04 | 2000-04-04 | A.T.&T. Corporation | Method and apparatus for billing for transactions conducted over the internet |
US6330345B1 (en) * | 1997-11-17 | 2001-12-11 | Veridicom, Inc. | Automatic adjustment processing for sensor devices |
US6501846B1 (en) * | 1997-11-25 | 2002-12-31 | Ethentica, Inc. | Method and system for computer access and cursor control using a relief object image generator |
US6195447B1 (en) * | 1998-01-16 | 2001-02-27 | Lucent Technologies Inc. | System and method for fingerprint data verification |
US6097418A (en) * | 1998-03-24 | 2000-08-01 | Agfa Corporation | Method and apparatus for combining a plurality of images without incurring a visible seam |
US6195471B1 (en) * | 1998-03-24 | 2001-02-27 | Agfa Corporation | Method and apparatus for combining a plurality of images at random stitch points without incurring a visible seam |
US6256737B1 (en) * | 1999-03-09 | 2001-07-03 | Bionetrix Systems Corporation | System, method and computer program product for allowing access to enterprise resources using biometric devices |
US6333989B1 (en) * | 1999-03-29 | 2001-12-25 | Dew Engineering And Development Limited | Contact imaging device |
US6260300B1 (en) * | 1999-04-21 | 2001-07-17 | Smith & Wesson Corp. | Biometrically activated lock and enablement system |
US6535622B1 (en) * | 1999-04-26 | 2003-03-18 | Veridicom, Inc. | Method for imaging fingerprints and concealing latent fingerprints |
US6546122B1 (en) * | 1999-07-29 | 2003-04-08 | Veridicom, Inc. | Method for combining fingerprint templates representing various sensed areas of a fingerprint to derive one fingerprint template representing the fingerprint |
US6853988B1 (en) * | 1999-09-20 | 2005-02-08 | Security First Corporation | Cryptographic server with provisions for interoperability between cryptographic systems |
US6518560B1 (en) * | 2000-04-27 | 2003-02-11 | Veridicom, Inc. | Automatic gain amplifier for biometric sensor device |
US20020060243A1 (en) * | 2000-11-13 | 2002-05-23 | Janiak Martin J. | Biometric authentication device for use in mobile telecommunications |
US20030021495A1 (en) * | 2001-07-12 | 2003-01-30 | Ericson Cheng | Fingerprint biometric capture device and method with integrated on-chip data buffering |
US20030115475A1 (en) * | 2001-07-12 | 2003-06-19 | Russo Anthony P. | Biometrically enhanced digital certificates and system and method for making and using |
US20030115490A1 (en) * | 2001-07-12 | 2003-06-19 | Russo Anthony P. | Secure network and networked devices using biometrics |
US20030126448A1 (en) * | 2001-07-12 | 2003-07-03 | Russo Anthony P. | Method and system for biometric image assembly from multiple partial biometric frame scans |
Cited By (132)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7197168B2 (en) | 2001-07-12 | 2007-03-27 | Atrua Technologies, Inc. | Method and system for biometric image assembly from multiple partial biometric frame scans |
US20030115490A1 (en) * | 2001-07-12 | 2003-06-19 | Russo Anthony P. | Secure network and networked devices using biometrics |
US7751595B2 (en) | 2001-07-12 | 2010-07-06 | Authentec, Inc. | Method and system for biometric image assembly from multiple partial biometric frame scans |
US20070274575A1 (en) * | 2001-07-12 | 2007-11-29 | Russo Anthony P | Method and system for biometric image assembly from multiple partial biometric frame scans |
US20100223474A1 (en) * | 2002-07-19 | 2010-09-02 | Bowers Charles R | Method and apparatus for managing confidential information |
US20160162682A1 (en) * | 2002-07-19 | 2016-06-09 | Charles R. Bowers | Method and apparatus for managing confidential information |
US20140149747A1 (en) * | 2002-07-19 | 2014-05-29 | Charles R. Bowers | Method and apparatus for managing confidential information |
US9940450B2 (en) * | 2002-07-19 | 2018-04-10 | Charles R. Bowers | Method and apparatus for managing confidential information |
US8321685B2 (en) | 2002-07-19 | 2012-11-27 | Bowers Charles R | Method and apparatus for managing confidential information |
US20050015596A1 (en) * | 2002-07-19 | 2005-01-20 | Bowers Charles R. | Method and apparatus for managing confidential information |
US9218507B2 (en) * | 2002-07-19 | 2015-12-22 | Charles R. Bowers | Method and apparatus for managing confidential information |
US7716493B2 (en) | 2002-07-19 | 2010-05-11 | Bowers Charles R | Method and apparatus for managing confidential information |
US7334130B2 (en) * | 2002-07-19 | 2008-02-19 | Bowers Charles R | Method and apparatus for managing confidential information |
US20080091953A1 (en) * | 2002-07-19 | 2008-04-17 | Bowers Charles R | Method and apparatus for managing confidential information |
US8782427B2 (en) | 2002-08-15 | 2014-07-15 | Actividentity, Inc. | System and method for sequentially processing a biometric sample |
US8141141B2 (en) * | 2002-08-15 | 2012-03-20 | Actividentity, Inc. | System and method for sequentially processing a biometric sample |
US20100088509A1 (en) * | 2002-08-15 | 2010-04-08 | Joseph Fedronic Dominique Louis | System and method for sequentially processing a biometric sample |
US8205249B2 (en) * | 2002-10-24 | 2012-06-19 | Giesecke & Devrient Gmbh | Method for carrying out a secure electronic transaction using a portable data support |
US20060242691A1 (en) * | 2002-10-24 | 2006-10-26 | Gisela Meister | Method for carrying out a secure electronic transaction using a portable data support |
US8185747B2 (en) * | 2003-05-22 | 2012-05-22 | Access Security Protection, Llc | Methods of registration for programs using verification processes with biometrics for fraud management and enhanced security protection |
US20070288759A1 (en) * | 2003-05-22 | 2007-12-13 | Wood Richard G | Methods of registration for programs using verification processes with biometrics for fraud management and enhanced security protection |
US20050273442A1 (en) * | 2004-05-21 | 2005-12-08 | Naftali Bennett | System and method of fraud reduction |
US8781975B2 (en) * | 2004-05-21 | 2014-07-15 | Emc Corporation | System and method of fraud reduction |
DE102004046153A1 (en) * | 2004-09-23 | 2006-04-06 | Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. | Network e.g. Internet, subscriber`s e.g. mobile telephone, digital reputation determining method, involves determining reputation of subscriber of network by central server based on token issued by service provider to subscriber |
DE102004046153B4 (en) * | 2004-09-23 | 2006-10-12 | Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. | Method and network system for determining the digital reputation |
US20080263662A1 (en) * | 2005-05-06 | 2008-10-23 | Pau-Chen Cheng | System and method for fuzzy multi-level security |
US8087090B2 (en) * | 2005-05-06 | 2011-12-27 | International Business Machines Corporation | Fuzzy multi-level security |
US7386105B2 (en) * | 2005-05-27 | 2008-06-10 | Nice Systems Ltd | Method and apparatus for fraud detection |
WO2006126183A2 (en) * | 2005-05-27 | 2006-11-30 | Nice Systems Ltd. | Method and apparatus for fraud detection |
US20060285665A1 (en) * | 2005-05-27 | 2006-12-21 | Nice Systems Ltd. | Method and apparatus for fraud detection |
WO2006126183A3 (en) * | 2005-05-27 | 2007-10-18 | Nice Systems Ltd | Method and apparatus for fraud detection |
US7801288B2 (en) | 2005-05-27 | 2010-09-21 | Nice Systems Ltd. | Method and apparatus for fraud detection |
US20060277092A1 (en) * | 2005-06-03 | 2006-12-07 | Credigy Technologies, Inc. | System and method for a peer to peer exchange of consumer information |
US7730546B2 (en) * | 2005-07-01 | 2010-06-01 | Time Warner, Inc. | Method and apparatus for authenticating usage of an application |
US20070006163A1 (en) * | 2005-07-01 | 2007-01-04 | Aoki Norihiro E | Method and apparatus for authenticating usage of an application |
US8327459B2 (en) | 2005-07-01 | 2012-12-04 | Time Warner, Inc. | Method and apparatus for authenticating usage of an application |
US20100199347A1 (en) * | 2005-07-01 | 2010-08-05 | Time Warner, Inc. | Method and Apparatus for Authenticating Usage of an Application |
US20070080778A1 (en) * | 2005-10-11 | 2007-04-12 | Newfrey Llc | Door lock with protected biometric sensor |
US7525411B2 (en) | 2005-10-11 | 2009-04-28 | Newfrey Llc | Door lock with protected biometric sensor |
US20070130070A1 (en) * | 2005-12-02 | 2007-06-07 | Credigy Technologies, Inc. | System and method for an anonymous exchange of private data |
US8560456B2 (en) | 2005-12-02 | 2013-10-15 | Credigy Technologies, Inc. | System and method for an anonymous exchange of private data |
US20070162377A1 (en) * | 2005-12-23 | 2007-07-12 | Credigy Technologies, Inc. | System and method for an online exchange of private data |
US9609001B2 (en) | 2007-02-02 | 2017-03-28 | Websense, Llc | System and method for adding context to prevent data leakage over a computer network |
US20110099112A1 (en) * | 2007-08-31 | 2011-04-28 | Mages Kenneth G | Apparatus and method for conducting securing financial transactions |
US9053471B2 (en) * | 2007-08-31 | 2015-06-09 | 4361423 Canada Inc. | Apparatus and method for conducting securing financial transactions |
CN101911585A (en) * | 2008-01-04 | 2010-12-08 | 微软公司 | Selective authorization based on authentication input attributes |
CN101911585B (en) * | 2008-01-04 | 2014-08-13 | 微软公司 | Selective authorization based on authentication input attributes |
US20090178129A1 (en) * | 2008-01-04 | 2009-07-09 | Microsoft Corporation | Selective authorization based on authentication input attributes |
US8621561B2 (en) * | 2008-01-04 | 2013-12-31 | Microsoft Corporation | Selective authorization based on authentication input attributes |
US9015842B2 (en) | 2008-03-19 | 2015-04-21 | Websense, Inc. | Method and system for protection against information stealing software |
US9455981B2 (en) * | 2008-03-19 | 2016-09-27 | Forcepoint, LLC | Method and system for protection against information stealing software |
US9130986B2 (en) * | 2008-03-19 | 2015-09-08 | Websense, Inc. | Method and system for protection against information stealing software |
US20090241173A1 (en) * | 2008-03-19 | 2009-09-24 | Websense, Inc. | Method and system for protection against information stealing software |
US9495539B2 (en) | 2008-03-19 | 2016-11-15 | Websense, Llc | Method and system for protection against information stealing software |
US20100017845A1 (en) * | 2008-07-18 | 2010-01-21 | Microsoft Corporation | Differentiated authentication for compartmentalized computing resources |
US10146926B2 (en) | 2008-07-18 | 2018-12-04 | Microsoft Technology Licensing, Llc | Differentiated authentication for compartmentalized computing resources |
US8631486B1 (en) * | 2009-03-31 | 2014-01-14 | Emc Corporation | Adaptive identity classification |
US9600704B2 (en) | 2010-01-15 | 2017-03-21 | Idex Asa | Electronic imager using an impedance sensor grid array and method of making |
US8421890B2 (en) | 2010-01-15 | 2013-04-16 | Picofield Technologies, Inc. | Electronic imager using an impedance sensor grid array and method of making |
US8791792B2 (en) | 2010-01-15 | 2014-07-29 | Idex Asa | Electronic imager using an impedance sensor grid array mounted on or about a switch and method of making |
US10115001B2 (en) | 2010-01-15 | 2018-10-30 | Idex Asa | Biometric image sensing |
US9659208B2 (en) | 2010-01-15 | 2017-05-23 | Idex Asa | Biometric image sensing |
US10592719B2 (en) | 2010-01-15 | 2020-03-17 | Idex Biometrics Asa | Biometric image sensing |
US11080504B2 (en) | 2010-01-15 | 2021-08-03 | Idex Biometrics Asa | Biometric image sensing |
US8866347B2 (en) | 2010-01-15 | 2014-10-21 | Idex Asa | Biometric image sensing |
US9268988B2 (en) | 2010-01-15 | 2016-02-23 | Idex Asa | Biometric image sensing |
US8713672B2 (en) * | 2011-08-15 | 2014-04-29 | Bank Of America Corporation | Method and apparatus for token-based context caching |
US20130047204A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Apparatus and Method for Determining Resource Trust Levels |
US8789162B2 (en) * | 2011-08-15 | 2014-07-22 | Bank Of America Corporation | Method and apparatus for making token-based access decisions |
US20130047215A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Method and apparatus for token-based reassignment of privileges |
US8806602B2 (en) | 2011-08-15 | 2014-08-12 | Bank Of America Corporation | Apparatus and method for performing end-to-end encryption |
US20130047201A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Apparatus and Method for Expert Decisioning |
US8850515B2 (en) | 2011-08-15 | 2014-09-30 | Bank Of America Corporation | Method and apparatus for subject recognition session validation |
US8752124B2 (en) | 2011-08-15 | 2014-06-10 | Bank Of America Corporation | Apparatus and method for performing real-time authentication using subject token combinations |
US8910290B2 (en) * | 2011-08-15 | 2014-12-09 | Bank Of America Corporation | Method and apparatus for token-based transaction tagging |
US8752157B2 (en) | 2011-08-15 | 2014-06-10 | Bank Of America Corporation | Method and apparatus for third party session validation |
US8752143B2 (en) * | 2011-08-15 | 2014-06-10 | Bank Of America Corporation | Method and apparatus for token-based reassignment of privileges |
US8950002B2 (en) * | 2011-08-15 | 2015-02-03 | Bank Of America Corporation | Method and apparatus for token-based access of related resources |
US20130047251A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Method and Apparatus for Token-Based Context Caching |
US8726339B2 (en) | 2011-08-15 | 2014-05-13 | Bank Of America Corporation | Method and apparatus for emergency session validation |
US8726341B2 (en) * | 2011-08-15 | 2014-05-13 | Bank Of America Corporation | Apparatus and method for determining resource trust levels |
US8789143B2 (en) * | 2011-08-15 | 2014-07-22 | Bank Of America Corporation | Method and apparatus for token-based conditioning |
US9055053B2 (en) | 2011-08-15 | 2015-06-09 | Bank Of America Corporation | Method and apparatus for token-based combining of risk ratings |
US8726361B2 (en) * | 2011-08-15 | 2014-05-13 | Bank Of America Corporation | Method and apparatus for token-based attribute abstraction |
US8726340B2 (en) * | 2011-08-15 | 2014-05-13 | Bank Of America Corporation | Apparatus and method for expert decisioning |
US8584202B2 (en) | 2011-08-15 | 2013-11-12 | Bank Of America Corporation | Apparatus and method for determining environment integrity levels |
US9159065B2 (en) * | 2011-08-15 | 2015-10-13 | Bank Of America Corporation | Method and apparatus for object security session validation |
US8572714B2 (en) * | 2011-08-15 | 2013-10-29 | Bank Of America Corporation | Apparatus and method for determining subject assurance level |
US8572689B2 (en) | 2011-08-15 | 2013-10-29 | Bank Of America Corporation | Apparatus and method for making access decision using exceptions |
US8572683B2 (en) | 2011-08-15 | 2013-10-29 | Bank Of America Corporation | Method and apparatus for token-based re-authentication |
US9253197B2 (en) | 2011-08-15 | 2016-02-02 | Bank Of America Corporation | Method and apparatus for token-based real-time risk updating |
US20130047248A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Apparatus and Method for Determining Subject Assurance Level |
US8539558B2 (en) | 2011-08-15 | 2013-09-17 | Bank Of America Corporation | Method and apparatus for token-based token termination |
US20130047266A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Method and apparatus for token-based access of related resources |
US20130047262A1 (en) * | 2011-08-15 | 2013-02-21 | Bank Of America Corporation | Method and Apparatus for Object Security Session Validation |
US10101851B2 (en) | 2012-04-10 | 2018-10-16 | Idex Asa | Display with integrated touch screen and fingerprint sensor |
US9798917B2 (en) | 2012-04-10 | 2017-10-24 | Idex Asa | Biometric sensing |
US10114497B2 (en) | 2012-04-10 | 2018-10-30 | Idex Asa | Biometric sensing |
US10088939B2 (en) | 2012-04-10 | 2018-10-02 | Idex Asa | Biometric sensing |
US8996860B1 (en) * | 2012-08-23 | 2015-03-31 | Amazon Technologies, Inc. | Tolerance factor-based secret decay |
US9038148B1 (en) | 2012-08-23 | 2015-05-19 | Amazon Technologies, Inc. | Secret variation for network sessions |
US20170134367A1 (en) * | 2012-08-23 | 2017-05-11 | Amazon Technologies, Inc. | Adaptive timeouts for security credentials |
US9203818B1 (en) | 2012-08-23 | 2015-12-01 | Amazon Technologies, Inc. | Adaptive timeouts for security credentials |
US10652232B2 (en) * | 2012-08-23 | 2020-05-12 | Amazon Technologies, Inc. | Adaptive timeouts for security credentials |
US9571488B2 (en) | 2012-08-23 | 2017-02-14 | Amazon Technologies, Inc. | Adaptive timeouts for security credentials |
US10135783B2 (en) | 2012-11-30 | 2018-11-20 | Forcepoint Llc | Method and apparatus for maintaining network communication during email data transfer |
US9241259B2 (en) | 2012-11-30 | 2016-01-19 | Websense, Inc. | Method and apparatus for managing the transfer of sensitive information to mobile devices |
US11915235B2 (en) | 2013-07-24 | 2024-02-27 | Visa International Service Association | Systems and methods for communicating token attributes associated with a token vault |
EP3025293A4 (en) * | 2013-07-24 | 2017-03-29 | Visa International Service Association | Systems and methods for communicating risk using token assurance data |
WO2015013522A1 (en) | 2013-07-24 | 2015-01-29 | Visa International Service Association | Systems and methods for communicating risk using token assurance data |
US20150032625A1 (en) * | 2013-07-24 | 2015-01-29 | Matthew Dill | Systems and methods for communicating risk using token assurance data |
EP3025293A1 (en) * | 2013-07-24 | 2016-06-01 | Visa International Service Association | Systems and methods for communicating risk using token assurance data |
US11093936B2 (en) | 2013-07-24 | 2021-08-17 | Visa International Service Association | Systems and methods for communicating token attributes associated with a token vault |
US9996835B2 (en) | 2013-07-24 | 2018-06-12 | Visa International Service Association | Systems and methods for communicating token attributes associated with a token vault |
US20200051084A1 (en) * | 2013-08-30 | 2020-02-13 | Mastercard International Incorporated | Methods and systems for verifying cardholder authenticity when provisioning a token |
US11494780B2 (en) * | 2013-08-30 | 2022-11-08 | Mastercard International Incorporated | Methods and systems for verifying cardholder authenticity when provisioning a token |
US10460322B2 (en) * | 2013-08-30 | 2019-10-29 | Mastercard International Incorporated | Methods and systems for verifying cardholder authenticity when provisioning a token |
WO2015054697A1 (en) | 2013-10-11 | 2015-04-16 | Visa International Service Association | Network token system |
EP3937108A1 (en) * | 2013-10-11 | 2022-01-12 | Visa International Service Association | Network token system |
US11710119B2 (en) | 2013-10-11 | 2023-07-25 | Visa International Service Association | Network token system |
EP3078156A4 (en) * | 2013-10-11 | 2017-07-12 | Visa International Service Association | Network token system |
US10891610B2 (en) | 2013-10-11 | 2021-01-12 | Visa International Service Association | Network token system |
US9836637B2 (en) * | 2014-01-15 | 2017-12-05 | Google Llc | Finger print state integration with non-application processor functions for power savings in an electronic device |
US10402621B2 (en) | 2014-01-15 | 2019-09-03 | Google Technology Holdings LLC | Finger print state integration with non-application processor functions for power savings in an electronic device |
US20150199554A1 (en) * | 2014-01-15 | 2015-07-16 | Motorola Mobility Llc | Finger Print State Integration with Non-Application Processor Functions for Power Savings in an Electronic Device |
US11023890B2 (en) | 2014-06-05 | 2021-06-01 | Visa International Service Association | Identification and verification for provisioning mobile application |
US11568405B2 (en) | 2014-06-05 | 2023-01-31 | Visa International Service Association | Identification and verification for provisioning mobile application |
US10575785B2 (en) | 2015-02-05 | 2020-03-03 | Samsung Electronics Co., Ltd. | Method and apparatus for obtaining biometric information |
US9881184B2 (en) * | 2015-10-30 | 2018-01-30 | Intel Corporation | Authenticity-assured data gathering apparatus and method |
US20170124356A1 (en) * | 2015-10-30 | 2017-05-04 | Mark A. Allyn | Authenticity-assured data gathering apparatus and method |
US11423475B2 (en) * | 2016-09-27 | 2022-08-23 | Visa International Service Association | Distributed electronic record and transaction history |
US20200265132A1 (en) * | 2019-02-18 | 2020-08-20 | Samsung Electronics Co., Ltd. | Electronic device for authenticating biometric information and operating method thereof |
Also Published As
Publication number | Publication date |
---|---|
JP2005531935A (en) | 2005-10-20 |
WO2003007121B1 (en) | 2003-08-07 |
US20030126448A1 (en) | 2003-07-03 |
AU2002346107A1 (en) | 2003-01-29 |
US20070274575A1 (en) | 2007-11-29 |
WO2003007121A3 (en) | 2003-06-05 |
WO2003007121A2 (en) | 2003-01-23 |
WO2003007125A3 (en) | 2003-06-12 |
WO2003007127A9 (en) | 2003-03-27 |
EP1573426A2 (en) | 2005-09-14 |
US20030115490A1 (en) | 2003-06-19 |
US7751595B2 (en) | 2010-07-06 |
EP1573426A4 (en) | 2009-11-25 |
WO2003007125A9 (en) | 2003-09-12 |
US20030115475A1 (en) | 2003-06-19 |
WO2003007127A3 (en) | 2008-11-20 |
WO2003007125A2 (en) | 2003-01-23 |
WO2003007127A2 (en) | 2003-01-23 |
AU2002332414A1 (en) | 2003-01-29 |
AU2002316679A1 (en) | 2003-01-29 |
US7197168B2 (en) | 2007-03-27 |
AU2002316679A8 (en) | 2008-12-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20030101348A1 (en) | Method and system for determining confidence in a digital transaction | |
US10824714B2 (en) | Method and system for securing user access, data at rest, and sensitive transactions using biometrics for mobile devices with protected local templates | |
US6148404A (en) | Authentication system using authentication information valid one-time | |
US6185316B1 (en) | Self-authentication apparatus and method | |
US7552333B2 (en) | Trusted authentication digital signature (tads) system | |
KR100486062B1 (en) | Biometric certificates | |
US7188362B2 (en) | System and method of user and data verification | |
CA2417770C (en) | Trusted authentication digital signature (tads) system | |
US6745327B1 (en) | Electronic certificate signature program | |
US8447991B2 (en) | Card authentication system | |
US7526653B1 (en) | Method of data protection | |
US20090293111A1 (en) | Third party system for biometric authentication | |
US20040059924A1 (en) | Biometric private key infrastructure | |
WO2003007527A2 (en) | Biometrically enhanced digital certificates and system and method for making and using | |
US20030135740A1 (en) | Biometric-based system and method for enabling authentication of electronic messages sent over a network | |
US20070226512A1 (en) | Architectures for Privacy Protection of Biometric Templates | |
US20140258718A1 (en) | Method and system for secure transmission of biometric data | |
JP2002519782A (en) | Apparatus and method for end-to-end authentication using biometric data | |
Burr et al. | Sp 800-63-1. electronic authentication guideline | |
Bosworth et al. | Entities, identities, identifiers and credentials—what does it all mean? | |
CN110689351A (en) | Financial service verification system and financial service verification method | |
JP2007258789A (en) | System, method, and program for authenticating agent | |
Graham et al. | It’s all about authentication | |
Xu et al. | Study of Electronic Identity Authentication Model | |
AU2003253777B2 (en) | Biometric private key infrastructure |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: I-CONTROL SECURITY, INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:RUSSO, ANTHONY P.;MCCOY, PETER A.;HOWELL, MARK J.;REEL/FRAME:013713/0333;SIGNING DATES FROM 20021205 TO 20021219 |
|
AS | Assignment |
Owner name: I-CONTROL SECURITY, INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:I-CONTROL TRANSACTIONS, INC.;REEL/FRAME:015264/0686 Effective date: 20021112 |
|
AS | Assignment |
Owner name: ATRUA TECHNOLOGIES, INC., CALIFORNIA Free format text: CHANGE OF NAME;ASSIGNOR:I-CONTROL SECURITY, INC.;REEL/FRAME:015393/0534 Effective date: 20030908 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |