User authentication method and system

US 20030154382A1
Filed: 01/17/2003
Published: 08/14/2003
Est. Priority Date: 01/18/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method of authenticating a user of a security token (11) which has confidential information accessible only in response to a predetermined access code, the method including capturing biometric information of the user, creating a user biometric profile from the captured biometric information, comparing the user biometric profile created from the captured biometric information with a plurality of a biometric profiles contained within a database (24) containing the user biometric profile and other biometric profiles, each biometric profile in the database (24) of biometric profiles having a unique associated code, selecting from the database (24) of biometric profiles the biometric profile corresponding most closely to the user profile created from the captured biometric data, and providing the code associated with the selected biometric profile to the security token (11).

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authenticating a user of a security token which has confidential information accessible only in response to a predetermined access code, the method including capturing biometric information of the user, creating a user biometric profile from the captured biometric information, comparing the user biometric profile created from the captured biometric information with a plurality of a biometric profiles contained within a database containing the user biometric profile and other biometric profiles, each biometric profile in the database of biometric profiles having a unique associated code, selecting from the database of biometric profiles the biometric profile corresponding most closely to the user profile created from the captured biometric data, and providing the code associated with the selected biometric profile to the security token.

Citations

17 Claims

1. A method of authenticating a user of a security token (11) which has confidential information accessible only in response to a predetermined access code, the method including capturing biometric information of the user, creating a user biometric profile from the captured biometric information, comparing the user biometric profile created from the captured biometric information with a plurality of a biometric profiles contained within a database (24) containing the user biometric profile and other biometric profiles, each biometric profile in the database (24) of biometric profiles having a unique associated code, selecting from the database (24) of biometric profiles the biometric profile corresponding most closely to the user profile created from the captured biometric data, and providing the code associated with the selected biometric profile to the security token (11).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A method according to claim 1 characterised in that the database (24) of user biometric profiles and associated codes is created by capturing reference biometric information from a user to be authorised, storing the user biometric profile in a database (24), adding to the database (24) a plurality of different biometric profiles, and associating with each of the added biometric profiles in the database (24), a unique associated code, and associating with the biometric profile of the user to be authorised, the user'"'"'s security token (11) access code.
  - 3. A method according to claim 2 characterised in that the different biometric profiles which are added to the database (24) are selected from a larger database (33) of biometric profiles.
  - 4. A method according to claim 2 characterised in that the different biometric profiles which are added to the database (24) are selected from a larger database (33) including artificially created biometric profiles.
  - 5. A method according to any one of claims 2 to 6 characterised in that the different biometric profiles which are added to the database (24) are artificially created profiles.
  - 6. A method according to any one of claims 2 to 5 characterised in that the different biometric profiles which are added to the database (24) are selected to be significantly different from the authorised user'"'"'s biometric profile, and from others of the added biometric profiles, thus to aid recognition of the authorised user'"'"'s biometric information when captured subsequently during a user authorisation procedure.
  - 7. A method according to claim 3 or claim 4 characterised in that the larger database (33) of biometric profiles from which the biometric profiles to be added to the database (24) are selected, is at a processing station (30) remote from a secure device or installation (12/14) to which the user requires access using the security token.
  - 8. A method according to claim 5 characterised in that the biometric profiles to be added to the database (24) are created at a processing station (30) located remotely from a secure device or installation (12/14) to which the user requires access using the security token.
  - 9. A method according to claim 8 characterised in that a secure device or installation (12/14) to which the user requires access using the security token is accessible by a single authorised user, the database (24) of biometric profiles containing only a single authorised user profile and associated access code.
  - 10. A method according to any one of claims 1 to 9 characterised in that the system (10) includes a single security token (11).
  - 11. A method according to claim 9 or claim 10 characterised in that the secure device (12) is a mobile telephone apparatus, or other PDA, with the security token (11) being a subscriber identity module (SIM) in the apparatus (12).
  - 12. A method according to any one of claims 1 to 9 characterised in that the secure device or installation (12/14) to which the user requires access using the security token has multiple authorised users, each authorised user having a security token (11) with a unique predetermined access code, the database (24) of biometric profiles containing user biometric profiles with associated predetermined access codes for each authorised user.
  - 13. A method according to any one of claims 1 to 9 characterised in that the secure device or installation (12/14) has multiple authorised users and the authorised users each have security tokens (11) with the same access code, each biometric profile in the local database (24) including a plurality of associated codes, each of the authorised user biometric profiles including an associated common predetermined access code, but at least some of the other biometric profiles including common associated codes so that the user biometric profiles and the associated access code cannot readily be identified.

14. A user authentication system (10) including a security token (11) which has confidential information accessible only in response to a predetermined access code provided to the token (11), a biometric information reader (18) for capturing biometric information of the user, processing means (20) to create a user biometric profile from the captured biometric information, a database (24) for containing the user biometric profile and other biometric profiles, each biometric profile in the database (24) of biometric profiles having a unique associated code, comparator means (22) for comparing the user biometric profile created from the captured biometric information with a plurality of a biometric profiles contained within the database (24), and for selecting from the database (24) of biometric profiles the biometric profile corresponding most closely to the user profile created from the captured biometric data, and to provide the code associated with the selected biometric profile to the security token (11).
- View Dependent Claims (15, 16, 17)
- - 15. A system according to claim 14 characterised in that the biometric reader (18) is one of a scanner to scan a fingerprint, iris, retina, or face, or a microphone to record speech or any other reader to gather biometric information.
  - 16. A system according to claim 14 or claim 15 characterised in that the database (24) of biometric profiles and associated codes is local to a secure device or installation (12/14) to be accessed by the user using the security token.
  - 17. A system according to any one of claims 16 to 18 characterised in that the system (10) includes a remote processing station (30) for creating the database (24) which remote database (30) is accessible over a network connection (28) or via a telecommunications link (32).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Vicard, Dominique

Application Number

US10/347,124
Publication Number

US 20030154382A1
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

G07C 9/257 electronically G07C9/26 tak...

User authentication method and system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

User authentication method and system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links