`Case 6:21-cv-00165—ADA Document 1-3 Filed 02/23/21 Page 1 of 23
`
`
`EXHIBIT C
`
`EXHIBIT C
`
`
`
`
`
`
`
`USOO9665705B2
`
`(12) United States Patent
`Burke
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 9,665,705 B2
`*May 30, 2017
`
`(54) REMOTE ENTRY SYSTEM
`(71) Applicant: Securicom (NSW) Pty. Ltd., Ramsgate,
`NSW (AU)
`(72) Inventor: Christopher John Burke, Ramsgate
`(AU)
`(73) Assignee: SECURICOM (NSW) PTY LTD,
`Ramsgate (AU)
`
`63/0861 (2013.01); H04 W 12/08 (2013.01);
`H04W 84/12 (2013.01); H04W 84/18
`(2013.01)
`
`(58) Field of Classification Search
`CPC ....................................................... GO6F 21 F32
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`(*) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 0 days.
`This patent is Subject to a terminal dis
`claimer.
`
`5,109,428 A * 4/1992 Igaki .................... A61B 5, 1172
`356/71
`5,933,515 A * 8/1999 Pu ...................... GO6K9/00006
`340,553
`7,152,045 B2 * 12/2006 Hoffman ................. G06F 21.32
`235,379
`
`(21) Appl. No.: 15/000,818
`
`(22) Filed:
`
`Jan. 19, 2016
`
`(65)
`
`Prior Publication Data
`US 2016/O132672 A1
`May 12, 2016
`
`Related U.S. Application Data
`(63) Continuation of application No. 13/572,166, filed on
`Aug. 10, 2012, now Pat. No. 9,269,208, which is a
`(Continued)
`Foreign Application Priority Data
`
`(30)
`
`Aug. 13, 2003 (AU) ................................ 20O3904317
`
`(51) Int. Cl.
`H04L 29/06
`G06F 2D/32
`G06F2L/35
`G07C 9/00
`HO47 (2/08
`
`(2006.01)
`(2013.01)
`(2013.01)
`(2006.01)
`(2009.01)
`(Continued)
`
`(52) U.S. Cl.
`CPC .............. G06F 21/32 (2013.01); G06F 21/35
`(2013.01); G07C 9/00158 (2013.01); H04L
`
`OTHER PUBLICATIONS
`
`Klosterman, Andrew J., and Gregory R. Ganger. “Secure continuous
`biometric-enhanced authentication.” (2000).*
`* cited by examiner
`Primary Examiner — Shawnchoy Rahman
`(74) Attorney, Agent, or Firm — Brinks Gilson & Lione
`(57)
`ABSTRACT
`A system is disclosed for providing secure access to a
`controlled item, the system comprising a database of bio
`metric signatures, a transmitter Subsystem comprising a
`biometric sensor for receiving a biometric signal, means for
`matching the biometric signal against members of the data
`base of biometric signatures to thereby output an accessi
`bility attribute, and means for emitting a secure access signal
`conveying information dependent upon said accessibility
`attribute, wherein the secure access signal comprises one of
`at least a rolling code, an encrypted BluetoothTM protocol,
`and a WiFiTM protocol, and a receiver sub-system compris
`ing means for receiving the transmitted secure access signal
`and means for providing conditional access to the controlled
`item dependent upon said information.
`
`17 Claims, 10 Drawing Sheets
`
`
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 2 of 23
`
`
`
`US 9,665,705 B2
`Page 2
`
`Related U.S. Application Data
`continuation of application No. 10/568,207, filed as
`application No. PCT/AU2004/001083 on Aug. 13,
`2004, now Pat. No. 8,266,442.
`
`(51) Int. Cl.
`HO4W 84/12
`HO4W 84/18
`
`(2009.01)
`(2009.01)
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 3 of 23
`
`
`
`U.S. Patent
`
`US 9,665,705 B2
`
`00#
`
`
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 4 of 23
`
`
`
`U.S. Patent
`
`May 30, 2017
`
`Sheet 2 of 10
`
`US 9,665,705 B2
`
`|-
`<TOE>
`
`
`
`
`
`
`
`
`
`
`
`"euge
`re
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 5 of 23
`
`——> –
`
`|----
`;---->
`
`
`
`U.S. Patent
`
`May 30, 2017
`
`Sheet 3 of 10
`
`US 9,665,705 B2
`
`
`
`2O6
`
`iometric signal
`received?
`
`Compare to
`signatures
`
`Select control
`option
`
`Send access
`signal
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 6 of 23
`
`200
`
`-
`
`Fig. 3
`
`
`
`U.S. Patent
`
`May 30, 2017
`
`Sheet 4 of 10
`
`US 9,665,705 B2
`
`
`
`Access signal
`received?
`
`Compare to
`Code
`
`305
`
`Send control
`signal
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 7 of 23
`
`-
`
`Fig. 4
`
`
`
`U.S. Patent
`
`May 30, 2017
`
`Sheet S of 10
`
`US 9,665,705 B2
`
`G -61-I
`
`#09
`
`00G
`
`O
`an
`wn
`
`
`
`
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 8 of 23
`
`+--- ? ———
`
`
`
`U.S. Patent
`
`May 30, 2017
`
`Sheet 6 of 10
`
`US 9,665,705 B2
`
`700
`
`From Fig. 7 or Fig. 8
`
`
`
`Biometric signal
`received?
`
`to Fic. 8
`9 (06
`
`
`
`Database
`empty?
`
`702
`
`704
`
`Administrator
`biometric
`received?
`
`
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 9 of 23
`
`
`
`U.S. Patent
`
`May 30, 2017
`
`Sheet 7 of 10
`
`US 9,665,705 B2
`
`From Fig. 6 (to
`
`600
`-
`
`YES
`
`6O2
`
`Compare to
`signatures
`
`604
`
`606
`
`608
`
`Insert duress
`bit(s)
`
`YES
`
`Duess?
`
`NO
`
`Insert telemetry
`bit(s) -- Telemetry?
`
`603
`
`605
`
`insert access
`bit(s)
`
`YES
`
`NO
`
`6O7
`
`NO
`
`609
`
`insert alert
`bit(s)
`
`60
`
`Send Control
`signal
`
`
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 10 of 23
`
`Fig. 7
`
`
`
`U.S. Patent
`
`May 30, 2017
`
`Sheet 8 of 10
`
`US 9,665,705 B2
`
`From Fig. 6
`(0.
`
`
`
`802
`
`800
`
`Store administrator YES
`Signature
`
`st administra
`tor input?
`
`
`
`
`
`
`
`Another admin
`istrator desired?
`
`81
`
`805
`
`Store duress
`signature
`
`YES
`
`Duress signa
`ture desired?
`
`
`
`807
`
`
`
`
`
`Store simple
`signature
`
`implesignature
`desired?
`
`809
`
`Erase
`signature(s)
`
`YES
`
`rase signature
`desired?
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 11 of 23
`
`To Fig. 6
`
`
`
`More adminis
`tration?
`
`YES
`
`
`
`U.S. Patent
`
`May 30, 2017
`
`Sheet 9 of 10
`
`US 9,665,705 B2
`
`From Fig. 6
`(o)
`
`st administras
`tor input?
`
`901
`
`900
`-
`
`903
`
`Emit "enrolment"
`tone & flash Red
`LED (ongoing)
`
`
`
`
`
`
`
`Ennit"enrolment"
`tone & flash Green N. 902
`LED (once)
`
`To Fig. 6
`
`Emit "rejection"
`tone
`
`
`
`
`
`
`
`
`
`Store signature
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 12 of 23
`
`Read biometric
`signal (directed by 905
`Amber LED)
`
`
`
`
`
`inger press
`exceeds prede
`er nined period?
`
`YES
`
`Erase relevant
`signature(s)
`
`912
`
`
`
`U.S. Patent
`
`May 30, 2017
`
`Sheet 10 of 10
`
`US 9,665,705 B2
`
`111
`
`- - -A
`
`r
`
`OO
`
`Controlled
`ter
`
`Contr'
`
`-
`
`
`
`
`
`{
`
`
`
`Audio-Video
`Interface
`
`Communication
`NetWork
`
`102O
`
`w w m men rew war -116
`107
`
`1004
`
`|
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 13 of 23
`
`OO
`
`12
`
`1013
`
`1006
`
`
`
`1.
`REMOTE ENTRY SYSTEM
`
`US 9,665,705 B2
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`This application is a continuation patent application of
`U.S. Non-Provisional application Ser. No. 10/568.207 for
`REMOTE ENTRY SYSTEM, filed Jun. 4, 2008, the disclo
`sure of which is incorporated by reference in its entirety.
`
`10
`
`FIELD OF THE INVENTION
`
`The present invention relates to secure access systems
`and, in particular, to systems using wireless transmission of 15
`security code information.
`
`BACKGROUND
`
`FIG. 1 shows a prior art arrangement for providing secure
`access. A user 401 makes a request, as depicted by an arrow
`402, directed to a code entry module 403. The module 403
`is typically mounted on the external jamb of a secure door.
`The request 402 is typically a secure code of Some type
`which is compatible with the code entry module 403. Thus, 25
`for example, the request 402 can be a sequence of secret
`numbers directed to a keypad 403. Alternately, the request
`402 can be a biometric signal from the user 401 directed to
`a corresponding biometric sensor 403. One example of a
`biometric signal is a fingerprint. Other physical attributes 30
`that can be used to provide biometric signals include Voice,
`retinal or iris pattern, face pattern, palm configuration and so
`O
`The code entry module 403 conveys the request 402 by
`sending a corresponding signal, as depicted by an arrow 404, 35
`to a controller 405 which is typically situated in a remote or
`inaccessible place. The controller 405 authenticates the
`security information provided by the user 401 by interro
`gating a database 407 as depicted by an arrow 406. If the
`user 401 is authenticated, and has the appropriate access 40
`privileges, then the controller 405 sends an access signal, as
`depicted by an arrow 408, to a device 409 in order to provide
`the desired access. The device 409 can, for example, be the
`locking mechanism of a secure door, or can be an electronic
`lock on a personal computer (PC) which the user 401 desires 45
`to acceSS.
`A proximity card can also be used to emit the request 402,
`in which case the code entry module 403 has appropriate
`functionality.
`Although the request 402 can be made secure, either by 50
`increasing the number of Secret digits or by using a biomet
`ric system, the communication infrastructure in FIG. 1 is
`typically less secure. The infrastructure 400 is generally
`hardwired, with the code entry module 403 generally being
`mounted on the outside jamb of a secured door. In Such a 55
`situation, the signal path 404 can be over a significant
`distance in order to reach the controller 405. The path 404
`represents one weak point in the security system 400,
`providing an unauthorised person with relatively easy access
`to the information being transmitted between the code entry 60
`module 403 and the controller 405. Such an unauthorised
`person can, given this physical access, decipher the com
`municated information between the code entry module 403
`and the controller 405. This captured information can be
`deciphered, replayed in order to gain the access which 65
`rightfully belongs to the user 401, or to enable modification
`for other subversive purposes.
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 14 of 23
`
`2
`Current systems as depicted in FIG. 1 utilise a commu
`nication protocol called “Wiegand for communication
`between the code entry module 403 and the controller 405.
`The Wiegand protocol is a simple one-way data protocol that
`can be modified by increasing or decreasing the bit count to
`ensure uniqueness of the protocol among different security
`companies. The Wiegand protocol does not secure the
`information being sent between the code entry module 403
`and the controller 405.
`More advanced protocols such as RS 485 have been used
`in order to overcome the Vulnerability of the Wiegand
`protocol over the long distance route 404. RS485 is a duplex
`protocol offering encryption capabilities at both the trans
`mitting and receiving ends, i.e. the code entry module 403
`and the controller 405 respectively in the present case. The
`length of the path 404 nonetheless provides an attack point
`for the unauthorised person.
`Due to the cost and complexity of re-wiring buildings and
`facilities, security companies often make use of existing
`communication cabling when installing and/or upgraded
`security systems, thereby maintaining the Vulnerability
`described above.
`
`SUMMARY
`
`It is an object of the present invention to substantially
`overcome, or at least ameliorate, one or more disadvantages
`of existing arrangements.
`According to a first aspect of the present invention, there
`is provided a system for providing secure access to a
`controlled item, the system comprising:
`a database of biometric signatures:
`a transmitter Subsystem comprising: a biometric sensor
`for receiving a biometric signal; means for matching the
`biometric signal against members of the database of bio
`metric signatures to thereby output an accessibility attribute;
`and means for emitting a secure access signal conveying
`information dependent upon said accessibility attribute,
`wherein the secure access signal comprises one of at least a
`rolling code, an encrypted BluetoothTM protocol, and a
`WiFiTM protocol; and
`a receiver Sub-system comprising; means for receiving the
`transmitted secure access signal; and means for providing
`conditional access to the controlled item dependent upon
`said information.
`According to another aspect of the present invention,
`there is provided a transmitter Sub-system for operating in a
`system for providing secure access to a controlled item, the
`system comprising a database of biometric signatures, a
`receiver Sub-System comprising means for receiving a
`secure access signal transmitted by the transmitter Sub
`system, and means for providing conditional access to the
`controlled item dependent upon information conveyed in the
`secure access signal; wherein the transmitter Subsystem
`comprises: a biometric sensor for receiving a biometric
`signal; means for matching the biometric signal against
`members of the database of biometric signatures to thereby
`output an accessibility attribute; and means for emitting the
`secure access signal conveying said information dependent
`upon said accessibility attribute, wherein the Secure access
`signal comprises one of at least a rolling code, an encrypted
`BluetoothTM protocol, and a WiFiTM protocol.
`According to another aspect of the present invention,
`there is provided receiver Sub-system for operating in a
`system for providing secure access to a controlled item, the
`system comprising a database of biometric signatures, a
`transmitter Subsystem comprising a biometric sensor for
`
`
`
`US 9,665,705 B2
`
`10
`
`15
`
`25
`
`30
`
`35
`
`40
`
`45
`
`3
`receiving a biometric signal, means for matching the bio
`metric signal against members of the database of biometric
`signatures to thereby output an accessibility attribute, and
`means for emitting a secure access signal conveying infor
`mation dependent upon said accessibility attribute, wherein
`the secure access signal comprises one of at least a rolling
`code, an encrypted BluetoothTM protocol, and a WiFiTM
`protocol; wherein the receiver Sub-system comprises; means
`for receiving the transmitted secure access signal; and means
`for providing conditional access to the controlled item
`dependent upon said information.
`According to another aspect of the present invention,
`there is provided a method for providing secure access to a
`controlled item, the method comprising the steps of
`receiving a biometric signal;
`matching the biometric signal against members of a
`database of biometric signatures to thereby output an acces
`sibility attribute;
`emitting a secure access signal conveying information
`dependent upon said accessibility attribute, wherein the
`secure access signal comprises one of at least a rolling code,
`an encrypted BluetoothTM protocol, and a WiFiTM protocol;
`and
`providing conditional access to the controlled item depen
`dent upon said information.
`According to another aspect of the present invention,
`there is provided a method for populating a database of
`biometric signatures in a system for providing secure access
`to a controlled item, the system comprising said database of
`biometric signatures, a transmitter Subsystem comprising a
`biometric sensor for receiving a biometric signal, and means
`for emitting a secure access signal, and a receiver sub
`system comprising means for receiving the transmitted
`secure access signal, and means for providing conditional
`access to the controlled item dependent upon information in
`said secure access signal, said method comprising the steps
`of:
`receiving a series of entries of the biometric signal;
`determining at least one of the number of said entries and
`a duration of each said entry;
`mapping said series into an instruction; and
`populating the database according to the instruction.
`According to another aspect of the present invention,
`there is provided a method for transmitting a secure access
`signal in a system for providing secure access to a controlled
`item, the system comprising a database of biometric signa
`tures, a receiver Sub-system comprising means for receiving
`the secure access signal transmitted by a transmitter Sub
`system, and means for providing conditional access to the
`controlled item dependent upon information conveyed in the
`secure access signal, said method comprising the steps of
`receiving a biometric sensor by biometric signal; matching
`the biometric signal against members of the database of
`biometric signatures to thereby output an accessibility attri
`bute; and emitting the secure access signal conveying said
`information dependent upon said accessibility attribute,
`wherein the secure access signal comprises one of at least a
`rolling code, an encrypted BluetoothTM protocol, and a
`WiFiTM protocol.
`According to another aspect of the present invention,
`there is provided a method for receiving a secure access
`signal in a system for providing secure access to a controlled
`item, the system comprising a database of biometric signa
`tures, a transmitter Subsystem comprising a biometric sensor
`for receiving a biometric signal, means for matching the
`biometric signal against members of the database of bio
`metric signatures to thereby output an accessibility attribute,
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 15 of 23
`
`50
`
`55
`
`60
`
`65
`
`4
`and means for emitting a secure access signal conveying
`information dependent upon said accessibility attribute,
`wherein the secure access signal comprises one of at least a
`rolling code, an encrypted BluetoothTM protocol, and a
`WiFiTM protocol, said method comprising the steps of:
`receiving the transmitted secure access signal; and pro
`viding conditional access to the controlled item dependent
`upon said information.
`According to another aspect of the present invention,
`there is provided a computer program product having a
`computer readable medium having a computer program
`recorded therein for directing a processor to provide secure
`access to a controlled item, said computer program product
`comprising:
`code for receiving a biometric signal;
`code for matching the biometric signal against members
`of a database of biometric signatures to thereby output an
`accessibility attribute:
`code for emitting a secure access signal conveying infor
`mation dependent upon said accessibility attribute, wherein
`the secure access signal comprises one of at least a rolling
`code, an encrypted BluetoothTM protocol, and a WiFiTM
`protocol; and
`code for providing conditional access to the controlled
`item dependent upon said information.
`According to another aspect of the present invention,
`there is provided a computer program product having a
`computer readable medium having a computer program
`recorded therein for directing a processor to populate a
`database of biometric signatures in a system for providing
`secure access to a controlled item, said computer program
`product comprising:
`code for receiving a series of entries of the biometric
`signal;
`code for determining at least one of the number of said
`entries and a duration of each said entry;
`code for mapping said series into an instruction; and
`code for populating the database according to the instruc
`tion.
`According to another aspect of the present invention,
`there is provided a computer program product having a
`computer readable medium having a computer program
`recorded therein for directing a processor to transmit a
`secure access signal in a system for providing secure access
`to a controlled item, said computer program product com
`prising:
`code for receiving a biometric sensor by biometric signal;
`code for matching the biometric signal against members
`of the database of biometric signatures to thereby output an
`accessibility attribute; and
`code for emitting the secure access signal conveying said
`information dependent upon said accessibility attribute,
`wherein the secure access signal comprises one of at least a
`rolling code, an encrypted BluetoothTM protocol, and a
`WiFiTM protocol.
`According to another aspect of the present invention,
`there is provided a computer program product having a
`computer readable medium having a computer program
`recorded therein for directing a processor to receive a secure
`access signal in a system for providing secure access to a
`controlled item, said computer program product comprising:
`code for receiving the transmitted secure access signal;
`and
`code for providing conditional access to the controlled
`item dependent upon said information.
`
`
`
`US 9,665,705 B2
`
`5
`According to another aspect of the present invention,
`there is provided a system for providing secure access, the
`system comprising:
`a biometric sensor for authenticating the identity of a user;
`a transmitter for transmitting information using a secure
`wireless signal dependent upon a request from the user and
`the authentication of the user identity; and
`a control panel for receiving the information and for
`providing the secure access requested.
`Other aspects of the invention are also disclosed.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`Some aspects of the prior art and one or more embodi
`ments of the present invention are described with reference
`to the drawings, in which:
`FIG. 1 shows a prior art arrangement for providing secure
`acceSS,
`FIG. 2 is a functional block diagram of an arrangement for
`providing secure access according to the present disclosure;
`FIG. 3 shows an example of a method of operation of the
`remote control module of FIG. 2;
`FIG. 4 shows an example of a method of operation of the
`(fixed) control device of FIG. 2;
`FIG. 5 shows incorporation of a protocol converter into
`the arrangement of FIG. 2; and
`FIG. 6 shows another example of how the remote access
`system operates;
`FIG. 7 shows an access process relating to the example of
`FIG. 6;
`FIG. 8 shows one enrollment process relating to the
`example of FIG. 6;
`FIG. 9 shows another enrollment process relating to the
`example of FIG. 6; and
`FIG. 10 is a schematic block diagram of the system in
`FIG 2.
`
`DETAILED DESCRIPTION INCLUDING BEST
`MODE
`
`10
`
`15
`
`25
`
`30
`
`35
`
`6
`signatures for authorised users against which the request 102
`can be authenticated. If the identity of the user 101 is
`authenticated successfully, then the code entry module 103
`sends a signal 106 to a controller/transmitter 107. The
`controller/transmitter 107 checks, as depicted by an arrow
`112, the current rolling code in a database 113. The con
`troller 107 then updates the code and sends the updated
`code, this being referred to as an access signal, as depicted
`by an arrow 108 to a controller 109. The rolling code
`protocol offers non-replay encrypted communication.
`The controller 109 tests the rolling code received in the
`access signal 108 against the most recent rolling code which
`has been stored in a database 115, this testing being depicted
`by an arrow 114. If the incoming rolling code forming the
`access signal 108 is found to be legitimate, then the con
`troller 109 sends a command, as depicted by an arrow 110.
`to a controlled item 111. The controlled item 111 can be a
`door locking mechanism on a secure door, or an electronic
`key circuit in a personal computer (PC) that is to be accessed
`by the user 101. It is noted that the controller 109 contains
`a receiver 118 that receives the transmitted access signal 108
`and converts it into a form that is provided, as depicted by
`an arrow 120, into a form that the controller 109 can use.
`The code entry module 103 also incorporates at least one
`mechanism for providing feedback to the user 101. This
`mechanism can, for example, take the form or one or more
`Light Emitting Diodes (LEDs) 122 which can provide visual
`feedback, depicted by an arrow 123 to the user 101. Alter
`nately or in addition the mechanism can take the form of an
`audio signal provided by an audio transducer 124 providing
`audio feedback 125.
`The arrangement in FIG.2 has been described for the case
`in which the secure code in the access signal 108 used
`between the sub-systems 116 and 117 is based upon the
`rolling code. It is noted that this is merely one arrangement,
`and other secure codes can equally be used. Thus, for
`example, either of the BluetoothTM protocol, or the Wi FiTM
`protocols can be used.
`Rolling codes provide a substantially non-replayable non
`repeatable and encrypted radio frequency data communica
`tions Scheme for secure messaging. These codes use inher
`ently secure protocols and serial number ciphering
`techniques which in the present disclosure hide the clear text
`values required for authentication between the key fob
`(transmitter) sub-system 116 and the receiver/controller 1187
`109.
`Rolling codes use a different code variant each time the
`transmission of the access signal 108 occurs. This is
`achieved by encrypting the data from the controller 107 with
`a mathematical algorithm, and ensuring that successive
`transmissions of the access signal 108 are modified using a
`code and/or a look-up table known to both the transmitter
`sub-system 116 and the receiver sub-system 117. Using this
`approach Successive transmissions are modified, resulting in
`a non-repeatable data transfer, even if the information from
`the controller 107 remains the same. The modification of the
`code in the access signal 108 for each transmission signifi
`cantly reduces the likelihood that an intruder can access the
`information replay the information to thereby gain entry at
`Some later time.
`The sub-system in FIG. 2 falling to the left hand side, as
`depicted by an arrow 116, of a dashed line 119 can be
`implemented in a number of different forms. The sub-system
`116 can for example be incorporated into a remote fob
`(which is a small portable device carried by the user 101),
`or alternately can be mounted in a protected enclosure on the
`outside jamb of a secured door. The sub-system 116 com
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 16 of 23
`
`It is to be noted that the discussions contained in the
`“Background' section relating to prior art arrangements
`relate to discussions of documents or devices which form
`public knowledge through their respective publication and/
`or use. Such should not be interpreted as a representation by
`the present inventor(s) or patent applicant that Such docu
`45
`ments or devices in any way form part of the common
`general knowledge in the art.
`Where reference is made in any one or more of the
`accompanying drawings to steps and/or features, which have
`the same reference numerals, those steps and/or features
`have for the purposes of this description the same
`function(s) or operation(s), unless the contrary intention
`appears.
`FIG. 2 is a functional block diagram of an arrangement for
`providing secure access according to the present disclosure.
`A user 101 makes a request, as depicted by an arrow 102, to
`a code entry module 103. The code entry module 103
`includes a biometric sensor 121 and the request 102 takes a
`form which corresponds to the nature of the sensor 121 in
`the module 103. Thus, for example, if the biometric sensor
`121 in the code entry module 103 is a fingerprint sensor, then
`the request 102 typically takes the form of a thumb press on
`a sensor panel (not shown) on the code entry module 103.
`The code entry module 103 interrogates, as depicted by an
`arrow 104, a user identity database 105. Thus for example if
`the request 102 is the thumb press on the biometric sensor
`panel 121 then the user database 105 contains biometric
`
`40
`
`50
`
`55
`
`60
`
`65
`
`
`
`US 9,665,705 B2
`
`10
`
`15
`
`25
`
`30
`
`35
`
`40
`
`7
`municates with the sub-system 117 on the right hand side of
`the dashed line 119 via the wireless communication channel
`used by the access signal 108. The sub-system 117 is
`typically located in an inaccessible area Such as a hidden
`roof space or alternately in a Suitable protected area Such as
`an armoured cupboard. The location of the sub-system 117
`must of course be consistent with reliable reception of the
`wireless access signal 108.
`Although typically the communication channel uses a
`wireless transmission medium, there are instances where the
`channel used by the access signal 108 can use a wired
`medium. This is particularly the case when the transmitter
`Sub-system 116 is mounted in an enclosure on the doorjamb
`rather than in a portable key fob.
`The biometric signature database 105 is shown in FIG. 2
`to be part of the transmitter sub-system 116. However, in an
`alternate arrangement, the biometric signature database 105
`can be located in the receiver sub-system 117, in which case
`the communication 104 between the code entry module 103
`and the signature database 105 can also be performed over
`a secure wireless communication channel Such as the one
`used by the access signal 108. In the event that the secure
`access system is being applied to providing secure access to
`a PC, then the secured PC can store the biometric signature
`of the authorised user in internal memory, and the PC can be
`integrated into the receiver sub-system 117 of FIG. 1.
`In the event that the sub-system 116 is implemented as a
`remote fob, the combination of the biometric verification
`and the strongly encrypted wireless communication pro
`vides a particularly significant advantage over current sys
`tems. The remote key fob arrangement allows easy instal
`lation, since the wired communication path 404 (see FIG. 1)
`is avoided. Other existing wiring elements of the present
`systems 400 can be used where appropriate. When the
`sub-system 116 is implemented as a remote fob, the fob
`incorporates the biometric (eg fingerprint) authentication
`arrangement, in which case only one biometric signature is
`stored in the fob. This arrangement reduces the requirements
`on the central database 115. Once the key fob authenticates
`the user through biometric signature (eg fingerprint) verifi
`cation, the rolling code in the access signal 108 is transmit
`ted to the controller 109 for authorisation of the user for that
`location at that time.
`In addition to authenticating the user 101 the biometric
`sensor 121 in the code entry module 103 in conjunction with
`45
`the controller 107 can also check other access privileges of
`the user 101. These access privileges can be contained in the
`database 105 which can be located either locally in the
`remote key fob, or in the receiver sub-system 117 as
`previously described. In one example, Tom Smith can firstly
`be authenticated as Tom Smith using the thumb press by
`Tom on the biometric sensor panel (not shown). After Tom's
`personal biometric identity is authenticated, the transmitter
`sub-system 116 can check if Tom Smith is in fact allowed to
`use the particular door secured by the device 111 on week
`ends. Thus the security screening offered by the described
`arrangement can range from simple authentication of the
`user's identity, to more comprehensive access privilege
`Screening.
`The incorporation of the biometric sensor 121 into the
`code entry module 103 in the form of a remote key fob also
`means that if the user 101 loses the remote key fob, the user
`need not be concerned that someone else can use it. Since the
`finder of the lost key fob will not be able to have his or her
`biometric signal authenticated by the biometric sensor 121
`in the code entry module 103, the lost key fob is useless to
`anyone apart from the rightful user 101.
`
`55
`
`Case 6:21-cv-00165-ADA Document 1-3 Filed 02/23/21 Page 17 of 23
`
`50
`
`60
`
`65
`
`8
`The transmitter sub-system 116 is preferably fabricated in
`the form of a single integrated circuit (IC) to reduce the
`possibility of an authorised person bypassing the biometric
`sensor 121 in the code entry module 103 and directly forcing
`the controller 107 to emit the rolling code access signal 108.
`FIG. 3 shows the method of operation of the remote
`control module (i.e. the sub-system 116) of FIG. 2. The
`method 200 commences with a testing step 201 in which the
`biometric sensor 121 in the code entry module 103 checks
`whether a biometric signal 102 is being received. If this is
`not the case, then the method 200 is directed in accordance
`with an NO arrow back to the step 201 in a loop. If, on the
`other hand, the biometric signal 102 has been received, then
`the method 200 is directed in accordance with a YES arrow
`to a step 202. The step 202 compares the received biometric
`signal 102 with information in the biometric signature
`database 105 in order to ensure that the biometric signal
`received 102 is that of the rightful user 101 of the sub
`system 116.
`A subsequent testing step 203 checks whether the com
`parison in the step 202 yields the desired authentication. If
`the biometric signature matching is authenticated, then the
`process 200 is directed in accordance with a YES arrow to
`a step 204. The