Method of using fingerprints to authenticate wireless communications

US 6,219,793 B1
Filed: 09/08/1997
Issued: 04/17/2001
Est. Priority Date: 09/11/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method for authenticating a call to be made over a communication system, the method comprising:

(a) determining that the call has been initiated from a source;

(b) encrypting a challenge with stored fingerprint minutiae data to produce an encrypted challenge;

(c) sending the encrypted challenge to the source for the purpose of decrypting by the source with source fingerprint minutiae data from a user of the source;

(d) determining whether source fingerprint minutiae data provided from said source matches said stored fingerprint minutiae data associated with said source; and

(e) if said source fingerprint data matches said stored fingerprint data, allowing said call to be completed.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are a system and a method employing a user'"'"'s fingerprint to authenticate a wireless communication. The user'"'"'s personal fingerprint is employed as the secret key in the context of a modified “challenge-response” scenario. The system includes a fingerprint capture module on a mobile personal wireless communication device (e.g., a wireless telephone) and a central authentication system coupled to a conventional mobile switching center. The central authentication system contains information that associates each mobile identification number (“MIN”) with a particular user'"'"'s fingerprint. When a wireless communication is to be initiated, the central authentication system engages in a challenge-response authentication with the mobile switching station or the wireless phone using the stored fingerprint associated with the MIN through the common air interface. The correct response from the mobile station will only be generated when the user'"'"'s fingerprint entered through the fingerprint capture module attached to the mobile station matches the information sent from the central authentication system, and only calls placed from authorized users are connected.

481 Citations

43 Claims

1. A method for authenticating a call to be made over a communication system, the method comprising:
- (a) determining that the call has been initiated from a source;
  
  (b) encrypting a challenge with stored fingerprint minutiae data to produce an encrypted challenge;
  
  (c) sending the encrypted challenge to the source for the purpose of decrypting by the source with source fingerprint minutiae data from a user of the source;
  
  (d) determining whether source fingerprint minutiae data provided from said source matches said stored fingerprint minutiae data associated with said source; and
  
  (e) if said source fingerprint data matches said stored fingerprint data, allowing said call to be completed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 38, 39)
- - 2. The method of claim 1, wherein the communication system forms at least part of a wireless telephone network.
  - 3. The method of claim 2, wherein the call initiated from the source is forwarded through one or more a plurality of mobile switching centers.
  - 4. The method of claim 2, wherein said source is a mobile cellular telephone.
  - 5. The method of claim 4, wherein determining that a call is being initiated includes detecting transmission of at least one of a mobile identification number (MIN) and an electronic serial number (ESN) associated with the mobile cellular telephone.
  - 6. The method of claim 5 further comprising confirming that said at least one of the MIN and the ESN is valid.
  - 7. The method of claim 1, wherein said fingerprint data is provided in an interminutiae distance-vector-derived format.
  - 8. The method of claim 1, further comprising:
9. The method of claim 1, further comprising:
- determining whether the source fingerprint minutiae data is identical to one or more instances of sample fingerprint minutiae data previously received; and
  
  if the source fingerprint minutiae data and any one of the instances of the sample fingerprint minutiae data are identical, preventing the call from being completed.
10. The method of claim 1, where the fingerprint data is provided in a timestamp.
38. The method of claim 1, further comprising:
- determining whether the source fingerprint minutiae data is identical to the stored fingerprint minutiae data; and
  
  if the source fingerprint minutiae data and stored fingerprint minutiae data are identical, preventing the call from being completed.
39. The method of claim 38, further comprising:
- determining whether the source fingerprint minutiae data is identical to one or more instances of sample fingerprint minutiae data previously received; and
  
  if the source fingerprint minutiae data and any one of the instances of the sample fingerprint minutiae data are identical, preventing the call from being completed.

11. A method for accessing a vehicle with a wireless security system, the method comprising:
- (a) determining that a request for access to the vehicle has been initiated from a wireless source;
  
  (b) determining whether source fingerprint data provided at said wireless source matches stored fingerprint data provided for the vehicle; and
  
  (c) if said source fingerprint data matches said stored fingerprint data, allowing access to the vehicle.
- View Dependent Claims (12, 13, 14)
- - 12. The method of claim 11, further comprising prompting a user of said wireless source for a fingerprint from which to generate the source fingerprint data.
  - 13. The method of claim 11, wherein the stored fingerprint data is stored in the vehicle.
  - 14. The method of claim 11, wherein the vehicle is a car and allowing access to the car comprises unlocking the car.

15. A method for authenticating a call to be made over a communication system, the method comprising:
- (a) sending a dialed number on said communication network;
  
  (b) receiving a challenge encrypted with stored fingerprint minutiae data and the stored fingerprint minutiae data itself from the communications system;
  
  (c) receiving a user'"'"'s fingerprint;
  
  (d) generating source fingerprint minutiae data from said user'"'"'s fingerprint;
  
  (e) comparing the stored fingerprint minutiae data with the source fingerprint minutiae data; and
  
  (f) if the stored and the source fingerprint minutiae data match, sending the source fingerprint minutiae data to the communications system.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The method of claim 15, wherein the communication system forms at least a part of a wireless telephone network.
  - 17. The method of claim 16, wherein (a) through (f) are performed by a mobile cellular telephone.
  - 18. The method of claim 15, further comprising:
19. The method of claim 15, further comprising:
- prompting the user to provide a fingerprint.
20. The method of claim 15, wherein the stored fingerprint data is provided from a database on a public switched telephone network.
21. The method of claim 15, further comprising providing a timestamp with the source fingerprint data.

22. A wireless communication device capable of rendering wireless communications secure by requiring biometric information from a user, the device comprising:
- (a) a wireless communications interface for sending and receiving wireless communications;
  
  (b) a device for capturing the user'"'"'s fingerprint; and
  
  (c) a processing device capable of converting the user'"'"'s fingerprint to source minutiae fingerprint data which can be transmitted, wherein the processing device is also capable of comparing the source fingerprint minutiae data with stored fingerprint minutiae data received via the wireless communications interface and determining whether the source and stored fingerprint minutiae data match, whereby when the source and stored fingerprint data are found to match, the device decrypts a challenge encrypted with the stored fingerprint minutiae data and received via the wireless communications interface and then transmits the source fingerprint minutiae data via the wireless communications interface.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 42)
- - 23. The device of claim 22, wherein the device is a wireless telephone.
  - 24. The device of claim 23, wherein the wireless telephone includes a casing and provided within said casing are the device for capturing the user'"'"'s fingerprint and the processing device.
  - 25. The device of claim 22, wherein the wireless communications interface is capable of sending and receiving fingerprint data over a data channel which operates at a different frequency from a communications channel which sends and receives other communications.
  - 26. The device of claim 22, wherein the device for capturing the user'"'"'s fingerprint includes:
27. The device of claim 26, wherein the imager is selected from the group consisting of CCD arrays and CMOS photodiode/photogate arrays.
28. The device of claim 27, wherein the imager is a CMOS photodiode/photogate array which is provided on an integrated circuit together with the processing device.
29. The device of claim 22, wherein the device for capturing the user'"'"'s fingerprint is a capacitor array formed on a semiconductor substrate or an ultrasonic mechanism formed on a semiconductor substrate.
30. The device of claim 22, wherein the processing device is a CPU.
42. The wireless communication device of claim 22, wherein the processing device is further capable of decrypting a challenge received from said remote location, with the stored fingerprint minutiae data, when the source and stored fingerprint minutiae data are found to match.

31. A central authentication system connected to a communications network and capable of rendering wireless communications secure by processing biometric information from a user, the device comprising:
- (a) a communications interface for sending and receiving data communications over said communications network;
  
  (b) a database interface for accessing a database containing stored fingerprint minutiae data associated with users of wireless communications devices; and
  
  (c) a processor capable of determining whether a wireless communication from a wireless communications device should be permitted based upon a match between a user'"'"'s fingerprint minutiae data taken from said wireless communications device and stored fingerprint minutiae data associated the wireless communications device, wherein the processor is capable of generating an encrypted challenge by encrypting a challenge with a token containing said stored fingerprint minutiae data.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 43)
- - 32. The central authentication system of claim 31, wherein the communications interface is coupled to a public switched telephone network.
  - 33. The central authentication system of claim 32, wherein the central authentication system communicates with one or more mobile switching centers via the public switched telephone network.
  - 34. The central authentication system of claim 31, wherein the database includes, for at least one of said wireless communications devices, a plurality of received tokens containing information from fingerprints taken at said wireless communications device.
  - 35. The central authentication system of claim 34, wherein the processor is capable of comparing the user'"'"'s fingerprint minutiae data with said plurality of tokens for said given wireless communications device.
  - 36. The central authentication system of claim 31, further comprising a memory which persistently stores a program allowing the processor to determine whether wireless communications from the wireless communications devices should be permitted.
  - 37. The central authentication system of claim 36, wherein the memory can store a challenge and a decrypted challenge so that the processor can determine whether the challenge and the decrypted challenge match.
  - 43. The central authentication system of claim 31, wherein the processor is capable of comparing the user'"'"'s fingerprint minutiae data with the stored fingerprint minutiae data, whereby when the stored fingerprint minutiae data matches the user'"'"'s fingerprint minutiae data, the central authentication system can allow a call from the user to proceed.

40. A method for authenticating a call to be made over a wireless communication system, the method comprising:
- (a) determining that the call has been initiated from a wireless source;
  
  (b) encrypting a challenge with stored fingerprint minutiae data to produce an encrypted challenge;
  
  (c) sending the encrypted challenge to the source for the purpose of decrypting by the source with source fingerprint minutiae data from a user of the source;
  
  (d) receiving a decrypted challenge from said source, which decrypted challenge has been decrypted with the source fingerprint data;
  
  (e) comparing the challenge with the decrypted challenge from the source; and
  
  (f) determining whether source fingerprint minutiae data provided from said source matches said stored fingerprint minutiae data associated with said source;
  
  (g) determining whether the source fingerprint minutiae data is identical to one or more instances of sample fingerprint minutiae data previously received or is identical to the stored fingerprint minutiae data; and
  
  (h) if the challenge and the decrypted challenge match, and if the source fingerprint data matches the stored fingerprint data, and if the source fingerprint minutiae data and no instances of the sample fingerprint minutiae data or the stored fingerprint minutiae data are identical, allowing the call from being completed.

41. A method for authenticating a call to be made over a communication system, the method comprising:
- (a) sending a dialed number on said communication network;
  
  (b) receiving from the communications system, stored fingerprint minutiae data and a challenge encrypted with the stored fingerprint minutiae data;
  
  (c) receiving a user'"'"'s fingerprint;
  
  (d) generating source fingerprint minutiae data from said user'"'"'s fingerprint;
  
  (e) comparing the stored fingerprint minutiae data with the source fingerprint minutiae data;
  
  (f) if the stored and the source fingerprint minutiae data match, decrypting the encrypted challenge with the source fingerprint minutiae data to produce a decrypted challenge; and
  
  (g) transmitting said decrypted challenge and the source fingerprint minutiae data to the communications system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hush, Inc.
Original Assignee
Hush, Inc.
Inventors
Li, Yang, Subbiah, Subramanian, Rao, D. Ramesh K.
Primary Examiner(s)
Hayes, Gail
Assistant Examiner(s)
Seal, James

Application Number

US08/925,024
Time in Patent Office

1,317 Days
Field of Search

380/23, 380/25, 380/21, 380/59, 380/52, 380/247, 380/249, 713/168, 713/172, 713/186, 379/93.03
US Class Current

726/19
CPC Class Codes

B60R 25/2018   Central base unlocks or aut...

G06F 2203/0336   Mouse integrated fingerprin...

G06F 3/03543   Mice or pucks G06F3/03541 t...

G06V 40/13   Sensors therefor

G07C 9/26   using a biometric sensor in...

G07C 9/37   using biometric data, e.g. ...

H04L 63/0861   using biometrical features,...

H04W 12/033   of the user plane, e.g. use...

H04W 12/06   Authentication

H04W 12/71   Hardware identity

Method of using fingerprints to authenticate wireless communications

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

481 Citations

43 Claims

Specification

Solutions

Use Cases

Quick Links

Method of using fingerprints to authenticate wireless communications

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

481 Citations

43 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links