Mapping biometrics to a unique key
First Claim
1. A method, comprising:
- enrolling an initial biometric sample of a user with an authentication application at a server;
receiving a user-specific database from the server and storing the user-specific database at a computing device of the user, the user-specific database is created specifically for the user in response to the enrolling and comprises biometric templates for a number N users, including biometric templates of other users and a biometric template of the user which is based on the initial biometric sample of the user, wherein the biometric template of the user is randomly positioned within the user-specific database, and the user-specific database is created in response to the enrolling as a proper subset of biometric templates of a number M users in a generic database, where N is less than M, and the user-specific database comprises a respective data value associated with each of the biometric templates for the N users, and each respective data value in the user-specific database is unique;
after the enrolling, receiving a subsequent biometric sample of a user at the computing device;
comparing the subsequent biometric sample to a plurality of biometric templates among the biometric templates in the user-specific database;
responsive to the comparing, selecting one of the biometric templates in the user-specific database as a best match to the subsequent biometric sample, one of the respective data values is associated with the one of the biometric templates; and
authenticating the user using the one of the respective data values as one factor.
1 Assignment
0 Petitions
Accused Products
Abstract
A technique for mapping a biometric credential of a user to a data value such as a key or password. A database stores multiple entries of biometric templates and associated data values for different users. One of the entries is a match for a particular user, and the remaining entries are randomly selected. The number of entries is reasonably large to provide a desired degree of randomness for a given entry, but smaller than a key space of the data values. Based on an input of a biometric sample of the user, a best match is selected from the entries of biometric templates, and the associated data value is used to authenticate the user. Two- or three-factor authentication can be provided. Additional factors can include a password provided by the user and a key which is encrypted by the data value of the matching entry.
-
Citations
20 Claims
-
1. A method, comprising:
-
enrolling an initial biometric sample of a user with an authentication application at a server; receiving a user-specific database from the server and storing the user-specific database at a computing device of the user, the user-specific database is created specifically for the user in response to the enrolling and comprises biometric templates for a number N users, including biometric templates of other users and a biometric template of the user which is based on the initial biometric sample of the user, wherein the biometric template of the user is randomly positioned within the user-specific database, and the user-specific database is created in response to the enrolling as a proper subset of biometric templates of a number M users in a generic database, where N is less than M, and the user-specific database comprises a respective data value associated with each of the biometric templates for the N users, and each respective data value in the user-specific database is unique; after the enrolling, receiving a subsequent biometric sample of a user at the computing device; comparing the subsequent biometric sample to a plurality of biometric templates among the biometric templates in the user-specific database; responsive to the comparing, selecting one of the biometric templates in the user-specific database as a best match to the subsequent biometric sample, one of the respective data values is associated with the one of the biometric templates; and authenticating the user using the one of the respective data values as one factor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system, comprising:
-
a storage device; and a processor in communication with said storage device, the processor programmed to; obtain initial biometric data from a user; transmit the initial biometric data to a server, the server associating a data value with the initial biometric data; receive from the server a database comprising the initial biometric data of the user and the associated data value of the initial biometric data, and biometric data and associated data values of thousands of other users, wherein the database is specific to the user, the initial biometric data of the user is randomly positioned within the biometric data of the thousands of other users, and the biometric data of the thousands of other users is randomly selected as a proper subset of biometric data of users in a generic database; store the database in the storage device; receive subsequent biometric data of the user; perform a comparison of the subsequent biometric data of the user to the initial biometric data of the user and to the biometric data of the other users to determine that the initial biometric data of the user is a closest match to the subsequent biometric data of the user; and responsive to the comparison, use the associated data value of the initial biometric data to perform authentication of the user. - View Dependent Claims (14, 15)
-
-
16. A system, comprising:
-
a storage device; and a processor in communication with the storage device, the processor programmed to; receive biometric data from computing devices of a plurality of users as the plurality of users enroll with an authentication application; provide a generic database with entries for each of the plurality of users, each entry comprising the biometric data and an associated data value of the user; receive a request from one of the computing devices, the one of the computing devices is associated with a subject user; in response to the request, randomly select a proper subset of the entries, the proper subset of the entries comprising an entry of biometric data and associated data value for the subject user, and entries of biometric data and associated data values for other users of the plurality of users, and provide a user-specific database for the one of the computing devices of the subject user comprising the proper subset of the entries; receive subsequent biometric data from the one of the computing devices; compare the subsequent biometric data to biometric data of a plurality of entries among the proper subset of the entries in the user-specific database; responsive to the compare, select one of the entries in the user-specific database as a best match to the subsequent biometric data, one of the associated data values is associated with the one of the entries; and authenticate the user using the associated data values. - View Dependent Claims (17, 18, 19, 20)
-
Specification