Method and system for biometric identification and authentication having an exception mode
First Claim
Patent Images
1. A method of authenticating an enrolled user of a biometric authentication and/or identification system having an exception mode, the method comprising:
- receiving a request from the enrolled user for exception mode authentication;
requesting identifying information from the enrolled user;
receiving the identifying information from the enrolled user;
verifying the enrolled user'"'"'s identity by determining if the identifying information received from the enrolled user matches identifying information of the enrolled user as stored in a user information database;
submitting to a template matching server a biometric template extracted from a biometric sample image of a biometric identifier of a person authorizing a change to the exception mode;
if the template matching server finds a match between the biometric template of the person authorizing the change to the exception mode and a pre-stored reference biometric template of the person authorizing the change to the exception mode, changing the enrolled user'"'"'s authentication mode to the exception mode;
assigning to the user a temporary password having an expiration date;
storing the temporary password and said expiration date in the user information database;
setting a user exception mode authentication counter value stored in the user information database to a value corresponding to a number of allowed authentications with the temporary password; and
transmitting the temporary password to the enrolled user by an out-of-band communication.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the invention provide methods and systems for authenticating an enrolled uses of a biometric authentication and/or identification system having an exception mode, in which the enrolled user submits a temporary password during authentication. The temporary password is only generated if the enrolled user'"'"'s identity is verified and the person authorizing a change to the exception mode submits a valid biometric identifier.
-
Citations
14 Claims
-
1. A method of authenticating an enrolled user of a biometric authentication and/or identification system having an exception mode, the method comprising:
-
receiving a request from the enrolled user for exception mode authentication;
requesting identifying information from the enrolled user;
receiving the identifying information from the enrolled user;
verifying the enrolled user'"'"'s identity by determining if the identifying information received from the enrolled user matches identifying information of the enrolled user as stored in a user information database;
submitting to a template matching server a biometric template extracted from a biometric sample image of a biometric identifier of a person authorizing a change to the exception mode;
if the template matching server finds a match between the biometric template of the person authorizing the change to the exception mode and a pre-stored reference biometric template of the person authorizing the change to the exception mode, changing the enrolled user'"'"'s authentication mode to the exception mode;
assigning to the user a temporary password having an expiration date;
storing the temporary password and said expiration date in the user information database;
setting a user exception mode authentication counter value stored in the user information database to a value corresponding to a number of allowed authentications with the temporary password; and
transmitting the temporary password to the enrolled user by an out-of-band communication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for authenticating an enrolled user of a biometric authentication and/or identification system having an exception mode, the system comprising:
-
one or more user information databases to store data records for all enrolled users, each data record including, but not limited to a uniquely assigned user identification string, a user authentication mode indicator, a user exception mode authentication counter, reference biometric identifier templates for the enrolled user and a person authorizing a change to the exception mode, information that identifies the enrolled user; and
a temporary password having an expiration date and assigned exclusively to the enrolled user; and
a client device, operatively associated with the user information database, to receive a request for exception mode authentication sent from the enrolled user;
to request identifying information from the enrolled user;
to receive information sent by the enrolled user;
if the information sent by the enrolled user matches the information that identifies the enrolled user stored in the user information database, to verify the enrolled user'"'"'s identity;
to submit to a template matching server;
a biometric template extracted from a biometric sample image of a biometric identifier of the person authorizing the change to the exception mode;
if the template matching server finds a match between the submitted biometric template and the reference biometric template of the person authorizing the change to the exception mode, to change the enrolled user'"'"'s authentication mode to the exception mode;
to assign the temporary password to the user;
to store the temporary password and the expiration date in the user information database;
to set the user exception mode authentication counter value stored in the user information database to a value corresponding to the number of allowed authentications with the temporary password; and
to transmit the temporary password to the first client device by the out-of-band communication. - View Dependent Claims (10, 11, 12, 13, 14)
-
Specification