SERVER-SIDE BIOMETRIC AUTHENTICATION

US 20090235086A1
Filed: 05/26/2009
Published: 09/17/2009
Est. Priority Date: 11/29/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method for authenticating an identity of a user, the method comprising:

receiving encrypted data at a server, wherein the encrypted data comprises biometric data submitted by a user;

decrypting the encrypted data;

comparing user information to the encrypted data at the server, wherein the user information is stored on a database, and wherein the database is coupled to the server; and

authenticating the user if the user information is satisfied.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authenticating an identity of a user includes receiving encrypted data including biometric data of a user at a server. The method further includes decrypting the encrypted data, comparing the previously submitted user information to the encrypted data at the server, and authenticating the user if the user information is satisfied.

Citations

30 Claims

1. A method for authenticating an identity of a user, the method comprising:
- receiving encrypted data at a server, wherein the encrypted data comprises biometric data submitted by a user;
  
  decrypting the encrypted data;
  
  comparing user information to the encrypted data at the server, wherein the user information is stored on a database, and wherein the database is coupled to the server; and
  
  authenticating the user if the user information is satisfied.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the encrypted data is received at the server on a secure channel.
  - 3. The method of claim 1, wherein encrypted data is received from a computer, and wherein the computer is configured to communicate with the server.
  - 4. The method of claim 1, wherein the user information is satisfied if the biometric data submitted by the user matches the user information stored on the database.
  - 5. The method of claim 3, further comprising providing a certificate to the computer, wherein the certificate confirms a security level of the server.
  - 6. The method of claim 3, wherein the encrypted data is encrypted at the computer.
  - 7. The method of claim 1, further comprising requesting information about the user from the database.
  - 8. The method of claim 7, further comprising receiving the requested information from the database.
  - 9. The method of claim 1, wherein the database is a secure database.
  - 10. The method of claim 1, wherein the biometric data submitted by the user is not stored on the computer.
  - 11. The method of claim 1, further comprising communicating an authentication response from the server to the computer.
  - 12. The method of claim 1, wherein the user information comprises stored biometric information about the user, and wherein the stored biometric information was submitted during an enrollment process.
  - 13. The method of claim 1, wherein the encrypted data comprises first account credential information submitted by the user, and wherein the user information comprises stored biometric information and second account credential information submitted by the user during a registration or enrollment process.

14. An identity authentication system comprising:
- a server configured to communicate with a plurality of computers coupled to a network; and
  
  a database coupled to the server and configured to store user information, wherein the user information includes stored biometric information of a user;
  
  wherein the server is configured to compare the user information to encrypted data, wherein the encrypted data includes biometric data submitted by a user, and wherein the server is configured to authenticate the user if the user information is satisfied.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 15. The system of claim 14, wherein a first computer of the plurality of computers receives login data from the user, and wherein the encrypted data comprises encrypted login data.
  - 16. The system of claim 15, wherein the first computer is configured to encrypt the login data.
  - 17. The system of claim 15, wherein the encrypted data includes account information of the user.
  - 18. The system of claim 17, wherein the account information includes a username and a password of the user.
  - 19. The system of claim 14, wherein the first computer is configured to request a certificate from the server, wherein the certificate confirms a security level of the server.
  - 20. The system of claim 19, wherein the server executes instructions to provide the certificate to the first computer.
  - 21. The system of claim 14, wherein the user information comprises account credential information submitted by the user during a registration process.
  - 22. The system of claim 21, wherein the account credential information comprises a username and a password selected by the user during the registration process.
  - 23. The system of claim 14, wherein the server is configured to provide an authentication response to the first computer, wherein the authentication response indicates if the user is successfully authenticated.
  - 24. The system of claim 14, wherein the stored biometric information of the user was submitted during an enrollment process.
  - 25. The system of claim 14, further compromising a client application at one of the plurality of computers configured to allow a registrar previously enrolled and authorized to biometrically log in to initiate an enrollment process for a new user.
  - 26. The system of claim 25, further compromising a client application at one of the plurality of computers configured to allow a registrar that initiated an enrollment process to biometrically log in again after biometric collection to approve enrollment.
  - 27. The system of claim 14, wherein the server is configured to generate a plurality of activity reports indicating a log in history associated with an account of a user.

28. A computer-readable medium having computer-readable instructions stored thereon, that when executed by a computing device, cause:
- decrypting received encrypted data at a server, wherein the encrypted data comprises biometric data submitted by a user;
  
  comparing user information to the encrypted data at the server, wherein the user information is stored on a database, and wherein the database is coupled to the server; and
  
  authenticating the user if the user information is satisfied.
- View Dependent Claims (29, 30)
- - 29. The computer-readable medium of claim 28, wherein the encrypted data includes account credential information of the user, and wherein the user information comprises second biometric data and second account credential information submitted by the user during a registration or enrollment process.
  - 30. The computer-readable medium of claim 28, wherein the user information is satisfied if the biometric data submitted by the user matches the user information stored on the database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Whispering Oak Holdings LLC
Original Assignee
Whispering Oak Holdings LLC
Inventors
Nation, Stephen J., Shaffer, Ann W., Lai, Yau S., Meli, Rodney P., Nation, Ron L.

Application Number

US12/472,122
Publication Number

US 20090235086A1
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

G06F 21/32 using biometric data, e.g. ...

SERVER-SIDE BIOMETRIC AUTHENTICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

SERVER-SIDE BIOMETRIC AUTHENTICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links