Registers – Systems controlled by data bearing records – Credit or identification card systems
Reexamination Certificate
1999-05-10
2003-12-02
Frech, Karl D. (Department: 2876)
Registers
Systems controlled by data bearing records
Credit or identification card systems
C235S451000
Reexamination Certificate
active
06655585
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to smart card security and more particularly to a system and method of biometric authentication of a smart card user.
BACKGROUND
Authentication is the process by which an entity, such as a financial institution or bank or other type of institution, identifies and verifies its customers or users to itself and itself to its customers or users. Authentication includes the use of physical objects, such as cards and/or keys, shared secrets, such as personal identification numbers (PIN's) and/or passwords, and biometric technologies, such as voice prints, photos, signatures and/or fingerprints. Biometric tasks include, for example, an identification task and a verification task. The verification task determines whether or not the individual claiming an identity is the individual whose identity is being claimed. The identification task determines whether the biometric signal, such as a fingerprint, matches that of someone already enrolled in the system.
Typically, biometric systems have a common methodology, regardless of their modality, such as fingerprint, face, voice, or the like. A person enrolls by donating some number of samples of the biometric. From these samples, the biometric system creates a model of the particular individual's patterns, which is referred to as a template. When the person attempts to access the system, the application collects new data. In a verification application, the individual claims an identity, and the application retrieves the individual's model from a database and compares the new signal to the retrieved model. The result of this comparison is a match score, which indicates how well the new signal matches the template. The application then compares the match score obtained with a pre-defined threshold and decides whether to allow or deny access to the individual or, for example, to ask the individual for more data.
Various authentication parameters are used by security systems to verify a valid cardholder and to grant the cardholder access to a secured resource. Information parameters, such as PIN's, can be readily read and processed by a card reader according to a system verification algorithm. However, information can be compromised, so that many authentication systems also require person-unique biometric parameters, such as fingerprints, or retinal images. In such authentication systems, cardholder bio-specimens are stored in digital format in the system computer. During authentication the system obtains the information parameters, for example, from the card, and the biometric parameters from the person and matches both to the system-stored values. For a fingerprint, for example, there are fourteen points and interpoint distances that the biometric reader compares and, depending on the match score, grants or denies access.
The required match score is a function of a pre-selected security level and is set by the application designer. However, the image acquisition tolerances, as well as changes in the person's biometric parameter, such as a finger cut on the referenced fingerprint, cause false acceptances, such as accepting an impostor (False Accept or FA), and false rejections, such as rejecting a valid user (False Reject or FR). Manufacturers of biometric readers or application developers provide performance histograms, which are distributions of the empirical number of valid acceptances and valid rejections provided by the reader. To the extent the distributions overlap, there are regions of false rejections of valid users or FR and false acceptance of impostors or FA. In setting the system parameters, application designers attempt to set a threshold authentication match score which balances these tolerances against efficiency for a given application.
The selected threshold match score is based on the desired probability of occurrence or non-occurrence of a FA and/or FR, and the performance histograms quantify the probability of occurrence of FA and FR. These probabilities are inverse, in that by increasing the threshold score to reduce the Probability of FA or P(FA), the Probability of FR or P(FR) is increased. Conversely, decreasing the threshold to reduce the Probability of FR or P(FR) increases the Probability of FA or P(FA).
In a given application the selected threshold is coded into the reader software, and system performance is observed. If actual system efficiency is unacceptable due to a False Reject Rate (FRR) that is too high, the threshold score is reduced, and if unacceptable due to a False Accept Rate (FAR) that is too high, the threshold is increased. Each time the threshold score changes, it must be re-coded into the reader system software. Similarly, with each new reader model or new release, the threshold score must be changed in accordance with the new model histograms and possibly changed again following actual performance evaluation. Each re-coding of the threshold value generally requires a new system software release, together with the time and labor required to install the new software.
SUMMARY OF THE INVENTION
It is a feature and advantage of the present invention to provide a system and method of biometric smart card user authentication which automatically adjusts the probability of occurrence or non-occurrence of false acceptance of an impostor and false rejection of a valid user without the necessity of reprogramming the reader system software.
It is a further feature and advantage of the present invention to provide a system and method of biometric smart card user authentication in which the performance of the biometric technology is independent of where the system positions the threshold for false acceptance and false rejection.
It is another feature and advantage of the present invention to provide a system and method of biometric smart card user authentication which makes the card application more secure, thereby reducing the risk of fraudulent or unauthorized use and allowing for higher-value applications
It is an additional feature and advantage of the present invention to provide a system and method of biometric smart card user authentication which simplifies application design requirements by putting the user's biometric template on the card, thereby eliminating or greatly reducing network traffic.
It is still another feature and advantage of the present invention to provide a system and method of biometric smart card user authentication which enhances security and privacy by eliminating the necessity of transmitting the user's biometric template around to different locations where it is needed.
It is a still further feature and advantage of the present invention to provide a system and method of biometric smart card user authentication which allows application designers to set operating thresholds as tightly or as loosely as is appropriate for the particular risk involved.
It is also a feature and advantage of the present invention to provide a system and method of biometric smart card user authentication with a flexible architecture format for storing biometrics on the smart card that is independent of application or biometric methodology or vendor.
It is still an additional feature and advantage of the present invention to provide a system and method of biometric smart card user authentication which supports different methods, vendors, and releases, and allows for flexibility of application deployment.
It is another feature and advantage of the present invention to provide a system and method of biometric smart card user authentication in which the user is automatically authenticated by an application on the smart card.
It is an additional feature and advantage of the present invention to provide a method and system of biometric smart card user authentication in which the customer's use of the smart card in a transaction ties the customer undeniably to the transaction and makes the transaction non-reputiatable.
To achieve the stated and other features, advantages and objects of the present invention, the system
Citicorp Development Center Inc.
Franklin Jamara A.
Frech Karl D.
Kilpatrick & Stockton LLP
Marcou George T.
LandOfFree
System and method of biometric smart card user authentication does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method of biometric smart card user authentication, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method of biometric smart card user authentication will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3133217