US20030101348A1 - Method and system for determining confidence in a digital transaction - Google Patents

Method and system for determining confidence in a digital transaction Download PDF

Info

Publication number
US20030101348A1
US20030101348A1 US10/194,959 US19495902A US2003101348A1 US 20030101348 A1 US20030101348 A1 US 20030101348A1 US 19495902 A US19495902 A US 19495902A US 2003101348 A1 US2003101348 A1 US 2003101348A1
Authority
US
United States
Prior art keywords
transaction
trust metric
token
trust
confidence
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/194,959
Inventor
Anthony Russo
Peter McCoy
Mark Howell
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Atrua Technologies Inc
Original Assignee
I-CONTROL SECURITY Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US10/099,558 external-priority patent/US20030021495A1/en
Application filed by I-CONTROL SECURITY Inc filed Critical I-CONTROL SECURITY Inc
Priority to US10/194,959 priority Critical patent/US20030101348A1/en
Assigned to I-CONTROL SECURITY, INC. reassignment I-CONTROL SECURITY, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MCCOY, PETER A., HOWELL, MARK J., RUSSO, ANTHONY P.
Publication of US20030101348A1 publication Critical patent/US20030101348A1/en
Assigned to I-CONTROL SECURITY, INC. reassignment I-CONTROL SECURITY, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: I-CONTROL TRANSACTIONS, INC.
Assigned to ATRUA TECHNOLOGIES, INC. reassignment ATRUA TECHNOLOGIES, INC. CHANGE OF NAME (SEE DOCUMENT FOR DETAILS). Assignors: I-CONTROL SECURITY, INC.
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/02Reservations, e.g. for tickets, services or events
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/12Fingerprints or palmprints
    • G06V40/1335Combining adjacent partial images (e.g. slices) to create a composite input or reference pattern; Tracking a sweeping finger movement
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/08Randomization, e.g. dummy operations or using noise
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Definitions

  • the present invention relates generally to the field of methods, computer programs and computer program products, devices, and systems for encryption systems, especially public key infrastructure (PKI) systems, and also to the field of biometrics, especially but not limited to biometrics such as human fingerprints and human voiceprints.
  • PKI public key infrastructure
  • authentication methods are grouped into three categories, also called authentication factors: (1) something you know—a secret such as a password or a PIN or other information; (2) something you have—such as a smartcard, the key to a mechanical lock, an ID badge, or other physical object; and (3) something you are—a measure of a person such as a fingerprint or voiceprint.
  • Each method has advantages and disadvantages including those relating to ways that a system may be fooled into accepting a normally unauthorized user in cases where, for example, a password has been guessed or a key has been stolen.
  • Biometric identification is used to verify the identity of a person by measuring selected features of some physical characteristic and comparing those measurements with those filed for the person in a reference database or stored in a token (such as a smartcard) carried by the person.
  • Physical characteristics that are used today include fingerprints, voiceprints, hand geometry, the pattern of blood vessels on the wrist or on the retina of the eye, the topography of the iris of the eye, facial patterns, and the dynamics of writing a signature or typing on a keyboard.
  • Biometric identification methods are widely used today for securing physical access to buildings and securing data networks and personal computers.
  • a secure system is based upon either a mutually-shared secret or a private key of a public-private key pair.
  • the secret is first selected or created, then agreed upon and stored for later use.
  • Each of the above broad categories has its own specific risk factors depending on the type of secret, where and how it is stored and how it is created.
  • the risk of guessing is dependent on a variety of factors including, but not limited to, the type of secret (for example, a password, a private PKI key, a symmetric key, or the like), the length of the secret (for example, number of characters in the password or number of bits in the private key), and the randomness of the secret (for example, an entropy calculation plus, in the case of a password, whether the password matches a dictionary word).
  • the risk of observation during transmission is dependent on factors including, but not limited to: whether it was transmitted at all (generally, there is no transmission of the secret in PKI); what type of encryption was used, if any, during transmission; and the network used for the transmission (for example, whether it was transmitted using a telephone, an internet, a private network, or other network or communication link or channel).
  • the risk of a stored secret being illicitly retrieved is dependent on factors including, but not limited to: the number of devices where instances of the secret are stored (for example, a secret may be stored on a user's PC as well as in a system database); the storage medium used for each stored instance (hard disk, paper notes, smart card, portable memory device such as a flash memory card, PKCS-11 token (as discussed further in “PKCS #11 v2.11: Cryptrographic Token Interface Standard” published June 2001 by RSA Laboratories, hereby incorporated by reference), or the like); whether the secret is stored in plain text or encrypted; if stored encrypted, the risk associated with the encryption key used; what kind of biometrics used, if any, to restrict access to the storage medium; the security of passphrase used, if any, to retrieve secret; the security of biometric system(s) used, if any, to retrieve secret; and the security of physical token used, if any, to retrieve secret—for example if a token is used, the security of that
  • the risk associated with the secret being issued to the wrong person is dependent on factors including, but not limited to: the specific method or methods used to verify the user's identity prior to issuing the secret; the degree of human interaction, if any, involved in the verification process (i.e. is it supervised and verified by a trained human being); what specific biometric system or systems, if any, is used to aid verification; which government agencies (such as for example the FBI, Secret Service, or other agency), if any, aid in the verification process; and which trusted documents, if any, were required for verification (for example bank statement, social security number, passport, or the like).
  • the security and integrity of information systems depends primarily on keeping data confidential so that only authorized users may see or act against the data, and assuring the integrity of data so that the data can not be changed or tampered with undetected.
  • the field of cryptography provides well-known tools for assuring confidentiality and integrity using encryption techniques such as ciphers and hash algorithms.
  • PKI Public Key Infrastructure
  • PKI gets its name from its use of a class of cryptographic algorithm called a public key algorithm.
  • a public key algorithm is a cryptographic algorithm that operates using two different but mathematically-related keys, a public key that may be shared with any party and a private key which must be kept secret, such that (for must such algorithms) data encrypted with the public key may only be decrypted with the private key, and vice-versa.
  • PKI standards provide powerful mechanisms for safe and private storage and transmission of confidential data so that it remains hidden from unauthorized parties.
  • the standards provide for digital signatures, which provide the receiving party of some data with an assurance of the identity of the transmitting party.
  • PKI standards further provide for digital certificates, which provide a tamper-resistant, portable record of the association of a public key with a person's or organization's name, attested to and signed by a trusted party, thus presenting a form of unique, irrefutable digital identity or credential for that person or organization.
  • PKI standards also provide other useful and powerful mechanisms that can contribute to the security and integrity of information systems.
  • PKI is widely used in commercial and non-commercial systems, both over the Internet and in more closed or local applications.
  • Most web browsers for example, use PKI and PKI-based standards to interoperate with web servers when high security is desired, as when a user specifies a credit card number for payment while placing an online order.
  • the proliferation of electronic commerce has led many jurisdictions around the world to begin to develop legal standards with the intended result that a correctly constituted digital signature would be every bit as legally binding as a handwritten signature is today.
  • PKI provides powerful mechanisms, but it has weaknesses.
  • One way for digital identities to be compromised is for an impostor to somehow get a copy of the private key that is associated with the public key embedded in a certificate, thus invalidating an assumption that only the person or organization to which the certificate is issued has access to the (secret) private key.
  • An impostor to somehow get a copy of the private key that is associated with the public key embedded in a certificate, thus invalidating an assumption that only the person or organization to which the certificate is issued has access to the (secret) private key.
  • anyone with both the certificate (which is meant to be public information, freely exchanged with anyone) and the associated private key (which is meant to be secret) can impersonate someone else and compromise the security and integrity of an information system dependent on the valid use of a certificate and associated private key.
  • the invention provides a transaction confidence token for use in a secure communication system, comprising an envelope and a seal.
  • the envelope comprises transaction information and a trust metric.
  • the seal contains a digital signature of the envelope.
  • the envelope further includes a timestamp.
  • the transaction information contained in the envelope includes a web site address, a web session identifier, a monetary or exchange value, an order number, an SKU number, a credit card number, or any combinations thereof.
  • the trust metric within the envelope is an overall trust metric indicating a combined confidence level for enrollment, storage, transmission, and authentication processes employed for authentication of a transaction.
  • the trust metric comprises a storage trust metric indicating a confidence level for a storage process associated with authentication of a transaction.
  • the trust metric comprises a transmission trust metric indicating a confidence level for a transmission process associated with authentication of a transaction.
  • the trust metric comprises an authentication trust metric indicating a confidence level for an authentication process associated with authentication of a transaction.
  • the trust metric comprises an enrollment trust metric indicating a confidence level for an enrollment process associated with authentication of a transaction.
  • a plurality of trust metrics are provided in the envelope.
  • a first trust metric comprises an overall trust metric and at least a second trust metric is provided chosen from the group consisting of an enrollment trust metric, a storage trust metric, a transmission trust metric, an authentication trust metric, and combinations thereof.
  • the digital signature contained in the seal is signed with a private key.
  • a method for assuring a secure transaction comprises receiving a transaction confidence token comprising a trust metric associated with the transaction, determining if the trust metric indicates a sufficient trust level; and processing the transaction if the trust metric indicates or exceeds said sufficient trust level.
  • a method further comprises requiring a mitigating factor if said trust metric indicates less than said sufficient trust level.
  • the mitigating factor may be chosen based on the trust metric.
  • the mitigating factor may be chosen from the group consisting of a fee, a waiting period, an authentication procedure, and combinations thereof.
  • the method further comprises processing the transaction after receiving a mitigating factor.
  • the method further comprises constructing a transaction confidence token comprising a trust metric, and transmitting said transaction confidence token to a server.
  • a method for assuring a secure transaction comprises receiving a transaction confidence token comprising a trust metric associated with said transaction, determining if said trust metric indicates an acceptable risk level; and processing said transaction if said trust metric indicates or is less than said acceptable risk level.
  • the method further comprises requiring a mitigating factor if said trust metric indicates greater than said acceptable risk level. In still other embodiments, the method further includes processing said transaction after receiving said mitigating factor.
  • FIG. 1 is a schematic representation of one embodiment of a transaction confidence token according to an embodiment of the present invention.
  • FIG. 2 is a schematic flowchart showing a method of processing a transaction according to an embodiment of the present invention.
  • FIG. 3 is a schematic flowchart outlining a process for using a transaction confidence token according to an embodiment of the present invention.
  • This invention introduces the concept of a software token that associates a secret—such as a private key or password—with risk factors involved in protecting that secret from illicit access.
  • the token includes an indication or calculation of the “overall risk of compromise” (OROC), generally represented as an overall trust metric, associated with the secret.
  • OROC all risk of compromise
  • the token also includes a calculation of individual risk factor probabilities used to determine the OROC, or overall trust metric. This token can then be used to inform system operators or third parties of the confidence of a given system transaction that depends on the secret. A third party can then take whatever actions it deems appropriate according to the estimated risk.
  • the risk factor is used to deny a transaction if the risk is deemed to great—that is if the risk factor is greater than a predetermined (or sufficient) value.
  • the risk factor is used to charge the user a fee in an effort to mitigate the risk, or where some fee may already be charged to the user for the transaction to charge different fees according to the assessed risk or trust level.
  • the fee may be a flat fee charged to all transactions having less than a sufficient trust level or the fee may vary according to the trust level indicated by the token.
  • the present invention provides a mechanism for a system to add an estimate of risk or confidence on that yes or no answer, and for other systems to use that confidence information to their advantage. In one embodiment, it also provides a mechanism for documenting the party's identity so as to provide a non-repudiation mechanism for the transaction.
  • the present invention provides systems utilizing tokens to assign or mitigate risk.
  • FIG. 1 depicts a schematic representation of transaction confidence token 100 according to one embodiment of the present invention.
  • a token such as token 100
  • Token 100 is created using available information regarding risk factors, examples of which are discussed above.
  • Token 100 can be in the form of a separate packet of stored data associated with the secret, integrated either with the secret itself or, in the case of PKI, with the associated digital certificate.
  • the present invention provides transaction confidence tokens comprising at least one trust metric.
  • trust metric generally refers to a measure of a risk factor. Examples of typical risk factors are discussed above.
  • token 100 comprises information on at least one risk factor discussed above.
  • token 100 comprises an overall risk-of-compromise (OROC) value, or overall trust metric 110 , which may take one or more risk factors into consideration.
  • OROC overall risk-of-compromise
  • token 100 is created and stored in a database during both enrollment and subsequent transactions, includes all the fields shown in FIG. 1. In other embodiments, only a subset of fields shown in FIG. 1 are present.
  • trust metrics such as overall trust metric 110
  • trust metrics are given by an absolute probability ranging from 0.0 to 1.0, calculated using a weighted Bayesian equation. Other ranges and equations for calculating trust metrics may also or alternatively be employed.
  • trust metrics are given by an arbitrary mapping of risk information to three categories—low, medium, and high. Any number of categories may alternatively be used, with each category represented by a unique indicator. The risk information may alternatively be provided by a continuous range of values rather than in discrete categories.
  • Overall trust metric 110 represents a weighted combination of individual risk probabilities of a plurality of risk factors.
  • a system uses token 100 to deny or accept a transaction. In other embodiments, a system charges a fee, or imposes another mitigation factor—such as a waiting period or another required authentication—based on risk information contained in token 100 .
  • transaction confidence token 100 is composed of two data structures: envelope 120 and seal 130 .
  • Envelope 120 comprises transaction contents, or transaction information 140 and at least one trust metric, although a plurality of trust metrics are shown in FIG. 1. Further, envelope 120 comprises timestamp 150 .
  • transaction information 140 represents a complete record of a transaction—including, as appropriate, account numbers, web session identifiers, monetary or exchange values, item quantities, an SKU number, an order number, a credit card number, a web URL or address, or other data describing the user's authenticated request. In other embodiments, transaction information 140 comprises only some of the above information associated with a transaction.
  • transaction information 140 comprises only a transaction identifier or reference string such as a web session identifier as is often used in web applications.
  • transaction information 140 field comprises a complete transaction confidence token, which may in turn (i.e., recursively) contain another transaction confidence token in its transaction contents field, without particular limit. This embodiment allows for multiple parties to attest to a transaction and attach their own confidence to the transaction as it is processed by each of a number of systems in series.
  • the innermost transaction confidence token corresponds to the original transaction when it is first authenticated and signed by the originating party.
  • Timestamp 150 generally comprises a string indicating a date and time at which the authentication event which is the subject of the transaction confidence token took place.
  • any time indicator is appropriate for timestamp 150 .
  • timestamp 150 is expressed in Universal Coordinated Time (UTC).
  • UTC Universal Coordinated Time
  • Overall trust metric 110 indicates a degree of overall confidence in a transaction.
  • overall trust metric 110 provides a degree of confidence in enrollment, storage, transmission, and authentication processes employed for authentication of a transaction.
  • Overall trust metric 110 can be defined according to the specifics of the application contemplated, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence.
  • low security refers to a password authentication against a 4-digit numeric PIN stored in non-secure storage.
  • Medium security refers to a fingerprint authentication or strong password (alphanumeric, mixed case, greater than 8 characters) against a secret in non-secure storage, and high security is attributed to a fingerprint authentication or strong password against a secret in secure storage such as a smart card.
  • any number of trust categories can be assigned among any authentication processes.
  • Envelope 120 may comprise metrics related to measures of individual aspects of an authentication process. That is, envelope 120 may comprise some or all of the following optional fields: (1) Enrollment Trust Metric 160 , (2) Storage Trust Metric 170 , (3) Transmission Trust Metric 180 , and (4) Authentication Trust Metric 190 .
  • Enrollment Trust Metric 160 indicates a degree of confidence in security of an enrollment or personalization process under which a secret was issued to an authenticating party.
  • Enrollment trust metric 160 can be defined according to specifics of the application employed. In a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence.
  • a low confidence enrollment trust metric is assigned to self-enrollment where little or no manual verification of user identity is carried out;
  • a medium confidence enrollment trust metric is assigned to online verification using a “weak secret” such as a credit card number, which may be independently verified to match the enrollee's name by the credit card issuer;
  • a high confidence enrollment trust metric is assigned in an enrollment situation where the user's identity is verified—using trusted documents such as a passport, driver's license, or the like—by a human being who works for the enrollment agency or represents another predetermined organization.
  • Storage Trust Metric 170 indicates a degree of confidence in the security of a method of storage used to store a secret.
  • Storage Trust Metric 170 can be defined according to the specifics of the application employed. In a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence.
  • a storage trust metric indicating a low confidence level is assigned to storage of a secret in unencrypted form on a hard disk or FLASH memory of a PC or other computing device;
  • a storage trust metric indicating a medium confidence level is assigned to storage of a secret in encrypted form on a hard drive or FLASH memory of a PC or other computing device and protected with a PIN or password;
  • a storage trust metric indicating a high confidence level is assigned to storage of a secret in secure storage, such as that of a smart card, and protected with a PIN or password.
  • Transmission Trust Metric 180 indicates a degree of confidence in security of a method of transmission, if any, of a secret.
  • This Transmission Trust Metric can be defined according to specifics of the application employed, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence.
  • a transmission trust metric indicating a low confidence level is assigned to a transmission of a secret in unencrypted form via the internet or local computer network;
  • a transmission trust metric indicating a medium confidence level is assigned to transmission of a secret in encrypted form using SSL or TLS (as known in the art and described further in Dierks, T., and Allen, C., “The TLS Protocol Version 1.0,” RFC 2246, January 1999, hereby incorporated by reference) or other common standard of network encryption;
  • a transmission trust metric indicating a high confidence level applies to transmission of a secret via armored car using a certified carrier such as, for example, Brink's@, Inc.
  • Authentication Trust Metric 190 indicates a degree of confidence in the security of a method of authentication for a particular transaction.
  • Authentication Trust Metric 190 can be defined according to specifics of the application employed, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. Accordingly, in one embodiment, an authentication trust metric indicating a low confidence level is assigned to authentication using a PIN or password (“something you know”); an authentication trust metric indicating a medium confidence level is assigned to authentication using a physical token such as a PKCS-11 standard device or smart card (“something you have”); and an authentication trust metric indicating a high confidence level is assigned authentication requiring use of a biometric such as fingerprint, voiceprint, or face recognition (“something you are”).
  • trust metrics provide an indication of security based on measurable risk factors
  • trust metric values are not constrained by theoretical security weaknesses. For example, a particular storage method or enrollment procedure may be assigned a stronger or weaker trust metric based on a preferred or encouraged method for performing those functions.
  • Seal 130 of transaction confidence token 100 is a string of bytes containing a digital signature of envelope 120 , signed in a preferred embodiment with the private key of the authenticating party or system.
  • envelope 120 and seal 130 are constructed according to PKCS #7—for a detailed description of the standard, see, for example RSA Laboratories.
  • PKCS #7 Cryptographic Message Syntax Standard. Version 1.5, November 1993, hereby incorporated by reference.
  • PKCS #7 also allows for the recursion of transaction information field 140 of envelope 120 in a transaction confidence token.
  • envelope 120 and seal 130 are constructed according to the XML Signature Syntax and Processing Recommendation—for a detailed description of the standard see, for example Eastlake 3 rd , D., Reagle, J., and Solo, D., “(Extensible Markup Language) XML-Signature Syntax and Processing,” RFC 3275, March 2002, incorporated herein by reference.
  • the present invention further provides systems and methods for using a transaction confidence token. For example, when a requester (client) or server initiates a transaction requiring authentication, such as in step 200 in FIG. 2, server 210 requests the authentication and an associated transaction confidence token. In other embodiments, no specific request is made by server 210 .
  • a requester client
  • server 210 requests the authentication and an associated transaction confidence token. In other embodiments, no specific request is made by server 210 .
  • step 230 such as a private encryption key using an authentication method, such as a biometric match.
  • Numerous devices and methods exist for securing a secret including those described in U.S. application Ser. No. ______, filed ______, entitled “Secure Network And Networked Devices Using Biometrics” (Attorney Docket No.
  • Requester 220 generates, step 240 , contents of a requested transaction, such as the quantity and SKUs of item(s) to be purchased, in a form suitable to be encoded in the transaction confidence token's transaction contents, or transaction information field, such as transaction information 140 in token 100 depicted in FIG. 1.
  • Requester 220 determines at least one trust metric, step 250 , as described above and encodes at least one trust metric in the transaction confidence token.
  • Requester 220 signs the transaction confidence token in step 260 .
  • Server 210 receives a transaction confidence token associated with a transaction request in step 270 .
  • Server 210 then adjusts its confidence level, in the transaction, step 280 , based on whether the signature is valid and takes action appropriate to the confidence level, completing the transaction in step 290 .
  • the present invention further provides methods for a server to act on a transaction confidence token.
  • FIG. 3 provides a schematic overview of an embodiment of such a method according to the present invention.
  • a server receives a transaction confidence token, step 300 , and verifies the signature of the transaction confidence token, step 310 , using, for example, the public key of the originator of the transaction confidence token. If the signature verification fails, indicating that the transaction confidence token was not created by the purported originating party, had been altered after its creation, or otherwise is invalid, then the system may then discard the token, step 320 , and assume no confidence in the authenticity of the associated transaction. In a preferred embodiment, a transaction confidence token with an invalid signature is discarded and the associated transaction request is discarded or rolled back according to appropriate exception handling practice for the application employing methods of the present invention.
  • the server determines its confidence in the transaction, step 330 , calculated from one or more trust metric fields in the transaction confidence token.
  • step 340 the original receiving server may construct a new transaction confidence token, and embed the current transaction confidence token, optionally asserting its own degree of confidence in the transaction, step 350 .
  • the server then transmits, step 360 , a new transaction confidence token (comprising embedded first transaction confidence token) to other participating Server(s), step 370 .
  • the Server may then do its own processing of the transaction request employing the confidence it has determined, step 370 . For example, if a trust metric within the transaction confidence token indicates or exceeds a predetermined sufficient trust level, the server processes the transaction. However, in one embodiment, if a trust metric does not indicate a minimum sufficient trust level, the server rejects the transaction. If a trust metric indicates a minimum sufficient trust level but less than a sufficient trust level, the server may require a mitigating factor. For example, the server may require an additional authentication procedure, a fee, or a waiting period in an effort to mitigate risk associated with a predetermined range of trust metric values.
  • trust metrics are assigned and evaluated with respect to risk. That is, risk is generally the opposite of trust and trust metrics may be assigned such that increasing trust metric values corresponding to an increasing risk associated with a transaction. In these embodiments, less secure situations would receive a higher trust metric value. For example, in some embodiments of the present invention, a confidence level between 0 . 0 and 1 . 0 is calculated. A corresponding risk level in this embodiment is given generally by 1—(confidence level).
  • a trust metric within the transaction confidence token indicates or exceeds a predetermined maximum risk level, the risk is determined to be too great, and the server the server rejects the transaction.
  • the server may require a mitigating factor before processing the transaction. For example, the server may require an additional authentication procedure, a fee, or a waiting period in an effort to mitigate risk associated with a predetermined range of trust metric values. If a trust metric indicates less than an acceptable risk level, the server will process the transaction.
  • the invention may advantageously implement the methods and procedures described herein on a general purpose or special purpose computing device, such as a device having a processor for executing computer program code instructions and a memory coupled to the processor for storing data and/or commands.
  • a general purpose or special purpose computing device such as a device having a processor for executing computer program code instructions and a memory coupled to the processor for storing data and/or commands.
  • the computing device may be a single computer or a plurality of networked computers and that the several procedures associated with implementing the methods and procedures described herein may be implemented on one or a plurality of computing devices.
  • the inventive procedures and methods are implemented on standard server-client network infrastructures with the inventive features added on top of such infrastructure or compatible therewith.

Abstract

The present invention provides systems and methods utilizing tokens to assign or mitigate risk. A software token is provided that associates a secret—such as a private key or password—with risk factors involved in protecting that secret from illicit access. The token may include an indication or calculation of the “overall risk of compromise” (OROC), generally represented as an overall trust metric, associated with the secret. This token can then be used to inform system operators or third parties of the confidence of a given system transaction that depends on the secret. A third party can then take whatever actions it deems appropriate according to the estimated risk. For example, in one embodiment of the present invention, the risk factor is used to deny a transaction if the risk is deemed to great—that is if the risk factor is greater than a predetermined (or sufficient) value.

Description

    RELATED APPLICATIONS
  • This application further relates to the following co-pending applications: [0001]
  • U.S. application Ser. No. ______, filed ______, entitled “BIOMETRICALLY ENHANCED DIGITAL CERTIFICATES AND SYSTEM AND METHOD FOR MAKING AND USING” (Attorney Docket No. A-70596/RMA/JML); [0002]
  • U.S. application Ser. No. ______, filed ______, entitled “SECURE NETWORK AND NETWORKED DEVICES USING BIOMETRICS” (Attorney Docket No. A70595/RMA/JML); and [0003]
  • U.S. application Ser. No. ______, filed ______, entitled “METHOD AND SYSTEM FOR BIOMETRIC IMAGE ASSEMBLY FROM MULTIPLE PARTIAL BIOMETRIC FRAME SCANS” (Attorney Docket No. A-70591/RMA/JML); all of which are hereby incorporated by reference.[0004]
  • This application claims the benefit under 35 U.S.C. §119 and/or 35 U.S.C. §120 of the filing date of: U.S. Provisional Application Serial No. 60/305,120, filed Jul. 12, 2001, which is hereby incorporated by reference, and entitled SYSTEM, METHOD, DEVICE AND COMPUTER PROGRAM FOR NON-REPUDIATED WIRELESS TRANSACTIONS; U.S. patent application Ser. No. 10/099,554 filed Mar. 13, 2002 and entitled SYSTEM, METHOD, AND OPERATING MODEL FOR MOBILE WIRELESS NETWORK-BASED TRANSACTION AUTHENTICATION AND NON-REPUDIATION; and U.S. patent application Ser. No. 10/099,558 filed Mar. 13, 2002 and entitled FINGERPRINT BIOMETRIC CAPTURE DEVICE AND METHOD WITH INTEGRATED ON-CHIP DATA BUFFERING; each of which applications are incorporated by reference herein. [0005]
    • FIELD OF THE INVENTION
  • The present invention relates generally to the field of methods, computer programs and computer program products, devices, and systems for encryption systems, especially public key infrastructure (PKI) systems, and also to the field of biometrics, especially but not limited to biometrics such as human fingerprints and human voiceprints. [0006]
    • BACKGROUND OF THE INVENTION
  • The security and integrity of information systems depends in part on authentication of individual users—accurately and reliably determining the identity of a user attempting to use the system. Once a user is authenticated, a system is then able to authorize the user to retrieve certain information or perform certain actions appropriate to the system's understanding of the user's identity. Examples of such actions include downloading a document, completing a financial transaction, or digitally signing a purchase. [0007]
  • Numerous methods have been developed for authenticating users. Generally, as will be understood by those skilled in the art, authentication methods are grouped into three categories, also called authentication factors: (1) something you know—a secret such as a password or a PIN or other information; (2) something you have—such as a smartcard, the key to a mechanical lock, an ID badge, or other physical object; and (3) something you are—a measure of a person such as a fingerprint or voiceprint. Each method has advantages and disadvantages including those relating to ways that a system may be fooled into accepting a normally unauthorized user in cases where, for example, a password has been guessed or a key has been stolen. [0008]
  • The third category above—referred to herein as ‘something you are’ authentication methods—are the subject of the biometrics field. Biometric identification is used to verify the identity of a person by measuring selected features of some physical characteristic and comparing those measurements with those filed for the person in a reference database or stored in a token (such as a smartcard) carried by the person. Physical characteristics that are used today include fingerprints, voiceprints, hand geometry, the pattern of blood vessels on the wrist or on the retina of the eye, the topography of the iris of the eye, facial patterns, and the dynamics of writing a signature or typing on a keyboard. Biometric identification methods are widely used today for securing physical access to buildings and securing data networks and personal computers. [0009]
  • A secure system is based upon either a mutually-shared secret or a private key of a public-private key pair. During the enrollment process, the secret is first selected or created, then agreed upon and stored for later use. There are generally four major sources of risk associated with the secret being compromised: (1) the secret can be guessed by an unauthorized user; (2) the secret was observed by an unauthorized user during creation or subsequent transmission; (3) the stored secret can be retrieved and employed by an unauthorized user after creation; and/or (4) the stored secret was issued to the wrong party. [0010]
  • Each of the above broad categories has its own specific risk factors depending on the type of secret, where and how it is stored and how it is created. For example, the risk of guessing is dependent on a variety of factors including, but not limited to, the type of secret (for example, a password, a private PKI key, a symmetric key, or the like), the length of the secret (for example, number of characters in the password or number of bits in the private key), and the randomness of the secret (for example, an entropy calculation plus, in the case of a password, whether the password matches a dictionary word). The risk of observation during transmission is dependent on factors including, but not limited to: whether it was transmitted at all (generally, there is no transmission of the secret in PKI); what type of encryption was used, if any, during transmission; and the network used for the transmission (for example, whether it was transmitted using a telephone, an internet, a private network, or other network or communication link or channel). [0011]
  • The risk of a stored secret being illicitly retrieved is dependent on factors including, but not limited to: the number of devices where instances of the secret are stored (for example, a secret may be stored on a user's PC as well as in a system database); the storage medium used for each stored instance (hard disk, paper notes, smart card, portable memory device such as a flash memory card, PKCS-11 token (as discussed further in “PKCS #11 v2.11: Cryptrographic Token Interface Standard” published June 2001 by RSA Laboratories, hereby incorporated by reference), or the like); whether the secret is stored in plain text or encrypted; if stored encrypted, the risk associated with the encryption key used; what kind of biometrics used, if any, to restrict access to the storage medium; the security of passphrase used, if any, to retrieve secret; the security of biometric system(s) used, if any, to retrieve secret; and the security of physical token used, if any, to retrieve secret—for example if a token is used, the security of that token is dependent upon whether someone else has had access to it, or if it has been lost or stolen; what combinations of passphrase, biometric, and token are required, if any; and the security of the enrolled biometric template. [0012]
  • The risk associated with the secret being issued to the wrong person is dependent on factors including, but not limited to: the specific method or methods used to verify the user's identity prior to issuing the secret; the degree of human interaction, if any, involved in the verification process (i.e. is it supervised and verified by a trained human being); what specific biometric system or systems, if any, is used to aid verification; which government agencies (such as for example the FBI, Secret Service, or other agency), if any, aid in the verification process; and which trusted documents, if any, were required for verification (for example bank statement, social security number, passport, or the like). [0013]
  • Systems used for e-commerce, online banking and other financially related areas rely on security to prevent unauthorized users from accessing services for monetary gain. For example, well-designed systems try to prevent would-be buyers from purchasing goods and services with someone else's credit card by requiring a PIN or a password. [0014]
  • More generally, the security and integrity of information systems depends primarily on keeping data confidential so that only authorized users may see or act against the data, and assuring the integrity of data so that the data can not be changed or tampered with undetected. The field of cryptography provides well-known tools for assuring confidentiality and integrity using encryption techniques such as ciphers and hash algorithms. [0015]
  • One widely known and implemented body of these tools, and procedures and practices for their use, is called Public Key Infrastructure (PKI). PKI gets its name from its use of a class of cryptographic algorithm called a public key algorithm. As is widely known to those versed in the cryptographic field, a public key algorithm is a cryptographic algorithm that operates using two different but mathematically-related keys, a public key that may be shared with any party and a private key which must be kept secret, such that (for must such algorithms) data encrypted with the public key may only be decrypted with the private key, and vice-versa. PKI standards are well known, X.509 for example, described in Housley, R., “Internet X.509 Public Key Infrastructure Certificate and CRL Profile,” RFC 2459, January 1999, and ITU-T Recommendation X.509 (1997 E): Information Technology—Open Systems Interconnection—The Directory: Authentication Framework, June 1997, both of which are hereby incorporated by reference. [0016]
  • These standards provide powerful mechanisms for safe and private storage and transmission of confidential data so that it remains hidden from unauthorized parties. The standards provide for digital signatures, which provide the receiving party of some data with an assurance of the identity of the transmitting party. PKI standards further provide for digital certificates, which provide a tamper-resistant, portable record of the association of a public key with a person's or organization's name, attested to and signed by a trusted party, thus presenting a form of unique, irrefutable digital identity or credential for that person or organization. PKI standards also provide other useful and powerful mechanisms that can contribute to the security and integrity of information systems. [0017]
  • PKI is widely used in commercial and non-commercial systems, both over the Internet and in more closed or local applications. Most web browsers, for example, use PKI and PKI-based standards to interoperate with web servers when high security is desired, as when a user specifies a credit card number for payment while placing an online order. The proliferation of electronic commerce has led many jurisdictions around the world to begin to develop legal standards with the intended result that a correctly constituted digital signature would be every bit as legally binding as a handwritten signature is today. [0018]
  • PKI provides powerful mechanisms, but it has weaknesses. One way for digital identities to be compromised is for an impostor to somehow get a copy of the private key that is associated with the public key embedded in a certificate, thus invalidating an assumption that only the person or organization to which the certificate is issued has access to the (secret) private key. Anyone with both the certificate (which is meant to be public information, freely exchanged with anyone) and the associated private key (which is meant to be secret) can impersonate someone else and compromise the security and integrity of an information system dependent on the valid use of a certificate and associated private key. [0019]
  • Most systems, therefore, secure the private key such that the user must authenticate before the private key can be used for any task. Many such systems require a password (“something you know”) or a smartcard (“something you have”), or both. Some systems provide additional security by putting the private key on a smartcard that is resistant to tampering or copying. Other systems may also employ biometrics (“something you are”) to ensure that the person using the private key is in fact the true owner of the certificate. [0020]
  • However, smart cards may be lost, damaged, or stolen. Passwords may be forgotten or guessed. Biometrics systems can be fooled. These concerns are part of what is called in the field “the last-meter problem”, the problem of making sure that an otherwise secure system isn't compromised by a failure to correctly authenticate the person using (and usually physically adjacent to) some part of the system. The last-meter problem can present opportunities for impostors in PKI systems. Mathematically, the theoretical probability of a PKI system being fooled or otherwise compromised is extremely low (much less than 1 in a billion, for instance). However, once the “last meter problem” is taken into account, the security of such a system is greatly reduced, as the “last meter problem” becomes the weakest link in an otherwise very secure chain. [0021]
  • Today's PKI systems do not take into account the risk associated with the “last meter problem” when assessing the trust level to associate with users of such systems. [0022]
  • Accordingly, it is an object of the present invention to provide an indication of the security of a given transaction. [0023]
    • SUMMARY
  • In a first embodiment, the invention provides a transaction confidence token for use in a secure communication system, comprising an envelope and a seal. The envelope comprises transaction information and a trust metric. The seal contains a digital signature of the envelope. In preferred embodiments, the envelope further includes a timestamp. In some embodiments, the transaction information contained in the envelope includes a web site address, a web session identifier, a monetary or exchange value, an order number, an SKU number, a credit card number, or any combinations thereof. [0024]
  • In one embodiment, the trust metric within the envelope is an overall trust metric indicating a combined confidence level for enrollment, storage, transmission, and authentication processes employed for authentication of a transaction. [0025]
  • In another embodiment, the trust metric comprises a storage trust metric indicating a confidence level for a storage process associated with authentication of a transaction. In yet another embodiment, the trust metric comprises a transmission trust metric indicating a confidence level for a transmission process associated with authentication of a transaction. In still another embodiment, the trust metric comprises an authentication trust metric indicating a confidence level for an authentication process associated with authentication of a transaction. In a further embodiment, the trust metric comprises an enrollment trust metric indicating a confidence level for an enrollment process associated with authentication of a transaction. In other embodiments, a plurality of trust metrics are provided in the envelope. In one embodiment, a first trust metric comprises an overall trust metric and at least a second trust metric is provided chosen from the group consisting of an enrollment trust metric, a storage trust metric, a transmission trust metric, an authentication trust metric, and combinations thereof. [0026]
  • In some embodiments, the digital signature contained in the seal is signed with a private key. [0027]
  • The present invention further provides methods for assuring a secure transaction. In one embodiment, a method for assuring a secure transaction comprises receiving a transaction confidence token comprising a trust metric associated with the transaction, determining if the trust metric indicates a sufficient trust level; and processing the transaction if the trust metric indicates or exceeds said sufficient trust level. [0028]
  • In some embodiments, a method further comprises requiring a mitigating factor if said trust metric indicates less than said sufficient trust level. The mitigating factor may be chosen based on the trust metric. The mitigating factor may be chosen from the group consisting of a fee, a waiting period, an authentication procedure, and combinations thereof. [0029]
  • In yet other embodiments, the method further comprises processing the transaction after receiving a mitigating factor. [0030]
  • In other embodiments, the method further comprises constructing a transaction confidence token comprising a trust metric, and transmitting said transaction confidence token to a server. [0031]
  • In other embodiments, a method for assuring a secure transaction comprises receiving a transaction confidence token comprising a trust metric associated with said transaction, determining if said trust metric indicates an acceptable risk level; and processing said transaction if said trust metric indicates or is less than said acceptable risk level. [0032]
  • In some embodiments, the method further comprises requiring a mitigating factor if said trust metric indicates greater than said acceptable risk level. In still other embodiments, the method further includes processing said transaction after receiving said mitigating factor. [0033]
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The present invention may be better understood, and its features and advantages made apparent to those skilled in the art by referencing the accompanying drawings. [0034]
  • FIG. 1 is a schematic representation of one embodiment of a transaction confidence token according to an embodiment of the present invention. [0035]
  • FIG. 2 is a schematic flowchart showing a method of processing a transaction according to an embodiment of the present invention. [0036]
  • FIG. 3 is a schematic flowchart outlining a process for using a transaction confidence token according to an embodiment of the present invention.[0037]
    • DETAILED DESCRIPTION OF THE EMBODIMENTS
  • Many systems today, especially those that use PKI, involve transactions that depend on keeping a secret protected from use by third parties. If there is any risk that the secret is compromised, then that risk is propagated to the provider of the transaction itself. For example, if an internet-based system allows a user to purchase an item by entering any valid credit card number, then the risk to the credit card company or merchant related to an unauthorized purchase is dependent on how well that credit card number can be kept secret, for example, how well authenticated are the parties to whom the secret is made available. [0038]
  • This invention introduces the concept of a software token that associates a secret—such as a private key or password—with risk factors involved in protecting that secret from illicit access. Furthermore, in preferred embodiments of the present invention, the token includes an indication or calculation of the “overall risk of compromise” (OROC), generally represented as an overall trust metric, associated with the secret. In some embodiments of the present invention, the token also includes a calculation of individual risk factor probabilities used to determine the OROC, or overall trust metric. This token can then be used to inform system operators or third parties of the confidence of a given system transaction that depends on the secret. A third party can then take whatever actions it deems appropriate according to the estimated risk. For example, in one embodiment of the present invention, the risk factor is used to deny a transaction if the risk is deemed to great—that is if the risk factor is greater than a predetermined (or sufficient) value. In another embodiment, the risk factor is used to charge the user a fee in an effort to mitigate the risk, or where some fee may already be charged to the user for the transaction to charge different fees according to the assessed risk or trust level. The fee may be a flat fee charged to all transactions having less than a sufficient trust level or the fee may vary according to the trust level indicated by the token. [0039]
  • Most authentication systems are geared to answer the question of whether the party trying to use the system is the party it claims to be with either a yes or no, even though the authentication method or methods employed are imperfect. The present invention provides a mechanism for a system to add an estimate of risk or confidence on that yes or no answer, and for other systems to use that confidence information to their advantage. In one embodiment, it also provides a mechanism for documenting the party's identity so as to provide a non-repudiation mechanism for the transaction. [0040]
  • That is, the present invention provides systems utilizing tokens to assign or mitigate risk. [0041]
  • FIG. 1 depicts a schematic representation of [0042] transaction confidence token 100 according to one embodiment of the present invention.
  • A token, such as [0043] token 100, is created using available information regarding risk factors, examples of which are discussed above. Token 100 can be in the form of a separate packet of stored data associated with the secret, integrated either with the secret itself or, in the case of PKI, with the associated digital certificate.
  • The present invention provides transaction confidence tokens comprising at least one trust metric. As used herein, ‘trust metric’ generally refers to a measure of a risk factor. Examples of typical risk factors are discussed above. In one embodiment, token [0044] 100 comprises information on at least one risk factor discussed above. In another embodiment, token 100 comprises an overall risk-of-compromise (OROC) value, or overall trust metric 110, which may take one or more risk factors into consideration. In a preferred embodiment, token 100 is created and stored in a database during both enrollment and subsequent transactions, includes all the fields shown in FIG. 1. In other embodiments, only a subset of fields shown in FIG. 1 are present.
  • In one embodiment of the present invention, trust metrics, such as overall trust metric [0045] 110, are given by an absolute probability ranging from 0.0 to 1.0, calculated using a weighted Bayesian equation. Other ranges and equations for calculating trust metrics may also or alternatively be employed. In preferred embodiments of the present invention, trust metrics are given by an arbitrary mapping of risk information to three categories—low, medium, and high. Any number of categories may alternatively be used, with each category represented by a unique indicator. The risk information may alternatively be provided by a continuous range of values rather than in discrete categories. Overall trust metric 110 represents a weighted combination of individual risk probabilities of a plurality of risk factors. In a preferred embodiment, a system uses token 100 to deny or accept a transaction. In other embodiments, a system charges a fee, or imposes another mitigation factor—such as a waiting period or another required authentication—based on risk information contained in token 100.
  • Accordingly, transaction confidence token [0046] 100 (FIG. 1) is composed of two data structures: envelope 120 and seal 130. Envelope 120 comprises transaction contents, or transaction information 140 and at least one trust metric, although a plurality of trust metrics are shown in FIG. 1. Further, envelope 120 comprises timestamp 150. In a preferred embodiment, transaction information 140 represents a complete record of a transaction—including, as appropriate, account numbers, web session identifiers, monetary or exchange values, item quantities, an SKU number, an order number, a credit card number, a web URL or address, or other data describing the user's authenticated request. In other embodiments, transaction information 140 comprises only some of the above information associated with a transaction. In a preferred embodiment, transaction information 140 comprises only a transaction identifier or reference string such as a web session identifier as is often used in web applications. In an alternative embodiment, transaction information 140 field comprises a complete transaction confidence token, which may in turn (i.e., recursively) contain another transaction confidence token in its transaction contents field, without particular limit. This embodiment allows for multiple parties to attest to a transaction and attach their own confidence to the transaction as it is processed by each of a number of systems in series. The innermost transaction confidence token corresponds to the original transaction when it is first authenticated and signed by the originating party. Timestamp 150 generally comprises a string indicating a date and time at which the authentication event which is the subject of the transaction confidence token took place. Generally, any time indicator is appropriate for timestamp 150. In a preferred embodiment, timestamp 150 is expressed in Universal Coordinated Time (UTC). Overall trust metric 110 indicates a degree of overall confidence in a transaction. In one embodiment, overall trust metric 110 provides a degree of confidence in enrollment, storage, transmission, and authentication processes employed for authentication of a transaction. Overall trust metric 110 can be defined according to the specifics of the application contemplated, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. In a preferred embodiment, low security refers to a password authentication against a 4-digit numeric PIN stored in non-secure storage. Medium security refers to a fingerprint authentication or strong password (alphanumeric, mixed case, greater than 8 characters) against a secret in non-secure storage, and high security is attributed to a fingerprint authentication or strong password against a secret in secure storage such as a smart card. Generally, any number of trust categories can be assigned among any authentication processes.
  • Envelope [0047] 120 may comprise metrics related to measures of individual aspects of an authentication process. That is, envelope 120 may comprise some or all of the following optional fields: (1) Enrollment Trust Metric 160, (2) Storage Trust Metric 170, (3) Transmission Trust Metric 180, and (4) Authentication Trust Metric 190.
  • Enrollment Trust Metric [0048] 160 indicates a degree of confidence in security of an enrollment or personalization process under which a secret was issued to an authenticating party. Enrollment trust metric 160 can be defined according to specifics of the application employed. In a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. In one embodiment, a low confidence enrollment trust metric is assigned to self-enrollment where little or no manual verification of user identity is carried out; a medium confidence enrollment trust metric is assigned to online verification using a “weak secret” such as a credit card number, which may be independently verified to match the enrollee's name by the credit card issuer; and a high confidence enrollment trust metric is assigned in an enrollment situation where the user's identity is verified—using trusted documents such as a passport, driver's license, or the like—by a human being who works for the enrollment agency or represents another predetermined organization.
  • [0049] Storage Trust Metric 170 indicates a degree of confidence in the security of a method of storage used to store a secret. Storage Trust Metric 170 can be defined according to the specifics of the application employed. In a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. Here, in one embodiment, a storage trust metric indicating a low confidence level is assigned to storage of a secret in unencrypted form on a hard disk or FLASH memory of a PC or other computing device; a storage trust metric indicating a medium confidence level is assigned to storage of a secret in encrypted form on a hard drive or FLASH memory of a PC or other computing device and protected with a PIN or password; and a storage trust metric indicating a high confidence level is assigned to storage of a secret in secure storage, such as that of a smart card, and protected with a PIN or password.
  • [0050] Transmission Trust Metric 180 indicates a degree of confidence in security of a method of transmission, if any, of a secret. This Transmission Trust Metric can be defined according to specifics of the application employed, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. In one embodiment, a transmission trust metric indicating a low confidence level is assigned to a transmission of a secret in unencrypted form via the internet or local computer network; a transmission trust metric indicating a medium confidence level is assigned to transmission of a secret in encrypted form using SSL or TLS (as known in the art and described further in Dierks, T., and Allen, C., “The TLS Protocol Version 1.0,” RFC 2246, January 1999, hereby incorporated by reference) or other common standard of network encryption; and a transmission trust metric indicating a high confidence level applies to transmission of a secret via armored car using a certified carrier such as, for example, Brink's@, Inc.
  • [0051] Authentication Trust Metric 190 indicates a degree of confidence in the security of a method of authentication for a particular transaction. Authentication Trust Metric 190 can be defined according to specifics of the application employed, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. Accordingly, in one embodiment, an authentication trust metric indicating a low confidence level is assigned to authentication using a PIN or password (“something you know”); an authentication trust metric indicating a medium confidence level is assigned to authentication using a physical token such as a PKCS-11 standard device or smart card (“something you have”); and an authentication trust metric indicating a high confidence level is assigned authentication requiring use of a biometric such as fingerprint, voiceprint, or face recognition (“something you are”).
  • In other embodiments, greater or fewer trust levels are provided. In still other embodiments a continuous range of trust metric values is provided. In some embodiments, more than one type of procedure, device, or method may be assigned an identical trust metric value. For example, in some embodiments both encrypted and unencrypted storage of a secret on a hard disk receive a trust metric indicating a low trust level, while secure storage of a secret—for example on a smart card protected with a PIN—receives a trust metric indicating a high trust level. Although in preferred embodiments, trust metrics provide an indication of security based on measurable risk factors, in other embodiments trust metric values are not constrained by theoretical security weaknesses. For example, a particular storage method or enrollment procedure may be assigned a stronger or weaker trust metric based on a preferred or encouraged method for performing those functions. [0052]
  • [0053] Seal 130 of transaction confidence token 100 is a string of bytes containing a digital signature of envelope 120, signed in a preferred embodiment with the private key of the authenticating party or system.
  • In a preferred embodiment, envelope [0054] 120 and seal 130 are constructed according to PKCS #7—for a detailed description of the standard, see, for example RSA Laboratories. PKCS #7: Cryptographic Message Syntax Standard. Version 1.5, November 1993, hereby incorporated by reference. Using that standard's signed-data content type such that envelope 120 is embodied in a content information (contentInfo) field and seal 130 is embodied in a signer information (signerInfos) field. Note that PKCS #7 also allows for the recursion of transaction information field 140 of envelope 120 in a transaction confidence token.
  • In another embodiment, envelope [0055] 120 and seal 130 are constructed according to the XML Signature Syntax and Processing Recommendation—for a detailed description of the standard see, for example Eastlake 3rd, D., Reagle, J., and Solo, D., “(Extensible Markup Language) XML-Signature Syntax and Processing,” RFC 3275, March 2002, incorporated herein by reference.
  • Other encodings or structures of a transaction confidence token are also possible. [0056]
  • The present invention further provides systems and methods for using a transaction confidence token. For example, when a requester (client) or server initiates a transaction requiring authentication, such as in [0057] step 200 in FIG. 2, server 210 requests the authentication and an associated transaction confidence token. In other embodiments, no specific request is made by server 210. During the course of the transaction Requester 220 allows access to a secret, step 230, such as a private encryption key using an authentication method, such as a biometric match. Numerous devices and methods exist for securing a secret, including those described in U.S. application Ser. No. ______, filed ______, entitled “Secure Network And Networked Devices Using Biometrics” (Attorney Docket No. A-70595/RMA/JML), incorporated herein by reference. Requester 220 generates, step 240, contents of a requested transaction, such as the quantity and SKUs of item(s) to be purchased, in a form suitable to be encoded in the transaction confidence token's transaction contents, or transaction information field, such as transaction information 140 in token 100 depicted in FIG. 1.
  • [0058] Requester 220 determines at least one trust metric, step 250, as described above and encodes at least one trust metric in the transaction confidence token. Requester 220 signs the transaction confidence token in step 260. Server 210 receives a transaction confidence token associated with a transaction request in step 270. Server 210 then adjusts its confidence level, in the transaction, step 280, based on whether the signature is valid and takes action appropriate to the confidence level, completing the transaction in step 290.
  • The present invention further provides methods for a server to act on a transaction confidence token. FIG. 3 provides a schematic overview of an embodiment of such a method according to the present invention. A server receives a transaction confidence token, [0059] step 300, and verifies the signature of the transaction confidence token, step 310, using, for example, the public key of the originator of the transaction confidence token. If the signature verification fails, indicating that the transaction confidence token was not created by the purported originating party, had been altered after its creation, or otherwise is invalid, then the system may then discard the token, step 320, and assume no confidence in the authenticity of the associated transaction. In a preferred embodiment, a transaction confidence token with an invalid signature is discarded and the associated transaction request is discarded or rolled back according to appropriate exception handling practice for the application employing methods of the present invention.
  • If the signature verification succeeds, then the server determines its confidence in the transaction, [0060] step 330, calculated from one or more trust metric fields in the transaction confidence token.
  • If another Server or plurality of Servers are to participate in the transaction, [0061] step 340, the original receiving server may construct a new transaction confidence token, and embed the current transaction confidence token, optionally asserting its own degree of confidence in the transaction, step 350. The server then transmits, step 360, a new transaction confidence token (comprising embedded first transaction confidence token) to other participating Server(s), step 370.
  • The Server may then do its own processing of the transaction request employing the confidence it has determined, [0062] step 370. For example, if a trust metric within the transaction confidence token indicates or exceeds a predetermined sufficient trust level, the server processes the transaction. However, in one embodiment, if a trust metric does not indicate a minimum sufficient trust level, the server rejects the transaction. If a trust metric indicates a minimum sufficient trust level but less than a sufficient trust level, the server may require a mitigating factor. For example, the server may require an additional authentication procedure, a fee, or a waiting period in an effort to mitigate risk associated with a predetermined range of trust metric values.
  • Although embodiments of the present invention discussed above generally refer to ‘confidence levels’ or ‘trust levels’ with increasing trust metric values associated with increasing trust or confidence in a transaction, in other embodiments, trust metrics are assigned and evaluated with respect to risk. That is, risk is generally the opposite of trust and trust metrics may be assigned such that increasing trust metric values corresponding to an increasing risk associated with a transaction. In these embodiments, less secure situations would receive a higher trust metric value. For example, in some embodiments of the present invention, a confidence level between [0063] 0.0 and 1.0 is calculated. A corresponding risk level in this embodiment is given generally by 1—(confidence level).
  • That is, in another embodiment, if a trust metric within the transaction confidence token indicates or exceeds a predetermined maximum risk level, the risk is determined to be too great, and the server the server rejects the transaction. However, if a trust metric indicates less than a maximum risk level but greater than an acceptable risk level, the server may require a mitigating factor before processing the transaction. For example, the server may require an additional authentication procedure, a fee, or a waiting period in an effort to mitigate risk associated with a predetermined range of trust metric values. If a trust metric indicates less than an acceptable risk level, the server will process the transaction. [0064]
  • Having described several methods and procedures, it will be appreciated that the invention may advantageously implement the methods and procedures described herein on a general purpose or special purpose computing device, such as a device having a processor for executing computer program code instructions and a memory coupled to the processor for storing data and/or commands. It will be appreciated that the computing device may be a single computer or a plurality of networked computers and that the several procedures associated with implementing the methods and procedures described herein may be implemented on one or a plurality of computing devices. In some embodiments the inventive procedures and methods are implemented on standard server-client network infrastructures with the inventive features added on top of such infrastructure or compatible therewith. [0065]
  • The foregoing descriptions of specific embodiments and best mode of the present invention have been presented for purposes of illustration and description. They are not intended to be exhaustive or to limit the invention to the precise forms disclosed, and obviously many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and its practical application, to thereby enable others skilled in the art to best utilize the invention and various embodiments with various modifications as are suited to the particular use contemplated. It is intended that the scope of the invention be defined by the claims appended hereto and their equivalents. [0066]

Claims (19)

We claim:
1. A transaction confidence token for use in a secure communication system, said token comprising:
an envelope comprising
transaction information; and
a trust metric; and
a seal comprising a digital signature of said envelope.
2. A token according to claim 1, wherein said envelope further comprises a time stamp.
3. A token according to claim 1, wherein said transaction information includes information selected from the group consisting of a web site address, a web session identifier, a monetary or exchange value, an order number, an SKU number, and a credit card number, and combinations thereof.
4. A token according to claim 1, wherein said trust metric is an overall trust metric indicating a combined confidence level for enrollment, storage, transmission, and authentication processes employed for authentication of a transaction.
5. A token according to claim 1, wherein said trust metric comprises a storage trust metric indicating a confidence level for a storage process associated with authentication of a transaction.
6. A token according to claim 1, wherein said trust metric comprises a transmission trust metric indicating a confidence level for a transmission process associated with authentication of a transaction.
7. A token according to claim 1, wherein said trust metric comprises an authentication trust metric indicating a confidence level for an authentication process associated with authentication of a transaction.
8. A token according to claim 1, wherein said trust metric comprises an enrollment trust metric indicating a confidence level for an enrollment process associated with authentication of a transaction.
9. A token according to claim 1, wherein said trust metric comprises an overall trust metric and said envelope further comprises at least one metric chosen from the group consisting of an enrollment trust metric, a storage trust metric, a transmission trust metric, an authentication trust metric, and combinations thereof.
10. A token according to claim 1, wherein said digital signature is signed with a private key.
11. A method for assuring a secure transaction comprising:
receiving a transaction confidence token comprising a trust metric associated with said transaction;
determining if said trust metric indicates a sufficient trust level; and
processing said transaction if said trust metric indicates or exceeds said sufficient trust level.
11. A method according to claim 10, further comprising:
requiring a mitigating factor if said trust metric indicates less than said sufficient trust level.
12. A method according to claim 11, wherein said mitigating factor is chosen based on said trust metric.
13. A method according to claim 11, wherein said mitigating factor is chosen from the group consisting of a fee, a waiting period, an authentication procedure, and combinations thereof.
14. A method according to claim 11, further comprising:
processing said transaction after receiving said mitigating factor.
15. A method according to claim 10, further comprising:
constructing a transaction confidence token comprising said trust metric; and
transmitting said transaction confidence token to a server.
16. A method for assuring a secure transaction comprising:
receiving a transaction confidence token comprising a trust metric associated with said transaction;
determining if said trust metric indicates an acceptable risk level; and
processing said transaction if said trust metric indicates or is less than said acceptable risk level.
17. A method according to claim 16, further comprising:
requiring a mitigating factor if said trust metric indicates greater than said acceptable risk level.
18. A method according to claim 17, further comprising:
processing said transaction after receiving said mitigating factor.
US10/194,959 2001-07-12 2002-07-12 Method and system for determining confidence in a digital transaction Abandoned US20030101348A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US10/194,959 US20030101348A1 (en) 2001-07-12 2002-07-12 Method and system for determining confidence in a digital transaction

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US30512001P 2001-07-12 2001-07-12
US9955402A 2002-03-13 2002-03-13
US10/099,558 US20030021495A1 (en) 2001-07-12 2002-03-13 Fingerprint biometric capture device and method with integrated on-chip data buffering
US10/194,959 US20030101348A1 (en) 2001-07-12 2002-07-12 Method and system for determining confidence in a digital transaction

Related Parent Applications (2)

Application Number Title Priority Date Filing Date
US10/099,558 Continuation-In-Part US20030021495A1 (en) 2001-07-12 2002-03-13 Fingerprint biometric capture device and method with integrated on-chip data buffering
US9955402A Continuation-In-Part 2001-07-12 2002-03-13

Publications (1)

Publication Number Publication Date
US20030101348A1 true US20030101348A1 (en) 2003-05-29

Family

ID=27378853

Family Applications (5)

Application Number Title Priority Date Filing Date
US10/194,444 Abandoned US20030115475A1 (en) 2001-07-12 2002-07-12 Biometrically enhanced digital certificates and system and method for making and using
US10/194,949 Abandoned US20030115490A1 (en) 2001-07-12 2002-07-12 Secure network and networked devices using biometrics
US10/194,994 Active 2024-09-28 US7197168B2 (en) 2001-07-12 2002-07-12 Method and system for biometric image assembly from multiple partial biometric frame scans
US10/194,959 Abandoned US20030101348A1 (en) 2001-07-12 2002-07-12 Method and system for determining confidence in a digital transaction
US11/707,624 Expired - Fee Related US7751595B2 (en) 2001-07-12 2007-02-16 Method and system for biometric image assembly from multiple partial biometric frame scans

Family Applications Before (3)

Application Number Title Priority Date Filing Date
US10/194,444 Abandoned US20030115475A1 (en) 2001-07-12 2002-07-12 Biometrically enhanced digital certificates and system and method for making and using
US10/194,949 Abandoned US20030115490A1 (en) 2001-07-12 2002-07-12 Secure network and networked devices using biometrics
US10/194,994 Active 2024-09-28 US7197168B2 (en) 2001-07-12 2002-07-12 Method and system for biometric image assembly from multiple partial biometric frame scans

Family Applications After (1)

Application Number Title Priority Date Filing Date
US11/707,624 Expired - Fee Related US7751595B2 (en) 2001-07-12 2007-02-16 Method and system for biometric image assembly from multiple partial biometric frame scans

Country Status (5)

Country Link
US (5) US20030115475A1 (en)
EP (1) EP1573426A4 (en)
JP (1) JP2005531935A (en)
AU (3) AU2002332414A1 (en)
WO (3) WO2003007127A2 (en)

Cited By (61)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030115490A1 (en) * 2001-07-12 2003-06-19 Russo Anthony P. Secure network and networked devices using biometrics
US20050015596A1 (en) * 2002-07-19 2005-01-20 Bowers Charles R. Method and apparatus for managing confidential information
US20050273442A1 (en) * 2004-05-21 2005-12-08 Naftali Bennett System and method of fraud reduction
DE102004046153A1 (en) * 2004-09-23 2006-04-06 Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. Network e.g. Internet, subscriber`s e.g. mobile telephone, digital reputation determining method, involves determining reputation of subscriber of network by central server based on token issued by service provider to subscriber
US20060242691A1 (en) * 2002-10-24 2006-10-26 Gisela Meister Method for carrying out a secure electronic transaction using a portable data support
WO2006126183A2 (en) * 2005-05-27 2006-11-30 Nice Systems Ltd. Method and apparatus for fraud detection
US20060277092A1 (en) * 2005-06-03 2006-12-07 Credigy Technologies, Inc. System and method for a peer to peer exchange of consumer information
US20070006163A1 (en) * 2005-07-01 2007-01-04 Aoki Norihiro E Method and apparatus for authenticating usage of an application
US20070080778A1 (en) * 2005-10-11 2007-04-12 Newfrey Llc Door lock with protected biometric sensor
US20070130070A1 (en) * 2005-12-02 2007-06-07 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
US20070162377A1 (en) * 2005-12-23 2007-07-12 Credigy Technologies, Inc. System and method for an online exchange of private data
US20070288759A1 (en) * 2003-05-22 2007-12-13 Wood Richard G Methods of registration for programs using verification processes with biometrics for fraud management and enhanced security protection
US20080263662A1 (en) * 2005-05-06 2008-10-23 Pau-Chen Cheng System and method for fuzzy multi-level security
US20090178129A1 (en) * 2008-01-04 2009-07-09 Microsoft Corporation Selective authorization based on authentication input attributes
US20090241173A1 (en) * 2008-03-19 2009-09-24 Websense, Inc. Method and system for protection against information stealing software
US20100017845A1 (en) * 2008-07-18 2010-01-21 Microsoft Corporation Differentiated authentication for compartmentalized computing resources
US20100088509A1 (en) * 2002-08-15 2010-04-08 Joseph Fedronic Dominique Louis System and method for sequentially processing a biometric sample
US20110099112A1 (en) * 2007-08-31 2011-04-28 Mages Kenneth G Apparatus and method for conducting securing financial transactions
US20130047262A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and Apparatus for Object Security Session Validation
US20130047215A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and apparatus for token-based reassignment of privileges
US20130047266A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and apparatus for token-based access of related resources
US20130047201A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Apparatus and Method for Expert Decisioning
US20130047248A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Apparatus and Method for Determining Subject Assurance Level
US20130047204A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Apparatus and Method for Determining Resource Trust Levels
US20130047251A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and Apparatus for Token-Based Context Caching
US8421890B2 (en) 2010-01-15 2013-04-16 Picofield Technologies, Inc. Electronic imager using an impedance sensor grid array and method of making
US8539558B2 (en) 2011-08-15 2013-09-17 Bank Of America Corporation Method and apparatus for token-based token termination
US8572689B2 (en) 2011-08-15 2013-10-29 Bank Of America Corporation Apparatus and method for making access decision using exceptions
US8572683B2 (en) 2011-08-15 2013-10-29 Bank Of America Corporation Method and apparatus for token-based re-authentication
US8584202B2 (en) 2011-08-15 2013-11-12 Bank Of America Corporation Apparatus and method for determining environment integrity levels
US8631486B1 (en) * 2009-03-31 2014-01-14 Emc Corporation Adaptive identity classification
US8726361B2 (en) * 2011-08-15 2014-05-13 Bank Of America Corporation Method and apparatus for token-based attribute abstraction
US8726339B2 (en) 2011-08-15 2014-05-13 Bank Of America Corporation Method and apparatus for emergency session validation
US20140149747A1 (en) * 2002-07-19 2014-05-29 Charles R. Bowers Method and apparatus for managing confidential information
US8752157B2 (en) 2011-08-15 2014-06-10 Bank Of America Corporation Method and apparatus for third party session validation
US8752124B2 (en) 2011-08-15 2014-06-10 Bank Of America Corporation Apparatus and method for performing real-time authentication using subject token combinations
US8789162B2 (en) * 2011-08-15 2014-07-22 Bank Of America Corporation Method and apparatus for making token-based access decisions
US8789143B2 (en) * 2011-08-15 2014-07-22 Bank Of America Corporation Method and apparatus for token-based conditioning
US8791792B2 (en) 2010-01-15 2014-07-29 Idex Asa Electronic imager using an impedance sensor grid array mounted on or about a switch and method of making
US8806602B2 (en) 2011-08-15 2014-08-12 Bank Of America Corporation Apparatus and method for performing end-to-end encryption
US8850515B2 (en) 2011-08-15 2014-09-30 Bank Of America Corporation Method and apparatus for subject recognition session validation
US8866347B2 (en) 2010-01-15 2014-10-21 Idex Asa Biometric image sensing
US8910290B2 (en) * 2011-08-15 2014-12-09 Bank Of America Corporation Method and apparatus for token-based transaction tagging
WO2015013522A1 (en) 2013-07-24 2015-01-29 Visa International Service Association Systems and methods for communicating risk using token assurance data
US8996860B1 (en) * 2012-08-23 2015-03-31 Amazon Technologies, Inc. Tolerance factor-based secret decay
WO2015054697A1 (en) 2013-10-11 2015-04-16 Visa International Service Association Network token system
US9015842B2 (en) 2008-03-19 2015-04-21 Websense, Inc. Method and system for protection against information stealing software
US9038148B1 (en) 2012-08-23 2015-05-19 Amazon Technologies, Inc. Secret variation for network sessions
US9055053B2 (en) 2011-08-15 2015-06-09 Bank Of America Corporation Method and apparatus for token-based combining of risk ratings
US20150199554A1 (en) * 2014-01-15 2015-07-16 Motorola Mobility Llc Finger Print State Integration with Non-Application Processor Functions for Power Savings in an Electronic Device
US9203818B1 (en) 2012-08-23 2015-12-01 Amazon Technologies, Inc. Adaptive timeouts for security credentials
US9241259B2 (en) 2012-11-30 2016-01-19 Websense, Inc. Method and apparatus for managing the transfer of sensitive information to mobile devices
US9253197B2 (en) 2011-08-15 2016-02-02 Bank Of America Corporation Method and apparatus for token-based real-time risk updating
US9609001B2 (en) 2007-02-02 2017-03-28 Websense, Llc System and method for adding context to prevent data leakage over a computer network
US20170124356A1 (en) * 2015-10-30 2017-05-04 Mark A. Allyn Authenticity-assured data gathering apparatus and method
US9798917B2 (en) 2012-04-10 2017-10-24 Idex Asa Biometric sensing
US10460322B2 (en) * 2013-08-30 2019-10-29 Mastercard International Incorporated Methods and systems for verifying cardholder authenticity when provisioning a token
US10575785B2 (en) 2015-02-05 2020-03-03 Samsung Electronics Co., Ltd. Method and apparatus for obtaining biometric information
US20200265132A1 (en) * 2019-02-18 2020-08-20 Samsung Electronics Co., Ltd. Electronic device for authenticating biometric information and operating method thereof
US11023890B2 (en) 2014-06-05 2021-06-01 Visa International Service Association Identification and verification for provisioning mobile application
US11423475B2 (en) * 2016-09-27 2022-08-23 Visa International Service Association Distributed electronic record and transaction history

Families Citing this family (381)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7054470B2 (en) * 1999-12-02 2006-05-30 International Business Machines Corporation System and method for distortion characterization in fingerprint and palm-print image sequences and using this distortion as a behavioral biometrics
US7582564B2 (en) * 2001-03-14 2009-09-01 Applied Materials, Inc. Process and composition for conductive material removal by electrochemical mechanical polishing
US6811680B2 (en) * 2001-03-14 2004-11-02 Applied Materials Inc. Planarization of substrates using electrochemical mechanical polishing
US7160432B2 (en) * 2001-03-14 2007-01-09 Applied Materials, Inc. Method and composition for polishing a substrate
US20060169597A1 (en) * 2001-03-14 2006-08-03 Applied Materials, Inc. Method and composition for polishing a substrate
US7232514B2 (en) * 2001-03-14 2007-06-19 Applied Materials, Inc. Method and composition for polishing a substrate
US6899804B2 (en) * 2001-12-21 2005-05-31 Applied Materials, Inc. Electrolyte composition and treatment for electrolytic chemical mechanical polishing
US7128825B2 (en) * 2001-03-14 2006-10-31 Applied Materials, Inc. Method and composition for polishing a substrate
US7323416B2 (en) * 2001-03-14 2008-01-29 Applied Materials, Inc. Method and composition for polishing a substrate
US7237117B2 (en) 2001-03-16 2007-06-26 Kenneth P. Weiss Universal secure registry
US7203347B2 (en) * 2001-06-27 2007-04-10 Activcard Ireland Limited Method and system for extracting an area of interest from within a swipe image of a biological surface
US20030048173A1 (en) * 2001-09-06 2003-03-13 Satoshi Shigematsu Authentication method, authentication system, and authentication token
US8200980B1 (en) * 2001-09-21 2012-06-12 Open Invention Network, Llc System and method for enrolling in a biometric system
JP2003173430A (en) * 2001-09-28 2003-06-20 Sharp Corp Ic card, scramble releasing device, server device, physical characteristic reader, permitter determining method, permitter registering method, frequency managing method, permitter determining program, permittter registering program, and frequency managing program
US20070295611A1 (en) * 2001-12-21 2007-12-27 Liu Feng Q Method and composition for polishing a substrate
JP4169185B2 (en) * 2002-02-25 2008-10-22 富士通株式会社 Image linking method, program, and apparatus
US20040054913A1 (en) * 2002-02-28 2004-03-18 West Mark Brian System and method for attaching un-forgeable biometric data to digital identity tokens and certificates, and validating the attached biometric data while validating digital identity tokens and certificates
JP4187451B2 (en) * 2002-03-15 2008-11-26 松下電器産業株式会社 Personal authentication device and mobile terminal
JP2003346149A (en) * 2002-05-24 2003-12-05 Omron Corp Face collating device and bioinformation collating device
US7274807B2 (en) * 2002-05-30 2007-09-25 Activcard Ireland Limited Method and apparatus for supporting a biometric registration performed on a card
JP4563662B2 (en) * 2002-07-17 2010-10-13 パナソニック株式会社 System for preventing unauthorized use of recording media
EP3547599A1 (en) * 2002-08-06 2019-10-02 Apple Inc. Methods for secure enrollment and backup of personal identity credentials into electronic devices
US20040034784A1 (en) * 2002-08-15 2004-02-19 Fedronic Dominique Louis Joseph System and method to facilitate separate cardholder and system access to resources controlled by a smart card
US20040104807A1 (en) * 2002-10-16 2004-06-03 Frank Ko Networked fingerprint authentication system and method
EP1563628A4 (en) * 2002-11-06 2010-03-10 Ibm Confidential data sharing and anonymous entity resolution
US7046234B2 (en) * 2002-11-21 2006-05-16 Bloomberg Lp Computer keyboard with processor for audio and telephony functions
US7571472B2 (en) * 2002-12-30 2009-08-04 American Express Travel Related Services Company, Inc. Methods and apparatus for credential validation
US7228011B1 (en) * 2003-02-28 2007-06-05 L-I Identity Solutions, Inc. System and method for issuing a security unit after determining eligibility by image recognition
US20050008148A1 (en) * 2003-04-02 2005-01-13 Dov Jacobson Mouse performance identification
WO2004097741A1 (en) * 2003-04-25 2004-11-11 Fujitsu Limited Fingerprint matching device, fingerprint matching method, and fingerprint matching program
JP2005004718A (en) * 2003-05-16 2005-01-06 Canon Inc Signal processor and controlling method
AU2003902422A0 (en) * 2003-05-19 2003-06-05 Intellirad Solutions Pty. Ltd Access security system
US7200250B2 (en) * 2003-05-20 2007-04-03 Lightuning Tech, Inc. Sweep-type fingerprint sensor module
CA2724292C (en) 2003-05-30 2014-09-30 Privaris, Inc. An in-circuit security system and methods for controlling access to and use of sensitive data
US7390429B2 (en) * 2003-06-06 2008-06-24 Applied Materials, Inc. Method and composition for electrochemical mechanical polishing processing
CN1820279B (en) 2003-06-16 2012-01-25 Uru科技公司 Method and system for creating and operating biometrically enabled multi-purpose credential management devices
US7474772B2 (en) * 2003-06-25 2009-01-06 Atrua Technologies, Inc. System and method for a miniature user input device
US20050039016A1 (en) * 2003-08-12 2005-02-17 Selim Aissi Method for using trusted, hardware-based identity credentials in runtime package signature to secure mobile communications and high-value transaction execution
US20050044388A1 (en) * 2003-08-19 2005-02-24 Brant Gary E. Reprise encryption system for digital data
US7587072B2 (en) * 2003-08-22 2009-09-08 Authentec, Inc. System for and method of generating rotational inputs
US20050047631A1 (en) * 2003-08-26 2005-03-03 Cross Match Technologies, Inc. Method and apparatus for rolled fingerprint image capture with variable blending
DE10339743B4 (en) * 2003-08-28 2007-08-02 Infineon Technologies Ag A method of comparing a test fingerprint with a stored reference fingerprint and apparatus suitable for performing the method
CN1875370B (en) * 2003-09-05 2010-04-14 奥森泰克公司 Multi-biometric finger sensor using different biometrics having different selectivities and associated methods
US7351974B2 (en) * 2003-09-05 2008-04-01 Authentec, Inc. Integrated circuit infrared sensor and associated methods
WO2005031636A1 (en) * 2003-09-24 2005-04-07 Authentec, Inc. Finger biometric sensor with sensor electronics distributed over thin film and monocrystalline substrates and related methods
US7616787B2 (en) * 2003-10-01 2009-11-10 Authentec, Inc. Methods for finger biometric processing and associated finger biometric sensors
US7787667B2 (en) * 2003-10-01 2010-08-31 Authentec, Inc. Spot-based finger biometric processing method and associated sensor
US7599530B2 (en) * 2003-10-01 2009-10-06 Authentec, Inc. Methods for matching ridge orientation characteristic maps and associated finger biometric sensor
SG113483A1 (en) * 2003-10-30 2005-08-29 Ritronics Components S Pte Ltd A biometrics parameters protected usb interface portable data storage device with usb interface accessible biometrics processor
JP3924558B2 (en) 2003-11-17 2007-06-06 富士通株式会社 Biological information collection device
US7403644B2 (en) * 2003-11-26 2008-07-22 Microsoft Corporation Fingerprint scanner with translating platen
US7526109B2 (en) * 2003-11-26 2009-04-28 Microsoft Corporation Fingerprint scanner with translating scan head
US7447911B2 (en) * 2003-11-28 2008-11-04 Lightuning Tech. Inc. Electronic identification key with portable application programs and identified by biometrics authentication
TWI282940B (en) * 2003-12-02 2007-06-21 Aimgene Technology Co Ltd Memory storage device with a fingerprint sensor and method for protecting the data therein
FR2864289B1 (en) * 2003-12-17 2007-02-02 Bouygues Telecom Sa BIOMETRIC ACCESS CONTROL USING A MOBILE TELEPHONY TERMINAL
US7697729B2 (en) 2004-01-29 2010-04-13 Authentec, Inc. System for and method of finger initiated actions
US20050179657A1 (en) * 2004-02-12 2005-08-18 Atrua Technologies, Inc. System and method of emulating mouse operations using finger image sensors
JP4454335B2 (en) * 2004-02-12 2010-04-21 Necインフロンティア株式会社 Fingerprint input device
US7548981B1 (en) * 2004-03-03 2009-06-16 Sprint Spectrum L.P. Biometric authentication over wireless wide-area networks
US7336841B2 (en) * 2004-03-25 2008-02-26 Intel Corporation Fingerprinting digital video for rights management in networks
US20050246763A1 (en) * 2004-03-25 2005-11-03 National University Of Ireland Secure digital content reproduction using biometrically derived hybrid encryption techniques
JP4462988B2 (en) * 2004-04-13 2010-05-12 Necインフロンティア株式会社 Fingerprint reading method and fingerprint reading system
US8077935B2 (en) 2004-04-23 2011-12-13 Validity Sensors, Inc. Methods and apparatus for acquiring a swiped fingerprint image
US8447077B2 (en) * 2006-09-11 2013-05-21 Validity Sensors, Inc. Method and apparatus for fingerprint motion tracking using an in-line array
US8229184B2 (en) * 2004-04-16 2012-07-24 Validity Sensors, Inc. Method and algorithm for accurate finger motion tracking
US8131026B2 (en) * 2004-04-16 2012-03-06 Validity Sensors, Inc. Method and apparatus for fingerprint image reconstruction
US8175345B2 (en) 2004-04-16 2012-05-08 Validity Sensors, Inc. Unitized ergonomic two-dimensional fingerprint motion tracking device and method
US8358815B2 (en) * 2004-04-16 2013-01-22 Validity Sensors, Inc. Method and apparatus for two-dimensional finger motion tracking and control
US8165355B2 (en) * 2006-09-11 2012-04-24 Validity Sensors, Inc. Method and apparatus for fingerprint motion tracking using an in-line array for use in navigation applications
WO2005109321A1 (en) * 2004-04-23 2005-11-17 Sony Corporation System for fingerprint image reconstruction based on motion estimate across a narrow fingerprint sensor
US7212658B2 (en) * 2004-04-23 2007-05-01 Sony Corporation System for fingerprint image reconstruction based on motion estimate across a narrow fingerprint sensor
US7194116B2 (en) * 2004-04-23 2007-03-20 Sony Corporation Fingerprint image reconstruction based on motion estimate across a narrow fingerprint sensor
US20050249388A1 (en) * 2004-05-07 2005-11-10 Linares Miguel A Three-dimensional fingerprint identification system
US7542590B1 (en) 2004-05-07 2009-06-02 Yt Acquisition Corporation System and method for upgrading biometric data
US20050255840A1 (en) * 2004-05-13 2005-11-17 Markham Thomas R Authenticating wireless phone system
US8156548B2 (en) * 2004-05-20 2012-04-10 Future Internet Security Ip Pty Ltd. Identification and authentication system and method
US8842887B2 (en) * 2004-06-14 2014-09-23 Rodney Beatson Method and system for combining a PIN and a biometric sample to provide template encryption and a trusted stand-alone computing device
US9286457B2 (en) 2004-06-14 2016-03-15 Rodney Beatson Method and system for providing password-free, hardware-rooted, ASIC-based authentication of a human to a mobile device using biometrics with a protected, local template to release trusted credentials to relying parties
US20050276454A1 (en) * 2004-06-14 2005-12-15 Rodney Beatson System and methods for transforming biometric image data to a consistent angle of inclination
US20080201299A1 (en) * 2004-06-30 2008-08-21 Nokia Corporation Method and System for Managing Metadata
JP4411152B2 (en) * 2004-07-05 2010-02-10 Necインフロンティア株式会社 Fingerprint reading method, fingerprint reading system and program
US20060041507A1 (en) * 2004-08-13 2006-02-23 Sbc Knowledge Ventures L.P. Pluggable authentication for transaction tool management services
US20060034497A1 (en) * 2004-08-15 2006-02-16 Michael Manansala Protometric authentication system
US8380125B2 (en) * 2004-09-01 2013-02-19 Kyocera Corporation Systems and methods for bluetooth resource conservation
JP4553379B2 (en) * 2004-09-10 2010-09-29 キヤノン株式会社 Data reproduction apparatus, control method therefor, and computer program
US20060078178A1 (en) * 2004-09-18 2006-04-13 Will Shatford Swipe sensor
JP4339221B2 (en) * 2004-09-30 2009-10-07 Necインフロンティア株式会社 Image construction method, fingerprint image construction apparatus and program
DE602005022900D1 (en) 2004-10-04 2010-09-23 Validity Sensors Inc FINGERPRINTER CONSTRUCTIONS WITH ONE SUBSTRATE
JP4340618B2 (en) * 2004-10-08 2009-10-07 富士通株式会社 Biometric information authentication apparatus and method, biometric information authentication program, and computer-readable recording medium recording the biometric information authentication program
US7280679B2 (en) 2004-10-08 2007-10-09 Atrua Technologies, Inc. System for and method of determining pressure on a finger sensor
US7689012B2 (en) * 2004-10-13 2010-03-30 Authentec, Inc. Finger sensor with data throttling and associated methods
US20060200487A1 (en) * 2004-10-29 2006-09-07 The Go Daddy Group, Inc. Domain name related reputation and secure certificates
US20080028443A1 (en) * 2004-10-29 2008-01-31 The Go Daddy Group, Inc. Domain name related reputation and secure certificates
US8904040B2 (en) * 2004-10-29 2014-12-02 Go Daddy Operating Company, LLC Digital identity validation
US20060095404A1 (en) * 2004-10-29 2006-05-04 The Go Daddy Group, Inc Presenting search engine results based on domain name related reputation
US7797413B2 (en) * 2004-10-29 2010-09-14 The Go Daddy Group, Inc. Digital identity registration
US8117339B2 (en) * 2004-10-29 2012-02-14 Go Daddy Operating Company, LLC Tracking domain name related reputation
US20080022013A1 (en) * 2004-10-29 2008-01-24 The Go Daddy Group, Inc. Publishing domain name related reputation in whois records
US20070208940A1 (en) * 2004-10-29 2007-09-06 The Go Daddy Group, Inc. Digital identity related reputation tracking and publishing
US20060095459A1 (en) * 2004-10-29 2006-05-04 Warren Adelman Publishing domain name related reputation in whois records
US9015263B2 (en) 2004-10-29 2015-04-21 Go Daddy Operating Company, LLC Domain name searching with reputation rating
US20080028100A1 (en) * 2004-10-29 2008-01-31 The Go Daddy Group, Inc. Tracking domain name related reputation
US20060104484A1 (en) * 2004-11-16 2006-05-18 Bolle Rudolf M Fingerprint biometric machine representations based on triangles
FR2878632B1 (en) * 2004-12-01 2007-02-09 Sagem METHOD FOR IDENTIFYING AN INDIVIDUAL FROM IMAGE FRAGMENTS
JP2006189999A (en) * 2005-01-04 2006-07-20 Fujitsu Ltd Security management method, program, and information apparatus
TWI296787B (en) * 2005-01-19 2008-05-11 Lightuning Tech Inc Storage device and method for protecting data stored therein
US20060181521A1 (en) * 2005-02-14 2006-08-17 Atrua Technologies, Inc. Systems for dynamically illuminating touch sensors
US7831070B1 (en) 2005-02-18 2010-11-09 Authentec, Inc. Dynamic finger detection mechanism for a fingerprint sensor
US7899216B2 (en) * 2005-03-18 2011-03-01 Sanyo Electric Co., Ltd. Biometric information processing apparatus and biometric information processing method
JP4922288B2 (en) * 2005-03-24 2012-04-25 プリバリス,インコーポレイテッド Biometric device with smart card function
US8291224B2 (en) * 2005-03-30 2012-10-16 Wells Fargo Bank, N.A. Distributed cryptographic management for computer systems
DE102005014794B4 (en) * 2005-03-31 2009-01-15 Advanced Micro Devices, Inc., Sunnyvale A method of testing a multi-sample semiconductor sample
US8231056B2 (en) * 2005-04-08 2012-07-31 Authentec, Inc. System for and method of protecting an integrated circuit from over currents
US20060249395A1 (en) * 2005-05-05 2006-11-09 Applied Material, Inc. Process and composition for electrochemical mechanical polishing
US20060249394A1 (en) * 2005-05-05 2006-11-09 Applied Materials, Inc. Process and composition for electrochemical mechanical polishing
CN1332346C (en) * 2005-05-26 2007-08-15 上海交通大学 Sliding fingerprint sequence seamless joint method of extension phase correlated
US20080106373A1 (en) * 2005-06-01 2008-05-08 Koninklijke Philips Electronics, N.V. Compensating For Acquisition Noise In Helper Data Systems
US20060282680A1 (en) * 2005-06-14 2006-12-14 Kuhlman Douglas A Method and apparatus for accessing digital data using biometric information
TWI262696B (en) * 2005-06-17 2006-09-21 Lightuning Tech Inc Storage device and method for protecting data stored therein
US7505613B2 (en) 2005-07-12 2009-03-17 Atrua Technologies, Inc. System for and method of securing fingerprint biometric systems against fake-finger spoofing
US8049731B2 (en) * 2005-07-29 2011-11-01 Interlink Electronics, Inc. System and method for implementing a control function via a sensor having a touch sensitive control input surface
US20070061126A1 (en) * 2005-09-01 2007-03-15 Anthony Russo System for and method of emulating electronic input devices
JP4351201B2 (en) * 2005-09-16 2009-10-28 富士通株式会社 Portable device with fingerprint sensor
US8090939B2 (en) * 2005-10-21 2012-01-03 Hewlett-Packard Development Company, L.P. Digital certificate that indicates a parameter of an associated cryptographic token
JP4771528B2 (en) * 2005-10-26 2011-09-14 キヤノン株式会社 Distributed processing system and distributed processing method
US7940249B2 (en) * 2005-11-01 2011-05-10 Authentec, Inc. Devices using a metal layer with an array of vias to reduce degradation
US7809211B2 (en) * 2005-11-17 2010-10-05 Upek, Inc. Image normalization for computed image construction
CN101341496B (en) * 2005-12-21 2012-05-30 皇家飞利浦电子股份有限公司 Biometric information detection using sweep-type imager
US7657849B2 (en) 2005-12-23 2010-02-02 Apple Inc. Unlocking a device by performing gestures on an unlock image
CN100375107C (en) * 2006-01-18 2008-03-12 北京飞天诚信科技有限公司 Fingerprint image fragment splicing method
CN100367296C (en) * 2006-01-18 2008-02-06 北京飞天诚信科技有限公司 Fingerprint image acquisition and imaging method and its apparatus
US8224034B2 (en) * 2006-02-02 2012-07-17 NL Giken Incorporated Biometrics system, biologic information storage, and portable device
JP4547629B2 (en) * 2006-02-10 2010-09-22 ソニー株式会社 Registration device, registration method, and registration program
US8700902B2 (en) 2006-02-13 2014-04-15 At&T Intellectual Property I, L.P. Methods and apparatus to certify digital signatures
US8234220B2 (en) * 2007-02-21 2012-07-31 Weiss Kenneth P Universal secure registry
WO2007145687A1 (en) 2006-02-21 2007-12-21 Weiss Kenneth P Method and apparatus for secure access payment and identification
US11227676B2 (en) 2006-02-21 2022-01-18 Universal Secure Registry, Llc Universal secure registry
US7849312B2 (en) 2006-03-24 2010-12-07 Atmel Corporation Method and system for secure external TPM password generation and use
US20070237366A1 (en) * 2006-03-24 2007-10-11 Atmel Corporation Secure biometric processing system and method of use
US20070226514A1 (en) * 2006-03-24 2007-09-27 Atmel Corporation Secure biometric processing system and method of use
EP2009839A4 (en) * 2006-04-07 2010-03-10 Huawei Tech Co Ltd A method and system for information security authentication
US20070254485A1 (en) * 2006-04-28 2007-11-01 Daxin Mao Abrasive composition for electrochemical mechanical polishing
US7787697B2 (en) * 2006-06-09 2010-08-31 Sony Ericsson Mobile Communications Ab Identification of an object in media and of related media objects
US8081805B2 (en) * 2006-06-19 2011-12-20 Authentec, Inc. Finger sensing device with multiple correlators and associated methods
US8180118B2 (en) * 2006-06-19 2012-05-15 Authentec, Inc. Finger sensing device with spoof reduction features and associated methods
US7885436B2 (en) * 2006-07-13 2011-02-08 Authentec, Inc. System for and method of assigning confidence values to fingerprint minutiae points
US7978884B1 (en) * 2006-08-08 2011-07-12 Smsc Holdings S.A.R.L. Fingerprint sensor and interface
US11762972B1 (en) * 2006-08-13 2023-09-19 Tara Chand Singhal System and methods for a multi-factor remote user authentication
NL1032340C2 (en) * 2006-08-17 2008-02-25 Hieronymus Watse Wiersma System and method for digitally signing data files.
US20090021349A1 (en) * 2007-07-19 2009-01-22 Stephen Errico Method to record and authenticate a participant's biometric identification of an event via a network
US7916908B1 (en) 2006-09-06 2011-03-29 SMSC Holdings S.à.r.l Fingerprint sensor and method of transmitting a sensor image to reduce data size and data rate
US8225096B2 (en) * 2006-10-27 2012-07-17 International Business Machines Corporation System, apparatus, method, and program product for authenticating communication partner using electronic certificate containing personal information
DE102007015320B4 (en) * 2006-11-03 2008-10-23 Basler Ag Camera for analyzing objects
US8204831B2 (en) * 2006-11-13 2012-06-19 International Business Machines Corporation Post-anonymous fuzzy comparisons without the use of pre-anonymization variants
US8955083B2 (en) 2006-12-19 2015-02-10 Telecom Italia S.P.A. Method and arrangement for secure user authentication based on a biometric data detection device
US8190908B2 (en) * 2006-12-20 2012-05-29 Spansion Llc Secure data verification via biometric input
US20080162943A1 (en) * 2006-12-28 2008-07-03 Ali Valiuddin Y Biometric security system and method
US8984280B2 (en) 2007-02-16 2015-03-17 Tibco Software Inc. Systems and methods for automating certification authority practices
US8880889B1 (en) * 2007-03-02 2014-11-04 Citigroup Global Markets, Inc. Systems and methods for remote authorization of financial transactions using public key infrastructure (PKI)
CN101790717B (en) * 2007-04-13 2014-07-16 阿维萨瑞公司 Machine vision system for enterprise management
EP1986161A1 (en) * 2007-04-27 2008-10-29 Italdata Ingegneria Dell'Idea S.p.A. Data survey device, integrated with a communication system, and related method
US8107212B2 (en) * 2007-04-30 2012-01-31 Validity Sensors, Inc. Apparatus and method for protecting fingerprint sensing circuitry from electrostatic discharge
US20090271428A1 (en) * 2007-05-09 2009-10-29 The Go Daddy Group, Inc. Tracking digital identity related reputation data
US8290150B2 (en) * 2007-05-11 2012-10-16 Validity Sensors, Inc. Method and system for electronically securing an electronic device using physically unclonable functions
US20110002461A1 (en) * 2007-05-11 2011-01-06 Validity Sensors, Inc. Method and System for Electronically Securing an Electronic Biometric Device Using Physically Unclonable Functions
US20080288291A1 (en) * 2007-05-16 2008-11-20 Silver Springs - Martin Luther School Digital Signature, Electronic Record Software and Method
DE602007014329D1 (en) * 2007-05-16 2011-06-16 Precise Biometrics Ab Sequential image orientation
US9237018B2 (en) * 2007-07-05 2016-01-12 Honeywell International Inc. Multisystem biometric token
US20090037742A1 (en) * 2007-07-31 2009-02-05 International Business Machines Corporation Biometric authentication device, system and method of biometric authentication
US8181031B2 (en) * 2007-08-01 2012-05-15 International Business Machines Corporation Biometric authentication device and system
EP2947592B1 (en) 2007-09-24 2021-10-27 Apple Inc. Embedded authentication systems in an electronic device
JP4466707B2 (en) * 2007-09-27 2010-05-26 ミツミ電機株式会社 Finger separation detection device, finger separation detection method, fingerprint reading device using the same, and fingerprint reading method
CN101911584A (en) * 2007-10-22 2010-12-08 米高纳科技有限公司 A transmitter for transmitting a secure access signal
US8276816B2 (en) * 2007-12-14 2012-10-02 Validity Sensors, Inc. Smart card system with ergonomic fingerprint sensor and method of using
US8204281B2 (en) * 2007-12-14 2012-06-19 Validity Sensors, Inc. System and method to remove artifacts from fingerprint sensor scans
JP2009146266A (en) * 2007-12-17 2009-07-02 Fujitsu Ltd Electronic apparatus
US20090164796A1 (en) * 2007-12-21 2009-06-25 Daon Holdings Limited Anonymous biometric tokens
FR2925732B1 (en) * 2007-12-21 2010-02-12 Sagem Securite GENERATION AND USE OF A BIOMETRIC KEY
US9361440B2 (en) 2007-12-21 2016-06-07 Apple Inc. Secure off-chip processing such as for biometric data
US8631243B2 (en) 2007-12-24 2014-01-14 Telecom Italia S.P.A. Biometrics based identification
TWI359381B (en) * 2007-12-25 2012-03-01 Htc Corp Method for unlocking a locked computing device and
US8600120B2 (en) 2008-01-03 2013-12-03 Apple Inc. Personal computing device control using face detection and recognition
US9785330B1 (en) 2008-02-13 2017-10-10 Apple Inc. Systems for and methods of providing inertial scrolling and navigation using a fingerprint sensor calculating swiping speed and length
US7653577B2 (en) 2008-02-19 2010-01-26 The Go Daddy Group, Inc. Validating e-commerce transactions
EP2264994A4 (en) * 2008-03-18 2012-05-16 Lucent Technologies Inc A method and device for automatically processing unanswered call in a communication terminal
US20090243794A1 (en) * 2008-03-24 2009-10-01 Neil Morrow Camera modules communicating with computer systems
US8005276B2 (en) 2008-04-04 2011-08-23 Validity Sensors, Inc. Apparatus and method for reducing parasitic capacitive coupling and noise in fingerprint sensing circuits
US8116540B2 (en) * 2008-04-04 2012-02-14 Validity Sensors, Inc. Apparatus and method for reducing noise in fingerprint sensing circuits
US20110032206A1 (en) * 2008-04-24 2011-02-10 Kyocera Corporation Mobile electronic device
US20090279745A1 (en) * 2008-05-08 2009-11-12 Sonavation, Inc. Method and System for Image Resolution Improvement of Biometric Digit Imprint Sensors Using Staggered Rows
US8503740B2 (en) * 2008-05-12 2013-08-06 Sonavation, Inc. Methods and apparatus for digit swipe sensor data streaming
ES2450219T3 (en) * 2008-06-30 2014-03-24 Telecom Italia S.P.A. Procedure and system to communicate access authorization requests from personal user identification as well as procedure and system to determine access authorizations
WO2010001311A1 (en) * 2008-07-02 2010-01-07 C-True Ltd. Networked face recognition system
JP5040835B2 (en) * 2008-07-04 2012-10-03 富士通株式会社 Biological information reader, biological information reading method, and biological information reading program
GB2474999B (en) * 2008-07-22 2013-02-20 Validity Sensors Inc System and method for securing a device component
JP5247295B2 (en) * 2008-08-13 2013-07-24 ラピスセミコンダクタ株式会社 Image processing method and image processing apparatus
JP5206218B2 (en) * 2008-08-20 2013-06-12 富士通株式会社 Fingerprint image acquisition device, fingerprint authentication device, fingerprint image acquisition method, and fingerprint authentication method
EP2180634B1 (en) 2008-10-22 2018-04-04 BlackBerry Limited Method of handling a certification request
US8296563B2 (en) 2008-10-22 2012-10-23 Research In Motion Limited Method of handling a certification request
DE102008053366A1 (en) * 2008-10-27 2010-05-20 Giesecke & Devrient Gmbh Method and system for personalizing a portable data carrier
US8471679B2 (en) * 2008-10-28 2013-06-25 Authentec, Inc. Electronic device including finger movement based musical tone generation and related methods
US20110187496A1 (en) * 2008-10-30 2011-08-04 Denison William D Electronic Access Control Device and Management System
US8391568B2 (en) * 2008-11-10 2013-03-05 Validity Sensors, Inc. System and method for improved scanning of fingerprint edges
US8074880B2 (en) * 2008-12-01 2011-12-13 Research In Motion Limited Method, system and mobile device employing enhanced fingerprint authentication
US20100153722A1 (en) * 2008-12-11 2010-06-17 International Business Machines Corporation Method and system to prove identity of owner of an avatar in virtual world
US9071440B2 (en) * 2008-12-22 2015-06-30 Google Technology Holdings LLC Method and system of authenticating the identity of a user of a public computer terminal
US20100161488A1 (en) 2008-12-22 2010-06-24 Paul Michael Evans Methods and systems for biometric verification
KR101390045B1 (en) * 2008-12-24 2014-04-30 에릭슨엘지엔터프라이즈 주식회사 Communication apparatus and controlling device thereof
WO2010075623A1 (en) * 2008-12-31 2010-07-08 Bce Inc. System and method for unlocking a device
US8278946B2 (en) 2009-01-15 2012-10-02 Validity Sensors, Inc. Apparatus and method for detecting finger activity on a fingerprint sensor
US20100176892A1 (en) * 2009-01-15 2010-07-15 Validity Sensors, Inc. Ultra Low Power Oscillator
US8600122B2 (en) * 2009-01-15 2013-12-03 Validity Sensors, Inc. Apparatus and method for culling substantially redundant data in fingerprint sensing circuits
US20100180136A1 (en) * 2009-01-15 2010-07-15 Validity Sensors, Inc. Ultra Low Power Wake-On-Event Mode For Biometric Systems
US8374407B2 (en) 2009-01-28 2013-02-12 Validity Sensors, Inc. Live finger detection
US8301902B2 (en) * 2009-02-12 2012-10-30 International Business Machines Corporation System, method and program product for communicating a privacy policy associated with a biometric reference template
US8289135B2 (en) * 2009-02-12 2012-10-16 International Business Machines Corporation System, method and program product for associating a biometric reference template with a radio frequency identification tag
US8327134B2 (en) * 2009-02-12 2012-12-04 International Business Machines Corporation System, method and program product for checking revocation status of a biometric reference template
US8359475B2 (en) * 2009-02-12 2013-01-22 International Business Machines Corporation System, method and program product for generating a cancelable biometric reference template on demand
US8242892B2 (en) * 2009-02-12 2012-08-14 International Business Machines Corporation System, method and program product for communicating a privacy policy associated with a radio frequency identification tag and associated object
US9298902B2 (en) * 2009-02-12 2016-03-29 International Business Machines Corporation System, method and program product for recording creation of a cancelable biometric reference template in a biometric event journal record
US20100208953A1 (en) * 2009-02-17 2010-08-19 Validity Sensors, Inc. Illuminated Fingerprint Sensor and Method
US8255685B2 (en) 2009-03-17 2012-08-28 Research In Motion Limited System and method for validating certificate issuance notification messages
US7690032B1 (en) 2009-05-22 2010-03-30 Daon Holdings Limited Method and system for confirming the identity of a user
US9400911B2 (en) 2009-10-30 2016-07-26 Synaptics Incorporated Fingerprint sensor and integratable electronic display
US9274553B2 (en) 2009-10-30 2016-03-01 Synaptics Incorporated Fingerprint sensor and integratable electronic display
US9336428B2 (en) 2009-10-30 2016-05-10 Synaptics Incorporated Integrated fingerprint sensor and display
US9832019B2 (en) * 2009-11-17 2017-11-28 Unho Choi Authentication in ubiquitous environment
KR101088029B1 (en) * 2009-11-19 2011-11-29 최운호 System for Authentication of Electronic Cash Using Smart Card and Communication Terminal
US9666635B2 (en) 2010-02-19 2017-05-30 Synaptics Incorporated Fingerprint sensing circuit
US8716613B2 (en) * 2010-03-02 2014-05-06 Synaptics Incoporated Apparatus and method for electrostatic discharge protection
EP2386998B1 (en) * 2010-05-14 2018-07-11 Honda Research Institute Europe GmbH A Two-Stage Correlation Method for Correspondence Search
KR101198120B1 (en) * 2010-05-28 2012-11-12 남궁종 Iris information based 3-factor user authentication method for otp generation and secure two way authentication system of wireless communication device authentication using otp
US9001040B2 (en) 2010-06-02 2015-04-07 Synaptics Incorporated Integrated fingerprint sensor and navigation device
WO2012008885A1 (en) * 2010-07-12 2012-01-19 Fingerprint Cards Ab Biometric verification device and method
US8528072B2 (en) 2010-07-23 2013-09-03 Apple Inc. Method, apparatus and system for access mode control of a device
US9225510B1 (en) 2010-08-17 2015-12-29 Go Daddy Operating Company, LLC Website secure certificate status determination via partner browser plugin
US9225511B1 (en) 2010-08-17 2015-12-29 Go Daddy Operating Company, LLC Systems for determining website secure certificate status via partner browser plugin
US8331096B2 (en) 2010-08-20 2012-12-11 Validity Sensors, Inc. Fingerprint acquisition expansion card apparatus
WO2012037479A1 (en) 2010-09-17 2012-03-22 Universal Secure Registry, Llc Apparatus, system and method employing a wireless user-device
US20120092279A1 (en) 2010-10-18 2012-04-19 Qualcomm Mems Technologies, Inc. Touch sensor with force-actuated switched capacitor
KR101574968B1 (en) * 2010-11-01 2015-12-08 한국전자통신연구원 Portable sensor apparatus, and service system based on biometric Authentication including the same
US9972146B1 (en) * 2010-11-17 2018-05-15 Cypress Semiconductor Corporation Security system with a wireless security device
WO2012074873A2 (en) * 2010-12-01 2012-06-07 Lumidigm, Inc. Biometric terminals
US8996879B2 (en) * 2010-12-23 2015-03-31 Intel Corporation User identity attestation in mobile commerce
RU2453921C1 (en) * 2010-12-28 2012-06-20 Валерий Александрович Гуров System for remote control of transactions
US20130234826A1 (en) * 2011-01-13 2013-09-12 Nikon Corporation Electronic device and electronic device control program
US8538097B2 (en) 2011-01-26 2013-09-17 Validity Sensors, Inc. User input utilizing dual line scanner apparatus and method
US8594393B2 (en) 2011-01-26 2013-11-26 Validity Sensors System for and method of image reconstruction with dual line scanner using line counts
US9129107B2 (en) * 2011-02-10 2015-09-08 SecurenCrypt, LLC Document encryption and decryption
GB2489100A (en) 2011-03-16 2012-09-19 Validity Sensors Inc Wafer-level packaging for a fingerprint sensor
US8638994B2 (en) 2011-04-21 2014-01-28 Authentec, Inc. Electronic device for collecting finger data and displaying a finger movement trace and related methods
US8527360B2 (en) 2011-04-29 2013-09-03 Daon Holdings Limited Methods and systems for conducting payment transactions
US20140089672A1 (en) * 2012-09-25 2014-03-27 Aliphcom Wearable device and method to generate biometric identifier for authentication using near-field communications
KR101284481B1 (en) * 2011-07-15 2013-07-16 아이리텍 잉크 Authentication method and device using OTP including biometric data
US20150363586A1 (en) * 2011-08-26 2015-12-17 Life Technologies Corporation Systems and methods for identifying an individual
EP2748801B1 (en) * 2011-08-26 2020-04-29 Life Technologies Corporation Systems and methods for identifying an individual
US8769624B2 (en) 2011-09-29 2014-07-01 Apple Inc. Access control utilizing indirect authentication
US9002322B2 (en) 2011-09-29 2015-04-07 Apple Inc. Authentication with secondary approver
US8965069B2 (en) * 2011-09-30 2015-02-24 University Of Louisville Research Foundation, Inc. Three dimensional minutiae extraction in three dimensional scans
KR101160681B1 (en) 2011-10-19 2012-06-28 배경덕 Method, mobile communication terminal and computer-readable recording medium for operating specific function when activaing of mobile communication terminal
US10043052B2 (en) 2011-10-27 2018-08-07 Synaptics Incorporated Electronic device packages and methods
US9959576B2 (en) 2011-12-07 2018-05-01 Visa International Service Association Multi-purpose device having multiple certificates including member certificate
WO2013095434A1 (en) * 2011-12-21 2013-06-27 Intel Corporation Method for authentication using biometric data for mobile device e-commerce transactions
US9195877B2 (en) 2011-12-23 2015-11-24 Synaptics Incorporated Methods and devices for capacitive image sensing
US9785299B2 (en) 2012-01-03 2017-10-10 Synaptics Incorporated Structures and manufacturing methods for glass covered electronic devices
KR101443960B1 (en) * 2012-02-22 2014-11-03 주식회사 팬택 Electronic device and method for user identification
US9268991B2 (en) * 2012-03-27 2016-02-23 Synaptics Incorporated Method of and system for enrolling and matching biometric data
US9251329B2 (en) 2012-03-27 2016-02-02 Synaptics Incorporated Button depress wakeup and wakeup strategy
US9137438B2 (en) 2012-03-27 2015-09-15 Synaptics Incorporated Biometric object sensor and method
US9600709B2 (en) * 2012-03-28 2017-03-21 Synaptics Incorporated Methods and systems for enrolling biometric data
US9152838B2 (en) 2012-03-29 2015-10-06 Synaptics Incorporated Fingerprint sensor packagings and methods
US9024910B2 (en) 2012-04-23 2015-05-05 Qualcomm Mems Technologies, Inc. Touchscreen with bridged force-sensitive resistors
BR112014028774B1 (en) 2012-05-18 2022-05-10 Apple Inc Method, electronic device, computer readable storage medium and information processing apparatus
US11553857B1 (en) 2012-09-25 2023-01-17 Micro Mobio Corporation System and method for through window personal cloud transmission
US10437295B1 (en) 2012-09-25 2019-10-08 Micro Mobio Corporation Personal cloud case cover with a plurality of modular capabilities
US11642045B1 (en) 2012-09-25 2023-05-09 Micro Mobio Corporation Personal health and environmental monitoring device and method
US11058326B1 (en) 2012-09-25 2021-07-13 Micro Mobio Corporation Cloud communication antenna panel system and method
US9086847B2 (en) * 2012-09-25 2015-07-21 Micro Mobio Corporation Personal cloud case cover with a plurality of modular capabilities
US11877842B1 (en) 2012-09-25 2024-01-23 Micro Mobio Corporation Personal cloud with a plurality of modular capabilities
US11786146B1 (en) 2012-09-25 2023-10-17 Micro Mobio Corporation Wireless hub system and method
FR2996942B1 (en) * 2012-10-11 2016-01-08 Morpho IMPROVED SIGNATURE KEY GENERATION METHOD
GB2507540A (en) 2012-11-02 2014-05-07 Zwipe As Enrolling fingerprints by combining image strips to obtain sufficient width
GB2507539A (en) 2012-11-02 2014-05-07 Zwipe As Matching sets of minutiae using local neighbourhoods
US9672339B2 (en) * 2012-12-12 2017-06-06 Intel Corporation Electro-biometric authentication
US9665762B2 (en) 2013-01-11 2017-05-30 Synaptics Incorporated Tiered wakeup strategy
US9378350B2 (en) * 2013-03-15 2016-06-28 Airwatch Llc Facial capture managing access to resources by a device
US10121049B2 (en) 2013-04-01 2018-11-06 AMI Research & Development, LLC Fingerprint based smart phone user verification
US9754149B2 (en) 2013-04-01 2017-09-05 AMI Research & Development, LLC Fingerprint based smart phone user verification
US9189612B2 (en) * 2013-05-13 2015-11-17 Ira Konvalinka Biometric verification with improved privacy and network performance in client-server networks
US9323393B2 (en) 2013-06-03 2016-04-26 Qualcomm Incorporated Display with peripherally configured ultrasonic biometric sensor
US9262003B2 (en) 2013-11-04 2016-02-16 Qualcomm Incorporated Piezoelectric force sensing array
US9521138B2 (en) 2013-06-14 2016-12-13 Go Daddy Operating Company, LLC System for domain control validation
US9178888B2 (en) 2013-06-14 2015-11-03 Go Daddy Operating Company, LLC Method for domain control validation
US9898642B2 (en) 2013-09-09 2018-02-20 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
GB2519076A (en) * 2013-10-08 2015-04-15 A Men Technology Corp Point transaction system and method for mobile communication device
TWI514286B (en) * 2013-10-16 2015-12-21 Pixart Imaging Inc Thin biometric detection module
CN104545842B (en) * 2013-10-16 2017-09-26 原相科技股份有限公司 Thin physiological characteristic detection module
CN105981039B (en) 2013-11-22 2019-04-12 深圳市汇顶科技股份有限公司 The somatic fingerprint sensor of safety
EP3075085B1 (en) 2013-11-27 2020-01-08 Shenzhen Goodix Technology Co., Ltd. Wearable communication devices for secured transaction and communication
US10713466B2 (en) 2014-03-07 2020-07-14 Egis Technology Inc. Fingerprint recognition method and electronic device using the same
TWI517057B (en) * 2014-03-07 2016-01-11 神盾股份有限公司 Fingerprint recognition method and device
US9472195B2 (en) * 2014-03-26 2016-10-18 Educational Testing Service Systems and methods for detecting fraud in spoken tests using voice biometrics
US20150317466A1 (en) * 2014-05-02 2015-11-05 Verificient Technologies, Inc. Certificate verification system and methods of performing the same
WO2015171941A1 (en) * 2014-05-08 2015-11-12 Northrop Grumman Systems Corporation Methods, devices, and computer-readable media for biometric collection, quality checking, and matching
NO20140653A1 (en) * 2014-05-27 2015-11-30 Idex Asa Biometric sensor
US9483763B2 (en) 2014-05-29 2016-11-01 Apple Inc. User interface for payments
US9230152B2 (en) * 2014-06-03 2016-01-05 Apple Inc. Electronic device for processing composite finger matching biometric data and related methods
US11237525B2 (en) 2014-07-07 2022-02-01 Shenzhen GOODIX Technology Co., Ltd. Smart watch
US9519819B2 (en) * 2014-07-14 2016-12-13 Fingerprint Cards Ab Method and electronic device for noise mitigation
KR101915374B1 (en) 2014-07-23 2018-11-05 선전 구딕스 테크놀로지 컴퍼니, 리미티드 Optical heart rate sensor
KR20160016583A (en) * 2014-07-31 2016-02-15 에지스 테크놀러지 인코포레이티드 Fingerprint recognition methods and devices
US10282535B2 (en) * 2014-09-02 2019-05-07 NXT-ID, Inc. Method and system to validate identity without putting privacy at risk
KR20160135303A (en) * 2014-09-06 2016-11-25 선전 후이딩 테크놀로지 컴퍼니 리미티드 swipe motion registration on A fingerprint sensor
US10114939B1 (en) * 2014-09-22 2018-10-30 Symantec Corporation Systems and methods for secure communications between devices
US9760755B1 (en) * 2014-10-03 2017-09-12 Egis Technology Inc. Fingerprint matching methods and device
FR3027753B1 (en) * 2014-10-28 2021-07-09 Morpho AUTHENTICATION PROCESS FOR A USER HOLDING A BIOMETRIC CERTIFICATE
US10732771B2 (en) 2014-11-12 2020-08-04 Shenzhen GOODIX Technology Co., Ltd. Fingerprint sensors having in-pixel optical sensors
CN105447436B (en) 2014-12-19 2017-08-04 比亚迪股份有限公司 Fingerprint recognition system and fingerprint identification method and electronic equipment
US10325142B2 (en) * 2015-04-23 2019-06-18 Shenzhen GOODIX Technology Co., Ltd. Multifunction fingerprint sensor
CN111711520B (en) * 2015-04-23 2023-12-15 崔云虎 Authentication in ubiquitous environments
TWI541731B (en) * 2015-04-27 2016-07-11 瑞鼎科技股份有限公司 Capacitive fingerprint sensing apparatus and capacitive fingerprint sensing method
US11481771B2 (en) * 2015-05-20 2022-10-25 Ripple Luxembourg S.A. One way functions in a resource transfer system
US10740732B2 (en) 2015-05-20 2020-08-11 Ripple Luxembourg S.A. Resource transfer system
SE1550689A1 (en) 2015-05-28 2016-11-29 Fingerprint Cards Ab Method and fingerprint sensing system for forming a fingerprint representation
US10868672B1 (en) 2015-06-05 2020-12-15 Apple Inc. Establishing and verifying identity using biometrics while protecting user privacy
US11140171B1 (en) 2015-06-05 2021-10-05 Apple Inc. Establishing and verifying identity using action sequences while protecting user privacy
CN107004130B (en) 2015-06-18 2020-08-28 深圳市汇顶科技股份有限公司 Optical sensor module under screen for sensing fingerprint on screen
US10410037B2 (en) 2015-06-18 2019-09-10 Shenzhen GOODIX Technology Co., Ltd. Under-screen optical sensor module for on-screen fingerprint sensing implementing imaging lens, extra illumination or optical collimator array
EP3278272B1 (en) 2015-06-18 2020-12-09 Shenzhen Goodix Technology Co., Ltd. Multifunction fingerprint sensor having optical sensing capability
US10437974B2 (en) 2015-06-18 2019-10-08 Shenzhen GOODIX Technology Co., Ltd. Optical sensing performance of under-screen optical sensor module for on-screen fingerprint sensing
US10410033B2 (en) 2015-06-18 2019-09-10 Shenzhen GOODIX Technology Co., Ltd. Under-LCD screen optical sensor module for on-screen fingerprint sensing
WO2016205938A1 (en) 2015-06-22 2016-12-29 Appetite Lab Inc. Devices and methods for locating and visualizing underwater objects
US10339178B2 (en) * 2015-06-30 2019-07-02 Samsung Electronics Co., Ltd. Fingerprint recognition method and apparatus
CN106663156B (en) * 2015-06-30 2020-08-07 华为技术有限公司 Method and terminal for unlocking screen by fingerprint
US10095948B2 (en) * 2015-06-30 2018-10-09 Synaptics Incorporated Modulation scheme for fingerprint sensing
US9946375B2 (en) * 2015-06-30 2018-04-17 Synaptics Incorporated Active matrix capacitive fingerprint sensor with 2-TFT pixel architecture for display integration
US10331936B2 (en) * 2015-07-14 2019-06-25 Idex Asa Duplicate pattern reconstructions
US10578706B2 (en) * 2015-08-06 2020-03-03 Navico Holding As Wireless sonar receiver
US20170140233A1 (en) * 2015-11-13 2017-05-18 Fingerprint Cards Ab Method and system for calibration of a fingerprint sensing device
US10325134B2 (en) * 2015-11-13 2019-06-18 Fingerprint Cards Ab Method and system for calibration of an optical fingerprint sensing device
WO2017139537A1 (en) * 2016-02-11 2017-08-17 AMI Research & Development, LLC Fingerprint based smart phone user verification
CN105825098B (en) 2016-03-16 2018-03-27 广东欧珀移动通信有限公司 Unlocking screen method, image-pickup method and the device of a kind of electric terminal
US11108767B2 (en) * 2016-04-21 2021-08-31 Tharmalingam Satkunarajah Apparatus and system for obtaining and encrypting documentary materials
DK179186B1 (en) 2016-05-19 2018-01-15 Apple Inc REMOTE AUTHORIZATION TO CONTINUE WITH AN ACTION
US11036870B2 (en) * 2016-08-22 2021-06-15 Mastercard International Incorporated Method and system for secure device based biometric authentication scheme
US10404464B2 (en) 2016-08-22 2019-09-03 Mastercard International Incorporated Method and system for secure FIDO development kit with embedded hardware
US10237270B2 (en) * 2016-09-29 2019-03-19 International Business Machines Corporation Distributed storage of authentication data
US10719077B2 (en) 2016-10-13 2020-07-21 Navico Holding As Castable sonar devices and operations in a marine environment
US10277400B1 (en) * 2016-10-20 2019-04-30 Wells Fargo Bank, N.A. Biometric electronic signature tokens
US10430638B2 (en) * 2016-11-10 2019-10-01 Synaptics Incorporated Systems and methods for spoof detection relative to a template instead of on an absolute scale
CN108431827B (en) * 2016-11-15 2019-06-28 指纹卡有限公司 Method and electronic equipment for fingerprint registration
US10506926B2 (en) 2017-02-18 2019-12-17 Arc Devices Limited Multi-vital sign detector in an electronic medical records system
US10492684B2 (en) 2017-02-21 2019-12-03 Arc Devices Limited Multi-vital-sign smartphone system in an electronic medical records system
US10614283B2 (en) 2017-03-07 2020-04-07 Shenzhen GOODIX Technology Co., Ltd. Devices with peripheral task bar display zone and under-LCD screen optical sensor module for on-screen fingerprint sensing
CN109154986B (en) 2017-05-01 2020-11-13 深圳市汇顶科技股份有限公司 Ultrasonic fingerprint sensing and sensor manufacturing
US10602548B2 (en) 2017-06-22 2020-03-24 Infineon Technologies Ag System and method for gesture sensing
US10331939B2 (en) 2017-07-06 2019-06-25 Shenzhen GOODIX Technology Co., Ltd. Multi-layer optical designs of under-screen optical sensor module having spaced optical collimator array and optical sensor array for on-screen fingerprint sensing
EP3461292B1 (en) 2017-07-18 2021-03-24 Shenzhen Goodix Technology Co., Ltd. Anti-spoofing sensing for rejecting fake fingerprint patterns in under-screen optical sensor module for on-screen fingerprint sensing
US10602987B2 (en) 2017-08-10 2020-03-31 Arc Devices Limited Multi-vital-sign smartphone system in an electronic medical records system
KR102399539B1 (en) * 2017-08-28 2022-05-19 삼성전자주식회사 Method and apparatus for identifying an object
KR102185854B1 (en) 2017-09-09 2020-12-02 애플 인크. Implementation of biometric authentication
KR102143148B1 (en) 2017-09-09 2020-08-10 애플 인크. Implementation of biometric authentication
US10460458B1 (en) * 2017-09-14 2019-10-29 United States Of America As Represented By The Secretary Of The Air Force Method for registration of partially-overlapped aerial imagery using a reduced search space methodology with hybrid similarity measures
US10970516B2 (en) 2017-10-25 2021-04-06 Synaptics Incorporated Systems and methods for biometric recognition
KR101936941B1 (en) * 2018-02-22 2019-01-11 스티븐 상근 오 Electronic approval system, method, and program using biometric authentication
WO2019168419A1 (en) 2018-02-28 2019-09-06 Motorola Solutions, Inc Method for registering a mobile device using a machine-readable optical label
US10984213B2 (en) 2018-03-27 2021-04-20 Shenzhen GOODIX Technology Co., Ltd. 3-dimensional optical topographical sensing of fingerprints using under-screen optical sensor module
US10320962B1 (en) * 2018-04-20 2019-06-11 Zte Corporation Dual screen smartphone and portable devices with a full display screen
US10485431B1 (en) 2018-05-21 2019-11-26 ARC Devices Ltd. Glucose multi-vital-sign system in an electronic medical records system
US11170085B2 (en) 2018-06-03 2021-11-09 Apple Inc. Implementation of biometric authentication
US11100349B2 (en) 2018-09-28 2021-08-24 Apple Inc. Audio assisted enrollment
US10860096B2 (en) 2018-09-28 2020-12-08 Apple Inc. Device control using gaze information
US10742786B2 (en) * 2018-11-15 2020-08-11 Osram Opto Semiconductors Gmbh Mobile device with side-looking biometric sensor
CN109690563B (en) * 2018-12-04 2023-05-30 深圳市汇顶科技股份有限公司 Fingerprint registration method, terminal and computer-readable storage medium
US10530577B1 (en) * 2019-02-08 2020-01-07 Talenting, Inc. Systems and methods for biometric key generation in data access control, data verification, and path selection in block chain-linked workforce data management
WO2020170040A2 (en) * 2019-02-21 2020-08-27 Next Biometrics Group Asa Method of detecting replay attacks in a fingerprint sensor system
GB2587404B (en) * 2019-09-27 2024-03-27 Airbus Defence & Space Ltd Encryption and verification method
US11504014B2 (en) 2020-06-01 2022-11-22 Arc Devices Limited Apparatus and methods for measuring blood pressure and other vital signs via a finger
US10923216B1 (en) * 2020-06-12 2021-02-16 Tensorx, Inc. Health status system, platform, and method
US20220116231A1 (en) * 2020-10-09 2022-04-14 Unho Choi Chain of authentication using public key infrastructure
JP2024027032A (en) * 2022-08-16 2024-02-29 株式会社日立製作所 Authentication system and authentication method

Citations (64)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4222076A (en) * 1978-09-15 1980-09-09 Bell Telephone Laboratories, Incorporated Progressive image transmission
US4405829A (en) * 1977-12-14 1983-09-20 Massachusetts Institute Of Technology Cryptographic communications system and method
US4558372A (en) * 1984-01-19 1985-12-10 Tektronix, Inc. Scanning method and apparatus
US4654876A (en) * 1984-12-19 1987-03-31 Itek Corporation Digital image motion correction method
US4868877A (en) * 1988-02-12 1989-09-19 Fischer Addison M Public key/signature cryptosystem with enhanced digital signature certification
US5144448A (en) * 1990-07-31 1992-09-01 Vidar Systems Corporation Scanning apparatus using multiple CCD arrays and related method
US5155597A (en) * 1990-11-28 1992-10-13 Recon/Optical, Inc. Electro-optical imaging array with motion compensation
US5227839A (en) * 1991-06-24 1993-07-13 Etec Systems, Inc. Small field scanner
US5293323A (en) * 1991-10-24 1994-03-08 General Electric Company Method for fault diagnosis by assessment of confidence measure
US5444478A (en) * 1992-12-29 1995-08-22 U.S. Philips Corporation Image processing method and device for constructing an image from adjacent images
US5453777A (en) * 1993-04-12 1995-09-26 Presstek, Inc. Method and apparatus for correcting and adjusting digital image output
US5456256A (en) * 1993-11-04 1995-10-10 Ultra-Scan Corporation High resolution ultrasonic imaging apparatus and method
US5559961A (en) * 1994-04-04 1996-09-24 Lucent Technologies Inc. Graphical password
US5577120A (en) * 1995-05-01 1996-11-19 Lucent Technologies Inc. Method and apparatus for restrospectively identifying an individual who had engaged in a commercial or retail transaction or the like
US5576763A (en) * 1994-11-22 1996-11-19 Lucent Technologies Inc. Single-polysilicon CMOS active pixel
US5602585A (en) * 1994-12-22 1997-02-11 Lucent Technologies Inc. Method and system for camera with motion detection
US5623552A (en) * 1994-01-21 1997-04-22 Cardguard International, Inc. Self-authenticating identification card with fingerprint identification
US5625304A (en) * 1995-04-21 1997-04-29 Lucent Technologies Inc. Voltage comparator requiring no compensating offset voltage
US5631704A (en) * 1994-10-14 1997-05-20 Lucent Technologies, Inc. Active pixel sensor and imaging system having differential mode
US5668874A (en) * 1995-02-28 1997-09-16 Lucent Technologies Inc. Identification card verification system and method
US5671279A (en) * 1995-11-13 1997-09-23 Netscape Communications Corporation Electronic commerce using a secure courier system
US5673123A (en) * 1994-06-30 1997-09-30 Lucent Technologies Inc. Methods and means for processing images
US5739562A (en) * 1995-08-01 1998-04-14 Lucent Technologies Inc. Combined photogate and photodiode active pixel image sensor
US5764789A (en) * 1994-11-28 1998-06-09 Smarttouch, Llc Tokenless biometric ATM access system
US5768439A (en) * 1994-03-23 1998-06-16 Hitachi Software Engineering Co., Ltd. Image compounding method and device for connecting a plurality of adjacent images on a map without performing positional displacement at their connections boundaries
US5774525A (en) * 1995-01-23 1998-06-30 International Business Machines Corporation Method and apparatus utilizing dynamic questioning to provide secure access control
US5812704A (en) * 1994-11-29 1998-09-22 Focus Automation Systems Inc. Method and apparatus for image overlap processing
US5825907A (en) * 1994-12-28 1998-10-20 Lucent Technologies Inc. Neural network system for classifying fingerprints
US5864296A (en) * 1997-05-19 1999-01-26 Trw Inc. Fingerprint detector using ridge resistance sensor
US5903225A (en) * 1997-05-16 1999-05-11 Harris Corporation Access control system including fingerprint sensor enrollment and associated methods
US5920640A (en) * 1997-05-16 1999-07-06 Harris Corporation Fingerprint sensor and token reader and associated methods
US5963679A (en) * 1996-01-26 1999-10-05 Harris Corporation Electric field fingerprint sensor apparatus and related methods
US5987156A (en) * 1996-11-25 1999-11-16 Lucent Technologies Apparatus for correcting fixed column noise in images acquired by a fingerprint sensor
US5991408A (en) * 1997-05-16 1999-11-23 Veridicom, Inc. Identification and security using biometric measurements
US6003135A (en) * 1997-06-04 1999-12-14 Spyrus, Inc. Modular security device
US6016476A (en) * 1997-08-11 2000-01-18 International Business Machines Corporation Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US6016355A (en) * 1995-12-15 2000-01-18 Veridicom, Inc. Capacitive fingerprint acquisition sensor
US6047268A (en) * 1997-11-04 2000-04-04 A.T.&T. Corporation Method and apparatus for billing for transactions conducted over the internet
US6049620A (en) * 1995-12-15 2000-04-11 Veridicom, Inc. Capacitive fingerprint sensor with adjustable gain
US6097418A (en) * 1998-03-24 2000-08-01 Agfa Corporation Method and apparatus for combining a plurality of images without incurring a visible seam
US6175922B1 (en) * 1996-12-04 2001-01-16 Esign, Inc. Electronic transaction systems and methods therefor
US6192142B1 (en) * 1994-11-28 2001-02-20 Smarttouch, Inc. Tokenless biometric electronic stored value transactions
US6195447B1 (en) * 1998-01-16 2001-02-27 Lucent Technologies Inc. System and method for fingerprint data verification
US6195471B1 (en) * 1998-03-24 2001-02-27 Agfa Corporation Method and apparatus for combining a plurality of images at random stitch points without incurring a visible seam
US6202151B1 (en) * 1997-05-09 2001-03-13 Gte Service Corporation System and method for authenticating electronic transactions using biometric certificates
US6208264B1 (en) * 1997-05-23 2001-03-27 Automated Identification Service, Inc. Personal verification in a commercial transaction system
US6219793B1 (en) * 1996-09-11 2001-04-17 Hush, Inc. Method of using fingerprints to authenticate wireless communications
US6230235B1 (en) * 1996-08-08 2001-05-08 Apache Systems, Inc. Address lookup DRAM aging
US6230148B1 (en) * 1994-11-28 2001-05-08 Veristar Corporation Tokenless biometric electric check transaction
US6256737B1 (en) * 1999-03-09 2001-07-03 Bionetrix Systems Corporation System, method and computer program product for allowing access to enterprise resources using biometric devices
US6260300B1 (en) * 1999-04-21 2001-07-17 Smith & Wesson Corp. Biometrically activated lock and enablement system
US6289114B1 (en) * 1996-06-14 2001-09-11 Thomson-Csf Fingerprint-reading system
US6310966B1 (en) * 1997-05-09 2001-10-30 Gte Service Corporation Biometric certificates
US6330345B1 (en) * 1997-11-17 2001-12-11 Veridicom, Inc. Automatic adjustment processing for sensor devices
US6333989B1 (en) * 1999-03-29 2001-12-25 Dew Engineering And Development Limited Contact imaging device
US6366682B1 (en) * 1994-11-28 2002-04-02 Indivos Corporation Tokenless electronic transaction system
US20020060243A1 (en) * 2000-11-13 2002-05-23 Janiak Martin J. Biometric authentication device for use in mobile telecommunications
US6501846B1 (en) * 1997-11-25 2002-12-31 Ethentica, Inc. Method and system for computer access and cursor control using a relief object image generator
US20030021495A1 (en) * 2001-07-12 2003-01-30 Ericson Cheng Fingerprint biometric capture device and method with integrated on-chip data buffering
US6518560B1 (en) * 2000-04-27 2003-02-11 Veridicom, Inc. Automatic gain amplifier for biometric sensor device
US6535622B1 (en) * 1999-04-26 2003-03-18 Veridicom, Inc. Method for imaging fingerprints and concealing latent fingerprints
US6546122B1 (en) * 1999-07-29 2003-04-08 Veridicom, Inc. Method for combining fingerprint templates representing various sensed areas of a fingerprint to derive one fingerprint template representing the fingerprint
US20030115475A1 (en) * 2001-07-12 2003-06-19 Russo Anthony P. Biometrically enhanced digital certificates and system and method for making and using
US6853988B1 (en) * 1999-09-20 2005-02-08 Security First Corporation Cryptographic server with provisions for interoperability between cryptographic systems

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4993068A (en) * 1989-11-27 1991-02-12 Motorola, Inc. Unforgeable personal identification system
BR9001916A (en) * 1990-04-20 1991-11-12 Metal Leve Sa PROCESS OF OBTAINING REFRIGERATED PUMP AND REFRIGERATED PUMP
TW335241U (en) * 1992-11-30 1998-06-21 Thomson Consumer Electronics A video display system
US20020013898A1 (en) 1997-06-04 2002-01-31 Sudia Frank W. Method and apparatus for roaming use of cryptographic values
US5458256A (en) * 1994-04-19 1995-10-17 May-Wes Manufacturing, Inc. Slide lid
US6973477B1 (en) * 1995-05-19 2005-12-06 Cyberfone Technologies, Inc. System for securely communicating amongst client computer systems
GB9600804D0 (en) * 1996-01-17 1996-03-20 Robb Garry D Multiphone
US6075905A (en) * 1996-07-17 2000-06-13 Sarnoff Corporation Method and apparatus for mosaic image construction
DE29722222U1 (en) * 1997-12-16 1998-06-25 Siemens Ag Radio-operated communication terminal with navigation key
US6038666A (en) * 1997-12-22 2000-03-14 Trw Inc. Remote identity verification technique using a personal identification device
US6681034B1 (en) 1999-07-15 2004-01-20 Precise Biometrics Method and system for fingerprint template matching
JP3743246B2 (en) * 2000-02-03 2006-02-08 日本電気株式会社 Biometric input device and biometric verification device
JP4426733B2 (en) * 2000-03-31 2010-03-03 富士通株式会社 Fingerprint data synthesizing method, fingerprint data synthesizing device, fingerprint data synthesizing program, and computer-readable recording medium recording the program
WO2001080167A1 (en) * 2000-04-13 2001-10-25 Nanyang Technological University Method and device for determining a total minutiae template from a plurality of partial minutiae templates
SE515239C2 (en) * 2000-05-15 2001-07-02 Ericsson Telefon Ab L M Method for generating a composite image and apparatus for detecting fingerprints
US6542740B1 (en) * 2000-10-24 2003-04-01 Litepoint, Corp. System, method and article of manufacture for utilizing a wireless link in an interface roaming network framework
US20020078347A1 (en) 2000-12-20 2002-06-20 International Business Machines Corporation Method and system for using with confidence certificates issued from certificate authorities
US7103234B2 (en) * 2001-03-30 2006-09-05 Nec Laboratories America, Inc. Method for blind cross-spectral image registration
US7043061B2 (en) * 2001-06-27 2006-05-09 Laurence Hamid Swipe imager with multiple sensing arrays
US7203347B2 (en) * 2001-06-27 2007-04-10 Activcard Ireland Limited Method and system for extracting an area of interest from within a swipe image of a biological surface

Patent Citations (70)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4405829A (en) * 1977-12-14 1983-09-20 Massachusetts Institute Of Technology Cryptographic communications system and method
US4222076A (en) * 1978-09-15 1980-09-09 Bell Telephone Laboratories, Incorporated Progressive image transmission
US4558372A (en) * 1984-01-19 1985-12-10 Tektronix, Inc. Scanning method and apparatus
US4654876A (en) * 1984-12-19 1987-03-31 Itek Corporation Digital image motion correction method
US4868877A (en) * 1988-02-12 1989-09-19 Fischer Addison M Public key/signature cryptosystem with enhanced digital signature certification
US5144448A (en) * 1990-07-31 1992-09-01 Vidar Systems Corporation Scanning apparatus using multiple CCD arrays and related method
US5155597A (en) * 1990-11-28 1992-10-13 Recon/Optical, Inc. Electro-optical imaging array with motion compensation
US5227839A (en) * 1991-06-24 1993-07-13 Etec Systems, Inc. Small field scanner
US5293323A (en) * 1991-10-24 1994-03-08 General Electric Company Method for fault diagnosis by assessment of confidence measure
US5444478A (en) * 1992-12-29 1995-08-22 U.S. Philips Corporation Image processing method and device for constructing an image from adjacent images
US5453777A (en) * 1993-04-12 1995-09-26 Presstek, Inc. Method and apparatus for correcting and adjusting digital image output
US5456256A (en) * 1993-11-04 1995-10-10 Ultra-Scan Corporation High resolution ultrasonic imaging apparatus and method
US5623552A (en) * 1994-01-21 1997-04-22 Cardguard International, Inc. Self-authenticating identification card with fingerprint identification
US5768439A (en) * 1994-03-23 1998-06-16 Hitachi Software Engineering Co., Ltd. Image compounding method and device for connecting a plurality of adjacent images on a map without performing positional displacement at their connections boundaries
US5559961A (en) * 1994-04-04 1996-09-24 Lucent Technologies Inc. Graphical password
US5673123A (en) * 1994-06-30 1997-09-30 Lucent Technologies Inc. Methods and means for processing images
US5631704A (en) * 1994-10-14 1997-05-20 Lucent Technologies, Inc. Active pixel sensor and imaging system having differential mode
US5835141A (en) * 1994-11-22 1998-11-10 Lucent Technologies Inc. Single-polysilicon CMOS active pixel image sensor
US5576763A (en) * 1994-11-22 1996-11-19 Lucent Technologies Inc. Single-polysilicon CMOS active pixel
US6192142B1 (en) * 1994-11-28 2001-02-20 Smarttouch, Inc. Tokenless biometric electronic stored value transactions
US6366682B1 (en) * 1994-11-28 2002-04-02 Indivos Corporation Tokenless electronic transaction system
US6230148B1 (en) * 1994-11-28 2001-05-08 Veristar Corporation Tokenless biometric electric check transaction
US5764789A (en) * 1994-11-28 1998-06-09 Smarttouch, Llc Tokenless biometric ATM access system
US5812704A (en) * 1994-11-29 1998-09-22 Focus Automation Systems Inc. Method and apparatus for image overlap processing
US5602585A (en) * 1994-12-22 1997-02-11 Lucent Technologies Inc. Method and system for camera with motion detection
US5825907A (en) * 1994-12-28 1998-10-20 Lucent Technologies Inc. Neural network system for classifying fingerprints
US5774525A (en) * 1995-01-23 1998-06-30 International Business Machines Corporation Method and apparatus utilizing dynamic questioning to provide secure access control
US5668874A (en) * 1995-02-28 1997-09-16 Lucent Technologies Inc. Identification card verification system and method
US5625304A (en) * 1995-04-21 1997-04-29 Lucent Technologies Inc. Voltage comparator requiring no compensating offset voltage
US5577120A (en) * 1995-05-01 1996-11-19 Lucent Technologies Inc. Method and apparatus for restrospectively identifying an individual who had engaged in a commercial or retail transaction or the like
US5739562A (en) * 1995-08-01 1998-04-14 Lucent Technologies Inc. Combined photogate and photodiode active pixel image sensor
US5671279A (en) * 1995-11-13 1997-09-23 Netscape Communications Corporation Electronic commerce using a secure courier system
US6016355A (en) * 1995-12-15 2000-01-18 Veridicom, Inc. Capacitive fingerprint acquisition sensor
US6538456B1 (en) * 1995-12-15 2003-03-25 Veridicom, Inc. Capacitive fingerprint sensor with adjustable gain
US6049620A (en) * 1995-12-15 2000-04-11 Veridicom, Inc. Capacitive fingerprint sensor with adjustable gain
US5963679A (en) * 1996-01-26 1999-10-05 Harris Corporation Electric field fingerprint sensor apparatus and related methods
US6289114B1 (en) * 1996-06-14 2001-09-11 Thomson-Csf Fingerprint-reading system
US6459804B2 (en) * 1996-06-14 2002-10-01 Thomson-Csf Fingerprint-reading system
US6230235B1 (en) * 1996-08-08 2001-05-08 Apache Systems, Inc. Address lookup DRAM aging
US6219793B1 (en) * 1996-09-11 2001-04-17 Hush, Inc. Method of using fingerprints to authenticate wireless communications
US5987156A (en) * 1996-11-25 1999-11-16 Lucent Technologies Apparatus for correcting fixed column noise in images acquired by a fingerprint sensor
US6175922B1 (en) * 1996-12-04 2001-01-16 Esign, Inc. Electronic transaction systems and methods therefor
US6310966B1 (en) * 1997-05-09 2001-10-30 Gte Service Corporation Biometric certificates
US6202151B1 (en) * 1997-05-09 2001-03-13 Gte Service Corporation System and method for authenticating electronic transactions using biometric certificates
US5991408A (en) * 1997-05-16 1999-11-23 Veridicom, Inc. Identification and security using biometric measurements
US5903225A (en) * 1997-05-16 1999-05-11 Harris Corporation Access control system including fingerprint sensor enrollment and associated methods
US6069970A (en) * 1997-05-16 2000-05-30 Authentec, Inc. Fingerprint sensor and token reader and associated methods
US5920640A (en) * 1997-05-16 1999-07-06 Harris Corporation Fingerprint sensor and token reader and associated methods
US5864296A (en) * 1997-05-19 1999-01-26 Trw Inc. Fingerprint detector using ridge resistance sensor
US6208264B1 (en) * 1997-05-23 2001-03-27 Automated Identification Service, Inc. Personal verification in a commercial transaction system
US6003135A (en) * 1997-06-04 1999-12-14 Spyrus, Inc. Modular security device
US6016476A (en) * 1997-08-11 2000-01-18 International Business Machines Corporation Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US6047268A (en) * 1997-11-04 2000-04-04 A.T.&T. Corporation Method and apparatus for billing for transactions conducted over the internet
US6330345B1 (en) * 1997-11-17 2001-12-11 Veridicom, Inc. Automatic adjustment processing for sensor devices
US6501846B1 (en) * 1997-11-25 2002-12-31 Ethentica, Inc. Method and system for computer access and cursor control using a relief object image generator
US6195447B1 (en) * 1998-01-16 2001-02-27 Lucent Technologies Inc. System and method for fingerprint data verification
US6097418A (en) * 1998-03-24 2000-08-01 Agfa Corporation Method and apparatus for combining a plurality of images without incurring a visible seam
US6195471B1 (en) * 1998-03-24 2001-02-27 Agfa Corporation Method and apparatus for combining a plurality of images at random stitch points without incurring a visible seam
US6256737B1 (en) * 1999-03-09 2001-07-03 Bionetrix Systems Corporation System, method and computer program product for allowing access to enterprise resources using biometric devices
US6333989B1 (en) * 1999-03-29 2001-12-25 Dew Engineering And Development Limited Contact imaging device
US6260300B1 (en) * 1999-04-21 2001-07-17 Smith & Wesson Corp. Biometrically activated lock and enablement system
US6535622B1 (en) * 1999-04-26 2003-03-18 Veridicom, Inc. Method for imaging fingerprints and concealing latent fingerprints
US6546122B1 (en) * 1999-07-29 2003-04-08 Veridicom, Inc. Method for combining fingerprint templates representing various sensed areas of a fingerprint to derive one fingerprint template representing the fingerprint
US6853988B1 (en) * 1999-09-20 2005-02-08 Security First Corporation Cryptographic server with provisions for interoperability between cryptographic systems
US6518560B1 (en) * 2000-04-27 2003-02-11 Veridicom, Inc. Automatic gain amplifier for biometric sensor device
US20020060243A1 (en) * 2000-11-13 2002-05-23 Janiak Martin J. Biometric authentication device for use in mobile telecommunications
US20030021495A1 (en) * 2001-07-12 2003-01-30 Ericson Cheng Fingerprint biometric capture device and method with integrated on-chip data buffering
US20030115475A1 (en) * 2001-07-12 2003-06-19 Russo Anthony P. Biometrically enhanced digital certificates and system and method for making and using
US20030115490A1 (en) * 2001-07-12 2003-06-19 Russo Anthony P. Secure network and networked devices using biometrics
US20030126448A1 (en) * 2001-07-12 2003-07-03 Russo Anthony P. Method and system for biometric image assembly from multiple partial biometric frame scans

Cited By (132)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7197168B2 (en) 2001-07-12 2007-03-27 Atrua Technologies, Inc. Method and system for biometric image assembly from multiple partial biometric frame scans
US20030115490A1 (en) * 2001-07-12 2003-06-19 Russo Anthony P. Secure network and networked devices using biometrics
US7751595B2 (en) 2001-07-12 2010-07-06 Authentec, Inc. Method and system for biometric image assembly from multiple partial biometric frame scans
US20070274575A1 (en) * 2001-07-12 2007-11-29 Russo Anthony P Method and system for biometric image assembly from multiple partial biometric frame scans
US20100223474A1 (en) * 2002-07-19 2010-09-02 Bowers Charles R Method and apparatus for managing confidential information
US20160162682A1 (en) * 2002-07-19 2016-06-09 Charles R. Bowers Method and apparatus for managing confidential information
US20140149747A1 (en) * 2002-07-19 2014-05-29 Charles R. Bowers Method and apparatus for managing confidential information
US9940450B2 (en) * 2002-07-19 2018-04-10 Charles R. Bowers Method and apparatus for managing confidential information
US8321685B2 (en) 2002-07-19 2012-11-27 Bowers Charles R Method and apparatus for managing confidential information
US20050015596A1 (en) * 2002-07-19 2005-01-20 Bowers Charles R. Method and apparatus for managing confidential information
US9218507B2 (en) * 2002-07-19 2015-12-22 Charles R. Bowers Method and apparatus for managing confidential information
US7716493B2 (en) 2002-07-19 2010-05-11 Bowers Charles R Method and apparatus for managing confidential information
US7334130B2 (en) * 2002-07-19 2008-02-19 Bowers Charles R Method and apparatus for managing confidential information
US20080091953A1 (en) * 2002-07-19 2008-04-17 Bowers Charles R Method and apparatus for managing confidential information
US8782427B2 (en) 2002-08-15 2014-07-15 Actividentity, Inc. System and method for sequentially processing a biometric sample
US8141141B2 (en) * 2002-08-15 2012-03-20 Actividentity, Inc. System and method for sequentially processing a biometric sample
US20100088509A1 (en) * 2002-08-15 2010-04-08 Joseph Fedronic Dominique Louis System and method for sequentially processing a biometric sample
US8205249B2 (en) * 2002-10-24 2012-06-19 Giesecke & Devrient Gmbh Method for carrying out a secure electronic transaction using a portable data support
US20060242691A1 (en) * 2002-10-24 2006-10-26 Gisela Meister Method for carrying out a secure electronic transaction using a portable data support
US8185747B2 (en) * 2003-05-22 2012-05-22 Access Security Protection, Llc Methods of registration for programs using verification processes with biometrics for fraud management and enhanced security protection
US20070288759A1 (en) * 2003-05-22 2007-12-13 Wood Richard G Methods of registration for programs using verification processes with biometrics for fraud management and enhanced security protection
US20050273442A1 (en) * 2004-05-21 2005-12-08 Naftali Bennett System and method of fraud reduction
US8781975B2 (en) * 2004-05-21 2014-07-15 Emc Corporation System and method of fraud reduction
DE102004046153A1 (en) * 2004-09-23 2006-04-06 Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. Network e.g. Internet, subscriber`s e.g. mobile telephone, digital reputation determining method, involves determining reputation of subscriber of network by central server based on token issued by service provider to subscriber
DE102004046153B4 (en) * 2004-09-23 2006-10-12 Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. Method and network system for determining the digital reputation
US20080263662A1 (en) * 2005-05-06 2008-10-23 Pau-Chen Cheng System and method for fuzzy multi-level security
US8087090B2 (en) * 2005-05-06 2011-12-27 International Business Machines Corporation Fuzzy multi-level security
US7386105B2 (en) * 2005-05-27 2008-06-10 Nice Systems Ltd Method and apparatus for fraud detection
WO2006126183A2 (en) * 2005-05-27 2006-11-30 Nice Systems Ltd. Method and apparatus for fraud detection
US20060285665A1 (en) * 2005-05-27 2006-12-21 Nice Systems Ltd. Method and apparatus for fraud detection
WO2006126183A3 (en) * 2005-05-27 2007-10-18 Nice Systems Ltd Method and apparatus for fraud detection
US7801288B2 (en) 2005-05-27 2010-09-21 Nice Systems Ltd. Method and apparatus for fraud detection
US20060277092A1 (en) * 2005-06-03 2006-12-07 Credigy Technologies, Inc. System and method for a peer to peer exchange of consumer information
US7730546B2 (en) * 2005-07-01 2010-06-01 Time Warner, Inc. Method and apparatus for authenticating usage of an application
US20070006163A1 (en) * 2005-07-01 2007-01-04 Aoki Norihiro E Method and apparatus for authenticating usage of an application
US8327459B2 (en) 2005-07-01 2012-12-04 Time Warner, Inc. Method and apparatus for authenticating usage of an application
US20100199347A1 (en) * 2005-07-01 2010-08-05 Time Warner, Inc. Method and Apparatus for Authenticating Usage of an Application
US20070080778A1 (en) * 2005-10-11 2007-04-12 Newfrey Llc Door lock with protected biometric sensor
US7525411B2 (en) 2005-10-11 2009-04-28 Newfrey Llc Door lock with protected biometric sensor
US20070130070A1 (en) * 2005-12-02 2007-06-07 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
US8560456B2 (en) 2005-12-02 2013-10-15 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
US20070162377A1 (en) * 2005-12-23 2007-07-12 Credigy Technologies, Inc. System and method for an online exchange of private data
US9609001B2 (en) 2007-02-02 2017-03-28 Websense, Llc System and method for adding context to prevent data leakage over a computer network
US20110099112A1 (en) * 2007-08-31 2011-04-28 Mages Kenneth G Apparatus and method for conducting securing financial transactions
US9053471B2 (en) * 2007-08-31 2015-06-09 4361423 Canada Inc. Apparatus and method for conducting securing financial transactions
CN101911585A (en) * 2008-01-04 2010-12-08 微软公司 Selective authorization based on authentication input attributes
CN101911585B (en) * 2008-01-04 2014-08-13 微软公司 Selective authorization based on authentication input attributes
US20090178129A1 (en) * 2008-01-04 2009-07-09 Microsoft Corporation Selective authorization based on authentication input attributes
US8621561B2 (en) * 2008-01-04 2013-12-31 Microsoft Corporation Selective authorization based on authentication input attributes
US9015842B2 (en) 2008-03-19 2015-04-21 Websense, Inc. Method and system for protection against information stealing software
US9455981B2 (en) * 2008-03-19 2016-09-27 Forcepoint, LLC Method and system for protection against information stealing software
US9130986B2 (en) * 2008-03-19 2015-09-08 Websense, Inc. Method and system for protection against information stealing software
US20090241173A1 (en) * 2008-03-19 2009-09-24 Websense, Inc. Method and system for protection against information stealing software
US9495539B2 (en) 2008-03-19 2016-11-15 Websense, Llc Method and system for protection against information stealing software
US20100017845A1 (en) * 2008-07-18 2010-01-21 Microsoft Corporation Differentiated authentication for compartmentalized computing resources
US10146926B2 (en) 2008-07-18 2018-12-04 Microsoft Technology Licensing, Llc Differentiated authentication for compartmentalized computing resources
US8631486B1 (en) * 2009-03-31 2014-01-14 Emc Corporation Adaptive identity classification
US9600704B2 (en) 2010-01-15 2017-03-21 Idex Asa Electronic imager using an impedance sensor grid array and method of making
US8421890B2 (en) 2010-01-15 2013-04-16 Picofield Technologies, Inc. Electronic imager using an impedance sensor grid array and method of making
US8791792B2 (en) 2010-01-15 2014-07-29 Idex Asa Electronic imager using an impedance sensor grid array mounted on or about a switch and method of making
US10115001B2 (en) 2010-01-15 2018-10-30 Idex Asa Biometric image sensing
US9659208B2 (en) 2010-01-15 2017-05-23 Idex Asa Biometric image sensing
US10592719B2 (en) 2010-01-15 2020-03-17 Idex Biometrics Asa Biometric image sensing
US11080504B2 (en) 2010-01-15 2021-08-03 Idex Biometrics Asa Biometric image sensing
US8866347B2 (en) 2010-01-15 2014-10-21 Idex Asa Biometric image sensing
US9268988B2 (en) 2010-01-15 2016-02-23 Idex Asa Biometric image sensing
US8713672B2 (en) * 2011-08-15 2014-04-29 Bank Of America Corporation Method and apparatus for token-based context caching
US20130047248A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Apparatus and Method for Determining Subject Assurance Level
US8789143B2 (en) * 2011-08-15 2014-07-22 Bank Of America Corporation Method and apparatus for token-based conditioning
US20130047262A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and Apparatus for Object Security Session Validation
US8806602B2 (en) 2011-08-15 2014-08-12 Bank Of America Corporation Apparatus and method for performing end-to-end encryption
US20130047215A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and apparatus for token-based reassignment of privileges
US8850515B2 (en) 2011-08-15 2014-09-30 Bank Of America Corporation Method and apparatus for subject recognition session validation
US8752124B2 (en) 2011-08-15 2014-06-10 Bank Of America Corporation Apparatus and method for performing real-time authentication using subject token combinations
US8910290B2 (en) * 2011-08-15 2014-12-09 Bank Of America Corporation Method and apparatus for token-based transaction tagging
US8752143B2 (en) * 2011-08-15 2014-06-10 Bank Of America Corporation Method and apparatus for token-based reassignment of privileges
US8752157B2 (en) 2011-08-15 2014-06-10 Bank Of America Corporation Method and apparatus for third party session validation
US8950002B2 (en) * 2011-08-15 2015-02-03 Bank Of America Corporation Method and apparatus for token-based access of related resources
US20130047266A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and apparatus for token-based access of related resources
US8726340B2 (en) * 2011-08-15 2014-05-13 Bank Of America Corporation Apparatus and method for expert decisioning
US8726339B2 (en) 2011-08-15 2014-05-13 Bank Of America Corporation Method and apparatus for emergency session validation
US8789162B2 (en) * 2011-08-15 2014-07-22 Bank Of America Corporation Method and apparatus for making token-based access decisions
US8726361B2 (en) * 2011-08-15 2014-05-13 Bank Of America Corporation Method and apparatus for token-based attribute abstraction
US9055053B2 (en) 2011-08-15 2015-06-09 Bank Of America Corporation Method and apparatus for token-based combining of risk ratings
US8726341B2 (en) * 2011-08-15 2014-05-13 Bank Of America Corporation Apparatus and method for determining resource trust levels
US8584202B2 (en) 2011-08-15 2013-11-12 Bank Of America Corporation Apparatus and method for determining environment integrity levels
US9159065B2 (en) * 2011-08-15 2015-10-13 Bank Of America Corporation Method and apparatus for object security session validation
US8572683B2 (en) 2011-08-15 2013-10-29 Bank Of America Corporation Method and apparatus for token-based re-authentication
US8572689B2 (en) 2011-08-15 2013-10-29 Bank Of America Corporation Apparatus and method for making access decision using exceptions
US8572714B2 (en) * 2011-08-15 2013-10-29 Bank Of America Corporation Apparatus and method for determining subject assurance level
US9253197B2 (en) 2011-08-15 2016-02-02 Bank Of America Corporation Method and apparatus for token-based real-time risk updating
US20130047201A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Apparatus and Method for Expert Decisioning
US8539558B2 (en) 2011-08-15 2013-09-17 Bank Of America Corporation Method and apparatus for token-based token termination
US20130047251A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and Apparatus for Token-Based Context Caching
US20130047204A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Apparatus and Method for Determining Resource Trust Levels
US10088939B2 (en) 2012-04-10 2018-10-02 Idex Asa Biometric sensing
US9798917B2 (en) 2012-04-10 2017-10-24 Idex Asa Biometric sensing
US10114497B2 (en) 2012-04-10 2018-10-30 Idex Asa Biometric sensing
US10101851B2 (en) 2012-04-10 2018-10-16 Idex Asa Display with integrated touch screen and fingerprint sensor
US8996860B1 (en) * 2012-08-23 2015-03-31 Amazon Technologies, Inc. Tolerance factor-based secret decay
US9571488B2 (en) 2012-08-23 2017-02-14 Amazon Technologies, Inc. Adaptive timeouts for security credentials
US20170134367A1 (en) * 2012-08-23 2017-05-11 Amazon Technologies, Inc. Adaptive timeouts for security credentials
US9203818B1 (en) 2012-08-23 2015-12-01 Amazon Technologies, Inc. Adaptive timeouts for security credentials
US10652232B2 (en) * 2012-08-23 2020-05-12 Amazon Technologies, Inc. Adaptive timeouts for security credentials
US9038148B1 (en) 2012-08-23 2015-05-19 Amazon Technologies, Inc. Secret variation for network sessions
US9241259B2 (en) 2012-11-30 2016-01-19 Websense, Inc. Method and apparatus for managing the transfer of sensitive information to mobile devices
US10135783B2 (en) 2012-11-30 2018-11-20 Forcepoint Llc Method and apparatus for maintaining network communication during email data transfer
US11093936B2 (en) 2013-07-24 2021-08-17 Visa International Service Association Systems and methods for communicating token attributes associated with a token vault
EP3025293A4 (en) * 2013-07-24 2017-03-29 Visa International Service Association Systems and methods for communicating risk using token assurance data
US11915235B2 (en) 2013-07-24 2024-02-27 Visa International Service Association Systems and methods for communicating token attributes associated with a token vault
WO2015013522A1 (en) 2013-07-24 2015-01-29 Visa International Service Association Systems and methods for communicating risk using token assurance data
EP3025293A1 (en) * 2013-07-24 2016-06-01 Visa International Service Association Systems and methods for communicating risk using token assurance data
US9996835B2 (en) 2013-07-24 2018-06-12 Visa International Service Association Systems and methods for communicating token attributes associated with a token vault
US20150032625A1 (en) * 2013-07-24 2015-01-29 Matthew Dill Systems and methods for communicating risk using token assurance data
US20200051084A1 (en) * 2013-08-30 2020-02-13 Mastercard International Incorporated Methods and systems for verifying cardholder authenticity when provisioning a token
US11494780B2 (en) * 2013-08-30 2022-11-08 Mastercard International Incorporated Methods and systems for verifying cardholder authenticity when provisioning a token
US10460322B2 (en) * 2013-08-30 2019-10-29 Mastercard International Incorporated Methods and systems for verifying cardholder authenticity when provisioning a token
WO2015054697A1 (en) 2013-10-11 2015-04-16 Visa International Service Association Network token system
US11710119B2 (en) 2013-10-11 2023-07-25 Visa International Service Association Network token system
EP3937108A1 (en) * 2013-10-11 2022-01-12 Visa International Service Association Network token system
EP3078156A4 (en) * 2013-10-11 2017-07-12 Visa International Service Association Network token system
US10891610B2 (en) 2013-10-11 2021-01-12 Visa International Service Association Network token system
US9836637B2 (en) * 2014-01-15 2017-12-05 Google Llc Finger print state integration with non-application processor functions for power savings in an electronic device
US10402621B2 (en) 2014-01-15 2019-09-03 Google Technology Holdings LLC Finger print state integration with non-application processor functions for power savings in an electronic device
US20150199554A1 (en) * 2014-01-15 2015-07-16 Motorola Mobility Llc Finger Print State Integration with Non-Application Processor Functions for Power Savings in an Electronic Device
US11023890B2 (en) 2014-06-05 2021-06-01 Visa International Service Association Identification and verification for provisioning mobile application
US11568405B2 (en) 2014-06-05 2023-01-31 Visa International Service Association Identification and verification for provisioning mobile application
US10575785B2 (en) 2015-02-05 2020-03-03 Samsung Electronics Co., Ltd. Method and apparatus for obtaining biometric information
US9881184B2 (en) * 2015-10-30 2018-01-30 Intel Corporation Authenticity-assured data gathering apparatus and method
US20170124356A1 (en) * 2015-10-30 2017-05-04 Mark A. Allyn Authenticity-assured data gathering apparatus and method
US11423475B2 (en) * 2016-09-27 2022-08-23 Visa International Service Association Distributed electronic record and transaction history
US20200265132A1 (en) * 2019-02-18 2020-08-20 Samsung Electronics Co., Ltd. Electronic device for authenticating biometric information and operating method thereof

Also Published As

Publication number Publication date
AU2002346107A1 (en) 2003-01-29
WO2003007125A2 (en) 2003-01-23
WO2003007127A9 (en) 2003-03-27
JP2005531935A (en) 2005-10-20
WO2003007125A3 (en) 2003-06-12
US7751595B2 (en) 2010-07-06
WO2003007127A3 (en) 2008-11-20
US7197168B2 (en) 2007-03-27
WO2003007121B1 (en) 2003-08-07
AU2002316679A8 (en) 2008-12-18
AU2002332414A1 (en) 2003-01-29
WO2003007127A2 (en) 2003-01-23
US20030126448A1 (en) 2003-07-03
US20030115475A1 (en) 2003-06-19
WO2003007121A3 (en) 2003-06-05
EP1573426A2 (en) 2005-09-14
US20030115490A1 (en) 2003-06-19
EP1573426A4 (en) 2009-11-25
US20070274575A1 (en) 2007-11-29
AU2002316679A1 (en) 2003-01-29
WO2003007121A2 (en) 2003-01-23
WO2003007125A9 (en) 2003-09-12

Similar Documents

Publication Publication Date Title
US20030101348A1 (en) Method and system for determining confidence in a digital transaction
US10824714B2 (en) Method and system for securing user access, data at rest, and sensitive transactions using biometrics for mobile devices with protected local templates
US6148404A (en) Authentication system using authentication information valid one-time
US6185316B1 (en) Self-authentication apparatus and method
US7552333B2 (en) Trusted authentication digital signature (tads) system
KR100486062B1 (en) Biometric certificates
US7188362B2 (en) System and method of user and data verification
CA2417770C (en) Trusted authentication digital signature (tads) system
US6745327B1 (en) Electronic certificate signature program
US8447991B2 (en) Card authentication system
US7526653B1 (en) Method of data protection
US20090293111A1 (en) Third party system for biometric authentication
US20040059924A1 (en) Biometric private key infrastructure
WO2003007527A2 (en) Biometrically enhanced digital certificates and system and method for making and using
US20030135740A1 (en) Biometric-based system and method for enabling authentication of electronic messages sent over a network
US20070226512A1 (en) Architectures for Privacy Protection of Biometric Templates
US20140258718A1 (en) Method and system for secure transmission of biometric data
JP2015525409A (en) System and method for high security biometric access control
JP2002519782A (en) Apparatus and method for end-to-end authentication using biometric data
Burr et al. Sp 800-63-1. electronic authentication guideline
Bosworth et al. Entities, identities, identifiers and credentials—what does it all mean?
CN110689351A (en) Financial service verification system and financial service verification method
JP2007258789A (en) System, method, and program for authenticating agent
Graham et al. It’s all about authentication
AU2003253777B2 (en) Biometric private key infrastructure

Legal Events

Date Code Title Description
AS Assignment

Owner name: I-CONTROL SECURITY, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:RUSSO, ANTHONY P.;MCCOY, PETER A.;HOWELL, MARK J.;REEL/FRAME:013713/0333;SIGNING DATES FROM 20021205 TO 20021219

AS Assignment

Owner name: I-CONTROL SECURITY, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:I-CONTROL TRANSACTIONS, INC.;REEL/FRAME:015264/0686

Effective date: 20021112

AS Assignment

Owner name: ATRUA TECHNOLOGIES, INC., CALIFORNIA

Free format text: CHANGE OF NAME;ASSIGNOR:I-CONTROL SECURITY, INC.;REEL/FRAME:015393/0534

Effective date: 20030908

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION