Access control through multifactor authentication with multimodal biometrics
First Claim
1. A method for transaction authentication involving a user of a computing device owned or possessed by the user, the method comprising:
- a) storing at least one device identifier for the computing device owned or possessed by the user;
b) storing a fact known by the user;
c) storing biometric data of the user; and
d) authenticating the user for a transaction involving the computing device owned or possessed by the user by;
i) determining that at least one device identifier of the computing device owned or possessed by the user corresponds to the at least one device identifier stored in a);
ii) determining that the user exhibits knowledge of the fact stored in b);
iii) determining that the user satisfies at least one biometric challenge based upon the biometric data stored in c); and
iv) determining that the user satisfies at least one liveness challenge which involves
1) presenting a random prompt or question to the user where the random prompt or question is organized such that it can be answered by a live person and not by a machine and
2) recognizing a valid response generated by a live person in response to a random prompt or question.
0 Assignments
0 Petitions
Accused Products
Abstract
A system is provided in which a person may use a Cellular (Mobile) Telephone, a PDA or any other handheld computer to make a purchase. This is an example only. The process may entail any type of transaction which requires authentication, such as any financial transaction, any access control (to account information, etc.), and any physical access scenario such as doubling for a passport or an access key to a restricted area (office, vault, etc.). It may also be used to conduct remote transactions such as those conducted on the Internet (E-Commerce, account access, etc.). In the process, a multifactor authentication is used.
-
Citations
44 Claims
-
1. A method for transaction authentication involving a user of a computing device owned or possessed by the user, the method comprising:
-
a) storing at least one device identifier for the computing device owned or possessed by the user; b) storing a fact known by the user; c) storing biometric data of the user; and d) authenticating the user for a transaction involving the computing device owned or possessed by the user by; i) determining that at least one device identifier of the computing device owned or possessed by the user corresponds to the at least one device identifier stored in a); ii) determining that the user exhibits knowledge of the fact stored in b); iii) determining that the user satisfies at least one biometric challenge based upon the biometric data stored in c); and iv) determining that the user satisfies at least one liveness challenge which involves
1) presenting a random prompt or question to the user where the random prompt or question is organized such that it can be answered by a live person and not by a machine and
2) recognizing a valid response generated by a live person in response to a random prompt or question. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A method of controlling access to a physical location by operation of a computing device by a user whose execution provides a physical access control interface, the method comprising:
-
a) storing a fact known by the user; b) storing biometric data of the user; and c) configuring the physical access control interface to selectively grant access to the physical location based on a number of operations, including i) determining that the user exhibits knowledge of the fact stored in a); ii) determining that the user satisfies at least one biometric challenge based upon the biometric data stored in b); and iii) determining that the user satisfies at least one liveness challenge which involves
1) presenting a random prompt or question to the user where the random prompt or question is organized such that it can be answered by a live person and not by a machine and
2) recognizing a valid response generated by a live person in response to a random prompt or question. - View Dependent Claims (38, 39, 40, 41)
-
-
42. A method of controlling access to personal health data of a user stored on a computing device, the method comprising:
-
a) storing a fact known by the user; b) storing biometric data of the user; and c) selectively granting access to the personal health data stored on the computing device based on a number of operations, including i) determining that the user exhibits knowledge of the fact stored in a); ii) determining that the user satisfies at least one biometric challenge based upon the biometric data stored in b); and iii) determining that the user satisfies at least one liveness challenge which involves
1) presenting a random prompt or question to the user where the random prompt or question is organized such that it can be answered by a live person and not by a machine and
2) recognizing a valid response generated by a live person in response to a random prompt or question. - View Dependent Claims (43, 44)
-
Specification