Using biometric features for user authentication

US 10,892,896 B2
Filed: 05/18/2020
Issued: 01/12/2021
Est. Priority Date: 07/02/2015
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

sending, to a server, an enable request for enabling a biometric feature;

receiving, from the server and in response to the enable request, an enable request reply message;

verifying the enable request reply message using an agreed-to first public key, wherein the enable request reply message is signed by the server using an agreed-to first private key;

receiving, during a biometric feature verification enabling process, the biometric feature input by a user, the biometric feature being provided for verification of the user;

acquiring a biometric feature template identifier (ID) corresponding to the received biometric feature;

sending an authentication request to the server;

generating and saving an enable record that comprises the biometric feature template ID;

generating an enable response message that comprises the biometric feature template ID, and sending the enable response message to the server for generation and saving of a user record, the user record comprising the biometric feature template ID which is used for biometric feature verification;

receiving, from the server and in response to the authentication request, an authentication request reply message;

verifying the received authentication request reply message using the agreed-to first public key, wherein the authentication request reply message is signed by the server using the agreed-to first private key;

acquiring, using the received biometric feature, the biometric feature template ID corresponding to the received biometric feature;

determining that the acquired biometric feature template ID is consistent with a stored biometric feature template ID included in the enable record; and

in response to determining that the acquired biometric feature template ID and the stored biometric feature template ID are consistent, generating an authentication response message.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication request is sent to a server. An authentication request reply message is received from the server. A biometric feature input by a user is received. A biometric feature template identifier (ID) corresponding to the received biometric feature is acquired using the received biometric feature. The acquired biometric feature template ID is compared with a stored biometric feature template ID included in an enable record that is used for biometric feature verification and created during a biometric feature verification enabling process. When the two biometric feature template IDs are consistent, an authentication response message is generated. The authentication response message is sent to the server for verification. Verification includes comparing the biometric feature template ID in the authentication response message with the biometric feature template ID in a saved user record. The verification succeeds if the two biometric feature template IDs are consistent; otherwise an error is reported.

20 Citations

14 Claims

1. A computer-implemented method comprising:
- sending, to a server, an enable request for enabling a biometric feature;
  
  receiving, from the server and in response to the enable request, an enable request reply message;
  
  verifying the enable request reply message using an agreed-to first public key, wherein the enable request reply message is signed by the server using an agreed-to first private key;
  
  receiving, during a biometric feature verification enabling process, the biometric feature input by a user, the biometric feature being provided for verification of the user;
  
  acquiring a biometric feature template identifier (ID) corresponding to the received biometric feature;
  
  sending an authentication request to the server;
  
  generating and saving an enable record that comprises the biometric feature template ID;
  
  generating an enable response message that comprises the biometric feature template ID, and sending the enable response message to the server for generation and saving of a user record, the user record comprising the biometric feature template ID which is used for biometric feature verification;
  
  receiving, from the server and in response to the authentication request, an authentication request reply message;
  
  verifying the received authentication request reply message using the agreed-to first public key, wherein the authentication request reply message is signed by the server using the agreed-to first private key;
  
  acquiring, using the received biometric feature, the biometric feature template ID corresponding to the received biometric feature;
  
  determining that the acquired biometric feature template ID is consistent with a stored biometric feature template ID included in the enable record; and
  
  in response to determining that the acquired biometric feature template ID and the stored biometric feature template ID are consistent, generating an authentication response message.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computer-implemented method of claim 1, further comprising:
    - generating a user public key and private key pair comprising a user private key and a user public key, and saving the user private key;
      
      selecting a signature algorithm according to a challenge value included in the enable request reply message;
      
      signing the generated enable response message by using the selected signature algorithm and an agreed-to second private key; and
      
      sending the signed enable response message to the server, wherein the enable response message includes the user public key, the server verifying the enable response message by using the agreed-to second public key, the user public key being saved in the server.
  - 3. The computer-implemented method of claim 2, further comprising:
    - selecting a signature algorithm according to a challenge value included in authentication request reply message; and
      
      signing the authentication response message by using the selected signature algorithm and the user private key, the server selecting a signature algorithm according to the challenge value after receiving the authentication response message and verifying the authentication response message by using the signature algorithm and the user public key, the verification including verifying the signature on the authentication response message by using the signature algorithm and the user public key.
  - 4. The computer-implemented method of claim 1, wherein the enable request reply message further comprises a user ID, the computer-implemented method further comprising after receiving the enable request reply message, saving the user ID in the enable record, wherein the enable response message further comprises the user ID, and wherein the server, after receiving the enable response message, acquires the user ID and saves the user ID in the user record.
  - 5. The computer-implemented method of claim 4, wherein the enable response message further includes a client device ID, and wherein the server, after receiving the enable request reply message, acquires the device ID and saves the device ID in the user record.
  - 6. The computer-implemented method of claim 4, wherein the authentication request reply message further comprises the user ID, the computer-implemented method further comprising after receiving the biometric feature input by a user and acquiring the biometric feature template ID corresponding to the biometric feature, searching for a corresponding enable record according to the user ID, comparing the acquired biometric feature template ID with the biometric feature template ID in the found enable record, wherein the generated authentication response message further includes the user ID, and wherein, after receiving the authentication response message, the server acquires the user ID and searches for the corresponding user record according to the user ID.
  - 7. The computer-implemented method of claim 5, wherein the authentication response message further comprises the client device ID, and wherein the server, after receiving the authentication response message, acquires the device ID and searches for the corresponding user record according to the device ID.

8. A non-transitory, computer-readable medium storing one or more instructions executable by a computer system to perform operations comprising:
- sending, to a server, an enable request for enabling a biometric feature;
  
  receiving, from the server and in response to the enable request, an enable request reply message;
  
  verifying the enable request reply message using an agreed-to first public key, wherein the enable request reply message is signed by the server using an agreed-to first private key;
  
  receiving, during a biometric feature verification enabling process, the biometric feature input by a user, the biometric feature being provided for verification of the user;
  
  acquiring a biometric feature template identifier (ID) corresponding to the received biometric feature;
  
  sending an authentication request to the server;
  
  generating and saving an enable record that comprises the biometric feature template ID;
  
  generating an enable response message that comprises the biometric feature template ID, and sending the enable response message to the server for generation and saving of a user record, the user record comprising the biometric feature template ID which is used for biometric feature verification;
  
  receiving, from the server and in response to the authentication request, an authentication request reply message;
  
  verifying the received authentication request reply message using the agreed-to first public key, wherein the authentication request reply message is signed by the server using the agreed-to first private key;
  
  acquiring, using the received biometric feature, the biometric feature template ID corresponding to the received biometric feature;
  
  determining that the acquired biometric feature template ID is consistent with a stored biometric feature template ID included in the enable record; and
  
  in response to determining that the acquired biometric feature template ID and the stored biometric feature template ID are consistent, generating an authentication response message.
- View Dependent Claims (9, 10, 11)
- - 9. The non-transitory, computer-readable medium of claim 8, the operations further comprising:
    - generating a user public key and private key pair comprising a user private key and a user public key, and saving the user private key;
      
      selecting a signature algorithm according to a challenge value included in the enable request reply message;
      
      signing the generated enable response message by using the selected signature algorithm and an agreed-to second private key; and
      
      sending the signed enable response message to the server, wherein the enable response message includes the user public key, the server verifying the enable response message by using the agreed-to second public key, the user public key being saved in the server.
  - 10. The non-transitory, computer-readable medium of claim 9, the operations further comprising:
    - selecting a signature algorithm according to a challenge value included in authentication request reply message; and
      
      signing the authentication response message by using the selected signature algorithm and the user private key, the server selecting a signature algorithm according to the challenge value after receiving the authentication response message and verifying the authentication response message by using the signature algorithm and the user public key, the verification including verifying the signature on the authentication response message by using the signature algorithm and the user public key.
  - 11. The non-transitory, computer-readable medium of claim 8, wherein the enable request reply message further comprises a user ID, the computer-implemented method further comprising after receiving the enable request reply message, saving the user ID in the enable record, wherein the enable response message further comprises the user ID, and wherein the server, after receiving the enable response message, acquires the user ID and saves the user ID in the user record.

12. A computer-implemented system, comprising:
- one or more computers; and
  
  one or more computer memory devices interoperably coupled with the one or more computers and having tangible, non-transitory, machine-readable media storing one or more instructions that, when executed by the one or more computers, perform one or more operations comprising;
  
  sending, to a server, an enable request for enabling a biometric feature;
  
  receiving, from the server and in response to the enable request, an enable request reply message;
  
  verifying the enable request reply message using an agreed-to first public key, wherein the enable request reply message is signed by the server using an agreed-to first private key;
  
  receiving, during a biometric feature verification enabling process, the biometric feature input by a user, the biometric feature being provided for verification of the user;
  
  acquiring a biometric feature template identifier (ID) corresponding to the received biometric feature;
  
  sending an authentication request to the server;
  
  generating and saving an enable record that comprises the biometric feature template ID, generating an enable response message that comprises the biometric feature template ID, and sending the enable response message to the server for generation and saving of a user record, the user record comprising the biometric feature template ID which is used for biometric feature verification;
  
  receiving, from the server and in response to the authentication request, an authentication request reply message;
  
  verifying the received authentication request reply message using the agreed-to first public key, wherein the authentication request reply message is signed by the server using the agreed-to first private key;
  
  acquiring, using the received biometric feature, the biometric feature template ID corresponding to the received biometric feature;
  
  determining that the acquired biometric feature template ID is consistent with a stored biometric feature template ID included in the enable record; and
  
  in response to determining that the acquired biometric feature template ID and the stored biometric feature template ID are consistent, generating an authentication response message.
- View Dependent Claims (13, 14)
- - 13. The computer-implemented system of claim 12, the operations further comprising:
    - generating a user public key and private key pair comprising a user private key and a user public key, and saving the user private key;
      
      selecting a signature algorithm according to a challenge value included in the enable request reply message;
      
      signing the generated enable response message by using the selected signature algorithm and an agreed-to second private key; and
      
      sending the signed enable response message to the server, wherein the enable response message includes the user public key, the server verifying the enable response message by using the agreed-to second public key, the user public key being saved in the server.
  - 14. The computer-implemented system of claim 13, the operations further comprising:
    - selecting a signature algorithm according to a challenge value included in authentication request reply message; and
      
      signing the authentication response message by using the selected signature algorithm and the user private key, the server selecting a signature algorithm according to the challenge value after receiving the authentication response message and verifying the authentication response message by using the signature algorithm and the user public key, the verification including verifying the signature on the authentication response message by using the signature algorithm and the user public key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Advanced New Technologies Company Limited (Ant Group Co., Ltd.)
Original Assignee
Advanced New Technologies Company Limited (Ant Group Co., Ltd.)
Inventors
Lin, Junsui
Primary Examiner(s)
Zee, Edward

Application Number

US16/876,584
Publication Number

US 20200280445A1
Time in Patent Office

239 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/33   using certificates

G06F 21/45   Structures or tools for the...

G06V 40/1365   Matching; Classification

H04L 63/0861   using biometrical features,...

H04L 9/0861   Generation of secret inform...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3247   involving digital signatures

Using biometric features for user authentication

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Using biometric features for user authentication

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links