VERIFICATION APPLICATION, METHOD, ELECTRONIC DEVICE AND COMPUTER PROGRAM

US 20150013003A1
Filed: 07/02/2014
Published: 01/08/2015
Est. Priority Date: 07/02/2013
Status: Abandoned Application

First Claim

Patent Images

1. A verification application arranged to interact with other applications on an electronic device, the electronic device having a processor, a memory and an operating system controlling operation of the verification application and the other applications on the processor using arbitrary memory locations, where the other applications are enabled to call the verification application to securely determine authenticity of a user of the electronic device, wherein the verification application is further arranged toreceive verification data for secure determination of authenticity of the user;

andprovide, upon a call from any of the other applications and a match between the verification data and a verification reference, a trust token to the calling application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

There is a verification application arranged to interact with other applications on an electronic device, the electronic device having a processor, a memory and an operating system controlling operation of the verification application and the other applications on the processor using arbitrary memory locations, where the other applications are enabled to call the verification application to securely determine authenticity of a user of the electronic device. The verification application is arranged to receive verification data for secure determination of authenticity of the user; and provide, upon a call from any of the other applications and a match between the verification data and a verification reference, a trust token to the calling application. A method, electronic device and computer program are also disclosed.

Citations

23 Claims

1. A verification application arranged to interact with other applications on an electronic device, the electronic device having a processor, a memory and an operating system controlling operation of the verification application and the other applications on the processor using arbitrary memory locations, where the other applications are enabled to call the verification application to securely determine authenticity of a user of the electronic device, wherein the verification application is further arranged toreceive verification data for secure determination of authenticity of the user;
- andprovide, upon a call from any of the other applications and a match between the verification data and a verification reference, a trust token to the calling application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 22, 23)
- - 2. The verification application of claim 1, wherein the verification application is arranged to be paired with at least one of the other applications by mutually exchanging at least one ofan application signature;
    - a cryptographic key or keys;
      
      a password; and
      
      a shared secret.
  - 3. The verification application of claim 2, wherein the provision of the trust token is only provided when the verification application and the one of the other applications providing a call to the verification application are properly paired.
  - 4. The verification application of claim 1, wherein the trust token comprises information generated by a cryptographic mechanism of the verification application.
  - 5. The verification application of claim 1, wherein the trust token comprises any of a cryptographic key, a shared secret, an identity or data associated with a user, and a security credential, stored by the verification application.
  - 6. The verification application of claim 1, wherein parameters for generation of the trust token, upon installation of the verification application on the electronic device, are set and the verification reference is enrolled.
  - 7. The verification application of claim 1, wherein the call from the one of the other applications includes an indicator on a degree of required certainty in the match;
    - andwherein the match between the verification data and the verification reference is considered present if an estimated false acceptance rate by a matching mechanism of the verification application is less than the degree of required certainty in the match.
  - 8. The verification application of claim 7, wherein the trust token includes or is accompanied by an authenticity indicator;
    - andwherein the authenticity indicator is based on the estimated false acceptance rate by the matching mechanism.
  - 9. The verification application of claim 1, further arranged to provide an indicator on broken or no trust ifa degree of required certainty in the authentication for the match between the received verification data and the verification reference is reset to a lower certainty level than before the reset;
    - the calling application is not properly paired with the verification application;
      
      ora combination thereof.
  - 10. The verification application of claim 1, wherein to receive verification data comprises to receive a biometric sample, the verification reference is a biometric reference and the match between the verification data and the verification reference is performed by a biometric matching mechanism of the verification application;
    - andwherein the biometric matching mechanism is arranged to match the biometric sample to the biometric reference.
  - 22. An electronic device having a processor, a memory and an operating system, comprising a verification application according to claim 1, at least one other application enabled to call the verification application to securely determine authenticity of a user of the electronic device, and a verification data input arranged to provide verification data to the verification application, wherein the operating system is arranged to control operation of the verification application and the other applications on the processor using arbitrary memory locations.
  - 23. The electronic device of claim 22, wherein the verification data input comprises a biometric reader arranged to provide biometric samples as verification data;
    - wherein the verification reference is a biometric reference and the match between the verification data and the verification reference is performed by a biometric matching mechanism of the verification application; and
      
      wherein the biometric matching mechanism is arranged to match the biometric sample to the biometric reference.

11. A method of a verification application arranged to interact with other applications on an electronic device, the electronic device having a processor, a memory and an operating system controlling operation of the verification application and the other applications on the processor using arbitrary memory locations, the method comprisingreceiving a call, to the verification application from one of the other applications, to securely determine authenticity of a user of the electronic device;
- receiving verification data;
  
  authenticating the verification data by matching to a verification reference stored by the verification application; and
  
  providing, upon a match between the verification data and the verification reference, a trust token to the calling application.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 12. The method of claim 11, further comprising pairing the verification application with at least one of the other applications by mutually exchanging at least one ofan application signature;
    - a cryptographic key; and
      
      a password.
  - 13. The method of claim 12, wherein the providing of the trust token is only performed when the verification application and the one of the other applications providing a call to the verification application are properly paired.
  - 14. The method of claim 11, wherein providing of the trust token comprises generating information by a cryptographic mechanism of the verification application.
  - 15. The method of claim 11, wherein the providing of the trust token comprises any of a cryptographic key, a shared secret, an identity or data associated with a user, and a security credential stored by the verification application.
  - 16. The method of claim 11, further comprising providing an indicator on broken or no trust ifthe degree of required certainty in the authentication for the match between the received verification data and the verification reference is reset to a lower certainty level than before the reset;
    - the calling application is not properly paired with the verification application;
      
      ora combination thereof.
  - 17. The method of claim 11, further comprising, upon installation of the verification application on the electronic device,setting parameters for generation of the trust token;
    - andenrolling the verification reference.
  - 18. The method of claim 11, wherein the call from the one of the other applications includes an indicator on a degree of required certainty in the matching;
    - andwherein the match between the verification data and the verification reference is considered present if an estimated false acceptance rate by the matching is less than the degree of required certainty.
  - 19. The method of claim 18, wherein the trust token includes or is accompanied by an authenticity indicator;
    - wherein the authenticity indicator is based on the estimated false acceptance rate by the matching.
  - 20. The method of claim 11, wherein the receiving of verification data comprises receiving a biometric sample, the verification reference is a biometric reference and the matching between the verification data and the verification reference is performed by biometric matching of the biometric sample to the biometric reference.
  - 21. A computer program comprising computer executable instructions which when executed by a processor of an electronic device having the processor, a memory and an operating system controlling operation of applications on the processor using arbitrary memory locations, wherein the computer executable instruction causes the processor to perform the method of claim 11.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Precise Biometrics AB (Precise Biometrics Incorporated)
Original Assignee
Precise Biometrics AB (Precise Biometrics Incorporated)
Inventors
STERLUND, Petter, HJALMARSSON, Henrik

Application Number

US14/322,082
Publication Number

US 20150013003A1
Time in Patent Office

Days
Field of Search
US Class Current

726/19
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/33   using certificates

G06F 21/41   where a single sign-on prov...

G06F 21/44   Program or device authentic...

G06F 21/45   Structures or tools for the...

VERIFICATION APPLICATION, METHOD, ELECTRONIC DEVICE AND COMPUTER PROGRAM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

VERIFICATION APPLICATION, METHOD, ELECTRONIC DEVICE AND COMPUTER PROGRAM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links