WO2003052741A1 - Split interface handling of border crossing data - Google Patents

Abstract

Border crossing facilitated with positive identification using biometric data carried by a person on an identify card (301). The card is read by a border kiosk (K1) and matched (210) against the presenting human (EU). Either the identification results or the identity information on the card are passed to government facilities (GS, 210) for an up to the minute background check. If that check is passed the human can either move across the border (236)or move on to Customs (230). Additionally, the presence of a positively identified individual can trigger the use of a trusted presence (240) signal to provide commercial facilities (152) with rapid and inexpensive confirmation of the individual presence near the border kiosk. Many variations are described which accommodate local or national rules on privacy.

Description

SPLIT INTERFACE HANDLING OF BORDER CROSSING DATA

A portion of this patent document contains material which is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent disclosure, as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all copyright rights whatsoever.

BACKGROUND OF THE INVENTION:

1. Field of the Invention

This invention relates generally to computer system support for expediting border crossing control functions for nations but the invention may also find applicability in other areas where automated identity confirmation and access control and associated activities are important.

2. Background Information

₍ In modern times, the numbers of individuals crossing borders at any given time has grown. Also there is a heightened concern about terrorist activity. Accordingly, the help that information rich and secure border crossing facilities can provide in reducing such activity is appreciated but at the same time, the amount of time required for crossing borders while monitoring extra information and using it becomes a problem. Further, as the economics of staffing border stations comes into focus, the ability to process border crossing requests by individuals quickly without compromising national security and national policy becomes more problematic.

Accordingly, facilitating border crossing by speeding up processing for individuals in any manner possible is an important need. In current practice, a passport was required to identify persons crossing borders.

An agent is typically required to check the individual against the passport and its photograph. The agent is typically trained to make a judgement based upon intangible information associated with the individual and questioning of that individual. There are usually devices to assist with detection of false or fraudulent passports and agents are typically trained to acquire and assimilate other information to make a decision. All this assessment and evaluation by an individual agent is costly, time consuming and capacity and security problems remain.

With this invention a more positive identification can be established using a biometric card and biometric measurement at the border while facilitating record keeping of the border crossing by that individual in a form immediately accessible to law enforcement systems.

There are a number of biometric systems available currently to provide relatively automatic identity checks. At least one system has described some kinds of access control using automatic biometric measurement. In the U.S. Patent issued to Mann et al., (6,119,096, incorporated herein by this reference) a passenger can be said to be checked-in for a flight without use of cards or other identification based on biometric identification using an iris recognition system. There are many other ways to obtain biometric data besides the iris observation data collected by the Mann system, such as for example, using fingerprint checks (using something like the system described in U.S. Patent No. 6,125,192, hereby also incorporated by this reference) voice checks, IR scans of body parts, hand shapes, movement characteristics, and so forth, any of which could be used together with other systems for redundancy, or alone, to confirm the identity of an individual presenting himself at a border crossing. (A patent describing the iris biometric measurement technology is U.S. Patent No. 5,956,122, is also incorporated herein by this reference to provide further background information on the technology.) However, there is still a clear need to integrate access control and security, especially national security and immigration controls at border crossings, and to do so in a way that facilitates the rapid traversal of border crossings by duly accredited and authorized individuals. Further, the potential for creation of fraudulent documentation is severely reduced by tying documentation to positive verifiable biometric information. Also, once such systems are in place, associated services can be provided in efficacious ways unavailable previously.

BRIEF DESCRIPTION OF THE DRAWINGS:

Fig. 1 is a block diagram of a system for use with a preferred form of the invention. Fig. 2 is flow chart of activities corresponding to how a preferred form of the invention operates.

Fig. 3 is a heuristic block diagram including simplified illustrations of an enrolled user (EU) and components of the preferred inventive system. Fig. 4 is an illustration of a passport-like document in accord with one aspect of the invention.

Fig. 5 is an illustration of a card for use with this invention.

Fig. 6 is a flow chart illustrating an enrollment process in accord with a preferred form of the invention. Fig. 7 is a block diagram of the parts preferably associated with a kiosk in accord with a preferred form of the invention.

SUMMARY OF THE INVENTION:

Providing dual independent interfaces enables background checks and establishment of more secure borders by enabling a bifurcated use of identity information for dual purposes. A first purpose is personal identity verification with an expeditious border crossing facilitated, and a second is real time enablement of border checking for potentially dangerous persons, facilitation of computer assisted searching of records for border crossings by particular individuals and tracking of particular individuals through such means. Additional services for holders of identification tokens can also be facilitated such as financial transaction facilitation and access to various facilities and services which may be unavailable to other travelers, through a trusted presence signal and process available with positive identification services. Many other features and limitations are described in the detailed description below.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS:

Refer first to Fig. 1 in which components of the inventive system 100 are illustrated. An expedited passenger processing services computer 101, in the preferred embodiment, performs a hub-like anchoring function for the system. The enrolled users (EUs) will have a copy of their pertinent records and representations of biometric data (or in some cases just so-called "biometric minutiae" which is an extraction from biometric data that is permissible for use in some countries which do not permit use of biometric information directly) held in a database in a central computer system 101. In Canada, where the inventors will be likely to use this inventive system first, the inventive concepts described here may be incorporated into what will be called an Expedited Passenger Processing System, or EPPS.

For expedited processing of border crossings individuals will have to become enrolled users. This process of becoming enrolled preferably employs an enrollment workstation 102 and some equipment to do the biometric measuring. At the present time, the preferred system uses an Iridian R1 , available from Iridian Technologies, Inc. of Marlton, New Jersey, (formerly known as IriScan) but for purposes of this invention, any reliable biometric measuring device that extracts data which can reliably be compared to subsequent biometric readings from equivalent biometric measuring devices to positively identify an individual would be acceptable. The "R1" is a camera and control mechanism that locates a face and an eye (right or left or both if desired) within that face and which then scans the iris and extracts from the iris scanned data in the image a biometric value. The International Biometric Industry Association has published a list of effective biometric technologies currently available at www.ibia.org/Press%20Release%2016.htm, but the list is not believed to exhaust the potential biometric measurements that could be used with this invention. The IBIA suggestions include facial recognition, fingerprint minutiae, hand geometry, iris recognition, and signature dynamics, and the inventors suggest that as technology improves these and other measurable biometrics, together or independently, will be useful in the context of the present invention.

The person desiring to become a participant in the system and wishing to become enrolled will preferably submit to an intake person (a "registrar"), who will obtain identity documents, such as an official passport and or other documents that can be used as a source document for a passport. The registrar may also check the potential enrollee's other sources of information at that time from the workstation 102.

A central computer for maintaining records on enrollees in the program 101 will be connected to a workstation 102 for a registrar to review source documentation (such as the passport of a potential enrollee or other source documents as mentioned above) submitted by the potential enrollee during registration. A Card Issuing Center (CIC) 105 will issue the identity cards with biometric information on them for mailing or pickup by the enrollee at a later date, and probably at a different location. To register, a biometric scanner, preferably a kiosk 103 similar to the one that the enrollee will encounter at border crossings, but at least having biometric reading devices that will produce the same code for that enrollee as will be read and produced at the border, will be tied into the central computer 101 , and connected with the information provided by the enrollee to the registrar, so that this information can be put into or onto the identity card by the CIC 105. In nations that allow such information to be collected into a database, the information can be retained and parts of it may be accessed by travel agents and other commercial systems users 107, anyone allowed to through the internet 108, other nongovernment or government host systems and the Government Official Central (GOC) records systems for Immigration, anti-terrorism, taxation, customs, and the like 106. Refer now to Fig. 6 in which a flowchart 60, illustrates the steps used in a typical enrollment process.

If the person seeking enrollment is accepted into the program, the registrar at the workstation during pre-enrollment 61 will authorize checking the GOC records to determine if the production of a biometric identity card is warranted, and direct the individual to a piece of equipment that will do the biometric measurement and extract a code therefrom, in Fig. 1 shown as a kiosk 103. These authorizations occur, preferably as separate steps, with the registrar making the first decision 81. If desired, much of the information required can be pre-supplied to the registrar via a mail-in or internet-enabled application, prior to the applicant's visit to the registrant to present official documents and to be scanned. Either way, when the registrar has approved the application, the registrar can then submit the required information regarding this individual to the government authorities to perform a background check 63 to determine suitability of this candidate for enrollment as a member of the program. Such a background check will typically take several days and be handled by the government checking through various data sources. If the background checks do not provide approval 82, the applicant cannot become enrolled and no identity card would be issued. However, after approval, the card should be issued and given to the applicant.

The equipment for the biometric enrollment 62 will provide a digitized representation of that information or extracted, condensed, encrypted or otherwise manipulated into a code thereof to an identity card production machine which can encode and store that information code onto the card. The identity card production machine is preferably located at the CIC 105, which is preferably at a location different from the kiosk 103 used to obtain the code produced by the biometric data extraction, and only will be authorized following approval based on the intake by the registrar together with the oversight of the government through background checks.

Various jurisdictions may decide to short-circuit this process of enrollment, but generally they will follow a similar pattern. If a government is willing to allow commercial interests to support some of the expense of these identity card and biometric scanner programs, or if additional government accesses may be authorized using the same information, such programs can receive 70 some information regarding the approval status of the individual applicant. Typically commercial interests will not be permitted to receive disapproval information. If such other programs enrollment processes do not successfully admit the applicant, this kind of disapproval from decision 83, should be provided back to the GOC for additional background information on the individual, if such information sharing is legal in the jurisdiction. Once an applicant is approved for enrollment in other programs 71 , this data can be sent to enabling facilities for such other programs (described below) and to establish the identity records that may be needed by such programs 72. If useful, the approval into such other programs can be input into information on the identity card 74, and information uniquely identifying the identity card may be transferred back into such other programs.

In a preferred embodiment a Kiosk 103, using an R1 or similar device supplied by Iridian Technologies, Inc., or another vendor will provide the biometric measurement machinery and a LaserCard (or similar optically readable card which may be based on technology similar to that described in U.S. Patent No. 5,992,891 issued to Dyball and incorporated herein by this reference) will provide the identity card through an associated card issuing center (CIC). Clearly, other mechanisms for accomplishing these and similar bio-measurement, data extraction and data card production steps are available from other vendors and their use is not considered outside the ambit of this invention, but as other embodiments. Further, other data maintenance and storage devices such as smart cards (described with a system for using same in U.S. Patent No. 6,112,987, incorporated herein by this reference), or media cards with combined storage technologies could be substituted for LaserCard optical memory cards, wherever such substitute is more reasonably used given the installation of the invention.

Preferably too, (and with reference back to Fig. 1) all information gathering and processing takes place within a secure intranet 112, which may be connected to the internet 108 or other data centers and networks which may be in the system or have rights to communicate with the system through an extranet 111. All such communications of data will preferably be through a firewall 109. Therefore, when identity information or biometric measurement is done at various locations by an enrolled user, systems which are controlled by travel agents and other commercial entities 107, or government users in government systems 106 as well as users in any other acceptable hosts 110 should be able to confirm the enrolled user status of someone presenting themselves, and/or their identity card at such locations if the system is set up to accommodate such more expansive uses. Too, the government systems may provide information to the registering agency within Intranet 112 regarding information held in such government systems regarding an individual attempting to register. In this way a unique registration may be maintained for each enrollee and potentially threatening applicants and enrollees can be tracked.

Refer now to Fig. 2 in which an outline 200 in flow chart form, of the steps an Enrolled User (EU) would take to expedite border crossing and how the system would respond are shown.

The user would have to be enrolled 201 first, as described above or in a similar manner. Thus a program of enrollment having enrolled users and a database of their identities would be established. The person presenting himself for expedited crossing using the identity card would first insert 202 the card into a kiosk at a border crossing area, possibly an airport or other national facility having border control agents. The Kiosk would then check to see if the card is one within a list of acceptable cards in a preferred form, or if no list is kept, it would just read the card data, and it would read the card's data in any event 203. The kiosk will send the data from the card (card code) both to immigration to perform a real time background check, and also to a comparison facility within the kiosk to see if it matches the code read from the individual's biometrics at the present time. These present time biometrics are obtained by steps 205 and 206. The kiosk should also have some kind of display screen which will welcome the enrollee 204 and provide status information as the enrollee uses the kiosk. This dual simultaneous use of all or a portion of the card code for both providing an instant background check and for positively identifying the individual against the card code provides perhaps the most significant efficiency enhancement with respect to crossing borders, since it increases security and reduces active manpower needs at the same time. An alarm system can be triggered by the kiosk generating an alarm signal if there is an improper match. The alarm could be silent, showing up on displays at computer systems of the border personnel, and the individual in such circumstances will be directed to secondary inspection.

The instant background checks (which may include profiling, watch-lists, or other government risk analysis) process starts at step 210, where data is received from the card by the immigration authorities. The background check 215 can then be accomplished. It may be used to effectively track the amount of travel a particular enrollee or his associates are doing, what kinds of goods they are transporting, duty paid recently, as well as checking against updates to the enrollee data kept at the GOC, automatically, by accessing the various needed databases. Any or all of this information can be transmitted to the secondary inspection station 220, to supplement the ability of the agents there to process the individual, if the decision at step 216 is that the individual is not cleared. If the enrollee has cleared immigration, 221, the clearance is sent back to the kiosk, and to customs too, if desired. When the clearance is received 213, and if the card code matches the code extracted from the individual's present biometrics, 212, the enrollee can proceed to customs and duty processing. If not, the individual will be referred 220 to the secondary inspection station for normal human-interactive processing by a border agent of the government. The card, if it is inserted in a non-removable way into the kiosk, may preferably be removed and the display instruct the individual to proceed to the secondary inspection station. Information about the failure to pass may be recorded onto the card at this time if desirable.

If the individual is presenting dutiable items and wishes to declare these at the kiosk, that can be accomplished with a keyboard entry or other interactive entry mechanism and step 230 can be accomplished at the kiosk. The duty owed 231 can be paid by reference to a credit card transaction either automatically initiated by the kiosk upon presentment of the declaration, or the individual can present a credit card for swiping there at a credit card swiping facility at the kiosk. Authorization to charge can be presumed or additional indicia of approval required of the individual enrollee at this time. When the transaction is complete 233 or if no duty was owed, a receipt can be printed or data put onto the card 234 and the individual authorized to remove the card. If customs and duty processing is a separate facility at this border crossing point, the individual will, of course have to remove his card and move on to a customs and duty station for continuation of his crossing.

When the customs and duty processing is complete, the individual can cross the border 236. It should be noted that by providing positive identification of an individual through the use of biometrics, if that individual is shown to be present at a border, say for example, an airport, a signal to other airport facilities that he/she is here can be issued. We call this a "trusted presence" 240 signal, which could issue any time after the individual is cleared at 213, but preferably after customs and duty processing is complete. Example services such facilities could provide include attribution of bonus values such as frequent traveler rights or coupons to the individual, automatic acceptance of credit cards at restaurants and shopping facilities without further identification being required, admission to traveler's club facilities, seat confirmation for the flight the individual may be registered for, even holds on the push-back of the aircraft from the gate, and other premium services may be offered. The trusted presence key may be a signal sent to automatic systems throughout the airport on the confirmation of the individual being present, and preferably will have a short expiration period, such as three hours, in which such services can be offered to the individual. This trusted presence signal will not guarantee that someone else is not using a credit card, but will guarantee that the individual has been in the facility within the expiration period, reducing the need to rely on other forms of ID for positive identification, or to duplicate biometric reading machines. These other service providing facilities may have other identification procedures which such facilities establish for themselves to make using them easier for the frequent traveler.

The biometric measurement would be made in the preferred embodiment by an iris scan at an Iridian kiosk, although its use in conjunction with other positive identification means is not prohibited for this invention, and different biometric measurement systems (such as those mentioned above) clearly can be used instead if desired for a given installation. The data collected may have to be different if different biometric readers are used but only if the biometric information or some derivative thereof is retained in a database. In some installations where the keeping of any biometric information is not possible because of legal restrictions, the identity confirming biometric information can be kept solely on an identity card carried by the enrolled user. It should be noted that convenience and quickness is important here in choosing a biometric to use for the commercial acceptability of this invention. For example, something that took blood samples via puncturing an EU would be an unlikely biometric system to be ultimately deployed for this invention, while one that can make the measurement without even touching the individual, under ordinary conditions, would find much more ready acceptance. After the measurement, preferably, the device making the measurement will send 203 the data, extracted and manipulated as appropriate for the program, to wherever in the program it is needed and used as explained in greater detail above. Clearly, as technological and legal restrictions permit or require, the information kept in databases and/or on identity cards can be shared in various ways, as for example with the biometric information being kept solely on an identity card in the EU's possession, or in a centralized database, or in a local database. (For instance, today, in a European country, retaining frame-grabber images of fingerprints is not allowed, but "minutia" or data extracted from such images is permitted.) The only requirement is that this biometric information taken at the enrollment of the user into the program be checkable by the biometric reader kiosk arrangement at the border crossing, either by insertion of the identity card for reading, by accessing some remote database, or by accessing a local database available to the kiosk. It may be desirable if the kiosk would also be able to determine that this set of biometric data was in fact corresponding to a name of an enrolled EU in the program, but if the card issuing process is secure, this is not a requirement. By requiring a message indicating that a particular EU has been identified by a kiosk be sent to a central authority before granting that EU a pass through the border crossing, all the centralized resources of the government authority that controls its borders can have an opportunity to automatically search through the databases it keeps on activities of EUs, citizens and others and turning any such information over to the border guards which can operate as a final gate before passage is permitted.

It is possible to leverage a centralized government database of EU individuals that are in the program. This database can be maintained and can be accessed by any border crossing that is part of the program of providing expedited crossing for EUs. In this way the government agency that has a need to monitor borders can get the information in real time and also provide information to the border areas in real time. Thus, for one example, if an enrolled user either needs to be made aware of some change in his enrollment status, or has committed a criminal act, or for some other reason needs to be contacted, should that individual attempt to use a border crossing in the program, the government agents at that border crossing would be immediately aware of the situation once the EU used the biometric identification mechanism. The agents would then be enabled to act appropriately, either to keep such a person out of the country or to detain him or provide him with other information, require an update of his documentation or for other purposes, as may be required or of interest.

Thus, the data obtained by the measurement device from the EU presenting him or herself to the measuring device, should provide 203 the extracted biometric data or minutiae to the government agency system in charge for the nation, as well as to any local system that will use the information to confirm the identity of the individual to speed the EU through the border. A detailed description of the components required for these processes is had with reference to Fig. 3 below.

To reiterate the commercial advantages, once the identity of the individual is confirmed (and, his participation in the program confirms the individual is an EU for other services), the individual EU can be provided access to financial services, ticketing, clubs and a plethora of services a traveler may want to avail himself of, simply by sending the acceptance of identity information to such service providers, preferably through a trusted presence signal as outlined above. Of course, when the identity of the EU is established, the border agents can permit the EU individual to cross the border, before or after the EU receives services that may be available at this particular border crossing to EUs in the program.

Refer now to Fig. 3 in which an EU is drawn inserting an identity card 301 into a card reader 303 in a kiosk 302 (K1), which is in turn connected to a system in accord with the invention. The system provides connections for moving data from and to the kiosks (here three are shown K1-3) to a local computer system which could contain biometrically derived information for all EUs in the program, but in the preferred embodiment does not. Preferably the local computer system will merely act as a hub or router to forward the data needed as indicated in reference to Fig. 2 to the government Immigration authorities 152 for doing their expedited background checking. (It could also act as a clearing-house to send a positive ID signal to any frequent traveler's service facilities in the vicinity as explained below. Alternatively, in a less preferred embodiment, the Kiosk 302 computer itself could send its data directly to the GOC computer system, if desired.) Clearly, the wiring of various components and even use of wireless technologies not specifically illustrated is well understood by those of ordinary skill in these arts and is encouraged for design of alternative communications structures for enabling use of this invention. The kiosk itself would be able to match the identity information stored as a code on the identity card with the EU's actual present biometrics it also reads, or not, to provide positive identification signals that can then be transmitted to the various systems that need them within the program. Thus a computer in the kiosk would be reading the identity code from the card to match it against the identity code it manufactures from the biometric read from the person presenting himself to the Kiosk. The local computer system 151 will preferably be in communication with a government systems computer 152 for the purposes described above. It is possible to implement the invention by having a connection of the kiosks directly with the government systems central computer system 152, but at the present time such individual connections are more costly and thus avoided. The kiosks may also have a communications facility or connection 309 to the service provider systems indicated heuristically in box 152. Preferably this connection will provide the service provider systems such as credit facilities to collect funds for duty, ticketing, automatic teller machines, club facilities and the like, with a signal indicating a trusted presence authorization information based on the positive identification made by the Kiosk 301 which the EU is using.

The kiosk itself will preferably have an identity card read/write device 303 which can alter data in the identity card 301. A printing device 304 can also provide documentary evidence of use of the kiosk and/or certification of use for the EU upon identification being established and transit through the border being approved as described above.

The identity card can be a "smart card" such as that provided by GemPlus of France, a LaserCard optical memory card as described earlier, or other card, preferably containing sufficient data storage capacity to provide a repository of whatever extraction of the biometric data that will be used by this version of the invention to identify the EU and other personal data and services required data. There are several ways to handle this matter, and some nations do not allow centralized keeping of biometric data, so the use of a card containing the data keeps the data outside of any centralized database. Thus the invention could employ such a card to make a positive comparison with the person carrying it and the measured biometric data taken at the kiosk without reference to a centralized database. In other systems, a reference to a centralized database in computer system 151 could provide additional security in determining whether this individual, now properly identified, is a member of the program, i.e., an EU. The government databases available at or through system 152 could confirm the status of the individual so identified as one permitted, at the present time, to cross the border, and may provide additional information to the guards or agents 159/158 at the border or at a secondary inspection station as may be indicated. In nations which allow compilations of biometric data, there can a transfer of the biometric data from a kiosk either to the central local computer system 151 or a distant government system 152, as may be desirable to confirm identity of the EU, even without the presentment of an identity card. Thus, the individual EU, once properly identified and screened by the appropriate level of government authorization system automatically and without any human intervention by a government agent being required, can be allowed to pass through a gate 156 or 157, or stopped there if the EU is suspected of carrying contraband or for some other purpose (such as a random secondary inspection lottery draw), by an agent 158 or 159 at a desk 154 or 155 at the border crossing gate area or secondary inspection station 150. This is facilitated by the inventive system too, since a signal is provided (either by the local computer system 151 , or by the computer in the Kiosk itself, depending on the configuration), indicating that the individual has been duly identified and approved for transit. Thus when the individual EU presents himself to the agent, the agent can check the identity card with a checking wand using a bar code, or magnetic stripe on the card, or other computer peripheral system at his desk and have all the information from the distant government computer system as well as confirmation of identity from the kiosk and any other EU-related information from the local computer system 151 on a computer screen at the desk. It is possible, but less preferred to send out a positive identity signal as the trusted presence or kiosk-pass signal once the identity has been established at the kiosk (by matching the identity card data to the biometric data) but before the government clearance approval has been obtained.

Positive identification of the EU may trigger a timed availability of various services such as access to ticketing machines at an airport to provide transportation by air or other modes of travel to the EU. Such timed availability would provide an additional security aspect to dispensing of cash, tickets, or other services since it would only be available in a time frame proximate to the EU being positively identified at a kiosk. Timing or simple access would preferably be triggered by a signal showing positive identification of the EU sent on line 309 of the drawing of Fig. 3. A mag stripe on the identity card could retain an additional code number encoded by the Kiosk for the period of the trusted presence for additional security, and the user may be required to use credit cards or show other positive ID by these service providers if the broadcasting or direct sending of trusted presence information is not deemed sufficiently secure. For valuable commercial clients the enhanced availability of trusted presence access can be a significant source of revenue for many clients of an airport. The presentation of the identification card may also be required for access to these services for an additional level of security. Such cards can be combined with cards that have biometric-related information on them such as is illustrated in Figs. 4 and 5. In Fig. 4, a passport-like document 40 has paper material 45 for containing the human readable 43 and other visually perceptible visual information such as a photograph 44 on it and may contain other security information secreted within it. The identity card with the information may be contained in a pocket in the document 40 so that it can be removed to insert into the kiosk. There may be additional pages which the kiosk could stamp when passing through if desired or which may be used for stamping or holding additional information presented either by the border guard or the kiosk from a dispenser or printing mechanism which may print directly on other identity documents or plain paper if desired. At the present time, stamping of passport documents is not considered desirable. The biometric information could be contained in a card outfitted to retain data such as a LaserCard optical memory card, a smart card, or other memory card system 42, combined with the passport like document. Or, the system designer may prefer to go with a simpler system where only the memory containing identity card 50 (illustrated in Fig. 5) is used, having visual 53 and readable 52 information on a surface of the card 51 and where memory information is stored within a chip in the card if it is a smart card, on an optical surface 54, or in other memory system technology medium to retain information in the single card, and wherein all other documents would be transferred separately. In the latter instance, printed documents would be provided to the border crossing traveler at the kiosk or by the border guard indicating the passage together with whatever other information may be needed, for example a list of dutied items brought through the border at that time. A usage fee can be charged to the EU for each usage of the system. This can preferably be debited from the EU's bank account, which may be located in unrelated hosts such as the other systems 110 illustrated in Fig. 1 , and confirmation of the transaction's success can also be required to be received whether by the central government systems computer 101 or the kiosk 103 prior to authorization to complete the use of the EU system.

An alternate view of a kiosk 20, in accord with a preferred embodiment of the invention is in Fig. 7. The major systems include a computer system 21 , preferably something on the order of a personal computer system in scope and power that has systems programs and connections that operate the components of the kiosk system in accord with the description above. The computer system 21 will be connected to receive signals and to send signals to transfer data and commands amongst these components, along the channels here indicated as lines. The user will be able to access a control panel 23, which in the illustrated embodiment is a touch screen on the display screen 22 (but which could be a keypad, or other input device or devices), in order to communicate using personal identification numbers, responses to yes/no inquiries, selection of menu items and the like, in the same way as if the user were at an automatic teller machine. These communications choices will be conveyed to the computer system along line 23a. The computer system will produce the visible instructions, menus and the like on the display screen via a display signal on line 22a. The user initiation of the transaction will include inserting the identity card into an identity card read/write device CR/W 24, and data from the card will be fed to the computer system along line 24a. If the particular implementation allows for the kiosk to put information into the identity card, line 24a will allow communication of data signals from the computer system 21 as well. A printer or receipt generator 27 may be installed, which provides the printed matter described above when appropriate.

In order to do the biometric measurement in an iris reading system, the camera equipment 25a will be controlled by focussing and positioning sensing and control system 25b, and the whole camera and control system will operate with the assistance and control of signals from the computer system 21 , to accomplish the tasks described above.

The connection device 26 will typically be a LAN connector, to provide the various pass and identity related signals mentioned elsewhere within this patent to the other local computer systems and remote government systems in as also described elsewhere within.

The connection device will preferably be connected within a secure local area network (LAN) system 17 in the border crossing area. Through the LAN the Kiosk 20 can thus be in communication with the remote government computer system 18 that does the background checks and gives approval status information back to the Kiosk in reply to the sending of the identity data (either just the identity or with some biometric extraction data, and preferably encrypted). It can also provide the identity match status information to the local computer systems which provide displays and other interfaces (not shown) for agents at the borders for conveying such information to them. Acting through the LAN the Kiosk 20 can also relay the information on approval status to the local agents, if they do not get the information directly from the LAN.

All the lines and connectors may be chosen in order to be better suited to more effective, secure, or inexpensive communications as may be currently available, known and desired by the designer, purchaser and installer of the system. Thus, the invention requires no particular connection methodology or signal transfer structure (wireless, optical, USB, or other particular system) to operate so long as it can accomplish the signal communication tasks described in this document.

Accordingly, the scope of the invention is only limited by the following appended claims.

Claims

WHAT IS CLAIMED IS:

Claim 1 : 1. A method to facilitate border crossings comprising: a. providing a biometric reader (K1) in the vicinity of a border crossing point for measuring a biometric of a human (EU) automatically upon presentment of the human to the reader and initiation of the reading by said human's action, (305,301 ,202) b. reading the human's biometric and establishing a present biometric extraction to form a present code (203), c. reading a code (203) of a biometric previously established (60) by said human from an identity card (301), d. sending some information regarding said human also read from said identity card to a government oversight facility (210), e. reading said previously established code (211) and comparing it to said present code, f. waiting for an immigration-pass code (213) by said kiosk from said government oversight facility, g. if the present code and the previously established code produce a match through said comparing (212), generating a kiosk-pass signal for use at the border crossing facility if and after an immigration-pass code is also received by said kiosk.

Claim 2:

2. The method of Claim 1 wherein said some information sent in step "d" is information that was previously written by a government organization onto said identity card which is not said previously established biometric information.

Claim 3:

3. The method of Claim 1 further comprising; h. passing a trusted presence signal to associated facilities located within a circumscribed area surrounding said border crossing based upon generation of said kiosk-pass signal.

Claim 4:

4. The method of Claim 3 wherein said trusted presence signal triggers acceptance of the individual by each of said associated facilities in accord with each of said associated facilities' other procedures.

Claim 5:

5. The method of Claim 4 wherein said associated facilities other procedures include limiting the time available in which said trusted presence signal will trigger said acceptance.

Claim 6:

6. The method of Claim 4 wherein said associated facilities other procedures include requiring an additional form of identification before acceptance of the individual.

Claim 7:

7. The method of Claim 3 wherein said trusted presence signal triggers entry of bonus program value for the human whose kiosk-pass signal caused the passing of the trusted presence signal at one of said associated facilities.

Claim 8:

8. The method of Claim 3 wherein said trusted presence signal is forwarded to an air transportation carrier computer system which may accept said trusted presence signal to facilitate check-in and boarding on an aircraft.

Claim 9:

9. The method of Claim 1 further comprising; h. generating a positive identification code if step "d" produces a match, and i. passing a trusted presence signal to associated facilities located within a circumscribed area surrounding said border crossing if said positive identification code is generated.

Claim 10:

10. The method of Claim 9 wherein said trusted presence signal is forwarded to a transportation carrier computer system which may accept said trusted presence signal to facilitate check-in and boarding on a transportation craft of said transportation carrier.

Claim 11 :

11. The method of Claim 1 wherein step "b" is accomplished by scanning at least one of the human's eyes with an iris scanning system.

Claim 12:

12. The method of Claim 1 wherein in step "a" said human's action during presentment comprises presenting a card having biometric-derived data upon it for reading by a card reader associated with said biometric reader.

Claim 13:

13. The method of Claim 1 wherein said code of a biometric previously established is previously established by: receiving government approval for enrollment in a program for issuing identity cards to members which will contain said code of a biometric previously established, issuing said identity codes to said members that have received said government approval.

Claim 14:

14. A system for facilitating expedited border crossing by positively identifying an individual automatically and by requesting and receiving approval information from a remote government computer system regarding said individual, said system comprising: a kiosk (K1.103) having a biometric sensing and measuring apparatus associated therewith, and having an identity card (301) reading facility (303) to enable the reading of identity data and an encoded representation of a biometric encoded on an identity card (301 ,104), wherein said biometric sensing and measuring facility (25a, 25b) can measure a biometric from a presenting individual and produce (103,62) a data representation therefrom, and wherein said kiosk has an extraction facility (21) for generating a presenting code from an extraction of said data representation, said kiosk (K1) also having a comparison facility for comparing said presenting code with said encoded representation of a biometric encoded on said identity card (301) for determining whether there is a match between the presenting code and said encoded representation and for generating a match status signal, said kiosk further having a connection for sending and receiving various data signals between itself and external facilities wherein one of said external facilities includes said remote government computer system.

Claim 15:

15. A system as set forth in Claim 14 wherein said various data signals sent and received between said system and said remote government computer system comprises a representation of said identity data and an approval status signal, respectively.

Claim 16:

16. The system of Claim 15 wherein said various data signals further comprises; a representation of said presenting code sent to said remote government computer system.

Claim 17:

17. The system of Claim 15 wherein said various data signals further comprises; a representation of said encoded representation of a biometric sent to said remote government computer system.

Claim 18:

18. The system of Claim 15 wherein said external facilities comprises commercial computer systems and said various data signals further comprises; a representation of said match status signal sent to said external facilities.

Claim 19:

19. The system of Claim 15 wherein said external facilities comprises commercial computer systems and said various data signals further comprises; a representation of said approval status signal sent to said external facilities.

Claim 20:

20. The system of Claim 19 wherein said approval status signal is in the form of a trusted presence signal that identifies said individual to said external facilities.

Claim 21 :

21. The system of Claim 15 wherein said external facilities comprises local government computer systems and said various data signals further comprises; a representation of said match status signal sent to said local government computer systems.

Claim 22:

22. The system of Claim 15 wherein said external facilities comprises a local government computer system and said various data signals further comprises; a representation of said approval status signal sent to said local government computer systems.

Claim 23:

23. The system of Claim 14 wherein if said match status signal indicates no match, generating an alarm signal by said alarm means.

Claim 24:

24. The system of Claim 14 further comprising a printing facility associated with said kiosk for printing a receipt for said individual.

Claim 25:

25. The system of Claim 14 further comprising input interface through which said individual can enter information.

Claim 26:

26. The system of Claim 14 further comprising input interface through which said individual can enter information and said external facilities comprises a local government computer system for collecting duty, wherein if said individual enters dutiable item information and agrees to pay customs duty through said input interface, said connection's various data signals will include a representation of said dutiable item information. Claim 27:

27. The system of Claim 14 wherein a computer system within said Kiosk performs as said signal generator and communicates generated signals to said connector, and also provides said comparison facility.

Claim 28:

28. The system of Claim 14 wherein said biometric sensing and measuring apparatus is an iris scanning facility having a camera for performing an iris scan, and having automatic face and eye locating apparatus associated therewith.

Claim 29:

29. The system of Claim 14 wherein said identity card is a card which stores data in digital form.

Claim 30:

30. The system of Claim 14 wherein said identity card is a card which stores data in optically readable form.

Claim 31 :

31. The system of Claim 14 wherein said kiosk has a second biometric sensing and measuring facility.

Claim 32: 32. A system for automatically processing border crossing by individuals enrolled in a program comprising: a database of enrolled users (EU) maintainable in an enrolled user computer system (101), a biometric reader (103) for reading a biometric value from a human in the presence of said biometric reader and for generating a unique signal from each said reading and for reading additional identification data from an identity card (104) carried by said human, an identity card reader (303) located proximate to said biometric reader (305) for interpreting said unique signal from said identity card and for comparing said unique signal with a unique signal generated by said biometric reader (302), and if said comparison is favorable, generating a positive identification signal, a split interface (308,309) for sending said additional identification data to a central government computer system (GS) and to said enrolled user computer system, a pass generator (151) for generating a pass signal.