Electrical computers and digital processing systems: support – System access control based on user identification by... – Using record or token
Reexamination Certificate
1998-09-09
2002-03-26
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
System access control based on user identification by...
Using record or token
Reexamination Certificate
active
06363485
ABSTRACT:
BACKGROUND OF THE INVENTION
The invention relates generally to secure access systems and methods, and more particularly to biometric based access systems.
Biometric devices, such as fingerprint scanners, retinal scanners, voice recognition systems and other similar systems are used as mechanisms for providing secure access to a given system, device, software application or other secure entity. Conventional biometric devices, such as a thumbprint scanner, typically require a user to enter personal identification data (PID) and apply a thumb to a scanning area which may take the temperature of the thumb as well as the fingerprint from the thumb and match it with prestored data representing an acceptable thumbprint corresponding to a particular PID. An authenticator receives the biometric input (namely the thumbprint) and matches it with the prestored thumbprint indexed by the personal identification data also entered by the user.
FIG. 1
shows one example of a conventional biometric access device in a form of a thumb scanner wherein a thermal biometric detector
100
and a keyboard or other input device
102
allows personal identification data, such as a PIN, to serve as two factor authentication data The authenticator
104
stores a symmetric key, such as an encryption key, in a table
106
by a PIN
108
input by the keyboard. The device typically returns a stored secret key such as a symmetric key
110
to a personal computer or other device requiring a secret password
112
. The two factor authenticator
104
is typically a tamper proof box to thwart device tampering attacks. For example, if an unscrupulous party wished to obtain the secret key, the unscrupulous party needs to open the authenticator device and tap into the secret key table to obtain the secret encryption key for example. Some tamper proof authenticators have self destructing devices that destroy the secret key upon potential tampering of the device. Hence tamper proof devices are typically expensive devices.
The thermal biometric access device typically monitors thumb temperature to prevent copied input attacks. Two factor authentication devices can suffer from copied input attacks such as where a thumb scanner device may accurately authenticate a thumbprint lifted from a pencil or other surface as opposed to the actual thumb of the person (originator).
Another problem arises in that with biometric input devices, variability of biometric input can result in inaccurate authentications. For example, if a user does not properly press his/her thumb in the exact required location on a thumbprint scanner, proper authentication may not result.
Conventional two factor biometric authentication devices and methods typically take the biometric input and make a pass/fail authentication decision based upon whether or not the input is a sufficiently-close match to some pre-stored representation of that user's biometric data. Such devices typically do not correct for errors in the biometric input. Although some devices require the user to apply several applications of a thumbprint, for example to obtain an average value for a biometric input, such systems do not typically correct for errors in the biometric input.
Consequently there exists a need for a multi-factor biometric authenticator and method which does not require tamper proofing of the device. In addition, it would be advantageous if such a system would effectively deal with the variability of biometric input data without compromising security. In addition, it would be desirable if such a system would not store a secret key for ready extraction by an unscrupulous hacker. In addition, it would be advantageous if such a system would not require the storage of matching biometric data.
REFERENCES:
patent: 5541994 (1996-07-01), Tomko et al.
patent: 5680460 (1997-10-01), Tomko et al.
patent: 6038315 (2000-03-01), Strait et al.
Adams Carlisle
Wiener Michael J.
Entrust Technologies Limited
Peeso Thomas R.
Smithers Matthew
Vedder Price Kaufman & Kammholz
LandOfFree
Multi-factor biometric authenticating device and method does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Multi-factor biometric authenticating device and method, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Multi-factor biometric authenticating device and method will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2858584