Two-level authentication for secure transactions
First Claim
1. A method comprising:
- receiving, at a biometric reader, a biometric input, a personal digital key (PDK) comprising the biometric reader;
generating, at the PDK, biometric data based on the biometric input;
retrieving, from a secured memory element of the PDK, a biometric profile sample comprising biometric information, wherein the biometric profile sample is associated with a biometric profile associated with an individual;
comparing, at the PDK, the information of the biometric profile sample to the biometric data based on the biometric input;
subsequent to a determination of a match between the biometric data based on the biometric input and the biometric profile sample, retrieving, from the secured memory element of the PDK, the biometric profile associated with the individual;
comparing, at the PDK, the biometric data based on the biometric input to the biometric profile;
transmitting, by the PDK via radio, purchasing means information associated with the PDK, the purchasing means information used by a first remote registry administered by a trusted third-party organization in a first validation, the first validation subsequent to determining that the biometric data based on the biometric input matches the biometric profile,wherein a transaction with a merchant is authorized based on the first validation using the purchasing means information associated with the PDK and wirelessly transmitted subsequent to the comparison between the biometric profile and the biometric data based on the biometric input.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method provide efficient, secure, and highly reliable authentication for transaction processing and/or access control applications. A Personal Digital Key stores one or more profiles (e.g., a biometric profile) in a tamper-proof memory that is acquired in a secure trusted process. Biometric profiles comprise a representation of physical or behavioral characteristics that are uniquely associated with an individual that owns and carries the PDK. The PDK wirelessly transmits the biometric profile over a secure wireless transaction to a Reader for use in a biometric authentication process. The Reader compares the received biometric profile to a biometric input acquired at the point of transaction in order to determine if the transaction should be authorized.
228 Citations
20 Claims
-
1. A method comprising:
-
receiving, at a biometric reader, a biometric input, a personal digital key (PDK) comprising the biometric reader; generating, at the PDK, biometric data based on the biometric input; retrieving, from a secured memory element of the PDK, a biometric profile sample comprising biometric information, wherein the biometric profile sample is associated with a biometric profile associated with an individual; comparing, at the PDK, the information of the biometric profile sample to the biometric data based on the biometric input; subsequent to a determination of a match between the biometric data based on the biometric input and the biometric profile sample, retrieving, from the secured memory element of the PDK, the biometric profile associated with the individual; comparing, at the PDK, the biometric data based on the biometric input to the biometric profile; transmitting, by the PDK via radio, purchasing means information associated with the PDK, the purchasing means information used by a first remote registry administered by a trusted third-party organization in a first validation, the first validation subsequent to determining that the biometric data based on the biometric input matches the biometric profile, wherein a transaction with a merchant is authorized based on the first validation using the purchasing means information associated with the PDK and wirelessly transmitted subsequent to the comparison between the biometric profile and the biometric data based on the biometric input. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An apparatus comprising:
-
a biometric reader adapted to receive a biometric input and generate biometric data based on the biometric input; a secured memory element storing purchasing means information associated with a PDK, the purchasing means information used by a first remote registry administered by a trusted third-party organization in a first validation, a biometric profile sample comprising biometric information, wherein the biometric profile sample is associated with a biometric profile associated with an individual, and the biometric profile associated with the individual; a processor coupled to the secured memory element and the biometric reader, the processor adapted to compare the biometric profile sample to the biometric data based on the biometric input and determine that the biometric profile sample matches the biometric data based on the biometric input, and subsequent to a determination of a match between the biometric data based on the biometric input and the biometric profile sample, to compare the biometric data based on the biometric input to the biometric profile associated with the individual; and a radio communication interface coupled to the processor and to the secured memory element, the radio communication interface adapted to establish a secure communication channel, the radio communication interface adapted to transmit the purchasing means information associated with the PDK using the secure communication channel, wherein a transaction with a merchant is authorized based on the first validation of the purchasing means information associated with PDK and wirelessly transmitted, via radio, subsequent to the comparison between the biometric profile and the biometric data based on the biometric input. - View Dependent Claims (17, 18, 19)
-
-
20. A method comprising:
-
receiving, from a personal digital key (PDK) comprising a biometric reader, purchasing means information at a first remote registry administered by a trusted third-party organization, the purchasing means information received subsequent to the PDK determining that biometric data based on a biometric input received by the biometric reader matches a biometric profile comprising biometric information stored in a secured memory element of the PDK, wherein the biometric information is associated with an individual, and wherein the biometric data based on the biometric input is compared to the biometric profile subsequent to a determination of a match between the biometric data based on the biometric input and a biometric profile sample stored in the secured memory element; validating, at the first remote registry administered by the trusted third-party organization, the purchasing means information; and authorizing a transaction based on the validation of the purchasing means information received subsequent to the match between the biometric data based on the biometric input and the biometric profile stored in a secure element of the PDK, wherein the match between the biometric data based on the biometric input and the biometric profile stored in the secure element of the PDK determined subsequent to the determination of the match between the biometric data based on the biometric input and the biometric profile sample stored in the secured memory element.
-
Specification