Identity authentication and secured access systems, components, and methods
First Claim
1. An identity authentication system for one or more users, the system comprising:
- at least one credential issued to one of the users, wherein the credential includes a security token comprising data encrypted by encryption software with a cryptographic algorithm and encrypted based on a biometric key that is generated from a biometric identifier of the user; and
at least one decoder including a token interface device and a biometric input device and having access to decryption software with the cryptographic algorithm and conversion software, wherein the biometric input device receives the biometric identifier from the user, the conversion software converts the biometric identifier to the biometric key, the token interface device receives the token from the user credential, and the decryption software applies the cryptographic algorithm and the biometric key to the token to decrypt and thereby open the token, wherein the token is only openable upon the user presenting the biometric identifier used to encrypt the token so that opening the token authenticates the user, and wherein the token is only openable upon the simultaneous presence of the token, the biometric identifier used to encrypt the token, and the decoder with the decryption software including the cryptographic algorithm.
5 Assignments
0 Petitions
Accused Products
Abstract
Security tokens contain data that is each uniquely encrypted based on a unique biometric identifier of an authorized user of that token. Decoders receive the token and the user'"'"'s biometric identifier, convert the biometric identifier to a biometric key, and apply the biometric key to decrypt the token. In this way, the decoders authenticate the users without performing a biometric identifier comparison. In some embodiments pieces or sets of the data are stored in designated data compartments, which are individually encrypted based on authority keys, and all of the encrypted data compartments are collectively encrypted based on the biometric key to create the token. The decoders store only the authority keys corresponding to the data compartments which they have authorization to open. In addition, in some embodiments the token and the biometric identifier are encrypted and sent to a remote authentication server for decryption of the token.
115 Citations
28 Claims
-
1. An identity authentication system for one or more users, the system comprising:
-
at least one credential issued to one of the users, wherein the credential includes a security token comprising data encrypted by encryption software with a cryptographic algorithm and encrypted based on a biometric key that is generated from a biometric identifier of the user; and at least one decoder including a token interface device and a biometric input device and having access to decryption software with the cryptographic algorithm and conversion software, wherein the biometric input device receives the biometric identifier from the user, the conversion software converts the biometric identifier to the biometric key, the token interface device receives the token from the user credential, and the decryption software applies the cryptographic algorithm and the biometric key to the token to decrypt and thereby open the token, wherein the token is only openable upon the user presenting the biometric identifier used to encrypt the token so that opening the token authenticates the user, and wherein the token is only openable upon the simultaneous presence of the token, the biometric identifier used to encrypt the token, and the decoder with the decryption software including the cryptographic algorithm. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A decoder for opening a security token of a credential of a user;
- comprising;
a token interface device; a biometric input device; decryption software with a cryptographic algorithm; and conversion software that is operable to convert biometric identifiers to biometric keys, wherein the biometric input device receives a biometric identifier from the user, the conversion software converts the biometric identifier to a biometric key, the token interface device receives the token from the user credential, and the decryption software applies the cryptographic algorithm and the biometric key to the token to decrypt and thereby open the token, wherein the token is only openable upon the user presenting the biometric identifier used to encrypt the token so that opening the token authenticates the user, and wherein the token is only openable upon the simultaneous presence of the token, the biometric identifier used to encrypt the token, and the decoder with the decryption software including the cryptographic algorithm. - View Dependent Claims (19, 20, 21, 22, 27)
- comprising;
-
23. A method of authenticating the identity of a user with a security token comprising data encrypted based on a biometric key that is based on a biometric identifier of the user, the method comprising:
-
receiving, via a biometric input device, the biometric identifier from the user; converting, via conversion software, the biometric identifier to a biometric key; receiving, via a token interface device, the token from the user credential; decrypting, via decryption software with a cryptographic algorithm, the token using the biometric key to open the token, wherein the decryption software applies the cryptographic algorithm and the biometric key to the token to decrypt and thereby open the token, wherein the token is only openable upon the user presenting the biometric identifier used to encrypt the token so that opening the token authenticates the user, and wherein the token is only openable upon the simultaneous presence of the token, the biometric identifier used to encrypt the token, and a decoder with decryption software including the cryptographic algorithm. - View Dependent Claims (24, 25, 26, 28)
-
Specification