Biometric personal data key (PDK) authentication

DC CAFC

US 8,352,730 B2
Filed: 12/20/2005
Issued: 01/08/2013
Est. Priority Date: 12/20/2004
Status: Active Grant

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method for verifying a user during authentication of an integrated device, comprising the steps of:

persistently storing biometric data of the user and a plurality of codes and other data values comprising a device ID code uniquely identifying the integrated device and a secret decryption value in a tamper proof format written to a storage element on the integrated device that is unable to be subsequently altered;

wherein the biometric data is selected from a group consisting of a palm print, a retinal scan, an iris scan, a hand geometry, a facial recognition, a signature recognition and a voice recognition;

responsive to receiving a request for a biometric verification of the user, receiving scan data from a biometric scan;

comparing the scan data to the biometric data to determine whether the scan data matches the biometric data;

responsive to a determination that the scan data matches the biometric data, wirelessly sending one or more codes from the plurality of codes and the other data values for authentication by an agent that is a third-party trusted authority possessing a list of device ID codes uniquely identifying legitimate integrated devices, wherein the one or more codes and other data values includes the device ID code; and

responsive to authentication of the one or more codes and the other data values by the agent, receiving an access message from the agent allowing the user access to an application, wherein the application is selected from a group consisting of a casino machine, a keyless lock, a garage door opener, an ATM machine, a hard drive, computer software, a web site and a file.

View all claims

1 Assignment

Timeline View

Assignment View

Litigations

3 Petitions

Reexamination

Accused Products

Abstract

Systems and methods are provided for an integrated device that persistently (or permanently) stores biometric data for a user in a tamper-resistant format. Subsequently, scan data collected from a user (e.g., a finger-print) can be compared against the biometric data. Once the user has been verified by the integrated device, a code can be wirelessly transmitted for authentication. The authentication module sends the code to a trusted key authority. The trusted key authority checks a list of enrolled integrated devices for a match. If there is a match, the authentication module sends a message to an application to allow access by the user. The trusted key authority also stores a profile associated with the code. The profile can contain user information such as name, age, account numbers, preferences, etc. and can also describe the status of the integrated device.

235 Citations

17 Claims

1. A method for verifying a user during authentication of an integrated device, comprising the steps of:
- persistently storing biometric data of the user and a plurality of codes and other data values comprising a device ID code uniquely identifying the integrated device and a secret decryption value in a tamper proof format written to a storage element on the integrated device that is unable to be subsequently altered;
  
  wherein the biometric data is selected from a group consisting of a palm print, a retinal scan, an iris scan, a hand geometry, a facial recognition, a signature recognition and a voice recognition;
  
  responsive to receiving a request for a biometric verification of the user, receiving scan data from a biometric scan;
  
  comparing the scan data to the biometric data to determine whether the scan data matches the biometric data;
  
  responsive to a determination that the scan data matches the biometric data, wirelessly sending one or more codes from the plurality of codes and the other data values for authentication by an agent that is a third-party trusted authority possessing a list of device ID codes uniquely identifying legitimate integrated devices, wherein the one or more codes and other data values includes the device ID code; and
  
  responsive to authentication of the one or more codes and the other data values by the agent, receiving an access message from the agent allowing the user access to an application, wherein the application is selected from a group consisting of a casino machine, a keyless lock, a garage door opener, an ATM machine, a hard drive, computer software, a web site and a file.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the one or more codes and the other data values are transmitted to the agent over a network.
  - 3. The method of claim 1, further comprising:
    - registering an age verification for the user in association with the device ID code.
  - 4. The method of claim 1, wherein the one or more codes and the other data values indicate that the biometric verification was successful.
  - 5. The method of claim 1, wherein the biometric data and the scan data are both based on a fingerprint scan by the user.
  - 6. The method of claim 1, further comprising:
    - establishing a secure communication channel prior to sending the one or more codes and the other data values for authentication.
  - 7. The method of claim 1, further comprising:
    - receiving a request for the one or more codes and the other data values without a request for biometric verification; and
      
      responsive to receiving the request for the one or more codes and the other data values without a request for biometric verification, sending the one or more codes and the other data values without requesting the scan data.

8. An integrated device for verifying a user during authentication of the integrated device, comprising:
- a memory stores biometric data of a user and a plurality of codes and other data values comprising a device ID code uniquely identifying the integrated device and a secret decryption value in a tamper proof format written to the memory that is unable to be subsequently altered;
  
  wherein the biometric data is selected from a group consisting of a palm print, a retinal scan, an iris scan, a hand geometry, a facial recognition, a signature recognition and a voice recognition;
  
  a verification unit, in communication with the memory, receives scan data from a biometric scan for comparison against the biometric data, and if the scan data matches the biometric data, wirelessly sends one or more codes from the plurality of codes and the other data values for authentication by an agent that is a third-party trusted authority possessing a list of device ID codes uniquely identifying legitimate integrated devices, wherein the one or more codes and the other data values includes the device ID code; and
  
  responsive to the agent authenticating the one or more codes and the other data values, a radio frequency communicator, receives an access message from the agent allowing the user access to an application, wherein the application is selected from a group consisting of a casino machine, a keyless lock, a garage door opener, an ATM machine, a hard drive, computer software, a web site and a file.
- View Dependent Claims (9, 10, 11)
- - 9. The integrated device of claim 8, wherein the one or more codes and the other data values are transmitted to the agent over a network.
  - 10. The integrated device of claim 9, wherein an age verification is registered in association with the device ID code.
  - 11. The integrated device of claim 8, wherein the verifier comprises:
    - an LED to be activated for requesting the biometric scan.

12. A method for authenticating a verified user using a computer processor configured to execute method steps, comprising:
- receiving one or more codes from a plurality of codes and other data values including a device ID code, wherein the plurality of codes and the other data values comprises the device ID code uniquely identifying the integrated device and a secret decryption value associated with a biometrically verified user, the device ID code being registered with an agent that is a third-party trusted authority possessing a list of device ID codes uniquely identifying legitimate integrated devices;
  
  requesting authentication of the one or more codes and the other data values by the agent, wherein the authentication determines whether the one or more codes and the other data values are-legitimate;
  
  receiving an access message from the agent; and
  
  in response to a positive access message, allowing the biometrically verified user access to an application, wherein the application is selected from a group consisting of a casino machine, a keyless lock, a garage door opener, an ATM machine, a hard drive, computer software, a web site and a file.
- View Dependent Claims (13, 14)
- - 13. The method of claim 12, further comprising:
    - registering a date of birth or age with the agent.
  - 14. The method of claim 12, further comprising:
    - establishing a secure communications channel with a biometric key, wherein the one or more codes and the other data values associated with the biometrically verified user is received from the biometric key.

15. A system, comprising:
- a biometric key stores biometric data of a user and a plurality of codes and other data values comprising a device ID code uniquely identifying the biometric key and a secret decryption value in a tamper proof format written to a storage element on the biometric key that is unable to be subsequently altered, and if scan data can be verified as being from the user by comparing the scan data to the biometric data, wirelessly sending, one or more codes from the plurality of codes and other data values wherein the one or more codes and the other data values include the device ID code, and the biometric data is selected from a group consisting of a palm print, a retinal scan, an iris scan, a hand geometry, a facial recognition, a signature recognition and a voice recognition; and
  
  an authentication unit receives the plurality of codes and the other data values and send the plurality of codes and the other data values to agent for authentication to determine whether the one or more codes and the other data values are legitimate, wherein the agent is a third-party trusted authority possessing a list of device ID codes uniquely identifying legitimate integrated devices, and responsive to the device ID code being authenticated, the authentication unit receiving an access message from the agent allowing the user to access an application, wherein the application is selected from a group consisting of a casino machine, a keyless lock, a garage door opener, an ATM machine, a hard drive, computer software, a web site and a file.
- View Dependent Claims (16, 17)
- - 16. The system of claim 15, wherein the biometric key receives an authentication request from the authentication unit, and in response, requests a biometric scan from the user to generate the scan data.
  - 17. The system of claim 15, wherein if the biometric key cannot verify the scan data as being from the user, it does not send the one or more codes and the other data values.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Proxense, LLC
Original Assignee
Proxense, LLC
Inventors
Giobbi, John J.
Primary Examiner(s)
Smithers, Matthew
Assistant Examiner(s)
VU, PHY ANH TRAN

Application Number

US11/314,199
Publication Number

US 20060143441A1
Time in Patent Office

2,576 Days
Field of Search

380/23, 713/155, 713/159, 713/176, 713/186, 726 27- 30, 382/115, 340 552- 553
US Class Current

713/155
CPC Class Codes

G05B 1/00   Comparing elements, i.e. el...

G06F 21/32   using biometric data, e.g. ...

G06F 21/35   communicating wirelessly

G07C 9/257   electronically G07C9/26 tak...

H04L 9/321   involving a third party or ...

Biometric personal data key (PDK) authentication

First Claim

1 Assignment

Litigations

3 Petitions

Reexamination

Accused Products

Abstract

235 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Biometric personal data key (PDK) authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

Litigations

3 Petitions

Subscription Required

Reexamination

Accused Products

Subscription Required

Abstract

235 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links