[19]
`
`[11] Patent Number:
`
`4,998,279
`
`United States Patent
`Weiss
`[45] Date of Patent: Mar. 5, 1991
`
`
`
`[54]
`
`METHOD AND APPARATUS FOR
`PERSONAL VERIFICATION UTILIZING
`NONPREDICI‘ABLE CODES AND
`BIOCHARACI'ERISTICS
`
`[76]
`
`Inventor: Kenneth P. Weiss, 7 Park Ave.,
`Newton, Mass. 02150
`
`[21]
`
`Appl. No.: 298,039
`
`[22] ‘
`
`Filed:
`
`Jan. 18, 1989
`
`[63]
`
`[51]
`
`[52]
`
`[5 8]
`
`[56]
`
`Related U.S. Application Data
`
`Continuation-impart of Ser. No. 802,579, Nov. 27,
`1985, Pat. No. 4,885,778, which is a continuation-in-
`part of Ser. No. 676,626, Nov. 30, 1984, Pat. No.
`4,720,860.
`
`Int. Cl.5 ......................... H04K 1/02; HO4L 9/20;
`G07F 7/08
`U.S. Cl. ........................................ 380/23; 380/25;
`380/28; 340/825.31; 340/825.34; 235/380;
`235/382
`Field of Search ...................... IMO/825.31, 825.34;
`380/3-5, 23~25, 28; 364/200, 900; 235/379,
`380, 382
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`8/1973 Waterbury ........................ 380/24 X
`3,752,904
`3,764,742 10/1973 Abbott et a1. ......... 380/23
`
`3,806,874 4/1974 Ehrat .................. 380/23
`368/118
`3,886,451
`5/1975 Chu et al.
`.
`
`8/1975 Wagner ........... 342/45
`3,900,867
`
`3,995,111 11/1976 Tsuji et a1.
`375/109
`8/1978 Hargrove .....
`4,104,694
`361/172
`
`...... 380/28
`4,126,761 11/1978 Graupe et a1.
`
`3/1979 Ehrat ........... 380/47
`4,145,568
`4,145,569 3/ 1979 Ehrat .......................... 380/48
`
`1/1980 Kinch, Jr. et al.
`...... 380/43
`4,185,166
`
`4,193,073 3/ 1980 Kohnen .................. 342/56
`
`4,277,837
`7/1981 Stuckert
`364/900
`
`4,295,039 10/1981 Stuckert ........
`235/380
`4,302,810 11/1981 Bouricius et al.
`.
`..... 380/24
`
`IMO/825.34
`4,320,387
`3/1982 Powell ..............
`
`.
`......... 380/25
`4,326,098
`4/1982 Bouricius et a1.
`
`4,403,114 9/1983 Sakoe ..................... 381/42
`
`4,471,216 9/1984 Herve
`235/380
`
`4,494,211
`1/1985 Schwartz
`375/107
`
`(List continued on next page.)
`
`of the generated nonpredictable code to an indication of
`the character which includes the biocharacteristic; and,
`a mechanism for comparing the communicated charac-
`ters including biocharacteristics with the character indi-
`cations including biocharacteristic, and a mechanism
`for indicating verification if the compared characters,
`including the biocharacteristic, match in a predeter-
`mined way.
`
`11 Claims, 6 Drawing Sheets
`
`'
`
`FOREIGN PATENT DOCUMENTS
`
`0010496 4/1980 European Pat. Off,
`0140013
`5/1985 European Pat. Off.
`
`.
`.
`
`OTHER PUBLICATIONS
`
`V. McLellan, “The Future of Data Security Looks
`Credit—Card Thin”, Information Week, (10/07/85, pp.
`24—30).
`“Voice ID Knows Who, What, and Where", Electronic
`Design, (10/02/86, p. 12).
`Voice Key: Voice Verification Systems for Access Control,
`(Ecco Industries Inc., Danvers, Mass., 1986).
`IBM Tech. Disc]. Bull, (v01. 26, No. 7A, 12/83, pp.
`3292-3293).
`
`Primary Examiner—Stephen C. Buczinski
`Assistant Examiner—Bemarr Earl Gregory
`Attorney, Agent, or Firm—M: Lawrence Oliverio
`[57]
`ABSTRACT
`
`A personal verification system comprising a user device
`which is adapted to generate a time varying, multi-
`character, nonpredictable code; a verification device; a
`mechanism for permitting the user to communicate the
`nonpredictable code generated by the user device at a
`given time to the verification device in a manner such
`that a biocharacteristic of the user is communicated
`with each code character; the verification device in-
`cluding a mechanism for generating the same non—
`predictable code as is appearing at the user device at the
`given time, a mechanism for converting each character
`
`5|2
`
`5|4
`
`SAMPLING
`CKT
`
`
`
`THRESHOLD
`DETECTOR
`
`'
`
`53
`
`|PR2018-00067
`
`Unified EX1019 Page 1
`
`IPR2018-00067
`Unified EX1019 Page 1
`
`

`

`4,998,279
`
`Page 2
`ER
`
`U.S. PATENT DOCUMENTS
`8/1985
`4,536,647
`9/1985
`4,543,657
`3/1986
`4,575,621
`3/1986
`4,578,530
`4/1986
`4,582,434
`4/1986
`4,582,985
`5/1986
`4,589,066
`
`Atalla et a].
`......
`.. 380/24
`
`Wilkinson ..
`375/1
`
`380/23 X
`Dreifus
`Zeidler ............. 380/24
`
`Plangger et a1.
`368/46
`
`Léfberg .........
`. 235/380
`........................... 364/200
`Lam et a1.
`
`4,599,489
`4,609,777
`4,636,583
`4,641,322
`4,677,552
`4,677,617
`4,685,055
`4,742,537
`4,825,050
`
`7/1986
`9/1986
`1/1987
`2/1987
`6/1987
`6/1987
`8/1987
`5/1988
`4/1989
`
`Cargile .................................... 380/4
`Cargile ............ 380/4
`
`Bidell et a1.
`380/48
`
`Hasegawa ............. 375/ 1
`............
`364/900 X
`Sibley, Jr.
`
`..... 370/100
`O'Connor et a1.
`
`Thomas .............. 364/200
`
`Jesurum .....
`379/351
`...................... 235/379
`Griffith et a1.
`
`|PR2018-00067
`
`Unified EX1019 Page 2
`
`IPR2018-00067
`Unified EX1019 Page 2
`
`

`

`US. Patent
`
`Mar. 5, 1991
`
`Sheet 1 of 6
`
`4,998,279
`
`F IX so
`CODE
`
`CARD
`
`PIN
`
`45
`
`'0
`
`C
`
`20
`
`Is:
`COMPUTER
`
`°2
`
`°I
`
`I st
`DYNAMIC
`
`VARIABLE 30
`
`70
`
`so
`
`lst NON
`PR EDICTABLE
`CODE
`
`2 nd NON
`PREDICTABLE
`cone
`
`c2
`
`ACCESS
`CONTROL
`MEANS
`OR HOST
`
`
`
`b
`
`c3
`
`2 nd
`DYNAMIC
`
`VARIABLE
`
`COMPARISON
`OF
`NON-PREDICTABLE
`CODES
`
`80
`
`CLEARANCE
`OR
`ACCESS
`
`90
`
`FIG}!
`
`|PR2018-00067
`
`Unified EX1019 Page 3
`
`IPR2018-00067
`Unified EX1019 Page 3
`
`

`

`US. Patent
`
`Mar. 5, 1991
`
`Sheet 2 of 6
`
`4,998,279
`
`In
`
`COMPUTER
`PREDICTABLE
`
`
`CODE
`
`
`
`ls? NON
`
`
`
`CONTROL
`
`”MEANS
`
`
`ACCESS
`
`OR HOST
`
`I9
`
`
`
`2 nd
`
`DYNAMIC
`DYNAMIC
`
`
`
`VARIABLE
`
`
`
`
`CLEARANCE
`
`OR
`ACCESS
`
`
`VARIABLE
`
` /
`
`|PR2018-00067
`
`Unified EX1019 Page 4
`
`IPR2018-00067
`Unified EX1019 Page 4
`
`

`

`US. Patent
`
`Mar. 5, 1991
`
`Sheet 3 of 6
`
`4,998,279
`
`CARD I
`
`20
`
`I
`
`,0
`
`4o
`
`CARD
`SEED
`CARD
`RESULTANT
`CODE
`
`CARD
`PIN
`
`45
`
`DENY
`ACCESS
`
`DENY
`ACCESS
`
`HOSTISO)
`IOO
`
`7
`
`
`
`TEMPORARILY
`STODRETACARD
`
`PERMANENT
`HOST
`MEMORY
`
`zoo
`
` HO
`
`COMPARE
`
`CARD PIN AND
`“0
`
`
`HOST PIN
`
`MATCH ?
`
`N
`
`O
`
`
`
`
`COMPARE
`
`CARD SEED WITH
`
`HOST LIBRARY
`
`
`HOST LIBRARY OF
`
`O F SEEDS
`SEEDS. MATCH ?
`
`
`
`
`
`TE MPORARILY RECORD DATE
`AND TIME OF ENTRY
`WITH USE OF HOST CLOCK
`
`
`
`ZERO
`
`CELLT'ME
`
`
`
`ADD STORED TIME OFFSET
`STORED TIME
`-- To TEMPORARILY STORED
`OFFSET PECULIAR
`
`
`A DATE AND TIME
`To CARD SEED
`
`
`
`
`
`COMPARE TEMPORARILY STORED
`STORED DATE
`
`DATE WITH STORED DATE OF
`OF LAST GRANT
`
`
`LAST ACCESS
`OF ACCESS
`
`I60
`
`
`
`
`
`COMPUTE NUMBER OF MONTHS X BETWEEN
`DATE OF LAST ACCESS AND TEMPOR
`
`STORED DATE
`
`FIG3A
`
`|PR2018-00067
`
`Unified EX1019 Page 5
`
`IPR2018-00067
`Unified EX1019 Page 5
`
`

`

`US. Patent
`
`. Mar. 5, 1991
`
`Sheet 4 of 6
`
`4,998,279
`
`I65
`
`I67
`
`
`Y IS AN AUTOMATICALLY
`
`
`
`FIXED AND STORED #IF
`HOST CLOCK IS RESET
`PRIOR TO PRESENT
`TRANSACTION
`
`ADD X
`PLUS Y
`
`
`
`
`
`
`COMPUTE ZERO CELL HOST
`RESULTANT CODE ON BASIS
`
`
`OF ZERO CELL TIME
`
`
` COMPUTE THE LESSER OF 4+X+Y OR IO
`ADDITIONAL HOST RESULTANT CODES,
`ie THE WINDOW
`
`
`COM PARE
`
`
`CARD RESULTANT
`
`
`CODE WITH ALL COMPUTED
`
`”0
`DENY
`HOST RESULTANT CODES.
`ACCESS
`ANY MATCH
`
`?
`
`GRANT ACCESS
`
`PERMANENTLY STORE
`TEMPORARILY STORED DATE
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`COMPUTE NEW TIME OFFSET PECULIAR TO CARD
`SEED BY COMPARING HOST ZERO CELL TIME WITH
`CELL TIME OF MATCHING HOST RESULTING CODE
`AND ADDING OR SUBTRACTING PREVIOUSLY STORED
`TIME OFFSET
`
`
`PERMANENTLY STORE
`NEW TIME OFFSET
`
`FIGSB
`
`|PR2018-00067
`
`Unified EX1019 Page 6
`
`IPR2018-00067
`Unified EX1019 Page 6
`
`

`

`US. Patent
`
`Mar. 5, 1991
`
`Sheet 5 of 6
`
`4,998,279
`
`(REAL TIME)
`0
`CARD CLOCK
`D
`E] D DC] D HOST CLOCK
`-2 -I
`O +I +2
`(REALTIME)
`I-2)(-l) (o)(+I)(+ 2)
`(HOST WINDOW)
`
`
`°
`(REAL TIME)
`[3
`CARD CLOCK
`DI D [:1 I: D HOST CLOCK
`
`+2 +3
`+I
`(REALTIME)
`(- 2)(- I)
`O M) (+2)
`(HOSTWINDOW)
`
`
`FIG-4
`
`I F|G5
`
`(REAL TIME)
`‘ '
`CARD CLOCK
`I]
`D D D D D HOST CLOCK
`-2 -I
`o +I +2
`IREALTIME)
`(-2) (-I) (D) (+I)(+2)
`(HOST WINDOW)
`
`
`
`-3
`-2 -l
`I- 2)(- I) (O)
`
`(REALTIME)
`(ADJUSTED
`WINDOW)
`
`
`"
`[:1
`CI CI I: [0] CI
`
`I
`(2)
`
`(I)
`
`(REALTIME)
`CARD CLOCK
`HOST CLOCK
`
`FIGS
`
`‘3
`CI
`
`FIG7
`
`(REAL TIME)
`
`CARD CLOCK
`
`DDDDDDDD
`+l
`+2 +3 +4 +5
`(HOST WINDOW)
`I~2)I‘I)
`(O)
`(+l)(+2)
`
`
`(REALTIME)
`
`HOST CLOCK
`
`FIG.8~
`
`'3
`III
`DDDDDDDDDDDDDD III [III] HOSTCLOCK
`9
`‘5-4-3’2‘IOI 234567
`IO II
`(REALTIME)
`(TBII'7)I'6)I‘ 5)I- 4)I-3)I 2)I- I) O (I)
`I2) (3)
`(4) I5) (6)
`
`(REAL TIME)
`
`CARD CLOCK
`
`(7) (BHOPENED
`WINDOW)
`
`\____—______,__—_—————————-’
`
`FIGS
`
`IP‘R2018-00067
`
`Unified EX’IO19 Page 7
`
`IPR2018-00067
`Unified EX1019 Page 7
`
`

`

`US. Patent
`
`Mar. 5, 1991
`
`Sheet 6 of 6
`
`4,998,279
`
`
`
`mehmzmwhbun.
`
`HIE<FnuommmI202
`
`moou
`
`kxu
`
`_may—huhmo
`mo_O>mwbu<m<10 20h<mmzmo
`QJOIwumIP
`
`
`zmo0&2OmmIas
`
`
`
` mmOhmzmukbawxomhm
`
`Kuhu<m<zu
`
`mm<n=zOU
`
`hxu
`
`wmm>u:mw>
`
`0mmNmm
`
`:OE
`
`¢mn
`
`|PR2018—OOO67
`
`Unified EX1019 Page 8
`
`IPR2018-00067
`Unified EX1019 Page 8
`
`
`
`
`

`

`1
`
`4,998,279
`
`2
`over a voice channel such as a telephone line with a
`biocharacteristic being the voice pattern of the individ-
`ual or the biocharacteristic may be the unique stroke
`pattern sequence which the individual uses in writing
`the characters,
`the characters appearing at
`the user
`device being communicated by being inputted through
`a stroke pattern recognition device such as a pressure-
`sensitive device. The verification device is adapted to
`generate the same nonpredictable code as is appearing
`at the user device at the given time, and for converting
`each character of the generated nonpredictable code to
`an indication of the character which includes the bio-
`characteristic. For example, an indication of the voice
`pattern of the individual for each character which may
`appear in the nonpredictable code may be stored and
`the voice pattern indication for the character read out in
`response to the character being generated. The commu-
`nicated biocharacteristic indications from the individual
`are then compared with the indications obtained from
`the conversion, verification being signified if these indi-
`cations match in a predetermined way.
`The foregoing and other objects, features and advan-
`tages of the invention will be apparent from the follow-
`ing more particular description of preferred embodi-
`ments as illustrated in the accompanying drawings.
`IN THE DRAWINGS
`
`FIG. 1 is a block diagram of a basic apparatus and
`method according to the invention for generating and
`comparing nonpredictable codes;
`FIG. 1A is a block diagram of a preferred apparatus
`and method for generating and comparing nonpredicta-
`ble codes where a means for comparing nonpredictable
`codes is included in a calculator which generates a
`nonpredictable code;
`FIG. 2 is a front isometric view of a credit card sized
`calculator for calculating a first nonpredictable code for
`use in gaining clearance or access according to the
`invention;
`FIG. 3A—3B together form a flow chart demonstrat-
`ing a most preferred series of steps carried out by an
`apparatus according to the invention and/or
`in a
`method according to the invention;
`FIGS. 4—9 are diagrammatic representations of series
`of resultant code cells separately generated by separate
`computers according to exemplary situations described
`herein; each diagram sets forth the relationship vis a vis
`real time between resultant codes generated on the basis
`of time as kept by separate clock mechanisms in the
`separate computers generating the resultant codes ac-
`cording to the corresponding conditions described with
`reference to each figure;
`FIG. 10 is a semi-block schematic diagram of a first
`preferred embodiment of the invention; and.
`FIG. 11 is a semi-block schematic diagram of a por-
`tion of the verification device for a second embodiment
`of the invention.
`
`DETAILED DESCRIPTION OF THE
`SYNERGISTIC INVENTION
`
`METHOD AND APPARATUS FOR PERSONAL
`VERIFICATION UTILIZING NONPREDICI‘ABLE
`CODES AND BIOCHARACI'ERISTICS
`
`CROSS-REFERENCE TO OTHER
`APPLICATIONS
`
`This application is a continuation in-part of applica
`tion Ser. No. 802,579 filed Nov. 27, 1985, now US. Pat.
`No. 4,885,778, which application is itself a continuation
`in-part of application Ser. No. 676,626 filed Nov. 30,
`1984, now US. Pat. No. 4,720,860 issued Jan. 19, 1988.
`
`FIELD OF THE INVENTION
`
`This invention relates to methods and apparatus for
`verifying the identity of an individual and, more partic-
`ularly, to methods and apparatus for utilizing both non-
`predictable codes and a biocharacteristic of the individ-
`ual whose identity1s to be verified to provide enhanced
`verification security.
`
`BACKGROUND OF THE INVENTION
`
`identification systems may be based on
`Personal
`something someone has, such as a card or badge, some-
`thing that someone knows, such as a personal identifica-
`tion number (PIN), or a biocharacteristic of the individ—
`ual such as voice pattern or the like. Each of these bases
`alone can be defeated and thus does not provide a high
`level of personal verification security. For example, a
`card alone can be lost or stolen, a PIN can be over-
`heard, can be surreptitiously intercepted and learned
`when being transmitted over a communication line, or
`can otherwise be compromised. Most biocharacteristics
`can be sampled surreptitiously and then computer syn-
`thesized or otherwise reproduced.
`Heretofore, efforts have been made to enhance the
`security of personal verification systems by utilizing
`two of the bases in a single system. While this does
`result in enhanced security, the security is still not as
`high as would be desired for some applications. Ideally,
`all three bases would be used in a single verification
`system. However, the storage requirements for voice
`recognition or other biocharacteristic recognition sys-
`tems are prohibitively high or a large number of inputs
`must be recognized if the system is adapted to recognize
`a reasonable number of individuals. If the system only
`needs to recognize the individual 5 saying a predeter-
`mined code sequence such as his PIN, the message is
`subject
`to surreptitious interception and simulation.
`Thus, even very expensive systems enjoy only limited
`success in providing a high level of verification secu-
`rity.
`A need therefore exists for a relatively simple,Inex-
`pensive method and apparatus to provide highly secure
`personal identification, achieving this objective by uti-
`lizing all three bases in a synergistic way in performing
`the verification function.
`
`SUMMARY OF THE SYNERGISTIC INVENTION
`
`In accordance with the above, this invention provides
`a method and apparatus for verifying the identity of an
`individual wherein a user device is provided which
`generates a time varying, multi-character, nonpredicta-
`ble code. The individual communicates the nonpredict-
`able code generated at a given time to a verification
`device in a manner such that a biocharacteristic of the
`user is communicated with each code character. For
`example, the characters may be orally communicated
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`45
`
`50
`
`55
`
`65
`
`Referring to FIG. 10, the system includes a user de-
`vice 512 which is preferably a credit-card sized device
`of the type described in detail in the parent application
`and patent previously mentioned. For purposes of ease
`of reference and completeness the specification of par-
`ent application Ser. No. 802,579 is set forth hereinbe-
`low. Briefly, this device inputs a time varying value, for
`
`|PR2018-00067
`
`' Unified EX1019 Page 9
`
`IPR2018-00067
`Unified EX1019 Page 9
`
`

`

`4,998,279
`
`3
`example, a clock value which varies every minute, and
`a fixed value, for example, a secret code word, into a
`processing device which operates on the two inputs in
`accordance with a secret algorithm to generate a multi
`character nonpredictable code which is preferably dis-
`played on a multi character display element 514. Ele-
`ment 514 may, for example, be a standard liquid crystal
`or light-emitting diode display which is adapted to dis-
`' play the ten numeric characters 0—9. The display may
`also be adapted to display alphanumeric characters.
`While five character positions have been shown for the
`display 514 in FIG. 10, it is to be understood that this
`display may have any number of character positions
`depending on the degree of security required. Typi-
`cally, this display might, for example, have eight char-
`acters.
`
`10
`
`15
`
`The individual who is seeking to have his identity
`verified communicates information for accomplishing
`verification to a verification device or station 516
`through standard telephones 518, telephone line 520 and
`modem 522.
`
`20
`
`4
`relatively small number of samples. Other voice verifi-
`cation systems well known in the art may be used in
`conjunction with the invention. As described more fully
`below, the system of U.S. Pat. No. 4,720,860 and appli-
`cation Ser. No. 802,579 for generating, verifying and
`synchronizing time variable nonpredictable codes pro-
`vides a high level of security by itself. When such sys-
`tems are combined with a biocharacteristic verification
`element, a very high level of security as contemplated
`by the invention is achieved, with or without the combi-
`nation of the use of a PIN in the verification system.
`The input over line 532 from PIN recognition circuit
`522 addresses the area of memory 530 in which voice
`patterns are stored for the individual having the recog-
`nized PIN while the character inputs from code genera-
`tor 528 address the individual character voice patterns
`for the individual. The voice patterns read out from
`memory 530 may be applied directly as one input to a
`compare circuit 534 or may be applied to temporary
`storage registers or other temporary storage means, the
`outputs from which are compared to compare circuit
`534.
`
`25
`
`30
`
`In practice, the user will initially input his PIN or
`other identifying code on telephone 518A. While this
`may be done orally, it is preferably done by striking
`appropriate keys on the telephone to provide a digital
`indication. This input is applied to a PIN recognition
`circuit 522 in verification device 516. Circuit 522 may
`include a modem for converting the signals received
`over telephone line 520 into digital signals to operate
`device 516. When PIN recognition circuit 522 detects
`that a PIN is being received, it generates an output on
`line 524 which inhibits gate 526.
`The PIN output from circuit 522 is applied as an
`addressing input to nonpredictable code generator 528
`and to characterize voice pattern store 530. Nonpredict-
`able code generator 528 operates in a manner described
`in detail in the beforementioned parent application and
`patent to generate a nonpredictable code at a given time
`which is the same as the nonpredictable code appearing
`on display 514 at that given point in time. This is accom-
`plished by using the PIN input to access the secret code
`word stored in device 512 and an indication of the clock
`input at device 512, and to operate on such inputs utiliz-
`ing the same algorithm as is used at the device 512.
`Parent application Ser. No. 802,579 set forth hereinbe-
`low discloses various ways in which the clocks at the
`two devices 512 and 516 may be maintained in synchro-
`nism.
`
`Character voice pattern store 530 stores a predeter-
`mined number of samples from the voice pattern of each
`individual using the system speaking each character
`which may appear on display 514. Thus, if only numeric
`characters 0-9 may appear on display 514, the voice
`patterns for each of these characters would be stored
`for each individual whose identity this system is to
`verify. In order to avoid storing huge amounts of infor-
`mation, a predetermined number of samples at selected
`intervals on the user voice pattern could be stored
`rather than the entire pattern The number of samples,
`the sampling interval, and the portion of the voice pat-
`tern sample will vary with the level of security required
`for the system and represent a trade-off between secu-
`rity level and the expense of added memory capacity.
`Another disadvantage of large number of samples is
`that it reduces the speed at which the system may oper-
`ate. However, as will be discussed in greater detail later,
`since the system preferably uses three bases for verifica-
`tion, high levels of security can be achieved with a
`
`35
`
`45
`
`50
`
`55
`
`60
`
`65
`
`When a PIN is not being received over telephone
`lines 520, gate 526 is enabled to pass voice inputs. A
`received voice input is applied to threshold detector
`circuit 536 which generates an output to enable sam-
`pling circuit 538 when the received voice input exceeds
`a predetermined level. Threshold detector 536 assures
`that the sampling circuit will not operate in response to
`noise inputs and controls the point at which sampling
`begins so that the sampling of received inputs can corre-
`spond to the stored voice pattern samples. Circuitry for
`performing the threshold and sampling functions is well
`known in the art, and a number of existing circuits for
`performing this function may be utilized.
`The output samples from circuit 538 are applied as
`the other input
`to compare circuit 534. Thus, voice
`pattern samples for each character of the nonpredicta-
`ble code being orally inputted by the individual to be
`verified are compared in circuit 534 with stored voice
`pattern samples for the individual speaking the same
`characters. However, since the actual characters which
`appear on display 514 and the order in which the char-
`acters appear on display 514 is nonpredictable and var-
`ies with time as described hereinbelow, for example.
`every minute, someone surreptitiously intercepting the
`user voice pattern and attempting to reproduce it would
`still be unable to gain access to the system. A successful
`comparison in circuit 534 results in a verified output on
`line 540 which may be used to permit the user to gain
`access to a computer, to a data base, or for other desired
`purposes.
`.
`embodiment
`alternative
`an
`illustrates
`11
`FIG.
`wherein the biocharacteristic being utilized is stroke
`pattern sequence rather voice pattern. As is known, the
`stroking sequence which is used to write a character
`varies from individual
`to individual and is generally
`unique to a given individual. While two individuals may
`have similar stroke patterns for one or two characters,
`there is a very low probability of two individuals having
`the same stroke patterns for the five to eight characters
`of a typical nonpredictable code sequence.
`Thus, in FIG. 11, a device 550 is provided which is
`responsive to character stroke patterns and generates a
`predetermined output in response thereto. Devices of
`this type are well known in the art and useable in con-
`nection with the invention. The device 550 may, for
`example, have a plurality of pressure-sensitive areas 552
`
`|PR2018—00067
`Unified EX1019 Page 10
`
`IPR2018-00067
`Unified EX1019 Page 10
`
`

`

`4,998,279
`
`5
`
`20
`
`6
`individual had the device 512 and somehow learned the
`individual’s PIN, they would still not be able to gain
`access to the system, since they would not possess his
`biocharacteristic.
`
`While a particular type of voice pattern recognition
`system has been generally described in connection with
`the embodiment of the invention shown in FIG. 10,
`it
`should be understood that this system is being described
`for purposes of illustration only, and that any device or
`system adapted to perform the voice recognition func-
`tion, of which there are many currently in existence,
`could be utilized to perform the function. Similarly,
`other devices could be used to perform the stroke pat-
`tern recognition. Further, while the two biocharacteris-
`tics selected for the preferred embodiments have opti-
`mum synergism with the other aspects of the system,
`there are other biocharacteristics which could be uti-
`lized while still falling within the teachings of this in-
`vention.
`9
`
`SUMMARY OF THE NONPREDICTABLE CODE
`GENERATION ASPECTS OF THE INVENTION
`
`The following discussion sets forth the disclosure of
`application Ser. No. 802,579 and describes mechanisms
`and methods for generating nonpredictable codes per se
`without particular discussion of combining biocharac-
`teristics therewith. As previously described the syner-
`gistic invention herein combines something a person has
`(the card 512), something a person knows (the PIN) and
`something a person is (the biocharacteristic). Insofar as
`the element concerning something a person has and
`something a person knows are concerned, the following
`described mechanisms and methods are contemplated
`for use as such elements to be used in conjunction with
`the biocharacteristic element. For purposes of ease of
`reference the card 512 described above corresponds to
`card or calculator 20.
`
`5
`in which the code appearing on display 514 may be
`written by the individual. Alternatively, there may be a
`single pressure-sensitive area 552 on which the individ-
`ual writes the characters appearing on display 514 in
`sequence. In any event the user typically reads the non-
`predictable code from display 514, converts the code
`into a hand stroke representation of the code with de-
`vice 550 and sends the converted code by conventional
`means to compare circuit 554. Since it may take more
`than one minute to write an eight character sequence on 10
`pressure sensitive pads 552, the timing of device 512,
`and thus of device 528, could be altered so the code
`changes at two-minute intervals or three-minute inter-
`vals rather than at one-minute intervals.
`While in FIG. 11, the device 550 has been shown as 15
`being at the verification station, this is for purposes of
`illustration only and it is possible to have this device at
`a remote location with its digital output being applied
`through a modern and telephone line to the verification
`device.
`The output from device 550 is applied as one input to
`a compare circuit 554. As with the first embodiment of
`, the invention, the PIN output from PIN recognition
`circuit 522 online 532 or some other pIN output is ap-
`plied as one input to nonpredictable code generator 528 25
`and is one of the addressing inputs to a character stroke
`pattern store 556. Store 556 is similar to character voice
`pattern store 530 in that it stores stroke patterns for each
`character from each individual who is to have access to
`the system. The input on line 532 controls the area in the 30
`device 556 which is accessed to the area for the individ-
`ual having the given PIN and the output from NPC
`generator 528 causes the character stroke patterns from
`this area of memory to be read out in the appropriate
`sequence. As before, some storage may be required in 35
`order to synchronize the two inputs to compare circuit
`554. If the stroke pattern inputs from device 550 and
`store 556 match within predetermined criteria, compare
`circuit 554 generates a verified output on line 560,
`which output performs the same function as the verified 40
`output on line 540.
`Thus, a method and apparatus has been provided
`which synergistically utilizes something a person has,
`mainly the device 514 which generates the nonpredicta-
`ble codes, something the individual knows, namely his 45
`PIN which permits the proper outputs from generator
`528 and from the pattern stores 530 and 556, and some-
`thing the individual is, namely a biocharacteristic of the
`individual which is inputted with the nonpredictable
`code to the verification device. As previously men- 50
`tioned, the invention may simply utilize something a
`person has, mainly device 514 and something a person
`is, such as the voice or character stroke patterns de-
`scribed above. The system is thus very simple to use,
`since by merely inputting the nonpredictable code the 55
`user is also inputting his biocharacteristic. While some
`problems can be encountered, such as, for example, an
`individual using a different word for a particular char- -
`acter such as “zero” or “0" for the same digit. These
`problems can be handled by having redundant entries 60
`for certain characters, but are preferably handled by
`providing a few simple rules to each individual using
`the system so that inputs will be consistent.
`In any event the system provides an incredibly high
`level of verification security. No matter how many 65
`messages may be surreptitiously intercepted, an unau-
`thorized person not having the device 512 would still be
`unable to gain access to the system. Similarly, even if an
`
`.
`
`in a system for
`In accordance with the invention,
`comparing and matching nonpredictable codes gener-
`ated by separate computers on the basis of dynamic
`variables defined by separate clock mechanisms accord-
`ing to time, there is provided an apparatus for synchro-
`nizing the time definition of the dynamic variables com-
`prising: a first computer for calculating a first non-
`predictable code according to a predetermined algo-
`rithm, the algorithm generating the first nonpredictable
`code on the basis of a first dynamic variable and a
`unique static variable; a first clock mechanism for auto-
`matically defining the first dynamic variable according
`to a first interval of time in which the static variable is
`input into the algorithm. the first interval oftime having
`a first predetermined duration; a second computer for
`calculating two or more second nonpredictable codes
`according to the predetermined algorithm,
`the algo—
`rithm generating the second nonpredictable codes on
`the basis of the two or more second dynamic variables
`and the unique static variable; a second clock mecha-
`nism for automatically defining the two or more second
`dynamic variables according to two or more cells of a
`second interval of time in which the static variable is
`input into the algorithm of the second computer.
`the
`second interval of time comprising a central cell of time
`having a predetermined duration and one or more cells
`of time bordering the central cell of time, each border-
`ing cell of time having a predetermined duration; a
`mechanism for comparing the first nonpredictable code
`with the second nonpredictable codes to determine a
`match; and, a mechanism for automatically synchroniz-
`
`‘
`
`|PR2018-00067 ‘
`
`Unified EX1019 Page 11
`
`IPR2018-00067
`Unified EX1019 Page 11
`
`

`

`4,998,279
`
`7
`ing the first clock mechanism and the second clock
`mechanism upon comparison and matching of the first
`nonpredictable code with one of the second nonpredict-
`able codes.
`
`The central cell of time typically comprises the date
`and the minute in which the unique static variable is
`input into the second computer as defined by the second
`clock mechanism; and the bordering cells of time may
`comprise a cell of time comprising the date and the
`minute immediately preceding the central cell.
`Preferably the mechanism for synchronizing com-
`prises: a counting mechanism for counting the differ-
`ence in time between a central cell of time and a border-
`ing cell of time from which a matching second non-
`predictable code may be generated; a summing mecha-
`nism connected to the counting mechanism for sum-
`ming successive differences in time counted by the
`counting mechanism; a storage mechanism connected
`to the summing mechanism; and, a shifting mechanism
`connected to the storage mechanism for shifting a cen-
`tral cell and bordering cells of time by the output of the
`summing mechanism stored in the storage mechanism.
`The bordering cells of time may comprise a selected
`number of cells of time immediately preceding the cen-
`tral cell and a selected number of cells of time immedi-
`ately following the central cell; and the central and
`. bordering cells of time are typically selected to be one
`minute in duration.
`
`10
`
`15
`
`20
`
`25
`
`8
`lated with an energizing mechanism which when inter-
`rupted destroys all data including at least the algorithm
`and the static variable.
`
`In a method for comparing nonpredictable codes
`generated by separate computers on the basis of dy-
`namic variables defined by separate clock mechanisms
`according to time wherein the codes match when the
`dynamic variables match,
`there is also provided a
`method for synchronizing the time definition of the
`dynamic variables comprising the steps of: inputting a
`static variable into a first computer including a prede—
`termined algorithm; employing the algorithm of the
`first computer to calculate a first nonpredictable code
`on the basis of the static variable and a first dynamic
`variable defined by a first interval of time in which the
`step of inputting occurred according to a first clock
`mechanism; putting the static variable and first non-
`predictable code into a second computer independently
`including the predetermined algorithm; using the algo-
`rithm of the second computer to independently calcu-
`late two or more second nonpredictable codes on the
`basis of the static variable and two or more second
`dynamic variables defined by two or more cells of a
`second interval of time in which the step of putting
`occurred according to a second clock mechanism, the
`second interval of time comprising a central cell of time
`and one or more bordering cells of time; comparing the
`first nonpredictable code with the second nonpredicta-
`ble codes to determine a match; and, synchronizing the
`first clock mechanism and the second clock mechanism
`upon comparison and matching of the first nonpredicta-
`ble code with one of the second nonpredictable codes.
`The step of synchronizing preferably comprises the
`steps of: counting the difference in time between a cen-
`tral cell of time and a bordering cell of time from which
`a m