Registers – Systems controlled by data bearing records – Credit or identification card systems
Reexamination Certificate
2002-01-30
2004-04-13
Frech, Karl D. (Department: 2876)
Registers
Systems controlled by data bearing records
Credit or identification card systems
C382S124000, C382S115000, C356S071000, C235S2010FS, C340S005100
Reexamination Certificate
active
06719200
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to a system for checking the right to access to sensitive information, based on biometric data, of the type stated in the preamble to appended claim 1. The invention also relates to a data carrier, a processing unit and a method of checking, based on biometric data, the right to access to sensitive information stored on a data carrier.
BACKGROUND OF THE INVENTION
The access to information, to a room or the like must in many cases be restricted to certain individuals. This is the case, for instance, when electronic money transactions occur via the Internet, when in a hospital the access to case records is to be limited, or when only certain individuals in a place of work are allowed to have access to certain information or certain rooms.
To this end, use is often made of what is referred to as intelligent cards or smart cards. A smart card can be described as a card in the size of an account card which has a built-in processor or a signal processing means, a memory and a communication interface. Sensitive information is stored on all smart cards used in the above contexts. The sensitive information consists of one or more parts. A first part of the sensitive information is a so-called template which is stored on each smart card and can be described as reference information, stored in advance, about the user of the card. It is with this reference information that a comparison is made every time the card user wishes to verify his right to use the card. The template is further the only sensitive information that need be available on the smart card if it is intended for use as a pure “key card” and to generate a “yes” or “no”, for instance, for physical access to a room.
A second part of the sensitive information is available on cards that are not used as “key cards” but as more absolute information carriers. The second part of the sensitive information then consists of computer files which may contain data of the type which is mentioned by way of introduction and which only the card user may access. When the card user wants to verify that he has the right to access to the sensitive information stored in the computer files on the smart card, he places the card in a terminal and enters a PIN code (PIN=Personal Identification Number). The pin code is limited to 16 bytes and usually consists of four digits between zero and nine which are matched with the template stored on the card. If the pin code corresponds with the template, “the card is unlocked”, i.e. the user gains access to the computer files containing the sensitive information. This differs from the case where the card is used as a pure “key card” and only a “yes” or a “no” is generated in response to the matching with the template.
Pin codes are presently used in many situations, and many people find it difficult to remember a number of different pin codes. Therefore, many people choose to use the same pin code in a number of different situations, thus deteriorating security. For this reason, and with a view to further increasing security, alternative solutions have been presented, in which a user instead identifies himself with the aid of biometric information. By biometric information is meant information which is body-related and individual-specific for the user and which may consist of, for instance, the pattern of the user's fingers, palm, iris, or some other information which is not related to appearance, such as the user's voice. A method in which a user identifies himself with the aid of biometric information according to prior art typically proceeds as follows:
The user places his smart card in a terminal and one finger on a sensor which generates a digital image, i.e. a digital representation, of his finger. The digital image of the finger proceeds to an external processor, for instance a personal computer, where it is preprocessed. In the preprocessing, the amount of information in the image is reduced so that, for instance, a binarised image or parts of a binarised image are generated. A corresponding preprocessed image has been stored on the card as a template. The external processor collects the template from the card and compares this with the preprocessed image of the finger. In case of correspondence, the external processor transmits a pin code to the card. This pin code acts as a key and gives access to the sensitive information stored in the memory of the card. If the template and the preprocessed image information do not correspond with each other, no pin code is transmitted and the user cannot access the computer files with the sensitive information on the card.
Even if biometry is used so that the user will not need to use a pin code, a pin code is still transmitted at the last stage of the verification process since this pin code is necessary for the “unlocking” of specific files containing sensitive information on the smart card. Thus the pin code must be hardcoded either in the software for the application which communicates with the card, or in some hardware in the unit where the card is read and written. Consequently no significant increase of the security is achieved despite the use of biometry since there is still a risk that someone may access the computer files with sensitive information on the card by transmitting the pin code to the card.
Also in the case where the only action of the smart card is to generate a yes or no, it is necessary to encrypt the information on the card to be able to guarantee that the yes
o that is transmitted is unique for each card or transmission. This causes the same problems as described above since the key for encryption must be stored somewhere.
A further problem is that the template with which the matching occurs must be read from the card into the external processor in which the comparison with the user's biometric data takes place. In the first place this is a security risk, and in the second place there are directives issued by computer security authorities in certain countries which recommend that a biometric template should never leave the smart card.
One solution to the above problems is presented in Swedish Patent No. 8101707-1 which discloses an account card type data carrier which is provided with verification equipment comprising a sensor on which a user places one of his fingers. The sensor records papillary line information from the user's finger and calculates an identification bit sequence which is compared with a previously stored reference bit sequence. If the bit sequences conform with each other, an acceptance signal is generated, which can activate an indication means or a connecting means which makes the data carrier useable.
Although this solution eliminates the use of pin codes and lets the template remain on the card all the time, certain drawbacks still remain. For example, the card will be relatively expensive to make generally accessible to a large number of users since it contains a large number of components and must be specially made. Owing to the large number of components and the fact that all operations are effected on the card, also the probability increases that the card will meet with interruptions. Furthermore it is difficult to protect the sensor on the card against external mechanical action.
SUMMARY OF THE INVENTION
An object of the present invention therefore is to obviate, or at least alleviate, the above problems and to provide an alternative system for checking the right to access to sensitive information.
According to the invention, this object is achieved by a system which has the features defined in appended claim
1
, preferred embodiments being stated in appended claims
2
-
10
. The object is also achieved by a portable data carrier according to claims
11
-
12
, a processing unit according to claims
13
-
18
, and a method according to claims
19
-
27
.
More specifically, the invention concerns a system for checking the right to access to sensitive information, the check being based on current biometric data of a person whose righ
Burns Doane Swecker & Mathis L.L.P.
Frech Karl D.
Hess Dan
Precise Biometrics AB
LandOfFree
Checking of right to access does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Checking of right to access, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Checking of right to access will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3210720