(12) United States Patent
`Giobbi
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 8,352,730 B2
`Jan. 8, 2013
`
`US00835273OB2
`
`(54) BIOMETRIC PERSONAL DATA KEY (PDK)
`AUTHENTICATION
`
`(75) Inventor: John J. Giobbi, Bend, OR (US)
`(73) Assignee: Proxense, LLC, Bend, OR (US)
`-
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 938 days.
`(21) Appl. No.: 11/314,199
`
`(*) Notice:
`
`(22) Filed:
`
`Dec. 20, 2005
`
`(65)
`
`Prior Publication Data
`US 2006/0143441 A1
`Jun. 29, 2006
`
`Related U.S. Application Data
`(60) Provisional application No. 60/637,538, filed on Dec.
`20, 2004, provisional application No. 60/652,765,
`filed on Feb. 14, 2005.
`
`(51) Int. Cl.
`(2006.01)
`G06G 2L/00
`(52) U.S. Cl. ......................... 713/155: 713/182; 713/186
`(58) Field of Classification Search .................... 380/23;
`713/155, 159, 176, 186: 726/27-30; 382/115;
`340/5.52 5.53
`See application file for complete search history.
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`4,759,060 A
`7/1988 Hayashi et al.
`4,993,068 A
`2f1991 Piosenka et al.
`5,187,352 A
`2f1993 Blair et al.
`5,296,641 A
`3, 1994 Stelzel
`5,392.433 A
`2/1995 Hammersley et al.
`5,416,780 A
`5, 1995 Patel
`5,422,632 A
`6, 1995 Bucholtz et al.
`
`WO
`
`5:3. A
`5,629,980 A
`5,644,354 A
`5,666.412 A
`
`3. 3: E. et al
`urOIWa et al.
`5, 1997 Stefket al.
`7/1997 Thompson et al.
`9/1997 Handelman et al.
`Continued
`(Continued)
`FOREIGN PATENT DOCUMENTS
`WOOOf 62505 A1 10, 2000
`(Continued)
`OTHER PUBLICATIONS
`"Alliance Activities: Publications: Identity—Smart Card Alliance.”
`SmartCard Alliance, 1997-2007, online Retrieved on Jan. 7, 2007
`Retrieved from the Internet-URL:http://www.smartcardalliance.
`org/pages/publications-identity D.
`(Continued)
`
`Primary Examiner — Matthew Smithers
`Assistant Examiner — Phy Anh Vu
`(74) Attorney, Agent, or Firm — Patent Law Works LLP
`(57)
`ABSTRACT
`Systems and methods are provided for an integrated device
`that persistently (or permanently) stores biometric data for a
`user in a tamper-resistant format. Subsequently, Scan data
`collected from a user (e.g., a finger-print) can be compared
`against the biometric data. Once the user has been verified by
`the integrated device, a code can be wirelessly transmitted for
`authentication. The authentication module sends the code to a
`trusted key authority. The trusted key authority checks a list of
`enrolled integrated devices for a match. If there is a match, the
`authentication module sends a message to an application to
`allow access by the user. The trusted key authority also stores
`a profile associated with the code. The profile can contain user
`information Such as name, age, account numbers, prefer
`ences, etc. and can also describe the status of the integrated
`device.
`
`17 Claims, 6 Drawing Sheets
`
`Biometric Key
`100
`
`Authentication
`Mole
`
`Trusted Key
`Authority
`32
`
`|
`
`Register User And
`Biometric Key
`41
`
`Receive Bidetric
`Data
`Of The User
`42
`
`Biometrically verify
`User
`44
`
`Authentiation
`Nessed for Af
`Application?
`43
`YES
`
`Request
`Autheritication
`S.
`
`
`
`Allow Access to the
`Application
`
`Authenticats. The
`sometricksy
`s
`
`
`
`Petitioner's Exhibit 1001, Page 1
`
`

`

`US 8,352,730 B2
`Page 2
`
`U.S. PATENT DOCUMENTS
`Akiyama et al.
`7, 1998
`5,784,464
`10, 1998
`Peterson, Jr.
`5,825,876
`1, 1999
`Peterson, Jr.
`5,857,020
`Mages et al.
`4, 1999
`5,892,825
`Huggins et al.
`4, 1999
`5,894,551
`Ryu
`4, 1999
`5,898,880
`Wang
`6, 1999
`5,917,913
`Wang et al.
`7, 1999
`5,928,327
`11, 1999
`Graunke et al.
`5.991,399
`Morril, Jr.
`11, 1999
`5.991,749
`1, 2000
`Maes et al.
`6,016,476
`McCoy et al.
`1, 2000
`6,018,739
`Campinos et al.
`3, 2000
`6,035,038
`Mages et al.
`3, 2000
`6,035,329
`3, 2000
`Hamid
`6,038,334
`3, 2000
`Hsu et al. ...................... T13, 186
`6,041,410
`Van Tilburg et al.
`3, 2000
`6,042,006
`Spies et al.
`4, 2000
`6,055,314
`6, 2000
`Sirbu
`6,070,796
`T/2000
`Kato et al.
`6,088,730
`Allport
`8, 2000
`6,104,334
`Petsinger
`9, 2000
`6,121,544
`11, 2000
`Anderson
`6,148,142
`12, 2000
`Seidel
`6,161,179
`2, 2001
`Buffam.
`6,185.316
`3, 2001
`Selitrennikoff et al.
`6,209,089
`Raynesford et al.
`4, 2001
`6,219,109
`Burger
`4, 2001
`6,219,439
`6, 2001
`Fritsch
`6,247,130
`T/2001
`Bianco et al.
`6.256,737
`Campinos et al.
`T/2001
`6,266,415
`9, 2001
`Rosin et al.
`6,295,057
`Lyson et al.
`1, 2002
`6,336,121
`1, 2002
`Kato et al.
`6,336,142
`3, 2002
`Adams et al.
`6,363,485
`4, 2002
`Ansell et al.
`6,367,019
`4, 2002
`Wonfor et al.
`6,381,747
`5, 2002
`Wiser et al.
`6,385,596
`5, 2002
`White et al.
`6,392.664
`5, 2002
`Rosin et al.
`6,397,387
`6, 2002
`Shen et al.
`6,401,059
`6, 2002
`Rosin et al.
`6,411,307
`T/2002
`Saito
`6.424,715
`T/2002
`Rallis et al.
`6.425,084
`Kupka et al.
`8, 2002
`6,434,535
`Grapes
`9, 2002
`6,446,130
`Geiger et al.
`10, 2002
`6.463,534
`Horsley
`11, 2002
`6,480,188
`Freeny, Jr.
`12, 2002
`6,490.443
`1, 2003
`Steen et al.
`6,510,350
`Wehrenberg
`2, 2003
`6,523,113
`3, 2003
`Getsin et al.
`6,529,949
`4, 2003
`Schena et al.
`6,546,418
`Sims, III
`4, 2003
`6,550,011
`5/2003
`Ma et al.
`6,563,805
`Murphy
`5/2003
`6,564,380
`9, 2003
`White et al.
`6,628.302
`Hasegawa
`10, 2003
`6,632,992
`11, 2003
`Hunter et al.
`6,647,417
`Waggamon et al.
`12, 2003
`6,667,684
`1, 2004
`Searle
`6,683.954
`2, 2004
`Jones et al.
`6,697.944
`3, 2004
`Bradford et al.
`6,709,333
`Yap et al.
`3, 2004
`6,711,464
`8, 2004
`Peinado et al.
`6,775,655
`10, 2004
`White et al.
`6,804,825
`10, 2004
`Chernock et al.
`6,806,887
`2, 2005
`Prokoski et al.
`6,850,147
`Hatakeyama et al.
`3, 2005
`6,873,975
`9, 2005
`Lee et al.
`6,950,941
`12, 2005
`Giobbi
`6,973,576
`Rodriguez et al.
`12, 2005
`6,975,202
`1, 2006
`6,983,882
`Cassone
`3, 2006
`Nielsen
`7,012,503
`Kelly et al.
`8, 2006
`7,090,126
`9, 2006
`Hedricket al.
`7,112,138
`Kamibayashi et al.
`11, 2006
`7,137,012
`3, 2007
`Hamid et al.
`7, 191466
`
`5/2007 Cromer et al.
`7,218,944 B2
`7, 2007 Miller
`7,249,177 B1
`7,305,560 B2 12/2007 Giobbi
`7,529,944 B2
`5, 2009 Hamid
`7,574,734 B2
`8, 2009 Fedronic et al.
`7,644,443 B2
`1/2010 Matsuyama et al.
`7,715,593 B1
`5/2010 Adams et al.
`7,883,417 B2
`2/2011 Bruzzese et al.
`2001/0044337 A1 11/2001 Rowe et al.
`2002fOOO7456 A1
`1/2002 Peinado et al.
`2002fOO 13772 A1
`1/2002 Peinado
`2002fOO 14954 A1
`2/2002 Fitzgibbon et al.
`2002fOO15494 A1
`2/2002 Nagai et al.
`2002fOO23032 A1
`2/2002 Pearson et al.
`2002fOO26424 A1
`2/2002 Akashi
`2002fOO73042 A1
`6/2002 Maritzen et al.
`2002/0098888 A1
`7/2002 Rowe et al.
`2002/0103027 A1
`8, 2002 Rowe et al.
`2002/0104.006 A1
`8, 2002 Boate et al.
`2002/0109580 A1
`8, 2002 Shreve et al.
`2002/10.10804
`8, 2002 Xu et al.
`2002/0138767 A1
`9, 2002 Hamid et al.
`2002fO140542 A1 10, 2002 Prokoski et al.
`2002/01441 17 A1 10/2002 Faigle
`2002/0150282 A1* 10, 2002 Kinsella ........................ 382,124
`2002fO158750 A1 10, 2002 Almalik
`2002/0178063 A1 11/2002 Gravelle et al.
`2002/019 1816 A1 12/2002 Maritzen et al.
`2003.0036425 A1
`2/2003 Kaminkow et al.
`2003/0046552 A1
`3/2003 Hamid
`2003.0054868 A1
`3/2003 Paulsen et al.
`2003.0054881 A1
`3/2003 Hedricket al.
`2003/0055689 A1
`3/2003 Blocket al.
`2003/OO79.133 A1
`4/2003 Breiter et al.
`2003/O127511 A1
`7/2003 Kelly et al.
`2003. O139190 A1
`7/2003 Steelberg et al.
`2003. O172037 A1
`9/2003 Jung et al.
`2003/0176218 A1
`9/2003 LeMay et al.
`2003/0186739 A1 10, 2003 Paulsen et al.
`2004/O127 277 A1
`7/2004 Walker et al.
`2004/0129.787 A1* 7/2004 Saito et al. .................... 235/492
`2004/0209690 A1 10, 2004 Bruzzese et al.
`2004/02096.92 A1 10, 2004 Schober et al.
`2004/0215615 A1 10, 2004 Larsson et al.
`2004/0230488 A1* 11/2004 Beenau ........................... 705/18
`2005/0074126 A1* 4/2005 Stanko .......................... 380,279
`2005/0229.007 A1 10, 2005 Bole et al.
`2005/025 1688 A1 11/2005 Nanawati et al.
`2006/0022046 A1
`2/2006 Iwamura
`2007/0220272 A1* 9/2007 Campisi et al. ............... T13, 186
`2008. O1883O8 A1
`8/2008 Shepherd et al.
`2009/0328.182 Al 12/2009 Malakapalliet al.
`2010.0117794 A1
`5, 2010 Adams
`2011/O126188 A1
`5/2011 Bernstein et al.
`
`FOREIGN PATENT DOCUMENTS
`WOO1/22724 A1
`3, 2001
`WO
`WOO1,75876 A1 10, 2001
`WO
`WOO 1/77790 A1 10, 2001
`WO
`WO WO 2005/050450 A1
`6, 2005
`WO WO 2005/0868O2 A2
`9, 2005
`OTHER PUBLICATIONS
`"Applying Biometrics to Door Access.” Security Magazine, Sep. 26.
`2002 online Retrieved on Jan. 7, 2007 Retrieved from the
`Internet-URL:http://www.securitymagazine.com/CDA/Articles/
`Technologies/3ae610eaa34d8010VgnVCM100000ft)32a8cO >.
`“Frequently Asked Questions (FAQs) About BioPay,” BioPay, LLC,
`2007, online Retrieved on Jan. 7, 2007 Retrieved from the
`Internet-URL:http://www.biopay.com/faqs-lowes.asp.
`Mciver, R. et al., “Identification and Verification Working Together.”
`Bioscrypt TM, Aug. 27, 2004, online Retrieved on Jan. 7, 2007
`Retrieved
`from
`the
`Internet
`<URL:http://www.ibia.org/
`membersadmin/whitepapers/pdf/15/
`Identification%20and%20Verification% 20Working%20Together.
`pdf>.
`Nilsson, J. et al., “Match-On-Card for Java Cards.” Precise
`Biometrics, White Paper, Apr. 2004, online Retrieved on Jan. 7.
`
`Petitioner's Exhibit 1001, Page 2
`
`

`

`US 8,352,730 B2
`Page 3
`
`2007 Retrieved from the Internet-URL:http://www.ibia.org/
`membersadmin/whitepapers/pdf 17/Precise%20Match-on
`Card%20for%20Java'620Cards.pdf>.
`Nordin, B., “Match-On-Card Technology.” PreciseTM Biometrics,
`White Paper, Apr. 2004, online Retrieved on Jan. 7, 2007
`Retrieved
`from
`the
`Internet-URL:http://www.ibia.org/
`membersadmin/whitepapers/pdf 17/Precise%20Match-on
`Card%20technology.pdf>.
`“SAFModuleTM: A Look Into Strong Authentication.” saflink Corpo
`ration, online Retrieved on Jan. 7, 2007 Retrieved from the
`Internet-URL:http://www.ibia.org/membersadmin/whitepapers/
`pdf.6/SAFmod WP.pdf>.
`“Smart Cards and Biometrics White Paper.” Smart Card Alliance,
`May 2002, online Retrieved on Jan. 7, 2007 Retrieved from the
`Internet-URL:http://www.securitymanagement.com/library/
`Smartcard facqtech0802.pdf>.
`Wade, W. “Using Fingerprints to Make Payments at POS Slowly
`Gaining Popularity.” Credit Union Journal, International Biometric
`Group, Apr. 21, 2003, online Retrieved on Jan. 7, 2007 Retrieved
`from the Internet-URL:http://www.biometricgroup.com/in the
`news/04.21.03.html>.
`Antonoff, Michael, “Visiting Video Valley.” Sound & Vision, pp. 116
`and 118-119, Nov. 2001.
`Article, “In the Age of Napster, Protecting Copyright is a Digital
`Arms Race. Wall Street Journal, Jul. 25, 2000.
`Article, “Sound Waves Could Help Ease Web-Fraud Woes.” Wall
`Street Journal, Aug. 14, 2000.
`Blum, Jonathan, “Digital Rights Management May Solver the
`Napster “Problem’.” Technology Investor Industrysector, (Oct.
`2000), 24-27.
`Debow, Credit/Debit Debuts in Midwest SmartCard Test, Computers
`in Banking, v6, n11, p10, Nov. 1989.
`Dennis, Digital Passports Need Not Infringe Civil Liberties,
`Newsbytes, Dec. 2, 1999, 2 pages.
`Fasca, Chad, “The Circuit.” Electronic News, 45(45) (Nov. 8, 1999),
`20.
`Firecrest Shows How Truly Commercially-Minded Companies Will
`Exploit the Internet, Computergram International, Jan. 18, 1996.
`Lake, Matt, “Downloading for Dollars.” Sound & Vision, (Nov.
`2000), 137-138.
`Lewis, Sony and Visa in On-Line Entertainment Venture, New York
`Times, v 145, Nov. 16, 1995.
`Notification of the International Search Report and Written Opinion,
`PCT/US04/38124, Apr. 7, 2005, 10 pages.
`Paget, Paul, “The Security Behind Secure Extranets.” Enterprise
`Systems Journal, (Dec. 1999), 4pgs.
`Press Release, “Micronas and Thomson Multimedia Showcase a
`New Copy Protection System that Will Drive the Future of Digital
`Television,” www.micronas.com, Jan. 8, 2002.
`
`Press Release, “Content Protection Plan Targets Wireless HomeNet
`works. www.eetimes.com, Jan. 11, 2002.
`Press Release, “Thompson Bets on Smart Cards for Video Encryp
`tion,” www.informationweek.com, Jun. 7, 2001.
`Press Release, “Thompson Multimedia Unveils Copy Protection Pro
`posal Designed to Provide Additional Layer of Digital Content Secu
`rity,” www.thompson-multimedia.com, May 30, 2001.
`“Say Hello to Bluetooth.” Bluetooth Web site, 4 pages.
`Sapsford, Jathon, "E-Business: Sound Waves Could Help Ease Web
`Fraud Woes.” Wall Street Journal. (Aug. 14, 2000), B1.
`Van Winkle, William, “Bluetooth, the King of Connectivity.” Laptop
`Buyer's Guide and Handbook, (Jan. 2000), 148-153.
`Wallace, Bob, "The Internet Unplugged.” InformationWeek,
`765(22), (Dec. 13, 1999), 22-24.
`Weber, Thomas E., “In the Age of Napster, Protecting Copyright is a
`Digital Arms Race.” Wall Street Journal, (Jul. 24, 2000), B1.
`PCT International Search Report and Written Opinion, PCT/US05/
`43447, Feb. 22, 2007, 7 pages.
`PCT International Search Report and Written Opinion, PCT/US05/
`46843, Mar. 1, 2007, 10 pages.
`Non-Final Office Action, U.S. Appl. No. 1 1/292,330, Dated: Sep. 16,
`2010, 23 pages.
`United States Office Action, U.S. Appl. No. 11.744,831, Sep. 3, 2010,
`27 pages.
`International Search Report, PCT/U507/11103, Apr. 23, 2008, 9
`pageS.
`International Search Report, PCT/US07/11104, Jun. 26, 2008, 9
`pageS.
`International Search Report, PCT/US07/11102, Oct. 3, 2008, 11
`pageS.
`International Search Report, PCT/US07/11105, Oct. 20, 2008, 10
`pageS.
`“What is a File?”, Apr. 30, 1998, URL: http://unixhelp.ed.ac.uk/
`editors whatisafile.html, accessed Mar. 11, 2010 via http://
`waybackmachine.org/19980615000000* /http://unixhelp.ed.ac.uk/
`editors whatisafile.html.
`United States Office Action, U.S. Appl. No. 1 1/292,330, Dec. 2,
`2011, 25 pages.
`United States Office Action, U.S. Appl. No. 1 1/744,831, Dec. 16,
`2011, 38 pages.
`United States Office Action, U.S. Appl. No. 1 1/744,832, Feb. 7, 2012,
`32 pages.
`United States Office Action, U.S. Appl. No. 1 1/745,249, Feb. 2, 2012,
`36 pages.
`United States Office Action, U.S. Appl. No. 1 1/292,330, Apr. 6, 2012,
`22 pages.
`Pope, Oasis Digital Signature Services: Digital Signing without the
`Headaches, Internet Computing-IEEE, vol. 10, 2006, pp. 81-84.
`
`* cited by examiner
`
`Petitioner's Exhibit 1001, Page 3
`
`

`

`U.S. Patent
`
`Jan. 8, 2013
`
`Sheet 1 of 6
`
`US 8,352,730 B2
`
`
`
`Biometric Key 100
`Biometric Portion
`220
`Enrollment
`Module
`222
`
`Validation
`Module
`224
`
`Persistent
`Storage
`226
`
`FIG. 1
`
`Control
`Module
`210
`
`FG. 2
`
`RF Communication
`Module
`230
`
`Petitioner's Exhibit 1001, Page 4
`
`

`

`U.S. Patent
`
`Jan. 8, 2013
`
`Sheet 2 of 6
`
`US 8,352,730 B2
`
`
`
`
`
`Biometric Key
`100
`
`
`
`311
`
`Application
`330
`
`Authentication
`Module
`310
`
`
`
`
`
`Trusted Key
`Authority
`320
`
`F.G. 3
`
`Petitioner's Exhibit 1001, Page 5
`
`

`

`U.S. Patent
`
`Jan. 8, 2013
`
`Sheet 3 of 6
`
`US 8,352,730 B2
`
`Biometric Key
`100
`
`Authentication
`Module
`310
`
`Trusted Key
`Authority
`320
`
`
`
`Register User And
`Biometric Key
`410
`
`Receive Biometric
`Data
`Of The User
`420
`
`
`
`Biometrically Verify
`User
`440
`
`
`
`
`
`
`
`
`
`
`
`Authentication
`Needed For An
`Application?
`430
`YES
`
`Request
`Authentication
`450
`
`Allow Access To The
`Application
`470
`
`FIG. 4
`
`
`
`Authenticate The
`Biometric Key
`460
`
`Petitioner's Exhibit 1001, Page 6
`
`

`

`U.S. Patent
`
`Jan. 8, 2013
`
`Sheet 4 of 6
`
`US 8,352,730 B2
`
`OO
`
`
`
`Check identification and Establish Profile
`510
`
`Persistently Store Biometric Data
`From The User
`520
`
`Obtain Code
`530
`
`Associate Profile
`With Code
`540
`
`F.G. 5
`
`Petitioner's Exhibit 1001, Page 7
`
`

`

`U.S. Patent
`
`Jan. 8, 2013
`
`Sheet 5 of 6
`
`US 8,352,730 B2
`
`OO
`
`START
`605
`
`Request User Scan
`610
`
`Receive Scan Data From A Subject
`620
`
`Scan Data Match Biometric Data?
`630
`
`
`
`YES
`
`The Subject is Verified
`As The Registered User
`640
`
`Wirelessly Send Code Indicating
`Successful Verification of User
`650
`
`F.G. 6
`
`Verification
`Failed
`650
`
`Petitioner's Exhibit 1001, Page 8
`
`

`

`U.S. Patent
`
`Jan. 8, 2013
`
`Sheet 6 of 6
`
`US 8,352,730 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Wirelessly Receive The Code
`710
`
`Request Authentication
`Of The Code
`720
`
`Code Authenticated?
`730
`
`Send Access Message To The Application
`740
`
`Authentication
`Failed
`750
`
`FIG. 7
`
`Petitioner's Exhibit 1001, Page 9
`
`

`

`1.
`BIOMETRIC PERSONAL DATA KEY (PDK)
`AUTHENTICATION
`
`US 8,352,730 B2
`
`2
`In one embodiment, an authentication module sends the
`code to a trusted key authority. The trusted key authority
`checks a list of enrolled biometric keys to determine whether
`the code is valid. If the code is valid, the authentication
`module allows the user to access an application.
`In another embodiment, the trusted key authority can store
`a profile associated with the biometric key having the code.
`The profile can contain user information Such as name, age,
`account numbers, preferences, and the like. In addition, the
`profile can describe the status of the key, identify the trusted
`key authority, and/or contain other information. The profile
`can also be sent to the authentication module for use by the
`application (e.g., an age of user sent to a casino machine).
`Advantageously, user authentication is bolstered with
`highly reliable biometric verification of the user in a single
`key. Furthermore, a keyless environment relieves authorized
`users from having to memorize credentials, and of having to
`physically enter credentials or keys. In addition, the key can
`be authenticated for an application that is open to the public
`(i.e., in an open loop system).
`The features and advantages described in the specification
`are not all inclusive and, in particular, many additional fea
`tures and advantages will be apparent to one of ordinary skill
`in the art in view of the drawings, specifications, and claims.
`Moreover, it should be noted that the language used in the
`specification has been principally selected for readability and
`instructional purposes and may not have been selected to
`delineate or circumscribe the inventive matter.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The teachings of the present invention can be readily
`understood by considering the following detailed description
`in conjunction with the accompanying drawings.
`FIG. 1 is a schematic diagram illustrating a biometric key
`for providing authentication information for a biometrically
`Verified user according to one embodiment of the present
`invention.
`FIG. 2 is a block diagram illustrating functional modules
`within the biometric key according to one embodiment of the
`present invention.
`FIG. 3 is a block diagram illustrating a system for provid
`ing authentication information for a biometrically verified
`USC.
`FIG. 4 is a flow chart illustrating a method for providing
`authentication information for a biometrically verified user.
`FIG. 5 is a flow chart illustrating a method for enrolling
`biometric data of the user with the biometric key.
`FIG. 6 is a flow chart illustrating a method for verifying a
`Subject presenting the biometric key according to one
`embodiment of the present invention.
`FIG. 7 is a flow chart illustrating a method for authenticat
`ing a verified user of the biometric key according to one
`embodiment of the present invention.
`
`DETAILED DESCRIPTION
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`The present application claims the benefit of U.S. Provi
`sional Application No. 60/637,538, filed on Dec. 20, 2004,
`and of U.S. Provisional Application No. 60/652,765, filed on
`Feb. 14, 2005, the entire contents of both applications being
`herein incorporated by reference.
`
`FIELD OF THE INVENTION
`
`The present invention relates generally to computerized
`authentication, and more specifically, to an authentication
`responsive to biometric verification of a user being authenti
`cated.
`
`10
`
`15
`
`BACKGROUND
`
`Conventional user authentication techniques are designed
`to prevent access by unauthorized users. One technique is to
`require a user being authenticated to provide secret creden
`tials, such as a password, before allowing access. Similarly, a
`PIN number can be required by an ATM machine before
`allowing a person to perform automated bank transactions. A
`difficulty with this technique is that it requires the user to
`memorize or otherwise keep track of the credentials. A user
`often has multiple sets of credentials (e.g., passwords and
`PINs) and it can be quite difficult to keep track of them all.
`Another technique that does not require the user to memo
`rize credentials is to provide the user with an access object
`Such as a key (e.g., an electronic key) that the user can present
`to obtain access. For example, a user can be provided with a
`Small electronic key fob that allows access to a building or
`other secured location. A difficulty with using access objects
`is that authentication merely proves that the access object
`itself is valid; it does not verify that the legitimate user is using
`the access object. That is, illegitimate user can use a stolen
`access object to enter a secured location because the user's
`identity is never checked.
`Some hybrid authentication techniques require the user to
`provide both an access object and credentials. The user is
`authenticated only upon providing both items. Of course, this
`Solution does not resolve the problem of making the user
`memorize credentials.
`Therefore, there is a need for systems and methods for
`Verifying a user that is being authenticated that does not suffer
`from the limitations described above. Moreover, the solution
`should ease authentications by wirelessly providing an iden
`tification of the user.
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`SUMMARY
`
`55
`
`The present invention addresses the above needs by pro
`viding systems and methods for authentication responsive to
`biometric verification of a user being authenticated. In one
`embodiment, a biometric key persistently (or permanently)
`stores a code such as a device identifier (ID) and biometric
`data for a user in a tamper-resistant format. Subsequently,
`scan data collected from a user (e.g., a fingerprint or retinal
`scan) can be compared against the biometric data. Once the
`user has been verified by the integrated device, the code can
`be wirelessly transmitted to indicate that the user has been
`successfully verified.
`
`60
`
`65
`
`Systems and methods for authentication responsive to bio
`metric verification of a user being authenticated are
`described. Generally, biometric verification uses biometric
`data to ensure that the user of, for example, a biometrickey, is
`the person registered as an owner. Biometric data is a digital
`or analog representation of characteristics unique to the
`user's body. For example, a finger-print of a subject can be
`compared against previously-recorded biometric data for
`
`Petitioner's Exhibit 1001, Page 10
`
`

`

`3
`verification that the subject is the registered owner of the
`biometric key. Then, the biometric key itself can be authen
`ticated.
`Although the embodiments below are described using the
`example of biometric verification using a fingerprint, other
`embodiments within the spirit of the present invention can
`perform biometric verification using other types of biometric
`data. For example, the biometric data can include a palm
`print, a retinal scan, an iris Scan, hand geometry recognition,
`facial recognition, signature recognition, or voice recogni
`tion.
`FIG. 1 is a schematic diagram illustrating an example of a
`biometric key 100 for providing authentication information
`for a biometrically verified user according to one embodi
`ment of the present invention. Biometric key 100 comprise a
`frame 110, a scan pad 120, and an LED 130. In one embodi
`ment, biometrickey 100 has a small form factor (e.g., the size
`of a automobile remote control) such that it can be unobtru
`sively carried by a user.
`Frame 110 can be formed by plastic, metal or another
`suitable material. Frame 110 is shaped to secure scan pad 120,
`and includes a perforation for attachment to, for example a
`key chain or clip. In one embodiment, frame 110 is formed
`from a unitary molding to protect biometric data. Accord
`ingly, frame 110 cannot be opened to expose the underlying
`components unless it is broken.
`Scan pad 120 can be, for example, an optical scanner using
`a charge coupled device, or a capacitive scanner. Scan pad
`120 can be sized to fit a thumb or other finger. Biometric key
`100 of the present embodiment includes LED 130 that lights
`up to request a fingerprint scan from a user. In one embodi
`ment, LED 130 can also confirm that user verification and/or
`authentication has completed.
`Biometric key 100 can authenticate a user for various pur
`poses. For example, biometric key 100 can allow keyless
`entry into homes and autos. In another example, biometric
`key 100 can logauser onto a computer system or point of sale
`register without typing in credentials. In still another
`example, biometric key 100 can verify that an enrolled user is
`above a certain age (e.g., before allowing access to a slot
`machine in a casino). In some embodiments, biometric key
`100 operates without biometric verification, and request a
`fingerprint Scan from a user only when biometric verification
`is needed for the particular use.
`FIG. 2 is a block diagram illustrating biometric key 100
`according to one embodiment of the present invention. Bio
`metric key 100 comprises control module 210, biometric
`portion 220, RF communication module 230, persistent stor
`age 226, and battery 250. Biometric key 100 can be formed
`from a combination of hardware and Software components as
`described above. In one embodiment, biometric key 100 com
`prises a modified key fob.
`Control module 210 coordinates between several functions
`of biometric key 100. In one embodiment, control module
`210 provides a verification code upon successful verification
`of the user. More specifically, once biometric portion 220
`indicates that a fingerprint scan matches biometric data that
`was collected during enrollment, control module 210 can
`trigger RF communication module 230 for sending a code
`indicating that the user was verified. In another embodiment,
`control module 210 can work in the opposite direction by
`detecting a request for verification from RF communication
`module 230, and then requesting verification of the user from
`biometric portion 220. Note that control module 210 of FIG.
`2 is merely a grouping of control functions in a central archi
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`US 8,352,730 B2
`
`10
`
`15
`
`4
`tecture, and in other embodiments, the control functions can
`be distributed between several modules around biometrickey
`1OO.
`Biometric portion 220 comprises enrollment module 222,
`validation module 224, and biometric database 226. In one
`embodiment, enrollment module 222 registers a user with
`biometrickey 100 by persistently storing biometric data asso
`ciated with the user. Further, enrollment module 222 registers
`biometric key 100 with a trusted authority by providing the
`code (e.g., device ID) to the trusted authority. Or conversely,
`the trusted authority can provide the code to biometric key
`100 to be stored therein.
`Validation module 224 can comprise scan pad 120 (FIG. 1)
`to capture scan data from a user's fingerprint (e.g., a digital or
`analog representation of the fingerprint). Using the scan data,
`validation module 224 determines whether the user's finger
`print matches the stored biometric data from enrollment.
`Conventional techniques for comparing fingerprints can be
`used. For example, the unique pattern of ridges and Valleys of
`the fingerprints can be compared. A statistical model can be
`used to determine comparison results. Validation module 224
`can send comparison results to control module 210.
`In other embodiments, validation module 224 can be con
`figured to capture biometric data for other human character
`istics. For example, a digital image of a retina, iris, and/or
`handwriting sample can be captured. In another example, a
`microphone can capture a voice sample.
`Persistent storage 226 persistently stores biometric data
`from one or more users which can be provided according to
`specific implementations. In one embodiment, at least some
`of persistent storage 226 is a memory element that can be
`written to once but cannot subsequently be altered. Persistent
`storage 226 can include, for example, a ROM element, a flash
`memory element, or any other type of non-volatile storage
`element. Persistent storage 226 is itself, and stores data in, a
`tamper-proof format to prevent any changes to the stored
`data. Tamper-proofing increases reliability of authentication
`because it does not allow any changes to biometric data (i.e.,
`allows reads of stored data, but not writes to store new data or
`modify existing data). Furthermore, data can be stored in an
`encrypted form.
`In one embodiment, persistent storage 226 also stores the
`code that is provided by the key 100 responsive to successful
`verification of the user. As described above, in one embodi
`ment the code is a device ID or other value that uniquely
`identifies biometric key 100. In one embodiment, the code is
`providing during the manufacturing process and the biomet
`ric data are provided during an enrollment of the user. In other
`embodiments, the code is provided during enrollment and/or
`the biometric data are provided during manufacturing. Fur
`ther, in Some embodiments persistent storage 226 stores other
`data utilized during the operation of biometric key 100. For
`example, persistent storage 226 can store encryption/decryp
`tion keys utilized to establish secure communications links.
`Radio frequency (RF) communication module 230 is, for
`example, a transceiver or other mechanism for wireless com
`munication. RF communication module 230 can send and
`receive data (e.g., the code) as modulated electromagnetic
`signals. In one embodiment, RF communication 230 can be
`optimized for low-power usage by, for example, using short
`range transceivers. RF communication module 230 can
`actively send out connection requests, or passively detect
`connection requests.
`Battery 260 can be a conventional power source suitable
`for the components of biometric key 100. Battery 260 can be
`either replaceable or rechargeable. Alternatively, battery 260
`
`Petitioner's Exhibit 1001, Page 11
`
`

`

`5
`can be embedded within key 100 such that the key must be
`discarded or recycled upon expiration of the battery.
`FIG. 3 is a block diagram illustrating a system 300 for
`providing authentication information for a biometrically veri
`fied user. System 300 comprises an authentication module
`310 in communication with biometric key 100, a trusted key
`authority 320, and an application 330.
`Authentication module 310 is coupled in communication
`with biometric key via line 311 (i.e., a wireless medium such
`as EM signals), and with trusted key authority 320 via line
`312 (e.g., a secure data network Such as the Internet, or a cell
`network). Authentication module 310 can include one or
`more of for example, a computerized device, Software
`executing on a computerized device, and/or a reader/decoder
`circuit. In one embodiment, authentication module 310
`serves as a gatekeeper to application 330 by requiring the
`code indicating Successful biometric verification of the user
`prior to allowing access to the application. Further, in one
`embodiment, authentication module 310 provides the code to
`trusted key authority 320 in order to verify that it belongs to a
`legitimate key (e.g., when application 330 is security-criti
`cal). Authentication module 310 can send a message to appli
`cation 330, or otherwise allow access to the application,
`responsive to a Successful authentication by trusted key
`authority 320.
`Application 330 is a resource that can be accessed by a
`verified and authenticated user. Application 330 can be, for
`example, a casino machine, a keyless lock, a garage door
`opener, an ATM machine, a hard drive, computer software, a
`web site, a file, and the like. Application 330 can execute on
`the same system as authentication module 310 or on another
`system in communication with the system of the authentica
`tion module. In one embodiment, application module 330
`allows access by a user after receiving a message from
`authentication module 310. At that point, application 330 can
`allow direct use by the user, or require that communications
`continue to pass through authentication module 310 for con
`tinued authentication.
`Trusted key authority 320 is a third-party authority that is
`present in some embodiments in order to provide enhanced
`security. In one embodiment, trusted key authority 320 veri
`fies that a code from a biometric key is legitimate. To do so,
`the trusted key authority 320 stor