Two-Level Authentication For Secure Transactions
First Claim
1. A method for electronic authentication comprising:
- wirelessly receiving a biometric profile from a personal digital key (PDK), wherein the biometric profile is uniquely associated with an individual;
receiving a biometric input;
comparing the biometric profile to the biometric input; and
authorizing a transaction responsive to the biometric profile matching the biometric input.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method provide efficient, secure, and highly reliable authentication for transaction processing and/or access control applications. A Personal Digital Key stores one or more profiles (e.g., a biometric profile) in a tamper-proof memory that is acquired in a secure trusted process. Biometric profiles comprise a representation of physical or behavioral characteristics that are uniquely associated with an individual that owns and carries the PDK. The PDK wirelessly transmits the biometric profile over a secure wireless transaction to a Reader for use in a biometric authentication process. The Reader compares the received biometric profile to a biometric input acquired at the point of transaction in order to determine if the transaction should be authorized.
-
Citations
42 Claims
-
1. A method for electronic authentication comprising:
-
wirelessly receiving a biometric profile from a personal digital key (PDK), wherein the biometric profile is uniquely associated with an individual;
receiving a biometric input;
comparing the biometric profile to the biometric input; and
authorizing a transaction responsive to the biometric profile matching the biometric input. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An apparatus for electronic authentication comprising:
-
a receiver/decoder circuit adapted to wirelessly receive a biometric profile from a personal digital key (PDK), wherein the biometric profile is uniquely associated with an individual;
a biometric reader adapted to receive a biometric input; and
a processor coupled to the receiver/decoder circuit and the biometric reader, the processor adapted to compare the biometric profile to the biometric input, and indicate that a transaction should be authorized responsive to the biometric profile matching the biometric input. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. An apparatus comprising:
-
a memory adapted to store a biometric profile in a tamper-proof format, wherein the biometric profile is uniquely associated with an individual; and
a transceiver coupled to the memory, the transceiver adapted to wirelessly receive a request from an external device to transmit the biometric profile to the external device, and wirelessly transmit the biometric profile over a secure wireless channel to the external device. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
-
29. An method for secure authentication using a physical, portable key comprising:
-
storing a biometric profile in a tamper-proof memory, wherein the biometric profile is uniquely associated with an individual;
wirelessly receiving a request from an external device to transmit the biometric profile to the external device; and
responsive to receiving the request, wirelessly transmitting the biometric profile over a secure wireless channel to the external device, wherein the external device authenticates an individual for a transaction based on a comparison between the biometric profile and a biometric input acquired from the individual. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37)
-
-
38. A method for secure electronic authentication comprising:
-
wirelessly receiving uniquely identifying information from a personal digital key (PDK);
analyzing the uniquely identifying information to determine if the PDK is valid;
receiving profile information from the PDK indicating types of profiles stored in the PDK;
determining if the types of profiles are compatible with allowable authentication types;
performing one or more authentication tests to determine if a profile is valid; and
authorizing a transaction responsive to determining that the PDK is valid, determining that the types of profiles are compatible, and determining that the profile is valid. - View Dependent Claims (39, 40, 41, 42)
-
Specification