Secure method and system for biometric verification
First Claim
Patent Images
1. A method of biometric verification using an access software application configured to access another application, system or other software entity to protect biometric data against spoofing or theft, the method comprising the steps:
- (a) establishing parameters of the access software application;
(b) generating a biometric template for a user by sampling;
(c) integrating into the access software application, by means of partial evaluation, the parameters and the biometric template;
(d) performing tamper-resistant software (TRS) encoding to the access software application including storing the biometric data in an encoded format that is irreversible, the step of performing TRS encoding being performed according to one of the following;
(i) prior to the establishing of parameters, whereby one TRS implementation covers multiple platforms and multiple biometric templates;
(ii) after the establishing of parameters and before generating the biometric template, whereby one TRS implementation covers one platform only and multiple biometric templates; and
(iii) after the establishing of parameters and after generating the biometric template, whereby one TRS implementation covers one platform only and one biometric template only; and
(e) employing the biometric template which has been integrated into the access software application to evaluate biometric data provided by a user seeking to access the other application, system or software entity to provide an evaluation result which either permits or denies access by the user wherein the TRS encoding comprises mass data encoding for data in array, table or message buffer form; and
wherein the evaluation result comprises branching to a distinct location of the access software application if the user-provided biometric data is found to match the biometric template.
3 Assignments
0 Petitions
Accused Products
Abstract
There is a need in the computer software and data industries to protect content from unauthorized access to private information. Alphanumeric passwords have been shown to offer very weak protection. Biometrics (personal traits such as fingerprints and hand-written signatures) offer superior protection, but still have a number of weaknesses. The most significant weakness is that there is no existing way to protect the stored biometric data itself; and once a person'"'"'s fingerprint data has been obtained by an attacker, the use of that fingerprint can no longer be considered secure. The invention solves the problem by securing the access software application that manages the biometric data using tamper-resistant encoding techniques. These tamper-resistant encoding techniques include: data-flow, control-flow, mass-data and white-box encoding.
70 Citations
5 Claims
-
1. A method of biometric verification using an access software application configured to access another application, system or other software entity to protect biometric data against spoofing or theft, the method comprising the steps:
-
(a) establishing parameters of the access software application; (b) generating a biometric template for a user by sampling; (c) integrating into the access software application, by means of partial evaluation, the parameters and the biometric template; (d) performing tamper-resistant software (TRS) encoding to the access software application including storing the biometric data in an encoded format that is irreversible, the step of performing TRS encoding being performed according to one of the following; (i) prior to the establishing of parameters, whereby one TRS implementation covers multiple platforms and multiple biometric templates; (ii) after the establishing of parameters and before generating the biometric template, whereby one TRS implementation covers one platform only and multiple biometric templates; and (iii) after the establishing of parameters and after generating the biometric template, whereby one TRS implementation covers one platform only and one biometric template only; and (e) employing the biometric template which has been integrated into the access software application to evaluate biometric data provided by a user seeking to access the other application, system or software entity to provide an evaluation result which either permits or denies access by the user wherein the TRS encoding comprises mass data encoding for data in array, table or message buffer form; and wherein the evaluation result comprises branching to a distinct location of the access software application if the user-provided biometric data is found to match the biometric template. - View Dependent Claims (2, 3, 4, 5)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeIrdeto B.V. (MultiChoice Group Ltd.)
-
Original AssigneeCloakware Incorporated (MultiChoice Group Ltd.)
-
InventorsJohnson, Harold J., Main, Alec
-
Primary Examiner(s)Moazzami; Nasser
-
Assistant Examiner(s)Louie; Oscar A
-
Application NumberUS10/743,784Publication NumberTime in Patent Office2,456 DaysField of Search713/186, 713/194, 726/2, 726/16, 726/21, 726/26, 726/27, 380/59US Class Current713/186CPC Class CodesG06F 21/14 against software analysis o...G06F 21/32 using biometric data, e.g. ...G06F 21/552 involving long-term monitor...G06F 21/6218 to a system of files or obj...G06F 21/6245 Protecting personal data, e...G06F 2221/2107 File encryptionH04L 2209/043 of tables, e.g. lookup, sub...H04L 2209/16 Obfuscation or hiding, e.g....H04L 2209/56 Financial cryptography, e.g...H04L 2209/80 Wireless network architectu...H04L 9/002 Countermeasures against att...H04L 9/3231 Biological data, e.g. finge...
