Tokenless security system for authorizing access to a secured computer system

US 5,615,277 A
Filed: 11/28/1994
Issued: 03/25/1997
Est. Priority Date: 11/28/1994
Status: Expired due to Term

- Alert
- Pin

First Claim

Patent Images

1. A tokenless security system partially to fully operationally integrated with and dedicated to a computer system for preventing unauthorized access of said designated computer system by determining an unknown user'"'"'s identity from an examination of unique biometric characteristics that are specific to the user, said security system comprising:

a) means for gathering and recording a biometric sample taken directly and physically from an unknown user, said means otherwise operationally isolated and distinct from said computer system;

b) means interconnecting said gathering means and said computer system for transmitting the gathered biometric sample to said secured computer system;

c) means integral with said computer system for receiving, storing, retrieving and identifying the gathered biometric sample;

d) means integral with said computer system for receiving, storing, retrieving and identifying an authenticated biometric sample obtained from each authorized user of said computer system, access to and manipulation of the authenticated biometric samples limited to systems functions necessary for operation of said security system and to specific users charged with updating and maintaining the authenticated biometric samples;

e) means integral with said computer system for comparing the biometric sample of the unknown user with an authenticated biometric sample obtained from other authorized user, and for generating a correlation factor of a first type from each comparison;

f) means for evaluating each correlation factor generated by said comparing means in order to determine whether the unknown user is one of said authorized users; and

g) means for use by an authorized user, unapparent to a coercive third party, for notifying designated authorities that the authorized user'"'"'s access attempt is being coerced, wherein the authorized user is assigned a variable personal code comprising at least two variants, a standard variant which the authorized user enters when the access attempt is voluntary, and one or more alternative variants, any one of which is entered by the authorized user when an access attempt is being coerced.

View all claims

18 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

A tokenless security system and method for preventing unauthorized access to one or more secured computer systems is shown. The security system and method are principally based on a correlative comparison of a unique biometric sample, such as a finger print or voice recording, gathered directly from the person of an unknown user with an authenticated unique biometric sample of the same type obtained from each authorized user. The security system and method may be integrated with and dedicated to a single computer system, or may be configured as a non-dedicated, stand-alone entity capable of and intended to perform security functions simultaneously for more than one computer system. Further, the stand alone configuration can be networked to act as a full or partial intermediary between a secured computer system and its authorized users, or may be interactive solely with and act as a consultant to the computer systems. The security system and method further contemplate the use of personal codes to confirm identifications determined from biometric comparisons, and the use of one or more variants in the personal identification code for alerting authorities in the event of coerced access.

669 Citations

113 Claims

1. A tokenless security system partially to fully operationally integrated with and dedicated to a computer system for preventing unauthorized access of said designated computer system by determining an unknown user'"'"'s identity from an examination of unique biometric characteristics that are specific to the user, said security system comprising:
- a) means for gathering and recording a biometric sample taken directly and physically from an unknown user, said means otherwise operationally isolated and distinct from said computer system;
  
  b) means interconnecting said gathering means and said computer system for transmitting the gathered biometric sample to said secured computer system;
  
  c) means integral with said computer system for receiving, storing, retrieving and identifying the gathered biometric sample;
  
  d) means integral with said computer system for receiving, storing, retrieving and identifying an authenticated biometric sample obtained from each authorized user of said computer system, access to and manipulation of the authenticated biometric samples limited to systems functions necessary for operation of said security system and to specific users charged with updating and maintaining the authenticated biometric samples;
  
  e) means integral with said computer system for comparing the biometric sample of the unknown user with an authenticated biometric sample obtained from other authorized user, and for generating a correlation factor of a first type from each comparison;
  
  f) means for evaluating each correlation factor generated by said comparing means in order to determine whether the unknown user is one of said authorized users; and
  
  g) means for use by an authorized user, unapparent to a coercive third party, for notifying designated authorities that the authorized user'"'"'s access attempt is being coerced, wherein the authorized user is assigned a variable personal code comprising at least two variants, a standard variant which the authorized user enters when the access attempt is voluntary, and one or more alternative variants, any one of which is entered by the authorized user when an access attempt is being coerced.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 2. The system according to claim 1 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a computer system, said means providing a predetermined reduced level of access to said computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other false screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 3. The system of claim 1 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 4. The system of claim 1 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 5. The system of claim 1 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.
  - 6. The system of claim 1 wherein each authorized user is assigned a proprietary personal code;
    - wherein said security system is further provided with a means operationally isolated from said computer system for receiving and recording a personal code input by the individual;
      
      wherein said connecting means is also adapted to transmit the personal code from said receiving means to said computer system;
      
      wherein said security system is further provided with a means integral with said secured computer system for assigning, storing, retrieving and identifying a personal code proprietary for each authorized user;
      
      wherein said evaluating means comprises a determination routine and a confirmation routine, said determination routine configured to analyze each first type correlation factor to determine whether the individual can be identified as a specific authorized user, said confirmation routine configured to compare the personal code entered by the individual to the personal code assigned by the security system to the specific authorized user identified by the determination routine to confirm identification of the individual as the specific authorized user when the compared personal codes are the same.
  - 7. The system of claim 6 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, which means remains unapparent to the coercive third party.
  - 8. The system of claim 7 wherein an authorized user is assigned a variable personal code comprising at least two variants, a standard variant which the authorized user enters when an access attempt is voluntary, and one or more alternative variants, any of which can be entered by the authorized user when an access attempt is being coerced.
  - 9. The system according to claim 7 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to said computer system, said means providing a predetermined reduced level of access to said secured computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other false screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 10. The system of claim 6 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 11. The system of claim 6 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 12. The system of claim 6 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.
  - 13. The system of claim 6 wherein said security system is provided with means for variabilizing a starting code assigned to each authorized user in a predictable but proprietary fashion to generate a progressive series of unique personal codes for each authorized user, each unique code characterized by a fixed numeric position in the progressive series relative to the starting code and valid for entry only with a corresponding access attempt characterized by the same numeric position relative the a first access attempt;
    - wherein said security system is provided with means integral with said computer system for differentiating and accounting for each access attempt of each authorized user and for determining therefrom the numeric position of the next access attempt for each authorized user relative to each authorized user'"'"'s first access attempt;
      
      means for identifying the valid unique personal code for the determined next attempted access of each authorized user;
      
      wherein said confirmation routine is configured to receive the unique personal code assigned to and valid for the next attempted access determined for the authorized user selected by the determination routine and to confirm identification of the individual as the selected authorized user when the personal code input by the individual and the unique personal code assigned to the selected authorized user are the same.
  - 14. The system of claim 13 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, which means remains unapparent to the coercive third party.
  - 15. The system of claim 13 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a computer system, said means providing a predetermined reduced level of access to said computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other false screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 16. The system of claim 6 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 17. The system of claim 6 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 18. The system of claim 6 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.
  - 19. The system of claim 1 wherein each authorized user is assigned a proprietary personal code;
    - wherein said security system is further provided with a means operationally isolated from said secured computer system for receiving and recording a personal code entered by the individual;
      
      wherein said connecting means is also adapted to transmit the personal code to said computer system;
      
      wherein said security system is further provided with a means integral with said computer system for assigning, storing, retrieving and identifying a personal code for each authorized user of said secured computer system;
      
      wherein said comparison means is adapted to receive and relate the personal code entered by the individual with the biometric sample collected from the individual, and to receive and relate the personal code assigned to each authorized user with a corresponding authenticated biometric sample obtained from each authorized user, and thereafter combine the related codes and biometric samples to generate a correlation factor of a second type;
      
      said evaluating means adapted to receive and evaluate each second type correlation factor generated by said comparison means in order to determine whether the individual is an authorized user of said secured computer system.
  - 20. The system of claim 19 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, which means remains unapparent to the coercive third party.
  - 21. The system of claim 20 wherein an authorized user is assigned a variable personal code comprising at least two variants, a standard variant which the authorized user enters when an access attempt is voluntary, and one or more alternative variants, any one of which is entered by the authorized user when an access attempt is being coerced.
  - 22. The system according to claim 19 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a secured computer, said means providing a predetermined reduced level of access to said secured computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other false screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 23. The system of claim 19 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 24. The system of claim 19 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 25. The system of claim 19 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.
  - 26. The system of claim 19 wherein said security system is provided with means for variabilizing a starting code assigned to each authorized user in a predictable but proprietary fashion to generate a progressive series of unique personal codes for each authorized user, each unique personal code having a fixed numeric position determined relative to the starting code of an authorized user and valid only during the access attempt of the authorized user having the same numerical position relative to a first access attempt of the authorized user;
    - wherein said security system is provided with means integral with said computer system for tracking and recording each access attempt of each authorized user and determining therefrom the numeric position of the next attempted access for each authorized user relative to said authorized user'"'"'s first access attempt;
      
      means for determining the unique personal code corresponding to next attempted access for each authorized user by selecting the unique personal code at the numeric position calculated for the next attempted access for said authorized user;
      
      wherein said comparing means receives and relates the personal code and biometric sample entered by the unknown user and the unique personal code valid for the next attempted access by each of said authorized users, and thereafter combines the related codes and biometric samples in order to generate a correlation factor of a third type;
      
      said evaluating means adapted to receive and evaluate each third type correlation factor generated by said comparison means in order to determine whether the individual is one of said authorized users.
  - 27. The system of claim 26 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, activation of which means is unapparent to the coercive third party.
  - 28. The system according to claim 26 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a secured computer, said means providing a predetermined reduced level of access to said secured computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other false screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 29. The system of claim 26 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 30. The system of claim 26 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 31. The system of claim 26 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.

32. A tokenless method for preventing unauthorized access to a secured computer system by identifying an unknown user from an examination of unique biometric characteristics personal to the user, said method comprising the steps of:
- a) gathering and recording a biometric sample and personal identification code from the unknown user by sensor means that are otherwise operatively connected to said secured computer system;
  
  wherein a personal identification code is selected by authorized users and each personal identification code comprises a standard variant for entry when an access attempt is voluntary and one or more emergency variants, any one of which is entered to indicate that the authorized user'"'"'s access attempt is involuntarily coerced;
  
  b) transmitting the biometric sample and personal identification code to said computer system;
  
  wherein an authorized user can use an emergency variant rather than the standard variant to generate a signal undetectable to a coercive party, said signal to be transmitted to designated authorities that the authorized user'"'"'s access attempt is being coerced or otherwise involuntary;
  
  c) comparing the biometric sample gathered from the unknown user with an authenticated biometric sample of other authorized users stored within said secured computer system and generating a correlation factor of a first type for each comparison performed;
  
  d) analyzing each of the first type correlation factors so generated to determine whether the individual is an authorized user of the system; and
  
  e) confirming the determination of the unknown user'"'"'s identity by matching the personal identification code entered by the unknown user with the personal identification code selected by the specific authorized user.
- View Dependent Claims (33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 33. The method of claim 32 further comprising the additional step of limiting the scope of access extended to an authorized user whose access has been involuntary and coerced by limiting the type, number and value of transactions that can be carried out by the authorized user, and by generating misinformation for display to the coercing party in the form of false error messages or other screen displays and by providing false responses to operational requests, all of which are configured to be consistent with the various access limitations imposed on the authorized user.
  - 34. The method of claim 32 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 35. The method of claim 32 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 36. The method of claim 32 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.
  - 37. The method of claim 32 wherein each authorized user is assigned a particular starting code that is variabilized in a predictable but proprietary fashion to generate a progressive series of unique personal codes, each unique personal code of a selected authorized user characterized by a numeric position relative to the starting code of the selected authorized user and valid for use only during the access attempt of the same numerical position relative to the first access attempt of the selected authorized user;
    - said method further comprising the step of the unknown user entering a personal code following entry of the biometric sample;
      
      wherein the transmitting step is modified to provide for transmission of both the collected biometric sample and the entered personal code wherein each correlation factor is analyzed to determine whether the individual can be identified with a selected authorized user; and
      
      further comprising the steps of determining the number of the access attempt for the selected authorized user, identifying the unique personal code of the selected authorized user corresponding to the access attempt;
      
      confirming identification of the individual as the selected authorized user if the personal code entered by the user matches the valid unique personal code of the selected authorized user.
  - 38. The method of claim 37 further comprising the step of an authorized user generating an emergency notification undetectable to the coercive party, said signal to transmitted to designated authorities that the authorized user'"'"'s access attempt is being coerced or otherwise involuntary.
  - 39. The method of claim 37 further comprising the additional step of limiting the scope of access extended to an authorized user whose access has been involuntary and coerced by limiting the type, number and value of transactions that can be carried out by the authorized user, and by generating misinformation for display to the coercing party in the form of false error messages or other screen displays and by providing false responses to operational requests, all of which are configured to be consistent with and provide support for the various access limitations imposed on the authorized user.
  - 40. The method of claim 37 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 41. The method of claim 37 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 42. The method of claim 37 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.

43. A tokenless, stand alone security system operationally independent but interconnected to and preventing unauthorized access of one or more computer systems by determining an unknown user'"'"'s identity from an examination of unique biometric characteristics personal to the unknown user, said security system further interconnecting said one or more computer systems to authorized users thereof, mediating at least some aspects of interactions between each of said one or more computer systems and the authorized users thereof, said system comprising:
- a) means for gathering and recording a biometric sample from the unknown user'"'"'s person, said gathering means distinct and otherwise operationally isolated from said security system;
  
  b) means for transmitting the gathered biometric sample of the unknown individual to said security system;
  
  c) means integral with said security system for receiving, storing, retrieving and identifying the gathered biometric sample of the unknown individual;
  
  d) means integral with said security system for receiving, storing, retrieving and identifying an authenticated biometric sample obtained from and specific to each authorized user of said one or more secured computer systems;
  
  e) means integral with said security system for comparing the gathered biometric sample of the individual with an authenticated biometric sample derived from other authorized users of said one or more secured computer systems and for generating from each comparison a correlation factor of a first type;
  
  f) means for evaluating each first type correlation factor generated by said comparison means to determine whether the individual is an authorized user; and
  
  g) means for use by an authorized user, unapparent to a coercive third party, for notifying designated authorities that the authorized user'"'"'s access attempt is being coerced, wherein the authorized user is assigned a variable personal code comprising at least two variants, a standard variant which the authorized user enters when the access attempt is voluntary, and one or more alternative variants, any one of which is entered by the authorized user when an access attempt is being coerced.
- View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72)
- - 44. The system of claim 43 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, which means is unapparent to the coercive third party.
  - 45. The system according to claim 43 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a computer system, said means providing a predetermined reduced level of access to said computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other false screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 46. The system of claim 43 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 47. The system of claim 43 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 48. The system of claim 43 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.
  - 49. The system of claim 43 wherein each authorized user is assigned a personal code, said system further comprising means for recording entry of a personal code by the unknown individual and transmitting the entered code to said security system, said means distinct and otherwise operationally isolated from said security system;
    - means integral with said security system for receiving, storing, retrieving and identifying the personal code entered by the individual;
      
      means integral with said security system for assigning a personal code to each authorized user and for storing, retrieving and identifying each personal code assigned to each authorized user of said one or more computer systems;
      
      wherein said evaluating means comprises a determination routine and a confirmation routine, said determination routine configured to analyze each first type correlation factor to determine whether the individual can be identified as a specific authorized user, said confirmation routine configured to compare the personal code entered by the individual to the personal code assigned to the specific authorized user and confirm the individual'"'"'s identification as the selected authorized user when the compared personal codes are the same.
  - 50. The security system of claim 49 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, which means can be activated by the individual remain unapparent to the coercive third party.
  - 51. The system of claim 50 wherein an authorized user is assigned a variable personal code comprising at least two variants, a standard variant which the authorized user enters when an access attempt is voluntary, and one or more alternative variants, any of which can be entered by the authorized user when an access attempt is being coerced.
  - 52. The system according to claim 49 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a secured computer, said means configured be activated by a signal generated by said emergency notification means and upon activation to provide a predetermined reduced level of access to said secured computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other fabricated screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 53. The system of claim 49 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 54. The system of claim 49 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 55. The system of claim 49 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.
  - 56. The system of claim 49 wherein said security system is provided with means for variabilizing a starting code assigned to each authorized user in a predictable but proprietary fashion to generate a progressive series of unique personal codes for each authorized user, each unique code characterized by a fixed numeric position in the progressive series relative to the starting code and valid for entry only with a corresponding access attempt characterized by the same numeric position relative the a first access attempt;
    - wherein said security system is provided with means integral with said secured computer system for differentiating and accounting for each access attempt of each authorized user and for determining therefrom the numeric position of the next access attempt for each authorized user relative to each authorized user'"'"'s first access attempt;
      
      means for identifying the valid unique personal code for the determined next attempted access of each authorized user;
      
      wherein said confirmation routine is configured to receive the unique personal code assigned to and valid for the next attempted access of determined for the authorized user selected by the determination routine and to confirm identification of the individual as the selected authorized user when the personal code input by the individual and the unique personal code assigned to the selected authorized user are the same.
  - 57. The system of claim 56 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, which means can be activated by the individual remain unapparent to the coercive third party.
  - 58. The system of claim 56 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a secured computer, said means configured be activated by a signal generated by said emergency notification means and upon activation to provide a predetermined reduced level of access to said secured computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other fabricated screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 59. The system of claim 56 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 60. The system of claim 56 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 61. The system of claim 43 wherein each authorized user is assigned a proprietary personal code;
    - said system further comprising means for receiving and recording a personal code entered by the individual, said means distinct and otherwise operationally isolated from said security system;
      
      wherein said connecting means is adapted to transmit both the gathered biometric sample and the entered personal code of the unknown individual;
      
      said system further provided with means integral with said security system for assigning a personal code to each authorized user and for storing, retrieving and identifying each personal code assigned to each authorized user of said one or more secured computer systems;
      
      wherein said comparison means is adapted to receive and relate the personal code entered by the individual with the biometric sample gathered from the individual, and to receive and relate the personal code assigned to each authorized user with a corresponding authenticated biometric sample obtained from each authorized user, said comparison means ultimately combining related pairs of personal codes and biometric samples to generate a correlation factor of a second type;
      
      said evaluating means adapted to receive and evaluate each second type correlation factor generated by said comparison means in order to determine whether the individual is an authorized user of said secured computer system.
  - 62. The system of claim 61 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, which means can be activated by the individual remain unapparent to the coercive third party.
  - 63. The system of claim 62 wherein an authorized user is assigned a variable personal code comprising at least two variants, a standard variant which the authorized user enters when an access attempt is voluntary, and one or more alternative variants, any of which can be entered by the authorized user when an access attempt is being coerced.
  - 64. The system according to claim 61 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a secured computer, said means configured be activated by a signal generated by said emergency notification means and upon activation to provide a predetermined reduced level of access to said secured computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other fabricated screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 65. The system of claim 61 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 66. The system of claim 61 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 67. The system of claim 61 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.
  - 68. The system of claim 61 wherein said security system is provided with means for variabilizing a starting code assigned to each authorized user in a predictable but proprietary fashion to generate a progressive series of unique personal codes for each authorized user, each unique personal code having a fixed numeric position determined relative to the relative to the starting code of an authorized user and valid only during the access attempt of the authorized user having the same numerical position relative to a first access attempt of the authorized user;
    - wherein said security system is provided with means integral with said secured computer system for tracking and recording each access attempt of each authorized user and determining therefrom the numeric position of the next attempted access for each authorized user relative to each authorized user'"'"'s first access attempt;
      
      means for determining the unique personal code corresponding to next attempted access for each authorized user by selecting the unique personal code at the numeric position calculated for the next attempted access for each authorized user;
      
      wherein said comparing means receives and relates the personal code and biometric sample entered by the individual and the unique personal code valid for the next attempted access by each of the authorized users, and thereafter compare combining the related codes and biometric samples in order to generate a correlation factor of a third type;
      
      said evaluating means adapted to receive and evaluate each third type correlation factor generated by said comparison means in order to determine whether the individual is an authorized user of said secured computer system.
  - 69. The system of claim 68 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, activation of which means is unapparent to the coercive third party.
  - 70. The system according to claim 69 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a secured computer, said means configured be activated by a signal generated by said emergency notification means and upon activation to provide a predetermined reduced level of access to said secured computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other fabricated screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 71. The system of claim 68 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 72. The system of claim 68 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.

73. A tokenless, stand alone security system operationally independent of but interconnected to and preventing unauthorized access of one or more computer systems by determining an unknown user'"'"'s identity from an examination of unique biometric characteristics personal to the unknown user, said security system limited in operative interaction to said one or more computer systems and isolated from authorized users of said one or more computer systems, said system comprising:
- a) means for gathering and recording a biometric sample from the unknown user'"'"'s person, said gathering means distinct and otherwise operationally isolated from said one or more computer systems;
  
  b) means for transmitting the gathered biometric sample of the unknown user to one of said one or more computer systems;
  
  c) means integral with said computer system for receiving the gathered biometric sample and forwarding it to said security system;
  
  d) means integral with said security system for receiving, storing, retrieving and identifying the gathered biometric sample of the unknown individual;
  
  e) means integral with said security system for receiving, storing, retrieving and identifying an authenticated biometric sample obtained from and specific to each authorized user of said one or more secured computer systems;
  
  f) means integral with said security system for comparing the gathered biometric sample of the individual with an authenticated biometric sample derived from other authorized users of said one or more secured computer systems and for generating from each comparison a correlation factor of a first type;
  
  g) means for evaluating each first type correlation factor generated by said comparison means to determine whether the individual is an authorized user; and
  
  h) means for use by an authorized user, unapparent to a coercive third party, for notifying designated authorities that the authorized user'"'"'s access attempt is being coerced, wherein the authorized user selects a variable personal code comprising at least two variants, a standard variant which the authorized user enters when the access attempt is voluntary, and one or more alternative variants, any one of which is entered by the authorized user when an access attempt is being coerced.
- View Dependent Claims (74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102)
- - 74. The system of claim 73 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, which means is unapparent to the coercive third party.
  - 75. The system according to claim 73 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a computer system, said means providing a predetermined reduced level of access to said computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other false screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 76. The system of claim 73 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 77. The system of claim 73 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 78. The system of claim 73 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.
  - 79. The system of claim 73 wherein each authorized user is assigned a personal code, said system further comprising means for recording entry of a personal code by the unknown individual and transmitting the entered code to said security system, said means distinct and otherwise operationally isolated from said security system;
    - means integral with said security system for receiving, storing, retrieving and identifying the personal code entered by the individual;
      
      means integral with said security system for assigning a personal code to each authorized user and for storing, retrieving and identifying each personal code assigned to each authorized user of said one or more computer systems;
      
      wherein said evaluating means comprises a determination routine and a confirmation routine, said determination routine configured to analyze each first type correlation factor to determine whether the individual can be identified as a specific authorized user, said confirmation routine configured to compare the personal code entered by the individual to the personal code assigned to the specific authorized user and confirm the individual'"'"'s identification as the selected authorized user when the compared personal codes are the same.
  - 80. The security system of claim 79 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, which means can be activated by the individual remain unapparent to the coercive third party.
  - 81. The system of claim 80 wherein an authorized user is assigned a variable personal code comprising at least two variants, a standard variant which the authorized user enters when an access attempt is voluntary, and one or more alternative variants, any of which can be entered by the authorized user when an access attempt is being coerced.
  - 82. The system according to claim 79 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a secured computer, said means configured be activated by a signal generated by said emergency notification means and upon activation to provide a predetermined reduced level of access to said secured computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other fabricated screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 83. The system of claim 79 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 84. The system of claim 79 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 85. The system of claim 79 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.
  - 86. The system of claim 79 wherein said security system is provided with means for variabilizing a starting code assigned to each authorized user in a predictable but proprietary fashion to generate a progressive series of unique personal codes for each authorized user, each unique code characterized by a fixed numeric position in the progressive series relative to the starting code and valid for entry only with a corresponding access attempt characterized by the same numeric position relative the a first access attempt;
    - wherein said security system is provided with means integral with said secured computer system for differentiating and accounting for each access attempt of each authorized user and for determining therefrom the numeric position of the next access attempt for each authorized user relative to each authorized user'"'"'s first access attempt;
      
      means for identifying the valid unique personal code for the determined next attempted access of each authorized user;
      
      wherein said confirmation routine is configured to receive the unique personal code assigned to and valid for the next attempted access of determined for the authorized user selected by the determination routine and to confirm identification of the individual as the selected authorized user when the personal code input by the individual and the unique personal code assigned to the selected authorized user are the same.
  - 87. The system of claim 86 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, which means can be activated by the individual remain unapparent to the coercive third party.
  - 88. The system of claim 86 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a secured computer, said means configured be activated by a signal generated by said emergency notification means and upon activation to provide a predetermined reduced level of access to said secured computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other fabricated screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 89. The system of claim 86 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 90. The system of claim 86 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 91. The system of claim 73 wherein each authorized user is assigned a proprietary personal code;
    - said system further comprising means for receiving and recording a personal code entered by the individual, said means distinct and otherwise operationally isolated from said security system;
      
      wherein said connecting means is adapted to transmit both the gathered biometric sample and the entered personal code of the unknown individual;
      
      said system further provided with means integral with said security system for assigning a personal code to each authorized user and for storing, retrieving and identifying each personal code assigned to each authorized user of said one or more secured computer systems;
      
      wherein said comparison means is adapted to receive and relate the personal code entered by the individual with the biometric sample gathered from the individual, and to receive and relate the personal code assigned to each authorized user with a corresponding authenticated biometric sample obtained from each authorized user, said comparison means ultimately combining related pairs of personal codes and biometric samples to generate a correlation factor of a second type;
      
      said evaluating means adapted to receive and evaluate each second type correlation factor generated by said comparison means in order to determine whether the individual is an authorized user of said secured computer system.
  - 92. The system of claim 91 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, which means can be activated by the individual remain unapparent to the coercive third party.
  - 93. The system of claim 92 wherein an authorized user is assigned a variable personal code comprising at least two variants, a standard variant which the authorized user enters when an access attempt is voluntary, and one or more alternative variants, any of which can be entered by the authorized user when an access attempt is being coerced.
  - 94. The system according to claim 91 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a secured computer, said means configured be activated by a signal generated by said emergency notification means and upon activation to provide a predetermined reduced level of access to said secured computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other fabricated screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 95. The system of claim 91 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 96. The system of claim 91 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 97. The system of claim 91 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.
  - 98. The system of claim 91 wherein said security system is provided with means for variabilizing a starting code assigned to each authorized user in a predictable but proprietary fashion to generate a progressive series of unique personal codes for each authorized user, each unique personal code having a fixed numeric position determined relative to the relative to the starting code of an authorized user and valid only during the access attempt of the authorized user having the same numerical position relative to a first access attempt of the authorized user;
    - wherein said security system is provided with means integral with said secured computer system for tracking and recording each access attempt of each authorized user and determining therefrom the numeric position of the next attempted access for each authorized user relative to each authorized user'"'"'s first access attempt;
      
      means for determining the unique personal code corresponding to next attempted access for each authorized user by selecting the unique personal code at the numeric position calculated for the next attempted access for each authorized user;
      
      wherein said comparing means receives and relates the personal code and biometric sample entered by the individual and the unique personal code valid for the next attempted access by each of the authorized users, and thereafter compare combining the related codes and biometric samples in order to generate a correlation factor of a third type;
      
      said evaluating means adapted to receive and evaluate each third type correlation factor generated by said comparison means in order to determine whether the individual is an authorized user of said secured computer system.
  - 99. The system of claim 98 further comprising emergency means for use by an authorized user in notifying police or other designated authority that the authorized user access attempt is being coerced by a third party, activation of which means is unapparent to the coercive third party.
  - 100. The system according to claim 99 further comprising means for limiting access to said computer system when an authorized user has been coerced or otherwise involuntarily forced to request access to a secured computer, said means configured be activated by a signal generated by said emergency notification means and upon activation to provide a predetermined reduced level of access to said secured computer system limiting the number, type and amount of applications or transactions that can be conducted, said means further configured to generate false error messages and/or other fabricated screen displays, and to provide false responses to operational requests that are reflective of and consistent with the user'"'"'s reduced level of access in order minimize the third party'"'"'s ability to discover that access has been limited and/or that authorities have been notified.
  - 101. The system of claim 98 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 102. The system of claim 98 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.

103. A tokenless security method incorporated in a security system for preventing unauthorized access to one or more computer systems by identifying an unknown user from an examination of unique biometric characteristics personal to the user, said method comprising the steps of:
- a) gathering and recording a biometric sample and personal identification code from the person of the unknown user at a site operationally isolated from said computer system;
  
  wherein a personal identification code is selected by authorized users and each personal identification code comprises a standard variant for entry when an access attempt is voluntary and one or more emergency variants, any one of which is entered to indicate that the authorized user'"'"'s access attempt is involuntarily coerced;
  
  b) transmitting the gathered biometric sample and personal identification code to said computer system;
  
  wherein an authorized user can use an emergency variant of the personal identification code to generate an emergency signal undetectable to a coercive party, said signal to be transmitted to designated authorities that the authorized user'"'"'s access attempt is being coerced or otherwise involuntary;
  
  c) receiving the gathered biometric sample at said computer system and forwarding the gathered biometric sample to said security system;
  
  d) receiving the gathered biometric sample at said security system and thereafter comparing the gathered biometric sample with an authenticated biometric sample derived from other authorized users of said computer system and generating a correlation factor of a first type from each comparison;
  
  e) evaluating each first type correlation factor so generated to determine whether the unknown user is one of the authorized users of said computer system; and
  
  f) confirming the determination of the unknown user'"'"'s identity by matching the personal identification code entered by unknown user with the personal code assigned to the specific authorized user.
- View Dependent Claims (104, 105, 106, 107, 108, 109, 110, 111, 112, 113)
- - 104. The method of claim 103 further comprising the additional step of limiting the scope of access extended to an authorized user whose access has been involuntary and coerced by limiting the type, number and value of transactions that can be carried out by the authorized user, and by generating misinformation for display to the coercing party in the form of false error messages or other screen displays and by providing false responses to operational requests, all of which are configured to be consistent with the various access limitations imposed on the authorized user.
  - 105. The method of claim 103 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 106. The method of claim 103 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 107. The method of claim 103 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.
  - 108. The method of claim 103 wherein each authorized user is assigned a particular starting code that is variabilized in a predictable but proprietary fashion to generate a progressive series of unique personal codes, each unique personal code of a selected authorized user characterized by a numeric position relative to the starting code of the selected authorized user and valid for use only during the access attempt of the same numerical position relative to the first access attempt of the selected authorized user;
    - said method further comprising the step of the unknown user entering a personal code following entry of the biometric sample;
      
      wherein the transmitting step is modified to provide for transmission of both the collected biometric sample and the entered personal code wherein each correlation factor is analyzed to determine whether the individual can be identified with a selected authorized user; and
      
      further comprising the steps of determining the number of the access attempt for the selected authorized user, identifying the unique personal code of the selected authorized user corresponding to the access attempt;
      
      confirming identification of the individual as the selected authorized user if the personal code entered by the user matches the valid unique personal code of the selected authorized user.
  - 109. The method of claim 108 further comprising the step of an authorized user generating an emergency notification undetectable to the coercive party, said signal to transmitted to designated authorities that the authorized user'"'"'s access attempt is being coerced or otherwise involuntary.
  - 110. The method of claim 108 further comprising the additional step of limiting the scope of access extended to an authorized user whose access has been involuntary and coerced by limiting the type, number and value of transactions that can be carried out by the authorized user, and by generating misinformation for display to the coercing party in the form of false error messages or other screen displays and by providing false responses to operational requests, all of which are configured to be consistent with and provide support for the various access limitations imposed on the authorized user.
  - 111. The method of claim 108 wherein the biometric sample is derived from a finger, thumb or palm print;
    - a voice print;
      
      a handwriting sample or a retinal vascular pattern.
  - 112. The method of claim 108 wherein the biometric sample is derived from a finger print, a thumb print, a palm print or a combination thereof.
  - 113. The method of claim 108 wherein the personal code of each authorized user is numeric and variable in digit length between authorized users.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
YT Acquisition Corp.
Original Assignee
Ned Hoffman
Inventors
Hoffman, Ned
Primary Examiner(s)
Couso, Jose L.
Assistant Examiner(s)
Tadayon, Bijan

Application Number

US08/345,523
Time in Patent Office

848 Days
Field of Search

340/825.34, 340/825.33, 340/825.31, 382/115, 382/116, 382/117, 382/118, 382/119, 382/124, 382/128, 902/1, 902/2, 902/3, 902/4, 902/5, 902/6, 902/8, 902/9, 902/10, 902/12, 902/13, 902/22, 902/23, 902/24, 902/25, 902/26, 902/27, 902/31, 902/32, 902/33, 902/34, 902/35, 902/37, 235/375, 235/376, 235/379, 235/380, 235/381, 235/382, 235/382.5, 235/383, 235/384, 235/385, 235/386
US Class Current

382/115
CPC Class Codes

G06F 18/28   Determining representative ...

G06F 21/32   using biometric data, e.g. ...

G06F 21/554   involving event detection a...

G06F 21/83   input devices, e.g. keyboar...

G06F 21/86   Secure or tamper-resistant ...

G06F 2211/008   Public Key, Asymmetric Key,...

G06F 2221/2117   User registration

G06Q 20/00   Payment architectures, sche...

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/10   specially adapted for elect...

G06Q 20/12   specially adapted for elect...

G06Q 20/18   involving self-service term...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/4014   Identity check for transact...

G06Q 20/40145   Biometric identity checks

G06Q 30/02   Marketing; Price estimation...

G06V 40/1365   Matching; Classification

G07C 2209/14   With a sequence of inputs o...

G07C 9/37   using biometric data, e.g. ...

G07F 19/207 : Surveillance aspects at ATMs

G07F 7/1008 : Active credit-cards provide...

G07F 9/002 : Vending machines being part...

H04L 2463/102 : applying security measure f...

H04L 63/04 : for providing a confidentia...

H04L 63/0428 : wherein the data content is...

H04L 63/0861 : using biometrical features,...

View All

Tokenless security system for authorizing access to a secured computer system

First Claim

18 Assignments

Litigations

0 Petitions

Accused Products

Abstract

669 Citations

113 Claims

Specification

Solutions

Use Cases

Quick Links

Tokenless security system for authorizing access to a secured computer system

First Claim

18 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

669 Citations

113 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links