METHOD AND SYSTEM FOR SECURE TRANSMISSION OF BIOMETRIC DATA
First Claim
1. A system for securing the transmission of biometric data over an insecure network, the system including:
- at least one transaction terminal including a user interface which is configured to receive personal identification information input by a user, a biometric scanner which is configured to read biometric data of the user, and a communication interface which is configured to transmit data to and receive data from a processing unit over an insecure network, the transaction terminal having a unique serial number and an associated unique private key;
a secure database for storing personal identification information and associated biometric templates of registered users, and the unique serial number and associated unique private key of said at least one transaction terminal; and
a processing unit which is operatively connected to the secure database,wherein said at least one transaction terminal is operable to receive personal identification information via the user interface from a user participating in a transaction;
to receive biometric data from the user via the biometric scanner;
to generate a unique transaction code;
to generate a hash of at least the received personal identification information, the received biometric data and the unique transaction code;
to encrypt at least the hash using said unique private key; and
to transmit the encrypted data over the insecure network to the processing unit for use in the transaction.
0 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to a system (100) for securing the transmission of biometric data over an insecure network (16). The system (100) includes a transaction terminal (18) having a user interface (28, 30), a biometric scanner (26), and a communication interface (24) for transmitting and receiving data to and from a processing unit (19) over the network (16). The terminal (18) has a unique serial number (400) and a unique private key. The system (100) includes a secure database (10), to which the processing unit (19) is connected, for storing personal identification information and biometric templates of users, and the serial number (400) and associated private key of the terminal (18). The terminal (18) receives identification information and biometric data via the user interface (28, 30) and scanner (26), and generates a unique transaction code (402). The terminal (18) then generates a hash of the received identification information, biometric data and transaction code (402), and encrypts the hash using the key. The terminal (18) then sends the encrypted data over the network (16) to the processing unit (19).
17 Citations
20 Claims
-
1. A system for securing the transmission of biometric data over an insecure network, the system including:
-
at least one transaction terminal including a user interface which is configured to receive personal identification information input by a user, a biometric scanner which is configured to read biometric data of the user, and a communication interface which is configured to transmit data to and receive data from a processing unit over an insecure network, the transaction terminal having a unique serial number and an associated unique private key; a secure database for storing personal identification information and associated biometric templates of registered users, and the unique serial number and associated unique private key of said at least one transaction terminal; and a processing unit which is operatively connected to the secure database, wherein said at least one transaction terminal is operable to receive personal identification information via the user interface from a user participating in a transaction;
to receive biometric data from the user via the biometric scanner;
to generate a unique transaction code;
to generate a hash of at least the received personal identification information, the received biometric data and the unique transaction code;
to encrypt at least the hash using said unique private key; and
to transmit the encrypted data over the insecure network to the processing unit for use in the transaction.- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of securing the transmission of biometric data over an insecure network, the method including:
-
receiving encrypted data from at least one transaction terminal; and decrypting, by using a processor, the encrypted data using an associated unique private key, wherein the decrypted data includes a hash of at least personal identification information of a user, biometric data of the user and a transaction code. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method of securing the transmission of biometric data over an insecure network, the method including:
-
receiving personal identification information and biometric data of a user via a user interface and generating a unique transaction code by using a processor; generating, by using a processor, a hash of at least the received personal identification information, the received biometric data and the transaction code; encrypting, by using a processor, the hash using a unique private key; and transmitting the encrypted data over the insecure network. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A transaction terminal which includes:
-
a user interface which is configured to receive personal identification information input by a user; a biometric scanner which is configured/arranged to read biometric data of the user; a communication interface which is configured to transmit data to and receive data from a processing unit which is associated with a secure database over an insecure network, the transaction terminal having a unique serial number and an associated unique private key; and a processor which is configured to receive personal identification information via the user interface from a user participating in a transaction;
to receive biometric data from the user via the biometric scanner;
to generate a unique transaction code;
to generate a hash of at least the received personal identification information, the received biometric data and the unique transaction code;
to encrypt at least the hash using said unique private key; and
to transmit the encrypted data to the processing unit via the communication interface.
-
Specification