Method and system for biometric identification and authentication having an exception mode

US 20060112279A1
Filed: 11/17/2005
Published: 05/25/2006
Est. Priority Date: 11/19/2004
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating an enrolled user of a biometric authentication and/or identification system having an exception mode, the method comprising:

receiving a request from the enrolled user for exception mode authentication;

requesting identifying information from the enrolled user;

receiving the identifying information from the enrolled user;

verifying the enrolled user'"'"'s identity by determining if the identifying information received from the enrolled user matches identifying information of the enrolled user as stored in a user information database;

submitting to a template matching server a biometric template extracted from a biometric sample image of a biometric identifier of a person authorizing a change to the exception mode;

if the template matching server finds a match between the biometric template of the person authorizing the change to the exception mode and a pre-stored reference biometric template of the person authorizing the change to the exception mode, changing the enrolled user'"'"'s authentication mode to the exception mode;

assigning to the user a temporary password having an expiration date;

storing the temporary password and said expiration date in the user information database;

setting a user exception mode authentication counter value stored in the user information database to a value corresponding to a number of allowed authentications with the temporary password; and

transmitting the temporary password to the enrolled user by an out-of-band communication.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention provide methods and systems for authenticating an enrolled uses of a biometric authentication and/or identification system having an exception mode, in which the enrolled user submits a temporary password during authentication. The temporary password is only generated if the enrolled user'"'"'s identity is verified and the person authorizing a change to the exception mode submits a valid biometric identifier.

67 Citations

View as Search Results

14 Claims

1. A method of authenticating an enrolled user of a biometric authentication and/or identification system having an exception mode, the method comprising:
- receiving a request from the enrolled user for exception mode authentication;
  
  requesting identifying information from the enrolled user;
  
  receiving the identifying information from the enrolled user;
  
  verifying the enrolled user'"'"'s identity by determining if the identifying information received from the enrolled user matches identifying information of the enrolled user as stored in a user information database;
  
  submitting to a template matching server a biometric template extracted from a biometric sample image of a biometric identifier of a person authorizing a change to the exception mode;
  
  if the template matching server finds a match between the biometric template of the person authorizing the change to the exception mode and a pre-stored reference biometric template of the person authorizing the change to the exception mode, changing the enrolled user'"'"'s authentication mode to the exception mode;
  
  assigning to the user a temporary password having an expiration date;
  
  storing the temporary password and said expiration date in the user information database;
  
  setting a user exception mode authentication counter value stored in the user information database to a value corresponding to a number of allowed authentications with the temporary password; and
  
  transmitting the temporary password to the enrolled user by an out-of-band communication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 further comprising receiving a request from the enrolled user for access to a network application that requires biometric authentication;
    - sending a request for a user identification string previously assigned uniquely to the enrolled user and stored in the user information database and the temporary password;
      
      receiving a user identification string from the enrolled user and a password from the enrolled user;
      
      if the received user identification string matches the user identification string previously assigned uniquely to the enrolled user, the received password matches the temporary password, the temporary password has not expired, and the user exception mode authentication counter is greater than zero, authenticating the enrolled user; and
      
      decrementing the user exception mode authentication counter;
  - 3. The method of claim 2 further comprising repeating said receiving a request from the enrolled user for access to network, said sending a request for a user identification string, said receiving a user identification string, and said authenticating of the enrolled user in the exception mode up to the number of times determined by the value of the user exception mode counter stored in the database when the user authentication mode is first changed to exception mode.
  - 4. The method of claim 2 further comprising, if the template matching server finds a match between a biometric template extracted from a biometric image of a biometric identifier of the enrolled user in exception mode and a reference biometric template of the enrolled user, changing the enrolled user'"'"'s authentication mode.
  - 5. The method of claim 1 wherein the out-of-band communication for transmitting the temporary password comprises an email transmission
  - 6. The method of claim 1 wherein the out-of-band communication for transmitting the temporary password comprises a facsimile transmission.
  - 7. The method of claim 1 wherein the set of information sent by the enrolled user includes the enrolled user'"'"'s answers to a series of questions regarding personal information about the enrolled user.
  - 8. The method of claim 1 wherein the biometric identifier comprises a fingerprint.

9. A system for authenticating an enrolled user of a biometric authentication and/or identification system having an exception mode, the system comprising:
- one or more user information databases to store data records for all enrolled users, each data record including, but not limited to a uniquely assigned user identification string, a user authentication mode indicator, a user exception mode authentication counter, reference biometric identifier templates for the enrolled user and a person authorizing a change to the exception mode, information that identifies the enrolled user; and
  
  a temporary password having an expiration date and assigned exclusively to the enrolled user; and
  
  a client device, operatively associated with the user information database, to receive a request for exception mode authentication sent from the enrolled user;
  
  to request identifying information from the enrolled user;
  
  to receive information sent by the enrolled user;
  
  if the information sent by the enrolled user matches the information that identifies the enrolled user stored in the user information database, to verify the enrolled user'"'"'s identity;
  
  to submit to a template matching server;
  
  a biometric template extracted from a biometric sample image of a biometric identifier of the person authorizing the change to the exception mode;
  
  if the template matching server finds a match between the submitted biometric template and the reference biometric template of the person authorizing the change to the exception mode, to change the enrolled user'"'"'s authentication mode to the exception mode;
  
  to assign the temporary password to the user;
  
  to store the temporary password and the expiration date in the user information database;
  
  to set the user exception mode authentication counter value stored in the user information database to a value corresponding to the number of allowed authentications with the temporary password; and
  
  to transmit the temporary password to the first client device by the out-of-band communication.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The system of claim 9 further comprising a server, operatively associated with the user information database, to receive a request from the enrolled user for access to a network application that requires biometric authentication;
    - to receive, from the enrolled user;
      
      a user identification string and a password;
      
      if the received user identification string matches the user identification string previously assigned uniquely to the enrolled user, the received password matches the temporary password, the temporary password has not expired, and the user exception mode authentication counter is greater than zero, to authenticate the enrolled user; and
      
      to decrement the uses exception mode authentication counter by one.
  - 11. The system of claim 9 wherein the out-of-band communications for transmitting the temporary password comprises an email transmission.
  - 12. The system of claim 9 wherein the out-of-band communication for transmitting the temporary password comprises a facsimile transmission.
  - 13. The system of claim 10 wherein the server is further adapted to, if the template matching server finds a match between a biometric template extracted from a biometric image of a biometric identifier of the enrolled user in exception mode and a reference biometric template of the enrolled user, change the enrolled user'"'"'s authentication mode.
  - 14. The system of claim 9 wherein the biometric identifier comprises a fingerprint.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Triad Biometrics LLC
Original Assignee
Triad Biometrics LLC
Inventors
Coby, Scott Stanley Allan, Cohen, Mark Sherman, Chirputkar, Shailesh

Granted Patent

US 7,613,929 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

G06F 21/121   Restricting unauthorised ex...

G06F 21/128   involving web programs, i.e...

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 2221/2117   User registration

G06V 10/95   structured as a network, e....

G06V 40/10   Human or animal bodies, e.g...

G07C 9/37   using biometric data, e.g. ...

H04L 63/0428   wherein the data content is...

H04L 63/0846   using time-dependent-passwo...

H04L 63/0861   using biometrical features,...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3297   involving time stamps, e.g....

Method and system for biometric identification and authentication having an exception mode

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

67 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for biometric identification and authentication having an exception mode

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links