SECURE METHOD AND APPARATUS TO VERIFY PERSONAL IDENTITY OVER A NETWORK
First Claim
1. A self-contained apparatus for on-demand authentication of a user over a network of computing devices, where a first computing device connected to the network of computing devices issues a temporary challenge to the user for authentication, comprising:
- means for capturing biometric information of the user in response to a received temporary challenge from the first computing device, whose validity is limited in time;
means for encrypting the biometric information with the received challenge as an encrypted response;
means for returning the encrypted challenge to the first computing device; and
means for authenticating the user by processing the encrypted challenge within a limited amount of time.
1 Assignment
0 Petitions
Accused Products
Abstract
The present application provides an apparatus and method for verifying a user, via captured biometric characteristics of the user, who is interacting online. The captured biometrics are guaranteed to be captured in real-time, and avoids the possibility of providing biometrics that were previously captured, by sending to the user a time-sensitive challenge and requiring the user to provide the requested biometric information within a predetermined time period. Therefore, the present invention is best positioned for environments where trusted identification of a user is needed online to facilitate secure transactions.
-
Citations
16 Claims
-
1. A self-contained apparatus for on-demand authentication of a user over a network of computing devices, where a first computing device connected to the network of computing devices issues a temporary challenge to the user for authentication, comprising:
-
means for capturing biometric information of the user in response to a received temporary challenge from the first computing device, whose validity is limited in time; means for encrypting the biometric information with the received challenge as an encrypted response; means for returning the encrypted challenge to the first computing device; and means for authenticating the user by processing the encrypted challenge within a limited amount of time. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for on-demand authentication of a user, comprising:
-
receiving a challenge issued by a first computing device connected to a network of computing devices, at a user device via a network connection; capturing, at the user device, biometric information of the user in response to a received challenge, whose validity is limited in time, from a trusted third party; encrypting the biometric information with the received challenge as an encrypted response; returning the encrypted challenge to the first computing; and means for authenticating the user by processing the encrypted challenge within a limited amount of time. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification
-
- Resources
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsTruntschka, Carole, Marmigere, Gerard, Bauchot, Frederic, Tressols, Florence
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current380/282
-
CPC Class CodesG06F 21/32 using biometric data, e.g. ...H04L 2209/56 Financial cryptography, e.g...H04L 9/321 involving a third party or ...H04L 9/3231 Biological data, e.g. finge...H04L 9/3263 involving certificates, e.g...H04L 9/3271 using challenge-response
