SYSTEM FOR BIOMETRIC SECURITY USING A SMARTCARD

US 20080067242A1
Filed: 09/25/2007
Published: 03/20/2008
Est. Priority Date: 07/01/2004
Status: Active Grant

First Claim

Patent Images

1. A method for facilitating biometric security in a smartcard transaction system, said method comprising:

receiving a proffered biometric sample at a biometric sensor configured on a smartcard, wherein said smart card comprises a common application and a second application, said second application storing travel-related information associated with a cardholder, said second application comprising a common file structure and a partner file structure, wherein said proffered biometric sample is required to access said common file structure and said partner file structure;

generating data representing said proffered biometric sample;

verifying said proffered biometric sample;

enabling write access to a field within said partner file structure upon verification of said proffered biometric sample and upon request by a first partnering organization;

denying write access to said field upon request by a second partnering organization;

enabling write access for said first partnering organization and said second partnering organization to a field in said common file structure, upon verification of said proffered biometric sample;

transferring common data to facilitate authorization of said transaction; and

, transferring said travel-related information, information related to said common file structure and information related to said partner file structure to facilitate said transaction.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention discloses a method for facilitating biometric security in a smartcard-reader transaction system by proffering a biometric. The biometric may be proffered to a biometric sensor communicating with the smartcard-reader system. Proffering the biometric initiates verification of the biometric sample and facilitates authorization of a transaction.

Citations

16 Claims

1. A method for facilitating biometric security in a smartcard transaction system, said method comprising:
- receiving a proffered biometric sample at a biometric sensor configured on a smartcard, wherein said smart card comprises a common application and a second application, said second application storing travel-related information associated with a cardholder, said second application comprising a common file structure and a partner file structure, wherein said proffered biometric sample is required to access said common file structure and said partner file structure;
  
  generating data representing said proffered biometric sample;
  
  verifying said proffered biometric sample;
  
  enabling write access to a field within said partner file structure upon verification of said proffered biometric sample and upon request by a first partnering organization;
  
  denying write access to said field upon request by a second partnering organization;
  
  enabling write access for said first partnering organization and said second partnering organization to a field in said common file structure, upon verification of said proffered biometric sample;
  
  transferring common data to facilitate authorization of said transaction; and
  
  , transferring said travel-related information, information related to said common file structure and information related to said partner file structure to facilitate said transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, wherein said proffered biometric sample comprises at least one from the group of:
    - a retinal scan, an iris scan, a fingerprint scan, a hand print scan, a hand geometry scan, a voice print scan, a vascular scan, a facial scan, an ear scan, a signature scan, a keystroke scan, an olfactory scan, an auditory emissions scan, and a DNA scan.
  - 3. The method of claim 1, wherein said biometric sensor comprises at least one from the group of:
    - a retinal scan sensor, an iris scan sensor, a fingerprint sensor, a hand print sensor, a hand geometry sensor, a voice print sensor, a vascular sensor, a facial sensor, an ear sensor, a signature sensor, a keystroke sensor, an olfactory sensor, an auditory emissions sensor, and a DNA sensor.
  - 4. The method of claim 1, further comprising registering said proffered biometric sample which includes at least one of:
    - contacting said authorized sample receiver, proffering said proffered biometric sample to said authorized sample receiver, associating said proffered biometric sample with user information, verifying said proffered biometric sample, and storing said proffered biometric sample upon verification.
  - 5. The method of claim 1, wherein said step of verifying said proffered biometric sample further includes using a secondary security procedure, said secondary security procedure including sending a signal to notify that a requested transaction would violate an established rule for said smartcard.
  - 6. The method of claim 1, further comprising verifying whether said transaction is in compliance with a preset transaction limitation associated with at least one from the group of a:
    - charge card account, credit card account, debit card account, savings account, private label account and loyalty point account.
  - 7. The method of claim 1, further comprising verifying whether said transaction is in compliance with a preset transaction limitation comprising at least one from the group of:
    - a maximum transaction amount, minimum transaction amount, maximum number of transactions within a time period, maximum number of transactions, use by certain merchants, temporal limitation, geographic limitation, and use of non-monetary funds.
  - 8. The method of claim 1, further comprising requiring a second proffered biometric sample to override a preset transaction limitation.
  - 9. The method of claim 1, further comprising using said data representing said proffered biometric sample as at least one from the group of:
    - a private key, a public key, and a message authentication code to facilitate transaction security measures.
  - 10. The method of claim 1, further comprising writing to at least one of said partner file structure and said common file structure to program said smartcard as a room key.
  - 11. The method of claim 1, further comprising:
    - storing, by a first enterprise data collection unit, update transactions and pending transactions associated with said smartcard and a first enterprise, wherein said first enterprise data collection unit is associated with a first enterprise;
      
      storing, by a second enterprise data collection unit, update transactions and pending transactions associated with said smartcard and a second enterprise, wherein said second enterprise data collection unit is associated with a second enterprise;
      
      interfacing with said smartcard and said first and second enterprise data collection units, at an access point;
      
      storing, by a card object database system coupled to said first and second enterprise data collection units, said smartcard information in accordance with said update transactions and said pending transactions, wherein said smartcard information includes a card object having an application;
      
      routing, by an update logic system, said smartcard information from said first and second enterprise data collection units to said access point in order to effect synchronization of said smartcard information associated with said smartcard and said card object database system; and
      
      , activating, by said verification device, said update logic system upon verification of said first proffered biometric sample and said second proffered biometric sample.
  - 12. The method of claim 11, further comprising securely routing, by an update logic system, card information between said enterprise data synchronization interface and said enterprise data collection units, wherein said update logic system is coupled to an enterprise data synchronization interface, and communicating, by said enterprise network, with said access point, wherein said enterprise data synchronization interface is coupled to said enterprise network.
  - 13. The method of claim 12, further comprising, by a secure support client server, communicating with said access point, and adaptively providing communication functionality in accordance with the communication functionality available at said access point.
  - 14. The method of claim 13, further comprising:
    - communicating, by a key system, with a security server and supplying a key in response to a request from said security server, wherein said key system is associated with said application;
      
      receiving, by a personalization utility, said card object and communicating with said security server;
      
      adding, by said personalization utility, said key to said card object;
      
      accepting, by a card management system, a card request and communicating said card request to said personalization utility; and
      
      communicating, by a gather application module, with said card management system and gathering application information from a first database and a second database in accordance with said card request, wherein said first database is associated with said first enterprise, and said second database is associated with said second enterprise.
  - 15. The method of claim 1, further comprising displaying a first plurality of financial accounts upon verification of said proffered biometric sample, and displaying a second plurality of financial accounts upon verification of a second biometric sample, wherein said first plurality of financial accounts include different financial accounts than said second plurality of financial accounts.
  - 16. The method of claim 1, further comprising associating a first set of rules with said proffered biometric sample and displaying a first plurality of financial accounts upon verification of said first proffered biometric sample and said first set of rules, and associating a second set of rules with a second proffered biometric sample and displaying a second plurality of financial accounts upon verification of said second biometric sample and said second set of rules, wherein said first plurality of financial accounts include different financial accounts than said second plurality of financial accounts.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Liberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Salow, Glen, Bonalle, David

Granted Patent

US 7,438,234 B2
Time in Patent Office

Days
Field of Search
US Class Current

235/380
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40145   Biometric identity checks

G07C 9/257   electronically G07C9/26 tak...

G07C 9/26   using a biometric sensor in...

G07C 9/27   with central registration

G07F 7/1008   Active credit-cards provide...

SYSTEM FOR BIOMETRIC SECURITY USING A SMARTCARD

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM FOR BIOMETRIC SECURITY USING A SMARTCARD

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links